Cincinnati SPUG–Thursday November 20th!

 

Cincinnati SharePoint User Group Meeting (different date for November!)

Please register here: http://www.meetup.com/TechLife-Cincinnati/events/218788788/

Speaker: Michelle Caldwell   

Title:   Designing a Plan for Sustained User Adoption

Organizational change management is one of the most overlooked and under-planned parts of many SharePoint implementations. You simply cannot afford to ignore the importance of this topic. Successful organizational change management is a critical component to ensuring the success of any SharePoint initiative.

In this class, we will discuss field-proven tactics to help your users make sense of the change that your SharePoint solution will inevitably bring into their daily work lives. You will learn a user adoption framework and some factors you should consider when planning your next SharePoint initiative. We will challenge the mindset that adoption can be driven, and embrace the concept of designing change for long-term sustainable cultural acceptance.

By attending this class, you will be able to:

Design your own organizational change-management strategy Understand how to foster user adoption Understand how to engage and build solution champions Build a communication plan Apply field-tested strategies in your organization​   Bio:

Michelle is a SharePoint Solutions Architect and Director of Collaboration at Avanade. She has over 16 years of experience delivering business solutions to diverse organizations. For the past nine years, she has focused on delivering enterprise SharePoint solutions across multiple industries while leading teams that have won outstanding achievements in Web Development. She is a founding member and President of the Columbus, Ohio SharePoint User Group (BuckeyeSPUG) and actively shares her real-world experience through her blog www.shellecaldwell.com and conferences across North America. She also sits on the board of two Columbus, Ohio non-profits in support of her local technology community.​

 

.

C# Compare Arrays

 

Sometimes we get so focused on the advanced features of .NET that we (or at least I) forget the basics. The basic in this case is checking to see if two arrays are equal.

int[] a = { 1, 7, 4, 6, 2, 8, 2, 8, 4, 6, 2 };
int[] b = { 1, 7, 4, 6, 2, 8, 2, 8, 4, 6, 2 };
if (b == a) 
  { Console.WriteLine("a Equals b!"); } 
  else 
  { Console.WriteLine("a NOT Equals b!"); }

The above always returns "a NOT Equals b!".  Yes, I knew that if (a == b) (same as a.Equals(b)) will not work as arrays are objects and "a == b" is testing reference equality, i.e. to see if they are the same object. But I also figured that as .NET has a built in class or method for everything you can think of, there had to be one to do an array comparison. Turns out there is, .SequenceEqual., which is part of LINQ.

if (b.SequenceEqual(a))
  { Console.WriteLine("a SequenceEqual b!"); } 
  else 
  { Console.WriteLine("a NOT SequenceEqual b!"); }

The above works great, but as LINQ is wrapper for other code, there must be some overhead, and it turns out there's a lot! I wrote a quick and dirty CompareArrays method and did a comparison of performance between my crude code and the LINQ SequenceEqual. Here's the results:

The manual code was around five times faster! BUT, it took a whole lot longer to write. Unless you are writing games or intense code, developer efficiency and code readability leans towards the LINQ SequenceEqual solution.

Here's the code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace ConsoleApplication1
{
    class Program
    {
        static void Main(string[] args)
        {
            int[] a = { 1, 7, 4, 6, 2, 8, 2, 8, 4, 6, 2 };
            int[] b = { 1, 7, 4, 6, 2, 8, 2, 8, 4, 6, 2 };

            DateTime d1 = DateTime.Now;
            for (int i = 0; i < 100000; i++)
            {
                b.SequenceEqual(a);
            }

            DateTime d2 = DateTime.Now;
            for (int i = 0; i < 100000; i++)
            {
                CompareArrays(a, b);
            }

            DateTime d3 = DateTime.Now;
            Console.Write("Time for SequenceEqual:    ");
            Console.WriteLine(d2 - d1);
            Console.Write("Time for my CompareArrays: ");
            Console.WriteLine(d3 - d2);

            Console.ReadLine();
        }

        static bool CompareArrays(int[] a, int[] b)
        {
            if (a.Length != b.Length) { return false; }
            for (int i = 0; i < a.Length; i++)
            {
                if (a[i] != b[i]) { return false; }

            }
            return true;

        }

    }
}

 

When I get really bored I convert CompareArrays into generics…

 

Hey! Look! I wrote about something other than SharePoint or PowerShell!

 

.

.NET 2015–Open Source? Mac? Linux?

 

Got to take a look at this… (nuff said)

Announcing .NET 2015 - .NET as Open Source, .NET on Mac and Linux, and Visual Studio Community

 

Visual Studio Community edition. Free!   ("This is not Express. This is basically Pro.")

http://www.visualstudio.com/en-us/downloads/download-visual-studio-vs#DownloadFamilies_2

"This edition of Visual Studio is available at no cost for non-enterprise application development."

.

Interesting stuff coming!

 

.

You Cannot Test Your Own SharePoint Security

 

Test accounts are fun, but rarely a good thing.

As a typical site owner in a typical company, you are only issued one user account, one username/password. Having a "test account", especially a test account that is shared with multiple site owners is a bad practice, often prohibited, and sometimes grounds for termination. (In any case, your auditors will not like it.)

So why can't you test with your own account?

Consider creating a Permission Level that only allows Edit Items, but not Delete Items and especially not Full Control or Manage Permissions. To test with only your account you will need to grant yourself the Permission Level and then remove yourself from the Owners group. While you can do some testing… you can't make yourself an owner again! You just tested the car door locks by locking the keys inside.

Weird stuff if you do have a test account…
(and the auditors are looking for you!)

You create a list with custom permissions and add 50 items. You can see the 50 items with your account. When you log into the site with the test account you see 0 items. So far so good. Still using the test account, you click on Export to Excel… and you can see everything! Why? You are still logged into your PC as yourself, not the test user. Excel is running with your permissions when it makes the data connection back to SharePoint, not the test user's permissions.The test user's permissions are only being used in the browser. The same "dual accounts" problem applies to all other client side applications including Windows Explorer views.

By the way, this explains a lot of fun security issues when someone asks if they can use your PC to log into SharePoint to check something.

So…

(The following is borrowed from page 219 of my security book. Hint, hint )

As a Site Owner or Site Collection Administrator you have the rights to see everything in your site. To truly test SharePoint:

• You will need a partner who can do your tests.
• Before granting any permissions to the user ask them to visit the site, list or item and see if they can get any unexpected access.
• Grant your new custom permissions to the test user and let them see if they can exceed the permissions granted. I.e. can they delete stuff after you have removed the Delete Items permission?
• You will need a different computer or virtual machine.
• Switching between instances of the same browser brand can produce odd results due to the reuse of cookies or cached content. As a minimum you can use Internet Explorer’s “New Session” option or do your testing with two different brands of browsers.
• When logging in as a different user, and then performing any operation that uses a locally installed application such as Windows Explorer or Microsoft Office, you will be running the browser as your test user, but the local application will still be running as the account used to logon to your PC.
• The cleanest testing is done with a second computer where you have logged into the computer as the test account.
• · Delete the browser’s cache frequently to clear the cookies and temporary files.

 

 

.

SharePoint – Use PowerShell to get all Owners, Full Control Users and Site Collection Administrators

Updated 6/12/2015

The following works for both SharePoint 2010 and 2013.

 

So who has control in your SharePoint?

Some users are members of the site's Owners group while others have been directly given Full Control. Some may be Site Collection Administrators or even have "super powers" granted at the Web Application level. How do you find these?

PowerShell to the rescue!

 

Get all users who are members of the "Owners" groups.

Get-SPSite -Limit All | 
  Get-SPWeb -Limit All | 
  where { $_.HasUniquePerm -and $_.AssociatedOwnerGroup -ne $null } | 
  foreach { $TTNweburl = $_.Url; $_ } | 
  Select -ExpandProperty AssociatedOwnerGroup | 
  Select -ExpandProperty Users | 
  Select {$TTNweburl}, UserLogin, DisplayName

 

Get all users directly given Full Control

Get-SPSite -Limit All | 
  Get-SPWeb -Limit All | 
  Where { $_.HasUniquePerm } | 
  foreach { $TTNweb = $_; $_ } | 
  Select -ExpandProperty Users | 
  Where { $TTNweb.DoesUserHavePermissions($_,[Microsoft.SharePoint.SPBasePermissions]::FullMask) } | 
  Select {$TTNweb.Url}, UserLogin, DisplayName

You could also find users with Full Control like roles by testing for "ManageWeb" or "ManagePermissions". For a list of the permission types use:

[System.Enum]::GetNames("Microsoft.SharePoint.SPBasePermissions")

 

Get all users who are Site Collection Administrators:

Get-SPSite -Limit All | 
  Get-SPWeb -Limit All | 
  where { $_.HasUniquePerm } | 
  foreach { $TTNweburl = $_.Url; $_ } | 
  Select -ExpandProperty Users | 
  Where { $_.IsSiteAdmin } | 
  Select {$TTNweburl}, UserLogin, DisplayName

 

Who else can see the content, and might have Full Control?

Some users may have access to site content via Web Application level policies. These are set in Central Administration in the Web Application Management section.

Get-SPWebApplication | 
  foreach { $TTNwebappUrl = $_.Url; $_ } | 
  Select -ExpandProperty Policies |  
  Select {$TTNwebappUrl}, DisplayName, IsSystemUser, PolicyRoleBindings, UserName | FT

 

.

SharePoint Saturday Cincinnati!

SharePoint Saturday is this weekend!   October 11th, 2014

Free sessions... 25 and counting!
Free food!
Free door prizes!
Free networking!

Talk about it! Blog about it! Tweet about it! (@spscincinnati)  Let everybody know!

Register here: http://www.spsevents.org/city/cinci/cinci2014

This year the event will be at the Sharonville Convention Center located at 11355 Chester Rd, Cincinnati, OH 45246​. Easy to get to and closer for those from points North.

 

My topic:

Changes to SharePoint 2013 and Office 365 Security You Must Know      

For ScarePoint Saturday the title might be "SharePoint 2013 security... Things that go bump in the night!"

 

Track: IT Pro, Developer, End-User, Business

           

SharePoint 2013 and Office 365 / SharePoint Online change many of the assumptions about managing end user security. It has buttons that break previous best practices and changes permission defaults in ways that can lead to loss of entire lists and libraries. This session will cover things that you need to know about SharePoint 2013 Authorization if you are responsible for SharePoint security or SharePoint governance and is very important for Site Owners and Site Collection Administrators.

 

 

Register here: http://www.spsevents.org/city/cinci/cinci2014
 

 

See you there!

   Costume optional... 

 

 

Hint, hint... Register here: http://www.spsevents.org/city/cinci/cinci2014

.

Did you ever want to take a Microsoft exam from home or the office?

 

Starting today, if you are a U.S. resident (and if you’re not stay tuned—they’ll be expanding soon), you can take dozens of the MCP and MTA exams from the comfort of your home or office through a process called online proctoring by Pearson VUE. Or as Ken Rosen says "Come on, admit it: you’ve always wanted to take one of our exams in your pajamas. I can’t be the only one."

See Ken's blog article here and the details, rules and regulations here.

When you look at the list of exams available you will find numbers like 462-OP (on premise?). Add a 70 in front of the number and remove the "-OP" to find the equivalent exam ID. (70-462).  The "98" series exams just have the normal number with "-OP" added to the end.

Here are some of the "OP Beta" exams that are "in my world" (SharePoint, SQL, etc.):

346-OP Managing Office 365 Identities and Requirements
347-OP Enabling Office 365 Services

410-OP Installing and Configuring Windows Server 2012
411-OP Administering Windows Server 2012
412-OP Configuring Advanced Windows Server 2012 Services

461-OP Querying Microsoft SQL Server 2012
462-OP Administering Microsoft SQL Server 2012 Databases
463-OP Implementing a Data Warehouse with Microsoft SQL Server 2012

480-OP Programming in HTML5 with JavaScript and CSS3

.

Developer Apprentice Program in .NET

 

Know someone who is unemployed who would make a great programmer?

 

MAX Technical Training is doing something quite interesting!  Again!

Dislocated workers who live in Hamilton, Butler, Warren and Clermont counties and are not working may be eligible to take Developer Apprentice training in .NET programming. Good candidates include those with a background in IT who want to update their programming skills or those who enjoy math, problem solving and/or puzzles. Musicians and those who enjoy learning foreign languages tend to make good programmers.

The Hamilton Co. session is now going to happen on September 23.  Warren Co. is September 24, and the program is open to Clermont and Butler Co. folks as well. 

When: September 23, 2014 at 10 am
Where: OhioMeansJobs Hamilton County, 1916 Central Parkway, Cincinnati  45214

When: September 24, 2014 from 9 am – 10 am
Where: OhioMeansJobs Warren County, 300 East Silver St., Lebanon, OH  45036

"Interested in becoming a Developer or know someone who is?"

"Whether you are an employer looking hire a .NET programmer or a Job Seeker looking to build a new career - this is the program to meet both your needs."

"This intense 9 week "boot camp" immerses you in 42 intense full-days of training. To be accepted, you must pass two aptitude tests and a screening interview with the program director." 

"This will be MAX's fourth program. All of our past apprentices who have completed the program are successfully employed in developer related positions with Great American Insurance, Paycor, Western and Southern, or Assurex."

For more information: http://www.maxtrain.com/DynamicPage.aspx?DynamicContentID=166

 

.

SharePoint Saturday Cincinnati Oct 11, 2014

 

SharePoint Saturday Cincinnati
Saturday, October 11, 2014

Event details, including speakers and topics have been posted!
Go here for details and registration: http://www.spsevents.org/city/cinci/cinci2014

Like two years ago, we have a theme! "ScarePoint Saturday" Come in costume or as you are…

 

My topic will be "Changes to SharePoint 2013 and Office 365 Security You Must Know"

Track: IT Pro, Developer, End-User, Business

SharePoint 2013 and Office 365 / SharePoint Online change many of the assumptions about managing end user security. It has buttons that break previous best practices and changes permission defaults in ways that can lead to loss of entire lists and libraries. This session will cover things that you need to know about SharePoint 2013 Authorization if you are responsible for SharePoint security or SharePoint governance and is very important for Site Owners and Site Collection Administrators.

 

 

See you there!

.

SharePoint User Cannot Rename a File

 

The following applies to SharePoint 2007, 2010, 2013 and SharePoint Online / Office 365.

There's never an end of things to learn about SharePoint security! (I've got about 235 pages of what I've learned in SharePoint® 2010 Security for the Site Owner!) Did you know that a user without the Delete permission cannot rename files in a document library! Attempts to change the Name property of a file without having the Delete Items permission will display “Access Denied”.