Fix: The trust relationship between this workstation and the primary domain failed

Posted on 7 CommentsPosted in General

This short post is really just for my own memory as I keep bumping into this with my virtual machines but I figured others might also find it useful. Typically when I do SharePoint development I do everything on an all-up server but with SharePoint 2013 I’ve moved my Domain Controller to a separate server (where I also will install the Office Web Apps); however, if I leave any of my machines off for a […]

Service Accounts and Managed Service Accounts in SharePoint 2010

Posted on 42 CommentsPosted in Article, SharePoint 2010

With SharePoint 2010 we now have the ability to allow SharePoint to manage various service accounts thus foregoing the need to have IT administrators manually manage password changes. This new feature is a great benefit to SharePoint administrators and security conscious admins in general as it allows us to easily enforce our corporate security policies by changing these passwords on a schedule, and the administrators don’t even know what the password is so the likelihood […]

Discovering Who Has Access to SharePoint 2010 Securable Objects

Posted on 38 CommentsPosted in Scripts, SharePoint 2010

I’ve talked on several occasions about how we can easily use the SharePoint 2010 object model (OM) to discover who has access to a securable object (SPWeb, SPList, or SPListItem) and the fact that we can use the same mechanisms within PowerShell to create useful security/audit reports. On some of those occasions I’ve shown a version of a PowerShell script which gives you a dump to the screen or a text file of every securable […]

Setting Back Connection Host Names for SharePoint 2007 Using STSADM

Posted on 9 CommentsPosted in SharePoint 2007, STSADM Commands

Not too long ago Microsoft introduced a security fix which addresses a possible attack vector in which malicious software tries to impersonate a local request, thereby bypassing certain constraints.  The problem with this fix is that it introduces some issues for SharePoint servers, effectively resulting in 401.1 Access Denied errors.  Spence Harbar does a great write-up of the fix and the options available to get your SharePoint environment working again so I won’t re-hash all […]

Creating Default Site Groups After Creating Site Collections Using STSADM

Posted on 2 CommentsPosted in SharePoint 2007, STSADM Commands

I got an email from Jennifer Davis today asking why, when she ran my gl-createsiteindb command, did the default site groups not show up in the site collection, specifically the “<site name> Members”, “<site name> Owners”, and “<site name> Visitors” groups.  Upon digging further she realized that this behavior was not limited to my command as the out-of-the-box createsite and createsiteinnewdb commands exhibited the same behavior. Basically what’s happening is that if you create the […]

Configuring SSO via STSADM

Posted on 2 CommentsPosted in SharePoint 2007, STSADM Commands

I can’t actually take credit for this particular command – in fact I’ve never configured SSO so I personally don’t know much about it.  I got the code from Stef van Hooijdonk who graciously provided the code he produced. I made a few minor changes to Stef’s code just to bring it in line with the rest of my code but otherwise it’s as was provided to me – as such I’m not really prepared […]

Change Password Script

Posted on 3 CommentsPosted in Scripts, SharePoint 2007

I’d been meaning to post this for quite some time but just haven’t gotten around to it – as paranoid administrators we often find the need to change our service account passwords and doing so with a product like SharePoint can be a rather significant effort if you consider all the various accounts that may be used in a least privileges model.  If you’re just about to make hit this situation you’re likely to do […]

Changing the Application Pool Identity via STSADM

Posted on 2 CommentsPosted in SharePoint 2007, STSADM Commands

This past week I presented at the local Colorado Springs SharePoint User Group meeting on using and customizing STSADM.  The talk was really less about STSADM and more about SharePoint administration tips, tricks, and best practices – but we did create a new STSADM command from scratch during the meeting.  I’ve taken what we did during the meeting and reworked it to add proper validation and help documentation and have included it in my download […]

Updating the Default Content Access Account via STSADM

Posted on Posted in SharePoint 2007, STSADM Commands

This is one that I’ve been wanting to address for a while and I finally decided to sit down and just do it.  If you’ve had your environment in place long enough to have to change the passwords you know that you can change most of the passwords using the out of the box STSADM commands – many refer to this support article from Microsoft on how to do this: Because there’s so many […]

Delete All Users from a Site Collection

Posted on 23 CommentsPosted in SharePoint 2007, STSADM Commands

I was chatting with my buddy and fellow MVP, Todd Klindt, the other day and he was asking if I had a custom command that would allow him to quickly delete all the users added to a site collection.  For his purposes he needed this to troubleshoot an issue he was having with a site collection that contained many thousands of users. I figured this would be pretty easy to do – a simple while […]