Archive for March, 2011

On Generating an SSL Wildcard Certificate CSR

Written by Sean Wallbridge. Posted in IIS, MOSS 2007, SharePoint, SharePoint 2010, Windows Server 2008, WSS 3.0

Yo, while I have generated a wildcard cert before (more expensive, supports any prefix such as,, it has been a long while and I figured while it may seem obvious after the fact, the scary bit is wanting to make sure you have the CSR (request) format correct before you submit it to a CA and pay them $500+.


The business requirement was the customer wanted to have a single (5 year) certificate to manage, moving forward to collapse the 6 or so individual certs they were keeping track of.

040711 0615 OnGeneratin1 On Generating an SSL Wildcard Certificate CSR

Figure 1: the key is the *


Basically, the trick is, make sure you use an asterisk (*) for the prefix like the above (* I had a hard time finding any resources to confirm this was 100% correct (my gut and background told it was, but nothing actually validated it). So here you have it, the validation, for next time…

040711 0615 OnGeneratin2 On Generating an SSL Wildcard Certificate CSR

Figure 2 : RapidSSL confirmed the wildcard format online during purchase


040711 0615 OnGeneratin3 On Generating an SSL Wildcard Certificate CSR

Figure 3: After acquisition, the cert showed the same

Fixing SharePoint 2010 Foundation Search after a domain migration

Written by Sean Wallbridge. Posted in SharePoint, SharePoint 2010

Ah, the life I lead. It’s 11:49pm on a Sunday night and I’m tired. This will be an ugly and sporadic post, as I want to go to bed… But I figured I’d better share before this drops out of my head (ala Brainlitter). Here’s what happened today.


The Goal

Customer wanted to migrate SharePoint 2010 Foundation from one domain to another. I had my task list all prepped out. Heck, I’ll even share its basic skeleton with you (this is by no means complete, but I didn’t want to forget anything):

032811 0711 FixingShare1 Fixing SharePoint 2010 Foundation Search after a domain migration

Figure 1 : the above is by no means complete, just my little notes to myself, in OneNote of course icon wink Fixing SharePoint 2010 Foundation Search after a domain migration


They were collapsing a few domains into a new single domain.


The Challenges

First off (not recommended), when creating a new domain and migrating stuff to it, be sure you use a new domain name. The company had chosen to change their old DNS domain name from (faked example) to But they decided to go with the same downlevel/NT domain name of CorporateX (this was a mistake I think, as it caused untold grief).


So I had a number of challenges to work with, no less, trying to trick SharePoint into believing that CORPORATEX\SPFarm was indeed a different account than CORPORATEX\SPFarm… but that is a story for another time. This story is about after getting the domain all fixed (by the way, this is the syntax needed to get the farm to play nice again using the farm account – stsadm -o updatefarmcredentials -userlogin SOMEDOMAIN\SOMEACCOUNT -password XXXXXXXXXX) and getting search rolling again as I had the following errors to work with…


Foundation Search Errors after the Domain Move


No matter what I tried to do, when trying to start the SharePoint Foundation Search service, I got the following…

032811 0711 FixingShare2 Fixing SharePoint 2010 Foundation Search after a domain migration

Figure 2 : Some or all identity references could not be translated


The Resolution (for me anyways)


I did the following things, of which I believe all helped in the resolution of the matter though if I had time to lab things, I think I could trim this list. If you are Googling this late at night, have backups, do so at your own risk and only if you understand the ramifications, etc. I.e. this comes with no warranty, expressed, implied or decaffeinated…


By the way, I realize STSADM commands are deprecated in SharePoint 2010 but I couldn’t find an equivalent for doing what I needed to do, particularly on a tired mind. Besides, TechNet says IISRESET is deprecated and no longer used and we ALL know that isn’t true in the SharePoint world. icon smile Fixing SharePoint 2010 Foundation Search after a domain migration


I migrated the original SharePoint Server Search Account to the new one I wanted to use:

stsadm –o migrateuser –oldlogin CORPORATEX\SPSERVICES –newlogin CORPORATEX \SP2010SERVICES –ignoresidhistory


I forcefully removed SharePoint Foundation Search (This command yanks the search database and sets it back to needing to be configured)

stsadm.exe -o spsearch -action stop


That didn’t work (at least yet) until I used the following to remap/tell SharePoint Foundation Search which accounts to use, so I could even begin to seize control


stsadm.exe -o spsearch -farmserviceaccount CORPORATEX \SP2010SERVICES -farmservicepassword No_I’m_Not_Giving_You_The_Password_:)

stsadm.exe -o spsearch -farmcontentaccessaccount CORPORATEX \SP2010CONTENTACCESS -farmcontentaccesspassword No_I’m_Not_Giving_You_The_Password_:)


Ah, that’s better. Now I could actually attempt to start the service in the Central Admin GUI again (before it would just give the above error re: ‘some or all identity references could not be translated’


So I ran this again now that I was in control…

stsadm.exe -o spsearch -action stop


And voila, the next time I went to start SharePoint Foundation Search Service and define a new Service Account and Content Access Account, it started as expected


Yeesh. Gnight. Seriously, if I make it so you have a shorter night than I did, you gotta buy me a pint dude.

Incoming search terms:

SharePoint Diagnostic Studio Tool

Written by Sean Wallbridge. Posted in SharePoint, SharePoint 2010

Wow, this tool will be very welcome once it hits the street sometime in April 2011. The SharePoint Diagnostic Tool will help dev’s and IT Admins better troubleshoot their SharePoint farms including checks for latency, trends, capacity planning, etc. It will be part of the SharePoint Toolkit released at that time.


Check out the following YouTube video to learn more:

InfoPath – web and client based forms and licensing

Written by Sean Wallbridge. Posted in MOSS 2007, SharePoint, SharePoint 2010, WSS 3.0

I think Question/Answer blog posts are valuable as someone might stumble across this page and find the following layman’s info interesting or useful. This was a question I got from a customer today and my response to him. We’ll refer to him as \Barney” icon wink InfoPath – web and client based forms and licensing


Barney’s Email


From: Barney
Sent: Wednesday, March 09, 2011 7:55 AM
To: Sean Wallbridge
Subject: Sean, do you know of Infopath – and the architecture (and licensing) required to use it

Hi there, I need your help on Infopath 101…

  • I know we “have it” as part of Office 2010 Pro
  • We have SharePoint (not Enterprise)
  • Can we leverage infopath using our “to be” SharePoint 2010 environment
  • Is there any “special” additional licensing we need to acquire?
  • How can the data (and business process flow) be tracked if we start using infopath


Thanks Sean!


My Response


Hi Barney (if that indeed is your real name!),

  1. You require SharePoint Enterprise if you are going to do InfoPath as ‘web based forms’.  I.e. the benefit is the consumer of the forms doesn’t need software as the form is provided solely within the browser.  Web based forms have some limitations (can do about 80% of what the full client can do) and forms are still ‘designed’ in InfoPath client software.  You can’t do this, with your licensing.
  2. If you do have the Office Infopath client installed on your desktops you *you can* create and use InfoPath for forms.  They (the results) are stored in SharePoint libraries.  The only drawback here (a big one sometimes but maybe not for you) is that the consumer must have InfoPath installed on their machine (so forget mobile devices or the public, but all staff would be ready with corporate software equipped desktops)
  3. If you decided you wanted to start using InfoPath web based services internally (plus other groovy SharePoint Enterprise features such as BI, Visio Services, etc.) all you have left to purchase is the SharePoint Enterprise CAL for each user (i.e. you have bought the server software, hardware, backups, antivirus, storage, etc.) so really the Enterprise CAL is the cheap part icon wink InfoPath – web and client based forms and licensing  Retail pricing is about $80 a user, I imagine you don’t even pay ½ of that icon wink InfoPath – web and client based forms and licensing
  4. InfoPath forms, web based or client software based, store their XML files (data) in SharePoint libraries.  It is from there, that the magic of workflows and accountability begins


Ps. Have you ever looked at Nintex?  If ever there was a killer SharePoint add-on to have, Workflow 2010 is it.