The CSS and JAVSCRIPT which I implemented in Ramp Group (http://rampgroup.com) Website is working fine in IE7,Firefox,Google Chrome and safari.
However when it comes to IE8 it’s not working fine.
After a long research I found that we need to add a small meta tag in head tag
<meta http-equiv="X-UA-Compatible" content="IE=7"/ >
It tells to IE8 to build a website exactly same as IE7.
Friday, November 20, 2009
Tuesday, November 17, 2009
Windows PowerShell Execution Policy for 'AuthorizationManager check failed'
ERROR:
Command execution stopped because the shell variable "ErrorActionPreference" is set to Stop: Windows PowerShell snap-in "Quest.ActiveRoles.ADManagement" is loaded with the following warnings: Error loading the extended type data file: Quest.ActiveRoles.ADManagement, C:\Program Files\Quest Software\Management Shell for AD\Quest.ActiveRoles.ADManagement.Types.ps1xml : File skipped because of validation exception: "AuthorizationManager check failed.". There were errors in loading the format data file: Quest.ActiveRoles.ADManagement, C:\Program Files\Quest Software\Management Shell for AD\Quest.ActiveRoles.ADManagement.Format.ps1xml : File skipped because of validation exception: "AuthorizationManager check failed.".
At line:80 char:35 + if(-not $testsnapin){add-pssnapin <<<< -Name $SnapInName}
'AuthorizationManager check failed' means that initially we doesn't have permission to execute the Powershell Script to all users in the Sharepoint site because by default the execution policy is set to restricted.
To resolve the issue we need to got to 'ActiveRoles Management shell for Active Directory' command prompt and set execution policy to 'remotesigned' as shown below
C:\program files\Quest software\Management Shell for AD>set-Executionpolicy
cmdlet set-executionpolicy at command pipeline position 1
Supply values for the following parameters:
ExecutionPolicy: remotesigned
[PS] C:\Program Files\Quest Software\Management Shell for AD>
It will allows you to execute the script for all users who have permission to add the user in ADAM and for the SharePoint site.
WINDOWS POWERSHELL EXECUTION POLICIES:
The Windows PowerShell execution policies are as follows:
"Restricted" is the default policy.
Restricted
- Default execution policy.
- Permits individual commands, but will not run
scripts.
- Prevents running of all script files, including
formatting and configuration files (.ps1xml), module
script files (.psm1), and Windows PowerShell
profiles (.ps1).
AllSigned
- Scripts can run.
- Requires that all scripts and configuration files
be signed by a trusted publisher, including scripts
that you write on the local computer.
- Prompts you before running scripts from publishers
that you have not yet classified as trusted or
untrusted.
- Risks running unsigned scripts from sources other
than the Internet and signed, but malicious, scripts.
RemoteSigned
- Scripts can run.
- Requires a digital signature from a trusted
publisher on scripts and configuration files that
are downloaded from the Internet (including
e-mail and instant messaging programs).
- Does not require digital signatures on scripts that you have run
and that you have written on the local computer (not
downloaded from the Internet).
- Risks running signed, but malicious, scripts.
Unrestricted
- Unsigned scripts can run. (This risks running malicious
scripts.)
- Warns the user before running srcipts and configuration
files that are downloaded from the Internet.
Bypass
- Nothing is blocked and there are no warnings or
prompts.
- This execution policy is designed for configurations
in which a Windows PowerShell script is built in to a
a larger application or for configurations in which
Windows PowerShell is the foundation for a program
that has its own security model.
Undefined
- There is no execution policy set in the current scope.
- If the execution policy in all scopes is Undefined, the
effective execution policy is Restricted, which is the
default execution policy.
Command execution stopped because the shell variable "ErrorActionPreference" is set to Stop: Windows PowerShell snap-in "Quest.ActiveRoles.ADManagement" is loaded with the following warnings: Error loading the extended type data file: Quest.ActiveRoles.ADManagement, C:\Program Files\Quest Software\Management Shell for AD\Quest.ActiveRoles.ADManagement.Types.ps1xml : File skipped because of validation exception: "AuthorizationManager check failed.". There were errors in loading the format data file: Quest.ActiveRoles.ADManagement, C:\Program Files\Quest Software\Management Shell for AD\Quest.ActiveRoles.ADManagement.Format.ps1xml : File skipped because of validation exception: "AuthorizationManager check failed.".
At line:80 char:35 + if(-not $testsnapin){add-pssnapin <<<< -Name $SnapInName}
'AuthorizationManager check failed' means that initially we doesn't have permission to execute the Powershell Script to all users in the Sharepoint site because by default the execution policy is set to restricted.
To resolve the issue we need to got to 'ActiveRoles Management shell for Active Directory' command prompt and set execution policy to 'remotesigned' as shown below
C:\program files\Quest software\Management Shell for AD>set-Executionpolicy
cmdlet set-executionpolicy at command pipeline position 1
Supply values for the following parameters:
ExecutionPolicy: remotesigned
[PS] C:\Program Files\Quest Software\Management Shell for AD>
It will allows you to execute the script for all users who have permission to add the user in ADAM and for the SharePoint site.
WINDOWS POWERSHELL EXECUTION POLICIES:
The Windows PowerShell execution policies are as follows:
"Restricted" is the default policy.
Restricted
- Default execution policy.
- Permits individual commands, but will not run
scripts.
- Prevents running of all script files, including
formatting and configuration files (.ps1xml), module
script files (.psm1), and Windows PowerShell
profiles (.ps1).
AllSigned
- Scripts can run.
- Requires that all scripts and configuration files
be signed by a trusted publisher, including scripts
that you write on the local computer.
- Prompts you before running scripts from publishers
that you have not yet classified as trusted or
untrusted.
- Risks running unsigned scripts from sources other
than the Internet and signed, but malicious, scripts.
RemoteSigned
- Scripts can run.
- Requires a digital signature from a trusted
publisher on scripts and configuration files that
are downloaded from the Internet (including
e-mail and instant messaging programs).
- Does not require digital signatures on scripts that you have run
and that you have written on the local computer (not
downloaded from the Internet).
- Risks running signed, but malicious, scripts.
Unrestricted
- Unsigned scripts can run. (This risks running malicious
scripts.)
- Warns the user before running srcipts and configuration
files that are downloaded from the Internet.
Bypass
- Nothing is blocked and there are no warnings or
prompts.
- This execution policy is designed for configurations
in which a Windows PowerShell script is built in to a
a larger application or for configurations in which
Windows PowerShell is the foundation for a program
that has its own security model.
Undefined
- There is no execution policy set in the current scope.
- If the execution policy in all scopes is Undefined, the
effective execution policy is Restricted, which is the
default execution policy.
Monday, November 16, 2009
Create Users in ADAM using Windows PowerShell
In the previous post, I defined the Windows PowerShell .Now, I will show you how it is useful in real time.
In my scenario, I have an requirement to create an UI (User interface) for adding the User in ADAM. We can do it using c#, Vb.Net also. but if we use C# we need to install visual studio which will take of about 3GB from you hard disk.So, I prefer to use Powershell scripting language instead of using c# because it occupies less space than VS from the hard disk.
I searched in Google, I found a wonderful web part(iLoveSharePoint) to run the Power Shell script in SharePoint. Click here to download. I also found the CmdLets to add users in ADAM called Quest AD Management Shell.
AD Management Shell:
It is a PowerShell snap-In that allows you to add the users, groups in the ADAM (Active directory Application Mode) and AD in very handy. The cmdlets are from Quest Software.
How to use Quest Software:
iLoveSharePoint:
########## Initialize ############
## declare global variables and functions
$tbUserName = New-Object System.Web.UI.WebControls.TextBox
$button = New-Object System.Web.UI.WebControls.Button
$lbUserName = New-Object System.Web.UI.WebControls.Label
$lbuserPrincipalName = New-Object System.Web.UI.WebControls.Label
$tbuserPrincipalName = New-Object System.Web.UI.WebControls.TextBox
$lbMessage = New-Object System.Web.UI.WebControls.Label
$ErrorMessage = New-Object System.Net.WebException
############# Load ##############
## first time the OnLoad fires before CreateChildControls
function OnLoad
{
$lbUserName.Text = 'UserName'
$lbuserPrincipalName.Text = 'Email'
$lbMessage.Text = ''
# Check if GET Request (first request).
if($isPostBack -eq $false)
{
#$label.Text = 'GET request.'
}
}
####### 3. Create Controls ########
# create child controls
function CreateChildControls($controls)
{
$controls.Add($tbUserName)
$button.Text = 'Add User'
Subscribe-Event $button 'Click' 'OnButtonClicked'
$controls.Add($button)
$controls.Add($lbUserName)
$controls.Add($lbuserPrincipalName)
$controls.Add($tbuserPrincipalName)
$controls.Add($lbMessage)
}
function connect-ADAM{
# This allows the use of a windows account for ADAM athentication without granting the application pool account rights to ADAM
$passwd = convertto-securestring "provide your admin password here" -asplaintext -force
$adamcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "provide your admin user",$passwd
#ADAM connection, please provide the server followed by port number of your ADAM
connect-QADService -Service localhost:65000 -Credential $adamcred
}
function New-User
{
param([String]$newlogonid,[String]$userPrincipalName)
# provide the password here for the new user
$newpassword = "password123$"
$adamconnection = connect-ADAM
New-QADUser -Name $newlogonid -UserPassword $newpassword -ParentContainer $usercontainer -userPrincipalName $userPrincipalName -Connection $adamconnection
}
####### Events ########
# handle control events
# subscribe to an event with "Subscribe-Event($control, 'eventName','callback function name')"
function OnButtonClicked($sender, $args)
{
$SnapInName = "Quest.ActiveRoles.ADManagement"
$testsnapin = $null
$testsnapin = get-pssnapin | where { $_.Name -eq $SnapInName}
if(-not $testsnapin){add-pssnapin -Name $SnapInName}
$usercontainer = 'CN=Users,CN=ADAMPartition,DC=rajkamal,DC=COM'
$userPrincipalName = $tbuserPrincipalName.Text
$newUserName = $tbUserName.Text
$connection = connect-ADAM
if(($newUserName -eq '') -or ($userPrincipal -eq ''))
{
$lbMessage.Text = 'Please provide the details'
}
else
{
$results = get-QADUser -SearchRoot $usercontainer -name $newUserName -connection $connection
$principalName= get-QADUser -SearchRoot $usercontainer -ObjectAttributes @{userPrincipalName = $userPrincipalName} -connection $connection
if(!$results)
{
if(!$principalName)
{
New-User -newlogonid $newUserName -userPrincipalName $userPrincipalName
$lbMessage.Text = 'User successfully added'
}
else
{
$lbMessage.Text = 'UserPrincipalName already exists'
}
}
else
{
$lbMessage.Text = 'User already exists'
}
}
$tbUserName.text = [string]::Empty
$tbuserPrincipalName.text = [string]::Empty
}
## render html
function Render($writer)
{
$writer.Write("<table><tr><td colspan='2'><b>Add Users in ADAM</b></td></tr><tr><td>")
$lbUserName.RenderControl($writer)
$writer.Write(":</td><td>")
$tbUserName.RenderControl($writer)
$writer.Write("</td></tr><tr><td>")
$lbuserPrincipalName.RenderControl($writer)
$writer.Write(":</td><td>")
$tbuserPrincipalName.RenderControl($writer)
$writer.Write("</td></tr><tr><td colspan='2' align='center'>")
$button.RenderControl($writer)
$writer.Write("</td><tr><td colspan='2' style='color:red;font-weight:bold;text-align:center'>")
$lbMessage.RenderControl($Writer)
$writer.Write("</td></tr></table>")
}
In my scenario, I have an requirement to create an UI (User interface) for adding the User in ADAM. We can do it using c#, Vb.Net also. but if we use C# we need to install visual studio which will take of about 3GB from you hard disk.So, I prefer to use Powershell scripting language instead of using c# because it occupies less space than VS from the hard disk.
I searched in Google, I found a wonderful web part(iLoveSharePoint) to run the Power Shell script in SharePoint. Click here to download. I also found the CmdLets to add users in ADAM called Quest AD Management Shell.
AD Management Shell:
It is a PowerShell snap-In that allows you to add the users, groups in the ADAM (Active directory Application Mode) and AD in very handy. The cmdlets are from Quest Software.
How to use Quest Software:
- Download the file according to your system configuration.
- Download the provided Guide which gives you a brief description.
- Install the downloaded file.
iLoveSharePoint:- Download the iLoveSharePoint web part from the codeplex.
- Please follow the instruction provided in the downloaded file.
- copy the script provided below to add the user in ADAM.
########## Initialize ############
## declare global variables and functions
$tbUserName = New-Object System.Web.UI.WebControls.TextBox
$button = New-Object System.Web.UI.WebControls.Button
$lbUserName = New-Object System.Web.UI.WebControls.Label
$lbuserPrincipalName = New-Object System.Web.UI.WebControls.Label
$tbuserPrincipalName = New-Object System.Web.UI.WebControls.TextBox
$lbMessage = New-Object System.Web.UI.WebControls.Label
$ErrorMessage = New-Object System.Net.WebException
############# Load ##############
## first time the OnLoad fires before CreateChildControls
function OnLoad
{
$lbUserName.Text = 'UserName'
$lbuserPrincipalName.Text = 'Email'
$lbMessage.Text = ''
# Check if GET Request (first request).
if($isPostBack -eq $false)
{
#$label.Text = 'GET request.'
}
}
####### 3. Create Controls ########
# create child controls
function CreateChildControls($controls)
{
$controls.Add($tbUserName)
$button.Text = 'Add User'
Subscribe-Event $button 'Click' 'OnButtonClicked'
$controls.Add($button)
$controls.Add($lbUserName)
$controls.Add($lbuserPrincipalName)
$controls.Add($tbuserPrincipalName)
$controls.Add($lbMessage)
}
function connect-ADAM{
# This allows the use of a windows account for ADAM athentication without granting the application pool account rights to ADAM
$passwd = convertto-securestring "provide your admin password here" -asplaintext -force
$adamcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "provide your admin user",$passwd
#ADAM connection, please provide the server followed by port number of your ADAM
connect-QADService -Service localhost:65000 -Credential $adamcred
}
function New-User
{
param([String]$newlogonid,[String]$userPrincipalName)
# provide the password here for the new user
$newpassword = "password123$"
$adamconnection = connect-ADAM
New-QADUser -Name $newlogonid -UserPassword $newpassword -ParentContainer $usercontainer -userPrincipalName $userPrincipalName -Connection $adamconnection
}
####### Events ########
# handle control events
# subscribe to an event with "Subscribe-Event($control, 'eventName','callback function name')"
function OnButtonClicked($sender, $args)
{
$SnapInName = "Quest.ActiveRoles.ADManagement"
$testsnapin = $null
$testsnapin = get-pssnapin | where { $_.Name -eq $SnapInName}
if(-not $testsnapin){add-pssnapin -Name $SnapInName}
$usercontainer = 'CN=Users,CN=ADAMPartition,DC=rajkamal,DC=COM'
$userPrincipalName = $tbuserPrincipalName.Text
$newUserName = $tbUserName.Text
$connection = connect-ADAM
if(($newUserName -eq '') -or ($userPrincipal -eq ''))
{
$lbMessage.Text = 'Please provide the details'
}
else
{
$results = get-QADUser -SearchRoot $usercontainer -name $newUserName -connection $connection
$principalName= get-QADUser -SearchRoot $usercontainer -ObjectAttributes @{userPrincipalName = $userPrincipalName} -connection $connection
if(!$results)
{
if(!$principalName)
{
New-User -newlogonid $newUserName -userPrincipalName $userPrincipalName
$lbMessage.Text = 'User successfully added'
}
else
{
$lbMessage.Text = 'UserPrincipalName already exists'
}
}
else
{
$lbMessage.Text = 'User already exists'
}
}
$tbUserName.text = [string]::Empty
$tbuserPrincipalName.text = [string]::Empty
}
## render html
function Render($writer)
{
$writer.Write("<table><tr><td colspan='2'><b>Add Users in ADAM</b></td></tr><tr><td>")
$lbUserName.RenderControl($writer)
$writer.Write(":</td><td>")
$tbUserName.RenderControl($writer)
$writer.Write("</td></tr><tr><td>")
$lbuserPrincipalName.RenderControl($writer)
$writer.Write(":</td><td>")
$tbuserPrincipalName.RenderControl($writer)
$writer.Write("</td></tr><tr><td colspan='2' align='center'>")
$button.RenderControl($writer)
$writer.Write("</td><tr><td colspan='2' style='color:red;font-weight:bold;text-align:center'>")
$lbMessage.RenderControl($Writer)
$writer.Write("</td></tr></table>")
}
Windows PowerShell
Windows PowerShell (WPS) is a .NET-based environment for console-based system i.e, it is an object-oriented programming language and interactive command line shell for Microsoft windows.
WPS is similar to Perl which includes more than 130 standard commands called cmdlets (Command-lets).
Powershell is available as a free download for windows XP, windows server 2003 and vista, where as in Windows server 2008 and Windows 7 includes additional option to install this feature.
Advantages of PowerShell:
It is not preferable for larger tasks.
WPS is similar to Perl which includes more than 130 standard commands called cmdlets (Command-lets).
Powershell is available as a free download for windows XP, windows server 2003 and vista, where as in Windows server 2008 and Windows 7 includes additional option to install this feature.
Advantages of PowerShell:
- It's not a compiled language.
- It has a plug-in ecosystem with lots of 'libraries' for doing various domain specific things like copying files, playing with AD, Exchange.
- It's the right tool for a different, slightly overlapping set of jobs.
- It's a lot more powerful and consistent than CMD.EXE and other things evolved from command shells that needed to fit into 8K RAM.
- For smaller task, it is more preferable.
It is not preferable for larger tasks.
Subscribe to:
Posts (Atom)