Advancing Productivity and Operational Efficiency through Cloud Services and Apps


SharePoint 2010

SharePoint 2010 ActivityEvent Owner vs Publisher

I was recently asked to provide some clarification around the differences between ActivityEvent.Owner and ActivityEvent.Publisher. Each of these are properties of SharePoint ActivityEvents, that is the actual activities in your SharePoint activity feeds; these are the feeds that you would typically see in the “My Newsfeeds” section of your “My Sites”. I’ll assume that if you are reading this posting you are looking to understand what the differences are between these 2 properties and already have a relatively good understanding of the SharePoint 2010 Activity Feed model; if you don’t, I highly recommend you start by looking at the following blog posting Activity Feeds, Social Ratings, Tags and Notes which provides a good overview of the Activity Feed underlying architecture in SharePoint 2010.

As far as the differences between the ActivityEvent.Owner and ActivityEvent.Publisher, we need to take a quick step back and reflect on the overall activity feed architecture; specifically how each activity event propagates and how each user ultimately has their own activity feed. In essence, if I generate an activity such as tagging or liking a document, that activity event gets created in my activity feed; but it wont appear on my colleagues activity feeds until its been propagated (in a way duplicated,) to their personal activity feed.

So with that in mind, when an ActivityEvent originates, the publisher and owner would probably the same; it first get created in the originating users activity feed (hence that user owns it), and he/she is also the person that performed the activity (the publisher.) Once the activity propagates to another users activity feed, such as that of a colleague, that other user would be designated as the owner of the newly created (propagated) activity (its in their personal feed), while the publisher would remain the originating user.

Changing SharePoint 2010 Managed Account Passwords with PowerShell

A SharePoint 2010 Managed Account, is essentially a Service Account whose credentials are managed by SharePoint, which can automatically change the password of the account based on a given policy / schedule. Check out the posting “Managed Accounts” in Bill Baer’s Blog for more detailed information.

While most of the configuration of managed accounts will likely take place in Central Administration, at some point you may need (or simply prefer) to change the password via PowerShell. Personally, I ran into the need, as my farm account password had been changed and the Central Administration site would not run.

I used the following PowerShell script to change the Managed Account password.

$ver = $host | select versionif ($ver.Version.Major -gt 1)  {$Host.Runspace.ThreadOptions = ReuseThread"}Add-PsSnapin Microsoft.SharePoint.PowerShellSet-location $home

$inManagedAcct = Read-Host 'Service Account'

$managedAcct = Get-SPManagedAccount $inManagedAcct

$inPass = Read-Host 'Enter Password' -AsSecureString$inPassConfirm = Read-Host'Confirm Password' -AsSecureString

Set-SPManagedAccount -Identity $managedAcct -NewPassword $inPass -ConfirmPassword $inPassConfirm -SetNewPassword

Click here to download the PS1 file. You may need to remove the first few lines that load the SharePoint PowerShell snap-in, if you intend to run the script from the “SharePoint 2010 Management Shell” console.

SharePoint 2010 Business Connectivity Services (BCS) – Breakdown of Authentication Modes and other Security Considerations

The Microsoft Business Connectivity Services Team Blog is quickly becoming one of my favorite SharePoint blogs. Their most recent posting, Authenticating to Your External System,  does an excellent job of breaking down the available authentication modes available.

Security is one of the most important things to consider when connecting to external systems using Business Connectivity Services, and this article is a great place to get started. Check it out at:

SharePoint Saturday Houston, May 1st 2010. Now Open for Registration

The Houston SharePoint User Group (HSPUG) is proud to present the first SharePoint Saturday event for the greater Houston area on May 1, 2010.

This event will be from 8:00 am – 6:00 pm at Norris Conference Center, 803 Town & Country Lane, Houston, TX 77024.  713-590-0950.  We will provide a continental breakfast, break refreshments and hot lunch.  Parking is free in the parking garage (adjacent to Norris and Studio Movie Grill) in the 3rd level and above.  Enter Norris on the third level from the south end of the parking garage.

About SharePoint Saturday:  Whether you are a IT professional, professional, business owner, manager or enthusiast, SharePoint Saturday is an educational, informative & lively day filled with sessions from respected SharePoint professionals & MVPs, covering a wide variety of SharePoint-orientated topics. SharePoint Saturday is FREE, open to the public and is your local chance to immerse yourself in SharePoint!

Seats are limited so, register today!

digg_url = “”;digg_title = “SharePoint Saturday Houston, May 1st 2010. Now Open for Registration”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;

What’s my SharePoint 2010 Content Database ID?

There are several commands that may require you to pass in a SharePoint Content Database ID. PowerShell makes it easy, just use the Get-SPContentDatabase command.

Pass in the WebApplication Parameter to get a list of all of your Content Databases for that Web Application:


Need to know the Content Database of a specific site (web)? Just pass in the site parameter:


For a complete list of SharePoint 2010 Content Database Powershell cmdlets go to

digg_url = “”;digg_title = “What’s my SharePoint 2010 Content Database ID?”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;

(BCS) Business Connectivity Services Team Blog

Looking for a good source of technical information on SharePoint 2010 Business Connectivity Services. Check out the Business Connectivity Services Team blog at 

digg_url = “”;digg_title = “(BCS) Business Connectivity Services Team Blog”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;

How-To Video: Changing Application Pool Accounts in SharePoint 2010

Yet another cool feature in SharePoint 2010 is the “Managed Accounts” concept. Once configured SharePoint can automatically reset service account passwords on a schedule, detect imminent password expirations and notify an administrator, and automatically propagate service account changes to all of the servers in the farm.

Check out the following TechNet article for more information: Plan automatic password change (SharePoint Foundation)

digg_url = “”;digg_title = “How-To Video: Changing Application Pool Accounts in SharePoint 2010”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;

BCS External List Error – Cannot Connect to the LobSystems (External System)

There are several good posts out there providing examples and step by step instructions on how to create external content types with SharePoint 2010 BCS. Unfortunately most fail to provide any warnings or guidance around Authentication; which should be, without a doubt, one of the most important things to consider. Most of these examples work flawlessly… until you try to view your external content type with another user account lacking some sort of access to the external system; and you encounter an error that resembles the following: Cannot connect to the LobSystem (External System)

Fortunately, the solution is likely simple… But you’ll have many thing to consider; what kind of access you need to grant to which accounts, do those accounts need to be mapped back to equivalent accounts in the external system, whether or not to map AD groups rather than individual accounts to accounts in the external systems, and many more that will quickly become apparent fairly quickly.

Of course if you are reading this post, you’ve likely ran into the error and are looking for a solution. Unfortunately there isn’t a one size fits all, and I wouldn’t necessarily consider it an error; more of a warning, a heads up, that you may have not thought the whole thing through. This will definitely be a subject upon which many best practices will come to surface. But, while I can’t give you the right solution for your particular scenario (there are many ways to skin this cat;) I should be able to point you in the right direction.

Chances are that if you followed one of the many posts which describe how to do this, you chose “Connect with User’s Identity” when creating your connection.



You’ll quickly come to realize that in most scenarios not all users have direct read or write access to external systems, often times they don’t even use a Windows Identity. Fortunately, our solution (or at least part of it,) is right under our noses:

If you are wondering what the Secure Store Application ID is, it refers the Secure Store Service, which you’ll want to do some reading on. I recommend you start here ( for a short but good description, and follow up here ( for detailed steps on how to set it up.

Essentially, you’ll need to create a Secure Store Service Application of type “Individual” or “Group” with several options for each. An application of type “Individual” will require you to map each user to a unique set of credentials (there is an option to create a page from where users can specify there own credentials.) An application of type “Group” will allow you to map a unique set of credentials to a specific AD Group; I suspect this will be the most common scenario.


You’ll then be prompted to configure the various fields which may be required to provide credentials to the external data source. If the external system uses Windows Authentication, the default ones should work just fine.


Next, you’ll need to specify the administrators and members of the target application (read the description of each carefully)

Finally, select your application and specify the credentials that will be used to connect. The Secure Stored Service Application will use these credentials whenever anybody from the specified group tries to connect to the external system.


Now, reconfigure your connection to use the ID of the Secure Store Application in my case “My Secure Store Application”, perform an IIS Reset, and you are likely done.

If by any chance you are not, and instead you receive: “Access denied by Business Data Connectivity.” You’ll need to go to Central Admin > App Management > Manage Service Applications > Business Data Connectivity; and grant your users access to your External Content Type.


digg_url = “”;digg_title = “BCS External List Error – Cannot Connect to the LobSystems (External System)”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;

H-SPUG Presentation – SharePoint 2010 Upgrade Overview and Motivators

Thanks to everyone who attended the event last night. As promised here is a copy of the presentation:

SharePoint 2010 Upgrade and Motivators.

digg_url = “”;digg_title = “H-SPUG Presentation – SharePoint 2010 Upgrade Overview and Motivators”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;

Create a free website or blog at

Up ↑

%d bloggers like this: