PrincipalContext and GroupPrincipal Cause Exception: the specified directory attribute or value does not exist

While writing an Web API controller I was attempting to perform an AD group membership lookup. The exception was being thrown on the line with the second if statement in the code below. By steeping through the debugger I determined which user in the group was causing the error

GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, roleName);
if (group != null)
    foreach (Principal p in group.GetMembers())
        if (p != null && currentUserPrincipal.UserPrincipalName == p.UserPrincipalName)

We work in a multi-forest, multiple domain environment. Things can be complicated. I removed the user from the AD group and hit the API controller again. This time I received no error. The user was from a forest and domain other than the one that I have administrative permissions to. So I added another user from the same domain to the group to ensure it wasn't something about the user account. I received the same error. On StackOverflow there was an answer that that pointed out that the user running the query had to have the ability to read both the built-in Computers and Users containers. I opened Active Directory Users and Computers and when I browsed to the domain I found that the Computers container did not exist. It had been deleted. I contacted an admin for the domain and I don't have a resolution for this yet, but the app is not going to work properly until that gets fixed.

ASP.Net Web API and Unity: Injecting Configuration Information Into Repositories

Recently I cam upon a situation where I needed to inject two file paths, stored in a constants file, into a file system service that would be used to list two types of files stored on the web server's file system. I was struggling with how to do this using the IoC pattern with Unity. I found a pretty simple solution using InjectionProperty and nameof.

Here is the interface that describes the FileSystemService.

public interface IFileSystemService
        string MachineFilesPath { get; set; }
        string FirmwareFilesPath { get; set; }
        List<FirmwareFile> GetFirmwareFiles();
        FirmwareFile GetFirmwareFileByName(string fileName);
        List<MachineFile> GetAllMachineFiles();
        List<MachineFile> GetMachineFiles(IEnumerable<RawMachineFile> files);

Here is the relevant code for the FileSystemService.

public class FileSystemService: IFileSystemService
        public string MachineFilesPath { get; set; }
        public string FirmwareFilesPath { get; set; }
        public IFileHasher _fileHasher { get; set; }
        //More code here...

Inside the BootStrapper or the UnityConfig, wherever you register your types, simply add InjectonProperties to the type registration. I was even able to use nameof on the IFileSystemService interface to pass the property name to Unity.

container.RegisterType<IFileHasher, FileHasher>();
container.RegisterType<IFileSystemService, FileSystemService>(
    new InjectionProperty(nameof(IFileSystemService.MachineFilesPath),
    new InjectionProperty(nameof(IFileSystemService.FirmwareFilesPath),

Windows 10 January 2015 Build - Windows failed to install the following update with error 0x80070522

I attempted to install the latest build on my work laptop that had already been running running the development preview but I received the error message:

Windows failed to install the following update with error 0x80070522

This exact same error seems to have existed in the transition to Windows 8.1 and was due to the system being domain joined. I removed my system from the domain and rebooted it. At that point I was able to install the new build and rejoin the system to the Active Directory domain.

Enabling Windows Authentication in Chrome

Chrome uses the Window's computer's Internet Options security settings for deciding when to pass NTLM/Kerberos windows authentication tokens to a web site. To ensure your users are not prompted for credentials when accessing a SharePoint site in Chrome, you can do the following:

Open Internet Option and select the Security tab, then select Trusted Sites and then configure the zone to automatically authenticate as in the image.

This can also be configured via a GPO.  "Computer Configuration" =>  "Windows Components" => "Internet Explorer" => "Internet Control Panel" => "Security Page" => "Locked-Down Trusted Sites". Don't forget to add your intranet domains to the trusted sites as well. Otherwise the GPO will be useless.

My Experience with the 70-488 Exam Developing SharePoint Core Solutions

This exam was a bit easier than the 70-489 exam. It really tested the fundamentals of my knowledge as a SharePoint developer. I was a bit surprised that I did so well on the SharePoint Apps topic. PluralSight has next to nothing on the topic and the only study source that I had was Pro SharePoint 2013 App Development by Steve Wright. That says a lot about the content of his book.

Here is the overall breakdown of my score, an 805 out of 1000.

I scored best on the Access and Manage Data objective, which makes me feel good about the work I've been doing and the effort I have put into my studies as that is the focus of what I've been doing professionally for the past three years now.

What resources did I find the most helpful?

Above all, it was Andrew Conell’s PluralSight courses on SharePoint 2013 development, Stephane Eysken’s series of videos on SharePoint ALM, and Steve Wright’s book on SharePoint Apps. These really helped me get back to the basics of SharePoint development that I had kind of neglected. Regrettably, I think the MVA for this exam was a bit of a waste of time. I got far more out of the SharePoint developer ramp up on PluralSight. Of course, Inside Microsoft SharePoint 2013 is essential, especially for developers who might be transitioning from MOSS 2007 rather than SharePoint 2010. And if you are new to SharePoint as a platform, then you should also pick up the SharePoint 2013 Developer Reference. The best advice I can give you is make sure you know the nuts and bolts of what wizards or designers in Visual Studio are doing, make sure you have a firm understanding of SharePoint administration (all SharePoint devs are SharePoint admins by default), and if you don’t know PowerShell, you don’t know nuttin’!

MCSD Exam 70-488 Resources - Implementing SharePoint Solutions

Manage SharePoint Object Life Cycle.
This objective may include but is not limited to: implement Object Life Cycle management for SPWeb, implement Object Life Cycle management for SPSite, implement Object Life Cycle management for other objects, implement Object Life Cycle management with Windows PowerShell, implement Object Life Cycle management for SPContext

Disposing SPWeb and SPSite objects
Using Windows PowerShell with SharePoint 2010 and SharePoint 2013 Gary Lapoint [Twitter] [Blog] - For this topic, pay especial attention to the last two parts of the first section.

Upgrade Solutions and Features.
This objective may include but is not limited to: implement versioning of features and solutions, upgrade features and solutions, implement assembly versioning, build components for in-process request routing

Application Lifecycle Management of Farm Solutions
(structuring and upgrading solutions)
Configuring Versioning of Assemblies in SharePoint Automated Build Chris O'Brien [Twitter] [Blog]
Feature Upgrades

Determine a Solution Structure.
This objective may include but is not limited to: select feature scope and visibility, define feature dependencies, define solution dependencies, organize SharePoint project items, structure app packages

Differences Between Sandboxed and Farm Solutions
Project structure and properties of apps for SharePoint in Visual Studio
Project structure and properties of apps for SharePoint in Visual Studio

Create Sandbox Solutions.
This objective may include but is not limited to: scope features to constraints, identify SharePoint artifacts that can be used in sandbox, access data outside of Sandbox scope, configure and troubleshoot sandbox solution deployment, upgrade sandbox solutions, implement solutions validators

Create a No-Code Solution.
This objective may include but is not limited to: configure no-code customizations for the SharePoint 2013 platform, create XSLT for web parts, create and upload JavaScript files, create Display Templates

SharePoint 2013 Search display templates and query rules
Changing the look of Search using Display Templates and CSR
Using jQuery and Display Templates to create modern Web Sites


MCSD Exam 70-488 Resources - Implement Authorization and Authentication (10-15 percent)


Sahil Malik has 2 very good courses on PluralSight that, while they cover SharePoint 2010, are still very applicable to SharePoint 2013 as nearly nothing in the Server Objectmodel has changed. The only caution that I would have is that you should go over some of the claims material that he covers as that has changed enough that you will not want to rely on his video alone for this exam.
SharePoint 2010 Security, Sahil Malik [Twitter] [blog]
SharePoint 2010 Security Part 2

One thing to point out, Sahil states that permissions can be logically OR'ed, what does that mean? Here is an explanation and example from MSDN.
MSDN SPPermission.PermissionMask property

To define a permission mask that consists of multiple rights, use the pipe symbol ("|") in Microsoft Visual C# or Or in Microsoft Visual Basic to delimit the rights.

SPSite oSiteCollection = SPContext.Current.Site;
using(SPWeb oWebsite = oSiteCollection.AllWebs["Site_Name"])
    SPMember oMember = oWebsite.Roles["Role_Name"];
    oWebsite.Permissions[oMember].PermissionMask = 
        SPRights.ManageLists | SPRights.ManageListPermissions;

Implement user authentication.
This objective may include but is not limited to: create a custom claims provider, create a custom sign-in page, create a custom membership provider, package and deploy a custom claims provider, package and deploy a custom membership provider, authenticate a user from a client application
Understanding the Fundamentals of SharePoint Claims-Based Authentication, Georgiana Badea (If you only have time for one video between this and the next, pick this one!)
Claims Based Authentication - Migrating to the new SharePoint 2013 Identity Model,  Nathan Miller, Israel Vega
Claims provider in SharePoint 2013
How to: Create a claims provider in SharePoint 2013
How to: Deploy a claims provider in SharePoint 2013

Implement application authentication and authorization.
This objective may include but is not limited to: use the SharePoint App TokenHelper class, specify the App permission request scope manifest and permission request manifest, specify permissions for Office Store Apps, specify permissions for Corporate Catalog Apps, specify permissions for remote apps to access SharePoint data

Plan and implement user authorization.
This objective may include but is not limited to: create custom role definitions, create custom permission levels, maintain permissions, implement impersonation, plan and implement anonymous access, create a custom role manager

MCSD Exam 70-488 Resources - Plan and Design SharePoint Sites

This guide is for the SharePoint 2013 Developing Core Solutions exam. It covers material listed under the Skills Measured section titled Plan and Design SharePoint Sites. These types of questions should cover between 10% - 15% of the material. If you find this guide helpful, let me and the content creators know on Twitter. 

Manage the site life cycle.
This objective may include but is not limited to: create a delayed site collection, manage site collection disposition, identify inactive site collections, back up and archive site collection data
SPWeb.LastItemModifiedDate Property [MSDN]
SharePoint StackExchange: What does SPSite.LastContentModifiedDate track? (If you find this useful, upvote the question and the answer! Pay attention to PirateEric's comment on the answer as well.)
SPSite.LastSecurityModifedDate [MSDN]
Backup-SPSite [MSDN] 

Configuring SharePoint 2013 Farm with PowerShell, Jeff Adkin [Twitter] [Blog]

Create content types.
This objective may include but is not limited to: subscribe to published content types, choose appropriate content type creation, use Schema Development, create content types using Object Model, create site columns, use content type inheritance
Understanding SharePoint 2013: Part 4 - Conventional Development, Sahil Malik [Twitter] [Blog]
Inside Microsoft SharePoint 2013: Chapter 9 SharePoint Lists

Manage content type behaviors.
This objective may include but is not limited to: manage event receivers, manage workflow associations, manage policies, manage document templates
SharePoint 2013 Workflow - Advanced Topics, Andrew Connell [Twitter] [Blog]
Inside Microsoft SharePoint 2013: Chapter 9 SharePoint Lists

Implement site provisioning.
This objective may include but is not limited to: create site definitions, create web templates, implement feature stapling, implement custom provisioning code
SharePoint 2013 Developer Ramp-Up - Part 5, Andrew Connell  [Twitter] [Blog]
Inside Microsoft SharePoint 2013: Chapter 11 SharePoint Site Provisioning
Branding SharePoint 2013 My Sites with Feature Stapling
Self-Service Site Provisioning using Apps for SharePoint 2013
Feature Stapling

$expand and Lookup Fields in SharePoint 2013

When using the ListData.svc in SharePoint 2010 you were able to bring the data of the associated list item with a lookup field in your primary list just by including the field name in the URL query string using the $expand option.  For example, if I had a list called Purchase Orders and that list had a lookup field called Customer I could bring all the associated data with the selected customer like address and other contact details. But as I found out on MSDN the SharePoint 2013 REST API does not support bulk expansion. Instead you have to specify the fields you want to be brought back from the lookup list in both the $select and the $expand options of the query string. If I had a Test List in SharePoint 2010 and wanted to access the values of the list item in the lookup called Status, I could simply append ?$expand=Status to the URL.  In 2013, though, I also have to include the select option...

Narrative Bias and Recipes for Disaster

How unreasonable expectations for estimation set your people up for failure

Consciously we know that everyone, every single human on this planet, suffers from cognitive biases. If we are interested in improving our selves as professionals and people, we try to be introspective and cultivate metacognition (thinking about thinking). But the fact is we may always fall prey to errors in logic, especially when we are the ones who construct those errors. This article is written for people who are stakeholders in any sort of project but the fact is I hope it can be useful for anyone, especially Product Owners or Scrum Masters to use when working with stake holders to help manage unreasonable expectations when they come. And they always come.