PrincipalContext and GroupPrincipal Cause Exception: the specified directory attribute or value does not exist

While writing an ASP.net Web API controller I was attempting to perform an AD group membership lookup. The exception was being thrown on the line with the second if statement in the code below. By steeping through the debugger I determined which user in the group was causing the error

GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, roleName);
if (group != null)
{
    foreach (Principal p in group.GetMembers())
    {
        if (p != null && currentUserPrincipal.UserPrincipalName == p.UserPrincipalName)
        {
            roles.Add(roleName);
            break;
        }
    }
}

We work in a multi-forest, multiple domain environment. Things can be complicated. I removed the user from the AD group and hit the API controller again. This time I received no error. The user was from a forest and domain other than the one that I have administrative permissions to. So I added another user from the same domain to the group to ensure it wasn't something about the user account. I received the same error. On StackOverflow there was an answer that that pointed out that the user running the query had to have the ability to read both the built-in Computers and Users containers. I opened Active Directory Users and Computers and when I browsed to the domain I found that the Computers container did not exist. It had been deleted. I contacted an admin for the domain and I don't have a resolution for this yet, but the app is not going to work properly until that gets fixed.

ASP.Net Web API and Unity: Injecting Configuration Information Into Repositories

Recently I cam upon a situation where I needed to inject two file paths, stored in a constants file, into a file system service that would be used to list two types of files stored on the web server's file system. I was struggling with how to do this using the IoC pattern with Unity. I found a pretty simple solution using InjectionProperty and nameof.

Here is the interface that describes the FileSystemService.

public interface IFileSystemService
{
        string MachineFilesPath { get; set; }
        string FirmwareFilesPath { get; set; }
        List<FirmwareFile> GetFirmwareFiles();
        FirmwareFile GetFirmwareFileByName(string fileName);
        List<MachineFile> GetAllMachineFiles();
        List<MachineFile> GetMachineFiles(IEnumerable<RawMachineFile> files);
}

Here is the relevant code for the FileSystemService.

public class FileSystemService: IFileSystemService
{
        [Dependency]
        public string MachineFilesPath { get; set; }
        [Dependency]
        public string FirmwareFilesPath { get; set; }
        [Dependency]
        public IFileHasher _fileHasher { get; set; }
        //More code here...
    
}

Inside the BootStrapper or the UnityConfig, wherever you register your types, simply add InjectonProperties to the type registration. I was even able to use nameof on the IFileSystemService interface to pass the property name to Unity.

container.RegisterType<IFileHasher, FileHasher>();
container.RegisterType<IFileSystemService, FileSystemService>(
    new InjectionProperty(nameof(IFileSystemService.MachineFilesPath),
                          Constants.MACHINE_FILES_PATH),
    new InjectionProperty(nameof(IFileSystemService.FirmwareFilesPath),
                          Constants.FIRMWATE_PATH));

Windows 10 January 2015 Build - Windows failed to install the following update with error 0x80070522

I attempted to install the latest build on my work laptop that had already been running running the development preview but I received the error message:

Windows failed to install the following update with error 0x80070522

This exact same error seems to have existed in the transition to Windows 8.1 and was due to the system being domain joined. I removed my system from the domain and rebooted it. At that point I was able to install the new build and rejoin the system to the Active Directory domain.

Enabling Windows Authentication in Chrome

Chrome uses the Window's computer's Internet Options security settings for deciding when to pass NTLM/Kerberos windows authentication tokens to a web site. To ensure your users are not prompted for credentials when accessing a SharePoint site in Chrome, you can do the following:

Open Internet Option and select the Security tab, then select Trusted Sites and then configure the zone to automatically authenticate as in the image.

This can also be configured via a GPO. "Computer Configuration" => "Windows Components" => "Internet Explorer" => "Internet Control Panel" => "Security Page" => "Locked-Down Trusted Sites". Don't forget to add your intranet domains to the trusted sites as well. Otherwise the GPO will be useless.

My Experience with the 70-488 Exam Developing SharePoint Core Solutions

This exam was a bit easier than the 70-489 exam. It really tested the fundamentals of my knowledge as a SharePoint developer. I was a bit surprised that I did so well on the SharePoint Apps topic. PluralSight has next to nothing on the topic and the only study source that I had was Pro SharePoint 2013 App Development by Steve Wright. That says a lot about the content of his book.

Here is the overall breakdown of my score, an 805 out of 1000.

I scored best on the Access and Manage Data objective, which makes me feel good about the work I've been doing and the effort I have put into my studies as that is the focus of what I've been doing professionally for the past three years now.

What resources did I find the most helpful?

Above all, it was Andrew Conell’s PluralSight courses on SharePoint 2013 development, Stephane Eysken’s series of videos on SharePoint ALM, and Steve Wright’s book on SharePoint Apps. These really helped me get back to the basics of SharePoint development that I had kind of neglected. Regrettably, I think the MVA for this exam was a bit of a waste of time. I got far more out of the SharePoint developer ramp up on PluralSight. Of course, Inside Microsoft SharePoint 2013 is essential, especially for developers who might be transitioning from MOSS 2007 rather than SharePoint 2010. And if you are new to SharePoint as a platform, then you should also pick up the SharePoint 2013 Developer Reference. The best advice I can give you is make sure you know the nuts and bolts of what wizards or designers in Visual Studio are doing, make sure you have a firm understanding of SharePoint administration (all SharePoint devs are SharePoint admins by default), and if you don’t know PowerShell, you don’t know nuttin’!

MCSD Exam 70-488 Resources - Implementing SharePoint Solutions

Manage SharePoint Object Life Cycle.
This objective may include but is not limited to: implement Object Life Cycle management for SPWeb, implement Object Life Cycle management for SPSite, implement Object Life Cycle management for other objects, implement Object Life Cycle management with Windows PowerShell, implement Object Life Cycle management for SPContext

Disposing SPWeb and SPSite objects
Using Windows PowerShell with SharePoint 2010 and SharePoint 2013 Gary Lapoint [Twitter] [Blog] - For this topic, pay especial attention to the last two parts of the first section.

Upgrade Solutions and Features.
This objective may include but is not limited to: implement versioning of features and solutions, upgrade features and solutions, implement assembly versioning, build components for in-process request routing

Application Lifecycle Management of Farm Solutions
(structuring and upgrading solutions)
Configuring Versioning of Assemblies in SharePoint Automated Build Chris O'Brien [Twitter] [Blog]
Feature Upgrades

Determine a Solution Structure.
This objective may include but is not limited to: select feature scope and visibility, define feature dependencies, define solution dependencies, organize SharePoint project items, structure app packages

Differences Between Sandboxed and Farm Solutions
Project structure and properties of apps for SharePoint in Visual Studio
Project structure and properties of apps for SharePoint in Visual Studio

Create Sandbox Solutions.
This objective may include but is not limited to: scope features to constraints, identify SharePoint artifacts that can be used in sandbox, access data outside of Sandbox scope, configure and troubleshoot sandbox solution deployment, upgrade sandbox solutions, implement solutions validators

Create a No-Code Solution.
This objective may include but is not limited to: configure no-code customizations for the SharePoint 2013 platform, create XSLT for web parts, create and upload JavaScript files, create Display Templates

SharePoint 2013 Search display templates and query rules
Changing the look of Search using Display Templates and CSR
Using jQuery and Display Templates to create modern Web Sites

MCSD Exam 70-488 Resources - Implement Authorization and Authentication (10-15 percent)

SPSecurableObject
SPMember
SPRole
SPPrincipal
SPGroup
SPUser

Class Inheritance Diagram

Sahil Malik has 2 very good courses on PluralSight that, while they cover SharePoint 2010, are still very applicable to SharePoint 2013 as nearly nothing in the Server Objectmodel has changed. The only caution that I would have is that you should go over some of the claims material that he covers as that has changed enough that you will not want to rely on his video alone for this exam.
SharePoint 2010 Security, Sahil Malik [Twitter] [blog]
SharePoint 2010 Security Part 2

One thing to point out, Sahil states that permissions can be logically OR'ed, what does that mean? Here is an explanation and example from MSDN.
MSDN - SPPermission.PermissionMask property

To define a permission mask that consists of multiple rights, use the pipe symbol ("|") in Microsoft Visual C# or Or in Microsoft Visual Basic to delimit the rights.

SPSite oSiteCollection = SPContext.Current.Site;
using(SPWeb oWebsite = oSiteCollection.AllWebs["Site_Name"])
{
    SPMember oMember = oWebsite.Roles["Role_Name"];
    oWebsite.Permissions[oMember].PermissionMask = 
        SPRights.ManageLists | SPRights.ManageListPermissions;
}

Implement user authentication.
This objective may include but is not limited to: create a custom claims provider, create a custom sign-in page, create a custom membership provider, package and deploy a custom claims provider, package and deploy a custom membership provider, authenticate a user from a client application
Understanding the Fundamentals of SharePoint Claims-Based Authentication, Georgiana Badea (If you only have time for one video between this and the next, pick this one!)
Claims Based Authentication - Migrating to the new SharePoint 2013 Identity Model, Nathan Miller, Israel Vega
Claims provider in SharePoint 2013
How to: Create a claims provider in SharePoint 2013
How to: Deploy a claims provider in SharePoint 2013

Implement application authentication and authorization.
This objective may include but is not limited to: use the SharePoint App TokenHelper class, specify the App permission request scope manifest and permission request manifest, specify permissions for Office Store Apps, specify permissions for Corporate Catalog Apps, specify permissions for remote apps to access SharePoint data

Plan and implement user authorization.
This objective may include but is not limited to: create custom role definitions, create custom permission levels, maintain permissions, implement impersonation, plan and implement anonymous access, create a custom role manager

MCSD Exam 70-488 Resources - Plan and Design SharePoint Sites

This guide is for the SharePoint 2013 Developing Core Solutions exam. It covers material listed under the Skills Measured section titled Plan and Design SharePoint Sites. These types of questions should cover between 10% - 15% of the material. If you find this guide helpful, let me and the content creators know on Twitter.

Manage the site life cycle.
This objective may include but is not limited to: create a delayed site collection, manage site collection disposition, identify inactive site collections, back up and archive site collection data
SPWeb.LastItemModifiedDate Property [MSDN]
SPSite.LastContentModifiedDate
SharePoint StackExchange: What does SPSite.LastContentModifiedDate track? (If you find this useful, upvote the question and the answer! Pay attention to PirateEric's comment on the answer as well.)
SPSite.LastSecurityModifedDate [MSDN]
Backup-SPSite [MSDN]

Configuring SharePoint 2013 Farm with PowerShell, Jeff Adkin [Twitter] [Blog]

Create content types.
This objective may include but is not limited to: subscribe to published content types, choose appropriate content type creation, use Schema Development, create content types using Object Model, create site columns, use content type inheritance
Understanding SharePoint 2013: Part 4 - Conventional Development, Sahil Malik [Twitter] [Blog]
Inside Microsoft SharePoint 2013: Chapter 9 SharePoint Lists

Manage content type behaviors.
This objective may include but is not limited to: manage event receivers, manage workflow associations, manage policies, manage document templates
SharePoint 2013 Workflow - Advanced Topics, Andrew Connell [Twitter] [Blog]
Inside Microsoft SharePoint 2013: Chapter 9 SharePoint Lists

Implement site provisioning.
This objective may include but is not limited to: create site definitions, create web templates, implement feature stapling, implement custom provisioning code
SharePoint 2013 Developer Ramp-Up - Part 5, Andrew Connell [Twitter] [Blog]
Inside Microsoft SharePoint 2013: Chapter 11 SharePoint Site Provisioning
Branding SharePoint 2013 My Sites with Feature Stapling
Self-Service Site Provisioning using Apps for SharePoint 2013
Feature Stapling

My Experience with the 70-489 Developing Advanced Solutions Exam

I took and passed the exam today after five weeks of exam specific study. In the last week of January, I completed the 20489B exam at MAX Technical Training. It was a weeklong course taught by MVP Mike Smith and was an excellent course that mapped very well to what was actually covered in the exam. There were, however, a few holes as there always are. The major benefit that I got out of the course were the virtual labs. I was able to use them for review and experimentation throughout the month and I plan to reuse the VMs to assist with taking the 70-488 at the end of March. My motivation for taking the Advanced Solutions before the Core Solutions was based strictly on the fact that work was willing to pay for the 20489B course.

The exam itself was the hardest Microsoft certification exam that I have every taken...

$expand and Lookup Fields in SharePoint 2013

When using the ListData.svc in SharePoint 2010 you were able to bring the data of the associated list item with a lookup field in your primary list just by including the field name in the URL query string using the $expand option. For example, if I had a list called Purchase Orders and that list had a lookup field called Customer I could bring all the associated data with the selected customer like address and other contact details. But as I found out on MSDN the SharePoint 2013 REST API does not support bulk expansion. Instead you have to specify the fields you want to be brought back from the lookup list in both the $select and the $expand options of the query string. If I had a Test List in SharePoint 2010 and wanted to access the values of the list item in the lookup called Status, I could simply append ?$expand=Status to the URL. In 2013, though, I also have to include the select option...

Advancing my Skills as a SharePoint and Web Developer

I've always really enjoyed getting Microsoft certifications. I know that the use of brain dumps devalues them in the eyes of many, and that in the developer world they are not really considered important by companies that aren't Microsoft partners. But I believe that the structure that they provide for learning is very valuable, even if you don’t end up taking the exam. If you use the “Skills Measured” section of the exams objectives as a study guide, you can get a very strong foundation in a technology pretty quickly. Most recently, I really wanted to up my game in web development in general and in SharePoint development more specifically. For this reason, I decided to go after both the MCSD Web Applications and MCSD SharePoint Applications certifications. To achieve both of these credentials you have to take a total of 5 exams. The base level exams for both certification are the 70-480, covering HTML5 and JavaScript, and the 70-486, which covers ASP.NET MVC and Web API development. As of writing this, I have completed these two and I am currently preparing for the 70-489 Developing Advanced Solutions. I took an in-person training at MAX Training in Mason, Ohio and thought it was highly beneficial. Not least of all because we received access to virtual labs for a period of 6 months via a web interface similar to what CloudShare offers for SharePoint development. So I am able to return to those labs and review as well as go deeper into some of the topics. I’m currently in the process of writing up a study guide, I have posted some of it on TechExams but I intend on posting the final result here as well as my study notes for the 70-488 Developing Core Solutions and the 70-486 focusing on Azure development. Once I've completed them, I will publish links to the study guides here.

Study Guides

70-480 - My Semi-complete study guide - MVA Jump Start

70-486 - Study Guide by Virok - MVA MVC Developing Jump Start - MVA Building Web Apps

70-489 - OneNote Notes -

70-488

Plan and Design SharePoint Sites

70-487

Narrative Bias and Recipes for Disaster

How unreasonable expectations for estimation set your people up for failure

Consciously we know that everyone, every single human on this planet, suffers from cognitive biases. If we are interested in improving our selves as professionals and people, we try to be introspective and cultivate metacognition (thinking about thinking). But the fact is we may always fall prey to errors in logic, especially when we are the ones who construct those errors. This article is written for people who are stakeholders in any sort of project but the fact is I hope it can be useful for anyone, especially Product Owners or Scrum Masters to use when working with stake holders to help manage unreasonable expectations when they come. And they always come.