Top 10 Posts 2014

This year was a lot of fun! A handful of speaking engagements at the Puget Sound SharePoint Users Group, one at SharePoint Saturday Redmond, along with organizing volunteers for SPS Red. And of course, a lot of posts on SharePoint!

Onto the top 10 posts of 2014, view-wise. Overall, view-wise, #1 and #2 were actually from 2013! Old posts get a lot of attention, but they don’t count.

  1. Workaround for April 2014 CU and MS14-022 Double Encoding Bug This one I’m really not surprised about, at all. This was a bug that was active for roughly 6 months, before being resolved in the September 2014 Cumulative Update. It was a major issue for on-premises farms, and while there was a “supported” workaround through modifying Display Templates, that involved a significant amount of labor and did not cover all cases of this particular bug. This workaround was definitely unsupported, but quick to implement even with a large number of servers in the farm.
  2. MS14-022 Known Issues Again, not surprised at all. Keeping people up-to-date on active, long running bugs is extremely important. During the time frame this bug was active, 2 subsequent SharePoint security hotfixes introduced this same bug. It is a careful balance between making sure your farm is up-to-date and secure, and the bugs those security hotfixes introduce.
  3. SharePoint and the Web Application Proxy Role A brand new feature introduced with Windows Server 2012 R2, we started seeing the future replacement of Threat Management Gateway and Unified Access Gateway. UAG was announced as a discontinued product in December of 2013, while removed from the price lists mid-2014. TMG was discontinued way back in 2012. While WAP in 2012 R2 doesn’t function correctly with SharePoint Apps due to the operating system limitations, this has been corrected in the preview of Windows Server 10.
  4. PowerShell for People Picker Properties Microsoft guidance for many of the People Picker properties, such as configuring a One-Way Trust, is to leverage stsadm. Stsadm has been deprecated since SharePoint 2010. This post covered some key areas where stsadm can be replaced, including setting the Application Credential Key, critical to configuring that One-Way Trust.
  5. SharePoint 2013 April 2014 CU Claims Conversion Bug Another post, another bug! Fortunately this particular bug was short-lived, corrected in the June 2014 Cumulative Update, but it prevented the Classic to Claims conversion. It also added some yet-to-be documented switches to Convert-SPWebApplication cmdlet. Microsoft, do you need another tech writer for TechNet? :-)
  6. SharePoint 2013 Service Pack 1 Released Of course, Service Pack posts are popular. They only come once a year, and they’re a big deal for a lot of administrators who stick to just the major builds.
  7. People Picker Troubleshooting Tips These are general tips of what I often look at while troubleshooting various People Picker issues. They cover some of the most common scenarios that I’ve seen on the TechNet forums.
  8. What is the SharePoint Configuration Cache? Clearing the Configuration Cache (aka Timer Job Cache) seems like the panacea of SharePoint fixes. While we’re told to do this, it often comes with a lack of understanding of what the Configuration Cache actually is. This post also explores the inner workings of the Configuration Cache.
  9. The Expense of Application Pools The advise for SharePoint in terms of configuring Application Pools has changed over time. Back in 2007, everything was to be separate (within various limits). Or for “security purposes”, Service Applications had to run under unique identities. But starting late into SharePoint 2010’s lifecycle, with the increase use of BPOS and eventually SharePoint Online in Office 365, Microsoft changed their tune telling us that less was far better. One thing I hadn’t seen was why it was better, and even I was surprised by the results. Less really is better!
  10. SharePoint 2013 and Office 365 with Yammer Integration Service Pack 1 for SharePoint 2013 introduced Office 365 for MySites/OneDrive for Business and Yammer integration. This was a simple post detailing how an administrator would go about setting this functionality up.

Below are my personal favorite posts of this year.

  1. Streamlined Topology Performance This was another recommendation by Microsoft for SharePoint topologies where we were just told “it is better”. Using Reporting Services as a test for this topology (primarily because the numbers are very easy to access), it shows just how that extra trip between the “WFE” and “App” server (the “traditional” topology) can have a negative impact on performance, and why an administrator should consider converting to the streamlined topology.
  2. The Expense of Application Pools Another fun post, using the Sysinternals VMMap tool. I don’t often get to do this type of investigation, simply because it is just so easy to throw more memory at a SharePoint server than to optimize the layout.
  3. Hyper-V Private Networks for SharePoint(/2014/06/hyper-v-private-networks-sharepoint/) While a lot of developers will attest to running SharePoint in the cloud (Azure, CloudShare, etc.) for testing purposes, my test labs often involve an entire infrastructure; Active Directory, Exchange, SharePoint, possibly reverse proxies, ADFS, and so on. While testing just SharePoint environments in the cloud is great, the expense of testing the whole infrastructure is way outside of my personal budget. The strategy outlined in this post was one I used frequently on laptops where I’d move around from network to network, but needed to maintain a private IP range and Internet access for my VMs.
  4. SharePoint with Apache mod_proxy(/2014/06/sharepoint-apache-mod_proxy/) I had seen this one, and even received requests of a “how to” from Microsoft employees on information for their customers that already deployed mod_proxy/mod_ssl in their environments and wanted to put SharePoint behind it. What can I say, I like reverse proxies!
  5. SharePoint Database Availability Group Cmdlets(/2014/05/sharepoint-database-availability-group-cmdlets/) These cmdlets when unmentioned on TechNet until November of this year, and even then are only mentioned in the Move All Databases TN page. Learning how these cmdlets work is essential for those deploying SharePoint 2013 SP1 or higher against an Availability Group, as it opens up new options for the SharePoint Administrator, and reduces the workload for the DBA.
  6. What is the SharePoint Configuration Cache? I still learn new things about the internals of SharePoint and how they work, and this was no different. Tracking down the database trigger and figuring out it’s behavior was a lot of fun.
  7. Name User Profile Property Mapping Blank After Reprovisioning(/2014/04/name-user-profile-property-mapping-blank-reprovisioning/) Not a bug, per-se, but behavior that was noted somewhere on the Internet that needed a little investigation.
  8. SharePoint 2013 April 2014 CU Claims Conversion Bug April introduced full support for SQL 2014 as well as Read-Only Secondaries (note not read-intent secondaries, SharePoint will only leverage the Primary node as of right now). I really needed this support for the SharePoint 2010 to 2013 upgrades I was helping plan, but because many of the Web Applications were Classic and I needed a fully working fallback SharePoint 2010 farm in case of an upgrade disaster, avoiding this bug was absolutely critical.
  9. SharePoint Default Timeouts(/2014/07/sharepoint-default-timeouts/) Understanding default timeouts is often critical to understanding the behavior you’re seeing with any product or protocol. This is a simple Excel sheet of many of the default timeouts one may encounter in SharePoint. It isn’t an exhaustive list, but if I’m missing any, please let me know!
  10. The Dangers of AllowHttp for SharePoint(/2014/09/dangers-allowhttp-sharepoint/) I see the use of AllowHttp quite frequently in TechNet, or as a recommended workaround for some sort of issue the administrator is encountering. Even in development environments, it is extremely unwise to leverage AllowHttp as replay attacks are extremely easy with OAuth tokens. For this post, I even got to develop my own automated replay attack utility!

I hope everyone’s year was a great one. It was great to see the community, and those at the Puget Sound SharePoint User’s Group, SPS Red, and of course the Microsoft MVP Summit.

Wishing you all the best!


Trevor Seward is a Microsoft Office Apps and Services MVP who specializes in SharePoint Server administration, hybrid scenarios, and SharePoint Online. He has been working with SharePoint for 16 years from SharePoint 2003 on up, managing environments with terabytes of content for 150,000+ user organizations. Trevor is an author of Deploying SharePoint 2016 and Deploying SharePoint 2019. You can find him on Twitter and in /r/sharepoint.