Author Archives: ArmgaSys

SharePoint: Upgrade 2013 content to 2016

Performing an upgrade to SharePoint 2016 is relatively straight forward, but is not as easy as upgrading, say, Microsoft Office.  There are some considerations which must be taken into account before performing an upgrade.

Consideration#1: There is no direct upgrade from SharePoint 2010 to SharePoint 2016
You can only upgrade from SharePoint 2013 content databases.  If you have a SharePoint 2010 installed, please upgrade to SharePoint 2013 first.  See this blog entry on how to upgrade to 2013.

Consideration #2: There is no in-place upgrade from SharePoint 2013
You must upgrade each content database using the Database Attach and upgrade Method.  This blog entry will cover the attach and upgrade method in detail.

Consideration #3: SharePoint 2016 does not support classic mode authentication.
In our experience, many SharePoint 2013 web applications still utilize classic mode authentication.  For content databases using classic mode authentication, you must migrate to Claims Based authentication before you begin migrating your data.  See the Dealing with legacy (classic mode) Authentication section at the end of this blog post before you start your migration process!

OK, Lets dive into the details
IMPORTANT: We strongly recommend reading all of the steps below *before* beginning the migration and upgrade process.  It’ll just make your life much easier Smile

Step#0 – Backup everything related to the content database you are migrating
Nuf’ said!

Step#1 – Attach the SharePoint 2013 content database to the new database server.
This step only applies if you are also migrating to a new database server during the SharePoint 2016 migration process. If you are not changing database servers, skip to step#2 as the content database will already be in place and ready to upgrade.

Step#2 – Create a new web application in SharePoint 2016

  1. Launch SharePoint 2016 Central Administration web site.
  2. Navigate: Application Management –> Manage Web Applications
  3. Click New on the ribbon
  4. Configure the new web application to replicate the web application being migrated
    NOTE: Take the default for Database Name which is “WSS_Content”

Step#3 – Delete the content database which was just created in Step#2
Yes, you read correctly, delete the content database.

  1. Launch SharePoint 2016 Central Administration web site.
  2. Navigate: Application Management –> Manage Content Databases
  3. Select the web application created in step#2 from the web application drop down located in the upper right of the browser
  4. Click on the Database Name which was created in step#2
    It should be named WSS_Content
  5. Scroll to the bottom of the database information page displayed and check the Remove Content Database checkbox
  6. Click the OK button

So, what is happening here?
SharePoint requires a target web application for ALL content databases. Why? Because the web application determines which features are supported and installed for all content hosted by that web application. When the actual migration process occurs, the upgrade software scans the content database for all of the features being used by the content (I.E. lists, document repositories, third party, web parts, etc.) and then determines if the target web application supports that feature.

The problem we encounter is that SharePoint has nicely created an empty content database which we are never going to use because we already HAVE a content database (the one we are migrating). So, we need to perform a little bit of cleanup work.

Step#4 – Validate the SharePoint 2013 content database can be upgraded
SharePoint provides a PowerShell comment which will validate the content database against the web application created in Step#3.

  1. Launch SharePoint 2016 Management Shell as an administrator
  2. Enter the following command

Test-SPContentDatabase
-Name <DatabaseName>
-WebApplication <URL>

Example:

Test-SPContentDatabase
-Name “WSS_Contoso2010ContentDB”
-WebApplication https://www.contoso.com

Review the output for any issues listed as Upgrade Blocked: Yes
Any issue listed as Upgrade Blocked will need to be corrected.
Google will be your dearest friend if you encounter Upgrade Blocked: Yes

Step#5 – Mount the database onto the web application created in Step#3
This step will upgrade and mount the database against your newly created web application

  1. Launch SharePoint 2016 Management Shell as an administrator
  2. Enter the following command

Mount-SPContentDatabase
-Name <DatabaseName>
-WebApplication <URL>

Example:

Mount-SPContentDatabase
-Name “WSS_Contoso2010ContentDB”
-WebApplication https://www.contoso.com

Step#6 – Reset and validate!
We recommend executing an IISRESET after each migration / upgrade is completed.
Then launch the SharePoint site to validate everything is running.

Dealing with legacy (classic mode) Authentication
Classic mode authentication has been officially depreciated by Microsoft.  If you are migrating a classic mode authentication based content database, you must convert the database to claims based authentication before migration (I.E. while the content database is still attached to SharePoint 2013).  You convert the database to claims based using the Convert-SPWebApplication PowerShell command. 

  1. Launch SharePoint 2013 Management Shell as an administrator
  2. Enter the following command

Convert-SPWebApplication
-Identity <URL>
-To Claims
-RetainPermissions

Example:

Convert-SPWebApplication
-Identity https://www.contoso.com
-To Claims
-RetainPermissions

‘The directory service is busy’ error when renaming a domain computer

This one was a new one… and a bugger to track down!  While renaming domain computers, several of the rename operations would encounter an error during the rename process of

The following error occurred attempting to rename the computer to [New Name]:
The directory service is busy.

image

Well, if you have SQLExpress or SQLServer installed, the error may be leading you down the wrong path.  In our particular case, the error was a security error related to SQLExpress / SQLServer SPNs (Service Principal Name).  Basically, the rename operation could not rename the SPNs.

How to identify a potential SPN issues

  1. Open a CMD prompt as an administrator
  2. enter the command:
    setspn –L [Computer Name]
  3. Check for *any* registered SPN which is in the format of
    MSSQLSvc/[Computer Name]:[Instance Name]

In short, if you have *any* SPN which starts with MSSQLSvc, you will not be able to rename your computer!

How to fix SPN issues

  1. For *each* identified SPN above, you must delete the SPN using the following command:
    setspn –d [SPN Name] [ComputerName]
    Important: You must use the full SPN name as identified via the setspn –L command.  These will be in the format of MSSQLSvc/Computer.domain.tld:instance

That is it!  You can now rename your computer!

Provision Samsung EVO SSD drives for BitLocker

Samsung EVO SSD drives (Such as the 850 EVO and 850 PRO) now support Microsoft’s eDrive hardware encryption.  With a correctly provisioned device, you can now encrypt your entire drive without the ugly performance impacts BitLocker normally extracts.

…And there was much rejoicing!  … Wait a second, he said “With a correctly provisioned device”…

It seems provisioning Samsung EVO SSDs is a non-trivial task.  The high-level steps to provision a Samsung EVO SSD are:
(We are conveniently ignoring things like UEFI BIOS settings, TPM, Drive Passwords, etc.)

  1. Create a Secure Erase bootable USB/DVD from the Samsung Magician software
  2. Soft install the SSD in your device (Don’t screw it in just yet… you’ll need to fiddle with it in step#6)
  3. Install a version of Windows which supports full drive BitLocker.  Keep this install simple and quick.  Don’t even bother to activate!
  4. Install Samsung Magician software
  5. Launch Samsung Magician software and set the Encrypted Drive (eDrive) to “Ready to Enable”
  6. Reboot into the Secure Erase bootable USB/DVD created in step#1 above and perform a Secure Erase
    1. This can require some fiddling with the BIOS to allow you to boot the USB/DVD
    2. You will almost always have to “reset” the SSD by powering it off / removing it during Secure Erase
  7. Reboot and install a version of Windows which supports full drive BitLocker
  8. Screw the SSD in and replace all device covers

Did you catch the fact you have to install Windows two separate times?  You caught that right, install Windows TWICE!

This is a nightmare made real if you have to provision, say, 10+ devices for your company.

Large Scale Provisioning Made (slightly) Easier
For users provisioning multiple devices within a corporate environment, there is a slightly easier way.  These steps will allow you to skip the second install of Windows!

Preparation Step#1: Create a bootable USB Drive
The goal is to create a Windows 7 install on a USB 3.0 Drive which we can perform initial provisioning on our hardware.

  1. Download and install WinToUSB
    http://www.easyuefi.com/wintousb/
  2. Locate a Windows 7 x64 ISO (Pro or better is recommended)
    Why Windows 7?  As of this writing, several features of the Samsung Magician do not work in Windows 8.
  3. Create a fully bootable Windows 7 install on your USB 3.0 drive using WinToUSB and your Windows 7 ISO
  4. Boot from your newly created Windows 7 install and install Samsung Magician software on the instance

Preparation Step#2: Create a bootable DVD/USB with Secure Erase installed

Provisioning Your Devices
(We are conveniently ignoring things like UEFI BIOS settings, TPM, Drive Passwords, etc.)

  1. Soft install the SSD in your device (Don’t screw it in just yet… you’ll need to fiddle with it in step#4)
  2. Boot from the USB 3.0 drive created in Preparation Step#1
  3. Launch the Samsung Magician software and set the Encrypted Drive (eDrive) to “Ready to Enable”
    NOTE: You may need to reset your resolution to 1024×764.  Magician is somewhat picky about resolutions
  4. Reboot into the Secure Erase bootable USB/DVD created in Preparation Step#2 above and perform a Secure Erase
    1. This can require some fiddling with the BIOS to allow you to boot the USB/DVD
    2. You will almost always have to “reset” the SSD by powering it off / removing it during Secure Erase
  5. Reboot and install a version of Windows which support full drive BitLocker
  6. Screw the SSD in and replace all device covers

 

Our recommendation to Samsung
The Secure Erase bootable USB/DVD needs to have an option to perform the “Ready to Enable” step as part of the Secure Erase procedure.
This simply change would allow provisioning of the SSD for eDrive functionality directly from Secure Erase USB/DVD in one easy step!