OABGen will skip user entry…SMTP address is invalid


Receiving an error message on your mailbox server…

Source:      MSExchangeSA
Event ID:    9325, 9320, 9327
Message:   OABGen will skip user entry ‘Display Name’ in address list ‘\Address List’ because SMPT address ‘’ is invalid.

This was happening on my server, however the names that were shown didn’t have mailboxes. This is how I fixed it.

  1. If using Windows 2008 Directory Services open Active Directory Users and Computers if not open ADSI (adsiedit.msc) and browse to the user in the error message.
  2. Browse the user’s attributes and go to ‘showInAddressBook’ attribute. This should be blank if the user does not have a mailbox. If it isn’t, remove any entry listed in here and click OK.

Update: I found out why this is even happening in the first place. Consider this scenario; You need to create a new user account that won’t be mail enabled. You copy an existing user that is mail enabled to create the new user account. The showInAddressBook attributes are copied from the existing mail enabled user over to the new non-mail enabled user, causing this issue.

Solution: Create a template user that is not mail enabled to create new users from.

ASP.NET Web Application Uses Old User Name

Has a user’s name changed recently and they can no longer access a asp.net web application, or the information on the web application still reflects the old user name?

This could be because of the server caching the old username and not looking it up each time. To confirm whether this is what is happening you can disable the caching by doing the following.



Create new DWORD labeled LsaLookupCacheMaxSize and set the value to 0


Reference: http://support.microsoft.com/kb/946358

Trend Micro OfficeScan–Manual UnInstall–Automated

Recently I’ve been having issues on a few workstations where the Trend Micro OfficeScan installation became corrupt. Attempting to re-install OfficeScan again would result in an error message saying it was already installed. All the tools that Trend Micro provided wouldn’t remove the remnants. Trend does offer a manual uninstallation method (http://esupport.trendmicro.com/solution/en-us/1039283.aspx), but takes too much time to perform on multiple workstations.


I created a VBScript that automates the manual uninstallation instructions. For a small portion of the code it depends on Microsoft’s DevCon utility (http://support.microsoft.com/kb/311272) and won’t run without it. Please extract the DevCon utility to C:\Windows\System32.


Automated Manual UnInstall Trend Micro OfficeScan – https://www.brandonclaps.com/downloads/OfficeScan_Remove.zip


Hope you find this useful.

Outlook Social Connector–Missing GAL Photo


If your Outlook Social Connector is missing photos for contacts that are in the global address list, it could be because OSC is looking at your personal contacts. To force it to look at the GAL for the photo, set this registry key.



Create DWORD PreferADPhotos with decimal value 1

WindowsIdentity Impersonation – An attempt was made to reference a token that does not exist


Was working on a ASP.NET app to impersonate a domain user to access a network resource and came across the error “An attempt was made to reference a token that does not exist”.

When defining the domain for the following function, make sure it is in the FQDN format. domain.com and not DC=domain,DC=com 

private bool impersonateValidUser(String userName, String domain, String password)

Impersonation Reference: http://support.microsoft.com/kb/306158

Schedule Update-SPProfilePhotoStore


Create a PowerShell script with the following. Make sure your MySite host location is correct.

Add-PSSnapin Microsoft.SharePoint.PowerShell Update-SPProfilePhotoStore -CreateThumbnailsForImportedPhotos 1 -MySiteHostLocation http://mysitehostlocation/MySite/

  1. Save the file as a .ps1 file on your SharePoint 2010 server – C:\Scripts\UpdateSPPhotos.ps1
  2. Create a daily scheduled task on the SharePoint 2010 server that runs at the SharePoint Farm Administrator account.
  3. Configure the action as follows
    • Program/script: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    • Arguments: -NonInteractive -NoProfile -File “C:\Scripts\UpdateSPPhotos.ps1”


Find mail enabled lists in SharePoint

Open SQL Query Analyzer and run the following query against your WSS_Content database. This works in SharePoint 2007 and 2010.

SELECT Webs.FullUrl, AllLists.tp_Title, AllLists.tp_EmailAlias
FROM AllLists
Inner join webs on AllLists.tp_WebID = Webs.Id
where AllLists.tp_EmailAlias is not null

Check Windows Service Status with PowerShell

I needed a way to watch a service and if it was stopped to start it. I created this PowerShell script to check it, start it and create a log, using it in a scheduled task.

Make sure the service name is the name of the actual service and not the display name for the service.

$logFile = "C:\test.csv"

$serviceName = "ServiceName";

$serviceStatus = (get-service "$serviceName").Status;

$date = Get-Date

$dateShort = $date.ToShortDateString()

$timeShort = $date.ToShortTimeString()

$i = 1


if ($serviceStatus -eq "Running") 


        Add-Content $logFile "$dateShort, $timeShort, $serviceName is $serviceStatus"


elseif ($serviceStatus -eq "Stopped") 



            Add-Content $logFile "$dateShort, $timeShort, $serviceName is $serviceStatus, Starting"

            Start-Service $serviceName

        $serviceStatus = (get-service "$serviceName").Status;

        Add-Content $logFile "$dateShort, $timeShort, $serviceName is $serviceStatus"





            Add-Content $logFile "$dateShort, $timeShort, $serviceName is $serviceStatus, Unable to Start"


SharePoint 2010 Upgrade – Database Attach Method

There are several ways of upgrading to SharePoint 2010. I decided to go with the database attach method to ensure a clean install and make sure all my end users could still "view" the SharePoint 2007 web site.

My scenario was as follows..

SharePoint 2007 (Windows 2008 R2 64bit) was configured as a farm with a SQL 2005 64bit (Windows 2008 64bit) server. As you probably already know the SQL 2005 is not supported for SharePoint 2010. This was just another reason I decided to go with the database attach method.


Server Build

  1. Install Windows 2008 R2 64bit
    • Server Name: SHAREPOINT2010 – This name doesn’t matter as you’ll be using alternate access mapping later.
    • Install SharePoint 2010 Prerequisites via installation media – Must be connected to the internet
    • Add SMTP server via Server Roles – Used for relaying email. I’ll explain why I relay off of the SharePoint server later
    • Create domain account “SharepointProfSync” and give it administrative rights on the SharePoint 2010 server. This will late be removed.
  2. Install Windows 2008 R2 64bit
    • Server Name: SQL
    • Install SQL 2008 R2 64bit
  3. Install SharePoint 2010
    • This is just a default installation. There are many guides on how to do this on the internet.
  4. Install SharePoint 2010 Service Pack 1
    • Run SharePoint Configuration Wizard when finished to upgrade the databases
  5. Install SharePoint 2010 June 2011 Cumulative Update
    • Run SharePoint Configuration Wizard when finished to upgrade the databases
    • Restart SharePoint server
  6. Generate your certificate request from IIS and either send it to your third party certificate provider or generated your own from your certificate authority. This isn’t covered in this article.

Configure User Profiles

  1. System Settings > Manage Services > Server > Start User Profile Sync Service
    • Wait until it says the service is started
    • Once it’s been started, remove SharepointProfSync from the local administrators group.
  2. Central Administrator / Application Management / Manage Service Applications / User Profile Service Application
    • Configure Synchronization Connectors
      • Create New Connection
      • Name: "Company Name AD
      • Forrest: type fully qualified domain name and choose auto discover DC
      • Account Name: Create a domain account to use during replication. This account must have “Replicate Directory Changes” permission on the top level of the domain.
      • Select all or some OU’s
    • If you want to map additional properties you can do that now. I mapped Picture to AD attribute thumbnailphoto to import photos from active directory.
    • Start a Full Sync – This will take some time.

Configure Web Applications

I wanted my web application running on a different port than port 80 so that I could redirect port 80 HTTP traffic to port 443 SSL.

  1. Record content database name by going to Central Administrator > Application Management > Manage Content Databases
    • Make sure the web application in the top right hand corner shows the web application for port 80.
    • This content database name will be used when creating the new web application with the new port.
  2. Central Administrator / Application Management / Manage web applications
    • Click on the web application assigned to port 80 and click delete in the ribbon bar. Do not delete your central admin database.
      • Delete Content Databases – No
      • Delete IIS web sites – Yes
      • Click Delete
    • Delete the web application with port 80. Do not delete your central admin web app.
  3. At Manage web applications click New to create a new web app.
    • Create a new IIS web site – Label this whatever you would like I used SharePoint – 800
    • Port: 800
    • Host Header – Blank since we won’t be running more than one web app on this port
    • Path – Leave as default
    • Security Configuration – Choose your authentication provider. I chose NTLM.
    • Public URL – Leave default
    • Application Pool – Name this accordingly and choose which domain account you want to be running the app pool. This should be a domain account used only for the app pool without any permissions.
    • Database Server – Your SQL Server
    • Database Name – Type the database name that you recorded in step 1. Case Sensitive
    • Service Application Connections – default
    • Click OK
  4. At Manage web applications click on your new web application and click Extend.
    • Create a new IIS web site – Label this whatever you would like I used SharePoint – 443
    • Port: 443
    • Host Header – Blank since we won’t be running more than one web app on this port. – If you are going to have use SAN certificate, put in your FQDN host header here. I’ll explain this later as well.
    • Path – Leave as default
    • Security Configuration – Choose your authentication provider. I chose NTLM. Make sure you use select SSL.
    • Public URL – Make sure type the full qualified domain name here… https://servername.domainname.com:443 and Zone: Internet
    • Click OK
  5. You should now be able to access your SharePoint 2010 system from both URL’s.

Configure Email

If you were to relay directly off your Microsoft Exchange server, one you would need to allow anonymous relay, and two you wouldn’t actually see the Active Directory Display Name when the email was received. Instead you would see the email address defined. Relaying the email off the SharePoint 2010 server which will then forward the email to your Exchange Server in an authenticated method providing the Display Name and not needed anonymous relay.

  1. Start > Run > services.msc
    • Set Simple Mail Transfer Protocol to Auto Start, and start the service.
  2. Open Internet Information Services 6.0
    • Right click SMTP Virtual Server and go to Properties
    • Access tab
      • Authentication
        • Check Integrated Windows Authentication
        • Check Anonymous Access
      • Relay Restrictions
        • Either select all except the list below, or add the IP address of the SharePoint 2010 server.
    • Delivery Tab
      • Outbound Security
        • Choose Integrated Windows Authentication
        • Browse and select a domain user for which you will use to send emails from SharePoint. You can use something like “SharePointNotification”
      • Advanced
        • Smart Host: Type the hub transport FQDN server name
        • Uncheck Attempt direct delivery before sending to smart host
    • Click OK
  3. Go back to SharePoint Central Administration > System Settings > Configure Outgoing E-Mail Settings
    • Outbound SMTP server: FQDN of SharePoint 2010 server
    • From address: Email address of domain user used for sending the email in Step 2
    • Reply-to address:Email address of domain user used for sending the email in Step 2
    • Character set: default
    • Click OK

Install Templates

Install any templates that you had installed on SharePoint 2007 on to SharePoint 2010. This isn’t covered in this article, but make sure your stsadm –o pre-upgradecheck is clean.


Content Transfer

Now it’s time to actually transfer the content from 2007 to 2010!

  1. Backup SharePoint 2007 databases.
    • Take a full SQL backup of the WSS_Content databases for your web application.
    • Put your SharePoint 2007 WSS_Content database in read-only mode so that end users can still view SharePoint 2007 but not make any changes during the content transfer.
    • Copy the backup to your new SQL 2008 server.
  2. Remove the existing content database from SharePoint 2010
    • Central Administration > Application Management > Manage Content Databases
      • Select the web application that we just created. (Port 800)
      • Click the WSS_Content database listed
      • Put a checkbox in remove content database and click OK
  3. Restore the backup of SharePoint 2010 on your SQL 2008 server.
    • Restore it as something meaningful: WSS_Content_Company_1
  4. Open SharePoint Management Shell
    • Run the following stsadm command to add the database to the web application
  5. Run an IIS Reset
  6. Your content has now been transfer to SharePoint 2010!

My Sites

Microsoft recommends (and is also good practice) that you host your MySite on a different web application as well as database. Some users just starting out with 2007 had them all together in their WSS_Content database. Here are instructions on how to move them to their own.

  1. Create a CNAME DNS record for your SharePoint 2010 server that uses a mysite name.
    • mysite.companyname.com
  2. Central Administrator / Application Management / Manage web applications
    • Create a new web application called SharePoint – MySite
    • Port: Whatever port you want to use. Use 443 if you are using a SAN certificate that includes the MySite URL.
    • Header: If you are using 443 then put the FQDN that you want to use. Example: mysite.companyname.com. If you aren’t using 443 then this can be left blank.
    • Database Name: WSS_Content_MySite_Temp (this is only temporary)
    • The rest of the options choose similar to the “Configure Web Application” of this article.
  3. Define two new managed paths for this web application
    • explicit inclusion – mysite
    • wildcard inclusion – personal
  4. Central Administrator / Application Management / Create site collections
    • Choose your mysite web application
    • Label it My Site Host
    • for the URL make sure it says /mysite leave the field after it blank
    • Select the Enterprise Template My Site Host
    • Visit the site and make sure you can view it. You will need to view it from a computer which is not the server unless you disable loop back check in the registry.
  5. Remove the content database from the mysite web application
  6. Add a new content database to your main SharePoint 2010 web application (port 800)
    • Name it WSS_Content_MySite
  7. Open SharePoint Management Shell
    • Run the following stsadm command to find all the personal sites in the current database
    • Open the MySites.xml file in Notepad and remove any sites that are not a personal site including the /mysite entry. Save the xml file when finished.
    • Move the personal sites to the new database
      • stsadm –o mergecontentdbs –url http://servername:800 –sourcedatabasename WSS_Content_Company_1 –destinationdatabasename WSS_Content_MySite –filename C:\MySites.xml –operation 3
    • When prompted run iisreset –noforce from the command prompt
    • Remove the WSS_Content_MySite content database from the http://servername:800 web application via Central Administration
    • Add the database to the MySite web application
      • stsadm –o addcontentdb –url http://mysite.companyname.com:5352 –databasename WSS_Content_MySite  – Make sure you type your URL correctly. This depends on what you created in step 2.
  8. Duplicate step 4
  9. Create a site collection for the root of mysite web application. (This is for self-service site creation)
    • Choose Team Site
    • Path should just be /
  10. Central Administrator / Application Management / Manage Service Applications / User Profile Service Application > Setup My Sites
  11. Run full sync on user profiles
  12. Now you can update the profile photo store with the thumbnails that were imported from active directory

Keep an eye out for further SharePoint 2010 blogs

Why Blog?

I’m a IT professional that has been working in the field for 10 years. The purpose of this blog is to help others as they come aross technical challenges and to share my experiences.

Keep in tune for the first post of upgrading SharePoint 2010 using the database attach method.