Since I started working with on-premises SharePoint instances, one of the solutions that I’ve used to wake up (pre-compile) the site collections and sub-sites contained within the web applications hosted by the farm is SPWakeUp.
This was originally a solution hosted on CodePlex and provided binaries for SharePoint 2007, then later SharePoint 2010 (the archive containing those can still be downloaded from the CodePlex Archive). I created compiled binaries for SharePoint 2013 and SharePoint 2016 and made those available as well.
I recently had need to use SPWakeUp on SharePoint 2019, so decided to produce a compiled for that version. As SPWakeUp doesn’t seem to have an active home anymore, I thought that it may be worthwhile putting the code and compiled versions on GitHub in case anyone else wants to use them! Note that if anyone objects to this happening, let me know and I’ll pull it down.
At the moment the repository hosts the original source code, the source code upgraded for use with Visual Studio 2019, compiled versions of SPWakeUp for SharePoint 2013, SharePoint 2016 and SharePoint 2019 and some instructions on how to compile the source yourself using Visual Studio Community 2019.
I hope it’s useful to someone!
SharePoint can use multiple domains for user authentication, however I recently came across an issue when setting up an extranet using this scenario.
The steps for setting up SharePoint 2007 to use multiple domains for user authentication are relatively simple:
- Add the second domain as a user profile source in the SSP
- Issue the following stsadm command to encrypt the password for the account that is used to access the second forest or domain on each web front end server in the farm:
stsadm –o setapppassword –password <password>
- Issue the following stsadm command to add multiple domains to the people picker search list:
stsadm –o set property –pn peoplepicker-searchadforests –pv domain:<original resource domain>;domain:<secondary domain>,<domain>\<username>,<password> –url <web application URL>
At this point I could successfully add users from the second domain to the security groups in a site collection or site, however when I attempted to log in as one of these users, I received a “500 – Internal server error”. Logging in as a user from the original resource domain worked fine however.
Modifying the web.config file for the web application to set CallStack to true and CustomErrors to Off didn’t give me any further information, at least in Internet Explorer 8, as I still saw the same “500 – Internal server error”, however viewing the web application in Firefox gave me a somewhat cryptic error:
This error translates as STATUS_AUTHENTICATION_FIREWALL_FAILED, however the firewall wasn’t an issue in this scenario.
The solution was to grant the machine accounts for each of the web servers in the SharePoint farm an extra right in AD. The steps were:
- On a domain controller, start “Active Directory Users and Computers”
- On the view menu, ensure that the ‘Advanced Features’ option is checked
- Locate the computer account for first of the web servers in the SharePoint farm
- For the computer account, right-click and select properties and then click the security tab
- Add the <external domain>\Domain Users group to the security list and grant the ‘Allowed to authenticate’ right. Click OK to close the dialog.
- Repeat these steps for the computer accounts of all the other web servers in the farm
This resolved the issue and allowed users from the second domain to log into SharePoint.
Note that to achieve multiple domain authentication for SharePoint 2010, the same stsadm commands are used, and I therefore believe that the same issue may occur, however the above solution should also work for SharePoint 2010.