Getting started with Defender Attack Surface Reduction - Part 2

In the previous post about ASR adoption, I recommended you enable ALL ASR rules in AUDIT mode. Now we will use the Security Baseline to build an ASR policy that should be minimally impactful to your systems and end users.


Getting started with Defender Attack Surface Reduction - Part 1

This post is intended as a starting point for organizations looking to adopt Attack Surface Reduction (ASR) rules. ASR rules can help improve an organization’s security, but they can potentially disrupt normal user and application behaviors in certain environments. My recommendation to anyone looking to implement ASR rules is to always start with Auditing.


Get started with Defender AV - Part 2

This is the second post on switching to Defender Anti-Virus and using the Security Baselines published in Endpoint Manager to create a good starting point for your Defender AV settings. This post will focus on the settings in the Security Baseline for Windows 10 and later and how to create an AV only policy based on these settings.


Get Started with Defender AV - Part 1

When switching from one AV to another organizations want to know if they can keep their current AV settings, or if their AV Vendor has recommendations for better adoption, detection, and performance. For these types of conversations with Microsoft Defender AV I often recommend customers look at the Security Baseline rules as a good starting point.


MDI Learning Periods

MDI alerts have a number of different learning periods, and each is well documented. However, there is not a single list of all the alerts that have learning periods for easy reference, so I have created and will update this list.


Azure Mobile Angular Services

I recently had a request for a more detailed example of how to use the Azure Mobile Angular Services so I went ahead and created a single page application that has very little capability but is a good example for those getting started with AngularJS and Azure Mobile Angular Services and have pushed it to the GitHub site. The example is built using Visual Studio but is just a single HTML page and a Scripts folder with the necessary .js files inside.Once you have pulled the project you will find it does actually read from my Azure Mobile Services, although write is disabled,so you can follow along.


How to Fix the SharePoint Modified Date to use Date and Time

If you’ve started using SharePoint 2013 you probably noticed that Microsoft changed the way they present the Modified value. In SharePoint 2010 the Modified field showed a Date/Time stamp, but in SharePoint 2013 the Date/Time is replaced with something like “3 minutes ago”. Personally I like this, but some users may not and the Date/Time stamp may be really important especially for Legal Departments or other Audited applications.

Fortunately there is a very simple fix, using the Client Side Rendering to override SharePoint’s default rendering of the Modified field.


Client Side Rendering of Form Fields

I’ve been working on a site migration from SharePoint 2010 to SharePoint 2013 and a lot of what we did in 2010 was to customize forms the user interacts with. One of the requirements we had was to ensure a Project Name and Project Alias field did not contain the same information. In SharePoint 2010 this had been done by adding some JavaScript to the page, grabbing each control by HTML Element ID, and then comparing their values. When we migrated these fields all got new HTML Element IDs so our validation logic was broken.


Hero Blog Post of the Day

I was working on a project today where I need to dynamically create a MS Word Document, save it to a SharePoint library, and then present the document to the user for editing. My first attempt was to create an IFrame that would redirect to the document once it was created, but this would only open the document in ‘Read Only’ Mode.


More About Managed Metadata

I recently had more fun with setting Managed Metadata values in SharePoint 2010. This time as part of an event receiver during the Item Adding, Item Updating, and Item Updated events. (There are interesting event ordering challenges which lead to using all of these events, but that is not the focus of this blog.) The challenge I faced was copying values from a Document Set down to documents that were being created/uploaded to the list. Normally, using Shared Properties would negate this but because we wanted use to edit the Managed Metadata Values in the Document Information Panel we could not use shared values because the Document Set would immediately overwrite any changes made to the document. Instead we created an Event Receiver to manually handle the updates from the Document to the Document Set, and from the Document Set to the child documents.


Setting Managed Metadata

I recently had an issue trying to set the Managed Metadata field value on a new list item I was creating in C# code. In the control where the user could select the managed metadata value I was using the OTB Taxonomy Control which was properly bound to my Managed Metadata Field.


Fixing IE11 Enter Key Problem with Search

I was recently working for a client who began having issues with the Windows 8.1 baseline and their search center. If you are familiar with Windows 8.1 then you are aware that it comes with IE 11 which has a new User Agent string that can cause some issues with SharePoint (ref: IE11 Broke SharePoint 2010). My task was to figure out why when a user entered a search term/key word and hit enter the page simply refreshed.


I Hate SharePoint Apps like I Hate Mark Zuckerberg

This blog post has been tumbling in my head since I began working on SharePoint 2013 Apps. This is probably the third time, at least, I have tried to express my thoughts on the development shifts in SharePoint from 2007 & 2010 to 2013.

Beware some things in this post may be offensive to people, especially Mark Zuckerberg, but I wanted to bring a little humor into the geek speak.


More customizations with Client Side Rendering

Recently I posted about how you can use Client Side Rendering (CSR)to display contacts on a map. After posting about how to display the entire list data, I decided I wanted to see how CSRcould be used to change the user experience while adding, updating, and viewinglist items, updating items, and viewing items. This post will provide a high level overview of how I was able to change the display during New, Display, and Edit of an individual item and then later I will actually put this together with the Contact Map idea.


Bye InfoPath, Hello Apps for Office & Lightswitch

The Microsoft Office announcedon Friday that InfoPath 2013 will be the final version released.This is a significant announcement because itmeans any customer with customSharePoint workflows, Office Document Information Panels, and any other Data Entry Applications will have to move those to a new technology, but Microsoft hasn’t said which one.


SharePoint Contacts on a Map with Client Side Rendering

Several years ago, back in the dark days of SharePoint (MOSS) 2007, Tom Resing and I worked together on a demo displaying contacts from a SharePoint contact list on a Bing/Google Map. He and I presented this at several SharePoint Saturday events (Boston, Virginia Beach, Richmond, Tampa) and found highly positive response. It has been a while since Tom and I worked together, and a lot has changed in SharePoint so I wanted to revisit our old demo and take a newly available approach.


IE11 Broke SharePoint 2010

I’ve been noticing recently my SharePoint site was behaving oddly, especially when I wanted to edit a web part. Yesterday the odd behavior hit a critical point as I was unable to connect web parts on a page. The problem was every time I clicked the drop down arrow on the web part heading the page would refresh and some of the menu content would appear in a side panel, where the web part properties are usually displayed.


Site Collection Content Type vs. Content Type Hub

I’ve been working on a project recently that has a large number of sub-agencies and the parent organization was attempting to push a standardization of Content Types. Since no one really wanted to duplicate work the organization decided they did not want to migrate content into SharePoint (from file shares) until all the content types and metadata had been identified and created. However, as with all large agencies some groups wanted to move forward with limited or partial capabilities because after all some limited capability is better than what they currently have. The concern that arose from this was: What if they created a Content Type in one of their Site Collections that had the same name as one that would be published later on?


SharePoint Published Content Types

I have done a lot of development with SharePoint workflows, especially those developed in Visual Studio. Unless I have been working with a standard list type, I generally create a Content Type that my workflow can be associated with and to ensure the columns and values needed in the workflow will be present. However, creating Content Types is always a painful process, because as you develop the content types and test them you need to delete the original content type, and any list depended up in before you deploy the updated version. This is even worse when you upgrade a solution that is in use in productionbecause you can’t easily delete the content type just to add additional fields.


SharePoint 2010 and jQuery 2.x

Recently, I was working with a coworker who had created a javascript dashboard using jQuery and KnockoutJS in SharePoint. The dashboard had worked perfectly for him, but when I viewed the site none of the data would render. While we were testing the site we noticed that my browser was running inBrowser ModeIE10 with Document Standard IE 7 Standard,but his was running Browser Mode IE 10 with Document Mode: Standards. Having battled with SharePoint 2010using anHTML5 Masterpage I began looking for the Meta tag on the page which should define the appropriate browser mode and noticed he had removed it. I had him add the tag back to the masterpage (from my experience removing the browser mode tag in SP2010 causes all kinds of issues when editing pages, list items, etc) but still found the dashboard was not functioning properly.


User Profile Personalized Links

Recently my company performed a migration for our old production environment to a new production environment so we had a more stable and robust platform to support the company, including providing leadership with better business intelligence about our operations. As part of the migration one of my goals was to launch My Sites for our internal users so they had somewhere to store information they were working on.


SharePoint 2010 and Windows Azure App Fabric Access Control (ACS)

Last month I was working on a demo for a charitable organization that has lots of volunteers around the country. The charity didn’t want to have to create new active directory accounts for each of these volunteers so as part of the demo we integrated SharePoint 2010 site with Windows Azure App Fabric Access Control (ACS), this way we could use Google, Windows Live, and Yahoo! as authentication providers. (Yes I know we could hook directly to each of these providers, but using ACS allowed me to use all the providers with one SharePoint Trusted Provider instead of using three different trust providers). We demoed the site to the charity and they were very excited and happy with the solution.


Visual Studio 2010 SharePoint List Template Error

I was attempting to create a custom FAST Search Center that would have a custom master page, and some web parts added to the search and result pages. My starting point was to grab the FAST Search Center site definition from the site templates in the SharePoint 14 Hive.


SQL Server Date vs. DateTime columns and the SharePoint 2010 External Content Type

Recently I have been working on a SharePoint 2010 solution that leverages External Content Types for storing information associated with Microsoft Dynamics Great Planes Timesheets. Part of the information captures when an task is expected to be completed, which the UI allows the user to select a date from a calendar. Since the only significant information for this field was the date when I designed the database I chose to only capture the date value. Testing on my local Windows 7 VM worked perfectly and we rolled the solution out to the customer for testing.


Microsoft Silverlight 4 and SharePoint 2010 Integration

Recently I was contacted by PACKT Publishing because they have recently published a book Microsoft Silverlight 4 and SharePoint 2010 Integration and wanted me to review the book. I’m actually quite excited about this opportunity because it is my first invitation to review a book, and the book is talking about two of my favorite technologies!


SharePoint and Membership Providers

Many SharePoint developers have come from a background with ASP.NET and so most are familiar with the Membership Provider concept. SharePoint uses ASP.NET at its core the membership providers you have build for custom web applications can be used in your SharePoint web application. The advantage of this is that you can abstract your web parts, application pages, etc in SharePoint so they use the Membership Provider to get user information rather than coding your own Active Directory calls into a library or the web part/application page itself.


SharePoint Lists Web Service

During a recent project I was leveraging the SharePoint Lists Web Service to retrieve information from a list and push it to a Silverlight display. The list I was using was a heavily customized list with about 35 different views and at least as may fields. My Silverlight display would provide information like the “status” of the list item based on a number of other criteria. This status field was stored as a simple “Single line of text” field in the SharePoint list.



I’ve been working with WCF and SharePoint 2007 and ran across an issue. The scenario is an Account Registration process which allows the user to request access to “protected” sites within a portal. This solution blends some jQuery and WCF using the JSON format for request and response messages. The issue I ran into was when a user requested access to a/several sites I needed to pass the Site ID to the WCF service as part of the user request object.


SharePoint 2010 Document Set, Create Your Own

In preparing for a demo I wanted to show just how easy and powerful Document Sets in SharePoint 2010 can be.  Using the Public Beta I followed Liam Cleary’s steps to enable documents sets, but realized that an empty Document Set really doesn’t help show the power.  I decided to dive in and see if I could create my own custom Document Set, and here are my successful steps.

Getting Started

Before we go further the important thing to realize at this point is that Document Sets in SharePoint 2010 are a new Content Type for folders.  That being said, like in MOSS/SharePoint 2007 Content Types can/should be extended to fit your needs.

Build Your Document Set Content Type

Before following these steps make sure you have already enabled Document Sets in your Site Settings.  For instructions refer to Liam Cleary’s blog about the document sets.

  1. Go to your Site Settings
  2. Select Site content types from the Galleries section
  3. Select Create on the Site content type page
  4. Provide a Name for the new Document Set Content Type.  Select Document Set Content Types as the Parent Content Type (if this is not available then you have not followed Liam’s blog successfully).  Choose the Group, or create a new one, that you want this Content Type included in and click OK.

Your new Document Set Content Type should now have successfully created, but we really have not created anything different from the existing Document Set Content Type.  Next, we will add several documents to this document set that we want to include when one of these are used.

  1. Select Document Set settings
  2. In the Allowed Content Types choose the types of Content you want to allow the Document Set to contain.  (Any Content Types you want to create when the Document Set is created should be included in this list).
  3. In the Default Content Select the Content Type you want to include and a “Template”, if allowed, that should be generated.  For multiple items click the Add new default content … link as many time as necessary (or allowed).
  4. Click OK

You probably noticed that there are several other settings on the page that you can enable/disable/use, but for the purpose of this blog I chose to ignore them.  In future blogs I’ll go back and discuss what some of these options are and how they can be useful.

Use Your Document Set

So at this point you have now created your custom Document Set Content Type and associated documents with it that should be created whenever this Content Type is used.  Next we will actually make use of the new Document Set.

  1. Go to the Document Library where you wish to use the Document Set (if you don’t have one yet then go ahead and create one now.
  2. In the Library Settings (available on the Library Tools:Library ribbon) choose the Advanced Settings.
  3. In Advanced Settings for the Allow management of content types? choose Yes and click OK
  4. In the Content Types section of the Library Settings choose Add from existing site content types
  5. From the Select Content Types choose the name you used for your Document Set and Click OK

At this point if you want you can also choose to change the ordering of Document/Document Set so that when a user clicks the “New” button they will end up with your Document Set rather than a standard document.

Finally, you can now create your new Document Set, and when the creation completes you should see your custom documents in the newly created Document Set.




Windows 7 Simplifies the Versions

I wrote a while ago about doing some testing with Windows 7 Beta and how I was excited about the new features, interface, etc.  I also expressed a concern as many other did about the “Versions” of Windows 7 Microsoft may make available.  Well, it looks like someone in Redmond was listening, maybe not to be but they did hear the Windows community, and they have now announced ONLY THREE versions of Windows 7.

  1. Windows 7 Home Premium
  2. Windows 7 Professional
  3. Windows 7 Ultimate

Microsoft also solved a lot of complaint about Vista by basically “layering” these versions so users don’t have to worry about functionality tradeoffs between versions.  Now if you buy Professional, you have essentially bought Home Premium + some important business stuff (domain participation, network share backup, etc) and when you buy Ultimate you have Home Premium + Professional + some other stuff.

So today I encourage everyone to rejoice in the joy, warm sun shine, rainbows, and unicorns and sing out “HAPPY DAY, only three versions of Windows 7.  Now we really CAN pick a version of Windows we want to upgrade our XP boxes to.”

Maximum PC: Windows 7 Buyer’s Guide

Microsoft: Which one is right for you?


OneNote 2007

I have been working on blogging more regularly and ran into the issue that my company, MicroLink LLC (, as part of our internal portal has blogging enabled in our MySite spaces. However, the MySite locations are internally accessable and I really wanted a publicly accessable site that I could use to provide information for some of our customers, and CodePlex users. Thus I created a Live Space site ( and even began using the Live Writer for my blogging. I really liked the Live Writer application, but still needed the ability to publish to my internal MySite blog. Given that I had MS Word 2007 I began using that to compose my blogs and then publish to multiple blog site, good so far. Then I began to realize I needed some method to keep these items organized and also wanted a way to get rid of all the little post-it notes on my desk and scratch pieces of paper where my notes were stored.


Enter OneNote 2007


Thanks to one of my coworkers I installed OneNote2007 and began using it, in fact I am using it right now to compose this blog. Only 2 days into real use of OneNote and I have found so much value. I now open OneNote at the beginning of my day and never pick up a pen or pencil the entire day. Reorganizing the notes is easy, write anywhere on the “page” you want, I am hooked. The other great feature is the integrated search, no more looking through dozens of word, powerpoint, excel documents, OneNote has it and can find it.


Blogging is also made easy, just send your OneNote page to a blog, which actually opens MSWord 2007 and publish.


Coolest Feature


I have found that the coolest feature in OneNote is pasting from a web site. I have a ton of notes about how to resolve this issue or that issue, but I can never seem to find the site where it was originally posted. With one note after copying the text from the website when I paste it in I automatically get a reference link to the site where I copied it from! You just can’t beat that (forget sliced bread).


Web Resource, Solving JavaScript inclusion in your Web Part

Working with client side controls requires a lot of javascript, and I have often just written the javascript in the Render or RenderHTML functions of my web controls.  This works, but is NOT the best, or even a recommended method to do this.  So I began looking around and found this nice capability, but there are some major pitfalls to be aware of!


There are several other sites, blogs, etc which explain this information which I originally referenced, but I had several issues as many of them included only partial examples.  What I have tried to do is consolidate what I found on several other blogs.


This example is based on a current Mirolink development project for Virtual Earth 6.  The projects namespace is MicroLink.Applications.VirtualEarth.Core.  The javascript file is at the root level of the project and is Core.js.  The webpart is coded in the VirtualEarthControl.cs file also located at the root level of the project.  This information is critical to be aware of in the steps below!


ASP.NET 2.0 introducted the WebResource capability to include javascript, image, and other "resource" files within a DLL.  Using the WebResource is actually pretty simple, just follow these three steps.


Step 1 Add your resource (.js, .css, etc) to the project you want to bundle it with.  Set the Build Action property to Embedded Resource.


Step 2 In the AssemblyInfo.cs file, usually located in the Properties folder add the following line:
[assembly: WebResource("MicroLink.Applications.VirtualEarth.Core.Core.js", "application/x-javascript")] ***NOTE***
Notice that the resource name is actually formed [Package] {.SubFolder}.[Filename].  This is not noted anywhere in the MSDN!
Step 3
In the web part class file (VirtualEarthControl.cs) add the following line for security
[AspNetHostingPermission(SecurityAction.Demand, Level= AspNetHostingPermissionLevel.Minimal)] Finally to reference the resource: string coreJS = this.Page.ClientScript.GetWebResourceUrl(this.GetType(), "MicroLink.Applications.VirtualEarth.Core.Core.js");


Troubles with TFS

I recently inherited a project from a fellow ML developer who had been having issues getting the project checked into source code.  I attempted checking the code in myselft and received the following error:


The project cannot be added to source control because it overlaps a project that is already bound to source control at a lower root.


A little research and here is what I found was the issue.  The solution contained two projects, one a Library and the other a WebPart.  The solution referenced the WebPart’s Assembly Key, the key used to sign the assembly, as a solution item.  When Visual Studio attempted to check the code into Source Control through TFS Team Explorer the error would occur.  This is because Team Explorer was trying to check in the Solution Items as thought they were physically located in the solution folder.  Because the key was actually located in the project then the check in failed. 


I resolved this issue as removing the key as a solution item, infact I removed all solution items, and then attempted to check in the code.  This time the check in went successfully, thus as a word to the wise make sure your solution items are physically located in the solution folder and not referenced from sub projects.


Installing Visual Studio 2008

In January I attempted installing Visual Studion 2008 and always got an install failure when the Microsoft Visual Studio Web Authoring Component was being installed.  I found several postings on the Microsoft Support Site (  After reading thoses posts here is what I have found:

  1. Uninstall ALL Beta everything
  2. SDKs
  3. VS Add-Ons
  4. Development…whatever
  5. Uninstall Microsoft Windows SDK 6
  6. Reboot and attempt VS2008 installation again

I also uninstalled Sharepoint Designer, as I have seen issues with this before, but it does not appear that this is not an issue/problem source.  Several of my coworkers who had similar experiences were able to install VS2008 without removing Sharepoint Designer so there is not need to worry about that.


ClientScriptManager - why didn't that work

NET 2.0 added the ClientScriptManager to allow developers a simple method to add javascript and other “Script” capabilites to a web page easily.  However, the documentation never really got developed, so attempting to use it can be a bit trick.

Lets start with adding an include of a .js file.

‘code block here protected override void Render(HtmlTextWriter writer){ if(!this.Page.ClientScript.IsClientScriptIncludeRegistered(this.GetType(), VirtualEarthSettings.VirtualEarthJScriptTagHeader)) { this.Page.ClientScript.RegisterClientScriptInclude(this.GetType(), VirtualEarthSettings.VirtualEarthJScriptTagHeader, ); } base.Render(writer); }

Didn’t work did it? Why?

You can’t call RegisterClientScriptInclude(…) after the PreRender section of the page lifecycle. Best bet: call in OnInit.

In fact about the ONLY ClientScriptManager function you can use after the PreRender is: ClientScript.RegisterStartupScript