SharePoint 2016 Certificate Error

Log Name:      Application
Source:        Microsoft-SharePoint Products-SharePoint Foundation
Date:          11/21/2016 1:05:11 PM
Event ID:      8321
Task Category: Topology
Level:         Critical
Keywords:    
User:          CONTOSO\spservice
Computer:      CONTOSO-SP2.contoso.com
Description:
A certificate validation operation took 10936.6009 milliseconds and has exceeded the execution time threshold.  If this continues to occur, it may represent a configuration issue.  Please see http://go.microsoft.com/fwlink/?LinkId=246987 for more details.

Solution:

Install the SharePoint Root Authority certificate in the Trusted Root Certification Authorities store.

The fix for the problem is to export the SharePoint Root Authority certificate using PowerShell and import it into the Trusted Root Certificate store.  Open the SharePoint 2013 Management Shell as an administrator.

$SProotCert = (Get-SPCertificateAuthority).RootCertificate
$SProotCert.Export(“Cer”) | Set-Content C:\SProotCert.cer –Encoding Byte

Open the Certificates MMC by opening a Run command and type MMC.  Choose File -> Add/Remove Snap-in.  Select the Certificates Snap-in and click Add.  On the next screen select Computer account and click Next followed by Local computer and Ok.

Right-click on Trusted Root Certificates and choose All Tasks -> Import

SharePoint 2016: Databases running in compatibility range, upgrade recommended

Title  Databases running in compatibility range, upgrade recommended.  

Severity  2 - Warning  

Category  Configuration  

Explanation  

The following databases have versions that are older than the current SharePoint software, but are within the backwards compatible range: 

SharePoint_AdminContent_7ab62081-07ab-4218-893b-4baace21803c. 

Remedy  

To achieve optimal results from these databases, use Upgrade-SPContentDatabase to upgrade Content databases, or psconfig.exe to upgrade other databases.  For more information about this rule, see "http://go.microsoft.com/fwlink/?LinkID=142697".

Failing Servers   

Failing Services  

SPTimerService (SPTimerV4) 

1. Check database status:
1. In Central Administration, navigate to: Upgrade and Migration > Upgrade and Patch Management > Review database status.
2. Found that the Central Administration content database was listed as Database is in compatibility range and upgrade is recommended.

Solution:

Execute PSCONFIG

1. In an elevated SharePoint Management Shell, executed: Psconfig.exe -cmd upgrade -inplace b2b -wait -force.  Completed successfully.
   
   Psconfig.exe -cmd upgrade -inplace b2b -wait -for
   SharePoint Products Configuration Wizard version 16.0.4444.1000. Copyright (C) M
   Microsoft Corporation 2016. All rights reserved.
   Performing configuration task 1 of 4
   Initializing SharePoint Products upgrade...
   Waiting to get a lock to upgrade the farm.
   Successfully initialized the SharePoint Products configuration.
   Performing configuration task 2 of 4
   Initiating the upgrade sequence...
   Successfully initiated the upgrade sequence.
   Performing configuration task 3 of 4
   Upgrading SharePoint Products...
   100.00% :
   Successfully upgraded SharePoint Products.
   Performing configuration task 4 of 4
   Finalizing the SharePoint Products configuration...
   Successfully completed the SharePoint Products configuration.
   Total number of configuration settings run: 4
   Total number of successful configuration settings: 4
   Total number of unsuccessful configuration settings: 0
   Successfully stopped the configuration of SharePoint Products.
   Configuration of the SharePoint Products has succeeded.

1. Navigate to: Upgrade and Migration > Upgrade and Patch Management > Review database status

Run it in all the Sharepoint servers if you have more than one.

"PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures

SharePoint 2016 Outgoing Email Issue

I was trying to configure SharePoint 2016 alerts on document library.  Connection to Exchange server was fine. I tested via telnet. I suspected that mail was not going out of SharePoint server. I ran the following script to find out:

http://jeffreypaarhuis.com/2013/02/12/send-test-email-from-sharepoint/

Run the following code with SharePoint Management Shell

1 2 3 4 5 6 7 8 9

$email = "test@test.com" $subject = "Test subject" $body = "Test body" $site = New-Object Microsoft.SharePoint.SPSite "http://sharepoint" $web = $site.OpenWeb() [Microsoft.SharePoint.Utilities.SPUtility]::SendEmail($web,0,0,$email,$subject,$body) // A True or False will confirm the message has been sent or not

Result: which means email was not going out.

Two errors registered in the events log:

(1)
Log Name:      Application
Source:        Microsoft-SharePoint Products-SharePoint Foundation
Date:          11/21/2016 8:19:06 AM
Event ID:      8311
Task Category: Topology
Level:         Error
Keywords:    
User:          CONTOSO\spinstall
Computer:      CONTOSO-SP1.contoso.com
Description:
An operation failed because the following certificate has validation errors:

Subject Name: CN=CONTOSO-EXCH
Issuer Name: CN=CONTOSO-EXCH
Thumbprint: F87558CA134A70981125CDF23FDF1A722D06D8A3

Errors:

 SSL policy errors have been encountered.  Error code '0x2'.

(2)
Log Name:      Application
Source:        Microsoft-SharePoint Products-SharePoint Foundation
Date:          11/21/2016 8:19:06 AM
Event ID:      7946
Task Category: E-Mail
Level:         Error
Keywords:    
User:          CONTOSO\spinstall
Computer:      CONTOSO-SP1.contoso.com
Description:
Cannot complete this action.

Please try again.

Solution:
I had configure outbound SMTP server with exchange IP. I modified it to use Exchange server's NetBios name: CONTOSO-EXCH
Go to Central Administration->System Settings->Configure Outgoing Email Settings-> Outbound SMTP Server - CONTOSO-EXCH

Outbound mails on SharePoint started to flow.

Copy files to VM from Outside on isolated environement

I have created a test environment where my vSwitch is not connected to any NIC adapters. I need to be able to copy files and folders to the VM to install applications. There is not functionality to allow me to copy and paste the files/folder unto a VM directly. I wish I could copy the files to datastore and copy it to VM from the datastore but that is not possible either.

My solution: create iso from files/folders, copy to datastore and connect to CD/DVD image datastore on the vm where you are copying the files OR Mount them from your local disk. Windows does not have native tool to convert files/folder to ISO. I used ISO Creator  https://sourceforge.net/projects/iso-creator-cs/.

1. You can select the files/folders that you want to include in the ISO file as show below using ISO Creator.




2. Upload the ISO to the datastore.
3. Mount an ISO to the CD/DVD drive of the VM: Used for loading the initial OS or installing other software.

1. Under the VM Hardware section, click the CD/DVD drive 1 drop down.
2. Choose Connect to CD/DVD image on datastore.
3. Locate and select your .ISO file, then click Open.

Certificate Invalid in Exchange 2013

While installing certificate I encountered certificate invalid in Exchange 2013. I tried couple of times but with  no luck.

Checked if root certificate is missing from the Trusted Root Certificate Authorities on the Exchange server via MMC console. Loo and behold - wasn't there.

To resolve this issue,
1.  go to web enrollment http://caserver.abc.com/certsrv and Download CA Certificate.
2. Open MMC on Exchange Server and add certificate snap-in . Navigate to the path Console Root->Certificates->Trusted Root Certificate Authorities-Choose Import option by right clicking on the All Task.
3. Browse the certificate that you downloaded earlier. Place the Certificate in the Trusted Root Certification Authorities Store.
4. Refresh the Exchange ECP. Certificate should show valid.