TSLS – Luke Smith

ISSUE
====

On Windows 2003 you have an IIS web site, the web site is configured to only use Windows Intergrated Security. When browsing to the site on the Windows 2003 Server you are prompted for a login, when providing the correct details after 3 attempts you are denied access with a 401 error.

This was not an issue until several hotfixes were applied to windows.

Resolution
========

Under Add\Remove Programs (tick show patches)
See if KB957097 is applied under windows.
If so review KB896861 (Method 2 – Disable the Loopback Check – DisableLoopbackCheck) to resolve this issue

To disable NTLM reflection protection, you must modify a registry key on the client computer. To do this, follow these steps on the client computer:
Click Start, click Run, type regedit in the Open box, and then click OK.

• Locate and then click the following subkey in the registry:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
• On the Edit menu, point to New, and then click DWORD Value.
• Type DisableLoopbackCheck for the name of the DWORD, and then press ENTER.
• Right-click DisableLoopbackCheck, and then click Modify.
• In the Value data box, type 1, and then click OK.
• Exit Registry Editor, and then restart the computer.

Note: You must restart the computer for this change to take effect

MOSS SP2 Product expiration

Issue
====

When installing SP2 for MOSS 2007 the product expiration date is improperly activated. This means SharePoint will expire as though it was a trial installation 180 days after SP2 is deployed. The activation of the expiration date will not affect the normal function of SharePoint up until the expiration date passes. Furthermore, product expiration 180 days after SP2 installation will not affect customer’s data, configuration or application code but will render SharePoint inaccessible for end-users.

Resolution
=========

Microsoft is working to release a hotfix to automatically fix this issue. A manual workaround is to re-enter your Product ID number (PID) on the Convert License Type page in Central Administration. For more information and detailed steps please read this KB971620.

Products Effected
===============
Applying Service Pack 2 to any of the following products will result in this issue: Office SharePoint Server 2007, Project Server 2007, Form Server 2007, Search Server 2008 and Search Server 2008 Express.

Products not effected
==================
Windows SharePoint Services 3.0 is not affected by this issue.

ISSUE
=====

SharePoint 2003 Audience process is stuck when compiling an audience group.

Attempts to restart the audience compilation fail even after a server restart.

SharePoint Audience Log (INDEX Server -> CA -> Configure Diagnostic Settings – view diagnostic logs – <date> 00001111_AUDIENCEJOB.log) show a similar error to the below:

SqlCommand: ‘dbo.Orgle_job_UpdateLastTouch ‘
CommandType: StoredProcedure CommandTimeout: 1000000000

The Audience Group contains:

• a rule for the audience that uses the User operand and the ‘Member of’ operator.
• Contains a Windows security group

Resolution
==========

This issue normally occurs when a nested windows group is created, causing the audience compilation to loop and fail.

Nested windows group is when a windows group contains another windows group both as a member and member of.

Review all of the windows groups used by the audience and then any sub windows groups and remove the offending windows group member.

More Information
================

This issue is also very similar to when a forward slash character (/) is contained in a users full name in Active Directory.

Or

When a windows security group contains a large amount of members and timeouts occur.

This is resolved in SharePoint 2003 Service Pack 2 http://support.microsoft.com/kb/883919