Features not available in SharePoint 2013 Workflow

SharePoint

Following are the features which are not available in SharePoint 2013 Workflow.

  • Actions
    • Stop Workflow
    • Capture a Version of the Document Set
    • Send Document Set to Repository
    • Set Content Approval Status for the Document Set
    • Start Document Set Approval Process
    • Declare Record
    • Set Content Approval Status
    • Undeclare Record
    • Add List Item
    • Inherit List Item Parent Permissions
    • Remove List Item Permissions
    • Replace List Item Permissions
    • Lookup Manager of a User
    • Assign a Form to a Group
    • Assign a To-Do Item
    • Collect Data from a User
    • Start Approval Process
    • Start Custom Task Process
    • Start Feedback Process
    • Copy List Item (SharePoint Designer 2013 supports only the document-copying action.)
  • Conditions
    • If current item field equals value
    • Check list item permission levels
    • Check list item permissions
  • Steps
    • Impersonation Step
  • Data sources
    • User Profile lookup
  • Other features
    • Visio integration
    • Association Column
    • Content Type Association for reusable workflow
    • ‘Require Manage List/Web Permission’ feature for list/site workflow
    • Globally reusable workflow type
    • Workflow visualization option

 

Source: https://msdn.microsoft.com/en-us/library/jj728659.aspx

File Icons in SharePoint Search Results using Display Template

SharePoint

In SharePoint 2013 search results, the icon for a file type like .msg, .txt shows up as .html icon.
In SharePoint 2010 this was overcome by mapping the icon file type in DocIcon.xml at WFE Servers.

But now since access to WFE servers are restricted in on-prem environment and no access in O-365 environment, the only solution available is to do the following.

  1. Edit the existing display template (I use custom display template with results shown in table and following is based on that) or create a new template for existing for the following located at (SiteCollection/All Files/_catalogs/masterpage/Display Templates/Search) accessible by using SharePoint Designer.
    1. xxxSearchTableResults.html
    2. xxxSearchTableItem.html
  2. Add the following codes and it should show correct icons.

Search Results Display Template:

Search Item Display Template:

Notes:
ctx.CurrentItem.FileExtension always return the file extension name which seems to match with the file name in the /_layouts/15/images/ folder.

For example msg = icmsg.gif or icmsg.png

Once done, the search results will show-up as following

Search-Icon

SharePoint Online Authentication

SharePoint Online Authentication

SharePoint

SharePoint Online Authentication

The following is the interaction between

  1. Client Computer
  2. Office 365
  3. Azure Active Directory (Azure AD)
  4. On premise Active Directory Federation Service (AD FS) (if available)

Notes:

  1. The customer can use either On Premise AD FS or any identity provider or they can use Azure AD
  2. The root Federation Authentication (rtFA) cookie is used across all of SharePoint Online. When a user visits a new top level site or another company’s page, the rtFA cookie is used to authenticate them silently without a prompt. When a user signs out of SharePoint Online, all SharePoint Online cookies are deleted.

Authentication Process

  1. User does anonymous request to secured O365 SharePoint Webpage (SharePoint.com)
  2. The SharePoint then requests the default identity provider or Azure AD to authenticate the user
  3. Azure AD then requests the user to provide credentials i.e email and password
  4. Azure AD then decides based on the email id, which identity provider to use, either itself or on prem AD FS
  5. User types in the credentials and sends back to AD FS using the client computer
  6. The on-prem AD FS or Azure AD then validates the credentials
  7. If on-prem AD FS is the provider, then it provides an auth token back to Azure AD post validating the user
  8. If Azure AD is the provider, then it generates the auth token
  9. In both the cases, Azure AD generates an auth token, stores it in client computer and redirects user back to SharePoint online
  10. O365 SharePoint server then validates this auth token with Azure AD
  11. O365 SharePoint then creates root Federation Authentication (rtFA) cookie and Fedauth cookie to client computer
  12. This rtFA cookie is used by the computer for subsequent requests

 

For more information visit https://support.office.com/en-us/article/SharePoint-Online-authentication-77965e8d-48ad-47bd-a656-57f17d6d1cc7?ui=en-US&rs=en-US&ad=US

SharePoint 2013 Authentication – SAML Based

SharePoint 2013 Authentication – SAML Based

SharePoint

SharePoint 2013 – SAML Based Authentication

The following is the interaction between

  1. Client Computer
  2. SharePoint Server
  3. Active Directory Federation Service (AD FS)
  4. Active Directory Domain Service (AD DS)

Notes:

  1. AD FS & SAML Claims are not required if AD DS is the provider in which the forest and domains trust each other
  2. AD FS must trust the AD DS for which the AD FS is issuing the SAML security tokens
  3. Here the trust might be implicit as the AD FS is the member of AD DS domain and hence trusts the domain controllers
  4. AD FS must also trust the SharePoint locations
  5. Hence AD FS is configured with SharePoint’s web application URLs as relying parties
  6. SharePoint server also must trust the AD FS’s SAML token.
  7. This trust is obtained via a signed certificate which the AD FS has and it signs the tokens with this certificate
  8. The SharePoint server is also configured with the public portion of the above mentioned signed certificate which AD FS uses and SharePoint trust those signed tokens using this public portion

The SAML Based Authentication Process

  1. User does anonymous request to secured SharePoint Webpage
  2. SharePoint redirects the user to AD FS’s login page for user to enter credentials
  3. User types in the credentials and sends back to AD FS using the client computer
  4. The AD FS server then validates the credentials with AD DS
  5. Once user is validated, the AD FS then creates a SAML token, signs and send it back to client computer
  6. The client computer now sends a new request to SharePoint server now with SAML token provided by AD FS
  7. SharePoint then creates a claims based security token using Security Token Service and this claims is based on the claims which it found in SAML token which the AD FS has sent to client computer
  8. Then SharePoint stores this security token with Distributed Cache Service on the farm
  9. SharePoint server then generates and send the federated auth cookie back to client computer
  10. The fed auth cookie has encryped key or index to security token
  11. This fed auth cookie is used by the computer for subsequent requests

The following Video will explain the Forms based authentication in SharePoint 2013. This video is part of the Authentication overview for SharePoint 2013 article located at https://technet.microsoft.com/en-us/library/jj219571.aspx

For more information on SharePoint Claims check out more articles at http://social.technet.microsoft.com/wiki/contents/articles/14214.sharepoint-2013-claims-based-authentication.aspx

SharePoint 2013 Authentication – Forms Based

SharePoint 2013 Authentication – Forms Based

SharePoint

SharePoint 2013 Authentication – Forms Based

The following is the interaction between

  1. Client Computer
  2. SharePoint Server
  3. ASP.NET Membership provider

The Form Based Claims Authentication Process

  1. User does anonymous request to secured SharePoint Webpage
  2. SharePoint responds with form based login page
  3. User types in the credentials and sends back using the client computer
  4. SharePoint server then validates the credentials with membership provider
  5. SharePoint server then queries the roles provider for user’s associated roles
  6. This becomes the role claims for user’s account
  7. SharePoint then creates a claims based security token using Security Token Service
  8. Then SharePoint stores this security token with Distributed Cache Service on the farm
  9. SharePoint server then generates and sends the federated auth cookie back to client computer
  10. The fed auth cookie has encrypted key or index to security token
  11. This fed auth cookie is used by the computer for subsequent requests

The following Video will explain the Forms based authentication in SharePoint 2013. This video is part of the Authentication overview for SharePoint 2013 article located at https://technet.microsoft.com/en-us/library/jj219571.aspx

For more information on SharePoint Claims check out more articles at http://social.technet.microsoft.com/wiki/contents/articles/14214.sharepoint-2013-claims-based-authentication.aspx

SharePoint 2013 Authentication – Windows Claims

SharePoint 2013 Authentication – Windows Claims

SharePoint

SharePoint 2013 – Windows Claims Authentication

The following is the interaction between

  1. Client Computer
  2. SharePoint Server
  3. Active Directory Domain Service

The Windows Claims Authentication Process

  1. User does anonymous request to secured SharePoint Webpage
  2. SharePoint requests back Windows Credentials (It can be a NTLM or Kerberos or basic)
  3. If user is in intranet zone, the browser sends back the logged in credentials to SharePoint, else user is prompted for credentials
  4. For both the cases the browser send back the credentials to SharePoint
  5. SharePoint then validates this credentials with Active Directory Domain Services (AD DS)
  6. AD DS then responds back to SharePoint with Windows Security Token
  7. SharePoint then checks, to which security groups the user belongs in AD DS
  8. SharePoint then creates a claims based security token using Security Token Service
  9. Then SharePoint stores this security token with Distributed Cache Service on the farm
  10. The IIS Server in SharePoint server then send the auth code to the user’s computer
  11. The client computer then uses this auth code for subsequent requests

The following Video will explain the Windows claims authentication in SharePoint 2013. This video is part of the Authentication overview for SharePoint 2013 article located at https://technet.microsoft.com/en-us/library/jj219571.aspx

For more information on SharePoint Claims check out more articles at http://social.technet.microsoft.com/wiki/contents/articles/14214.sharepoint-2013-claims-based-authentication.aspx

Execute Custom JavaScript code in SharePoint Content Editor webpart

SharePoint

When we try to execute a custom java script code in SharePoint content editor web part, it may not work. The reason behind is that, there might be a conflict occurring during load.

Microsoft provides ways to launch your function after full page load and following is one of the method.

Add count to drop down refiners in SharePoint search refinement webpart

SharePoint

While working on designing display template for drop down based refiners in SharePoint Search there was a requirement to show counts along with refiners in refiners list.

Following is the change which I made in the refiner’s display template.

Actual code

 Updated Code

Hide Available Refiners in SharePoint search refinement panel

Hide Available Refiners in SharePoint search refinement panel

SharePoint

Recently one of the customer had a strange request where the customer wanted to Hide “Available Refiners” in SharePoint search refinement panel.

The “Available Refiners” is available in “Drop Down” type refinement panel.

SharePoint Refinement Panel

When the refinement panel is being loaded, SharePoint executes a JavaScript function named AddPostRenderCallback. This would be available in the Refinement Display Template located under MasterPage/Search Gallery. The actual method looks like below code which is taken from O365.

To the above original code I made a small change so that “Clone all the elements” code executes only when user has selected a refiner.

To the above orignal code I added the following code to hide the “Available Refiners” option.

The above code will hide the “unSelGroup”‘s “Option Group” HTML to hide the Options for “Available Refiners”.

Final code would look like below.

End Result is following
Hidden Available Refiners Option Group

Clear SharePoint Search Results

Clear SharePoint Search Results

SharePoint

Recently I had a requirement for OOTB search Box + Result where the customer wanted to clear the search results regardless of any refinement selected or not.

Clear SharePoint Search Results

To implement this, in the display template HTML the following was added.

Do note that if refinements are there, the commented single line of code didn’t work and I had to replace the entire # as blank. Do check the original source (mentioned below) for more information.

The source for the above code is Add a “Clear Filters” link to your search page in SharePoint 2013