Powershell – profiles

Very useful




SharePoint 2007 – increase the maximum upload size

By default SharePoint 2007 allows a maximum of 50MB to be uploaded. I would recommend trying to keep the limits at this size as your web application can slow down if you have large documents in a library. But sometimes there is a need to increase the limits.

There are 4 things that you have to do:

1)      Change the limits on the web application

2)      Change the IIS timeout limits

3)      Add some code into the web.config file for the web application

4)      Restart IIS


Change the limit of the web application

1)      Open up SharePoint central admin

2)      Navigate to ‘Application Management’

3)      Under ‘SharePoint Web Application Management’ select ‘Web application general settings’

4)      Change the ‘Web Application’ in the top right hand corner to the web application that you wish to change the limits on

5)      Once you have selected the web application change the ‘Maximum Upload Size’ for example 500MB

Change the IIS timeout limits

1)      On the SharePoint web front end server open IIS

2)      Expand the server name

3)      Expand ‘Sites’

4)      Left click on the SharePoint web application

5)      On the right hand side under ‘Manage Web Site’ click ‘Advanced Settings’

6)      Expand ‘Connection Limits’

7)      Change the number in the field ‘Connection Time-out (seconds). It is recommended to use 120 per 50MB. So if you are setting the limits to 500MB you will need to use 1200.

8)      Click ‘OK’

Add some code into the web.config file for the web application

1)      On the SharePoint web front end server navigate to C:\inetpub\wwwroot\wss\VirtualDirectories\<WEBAPP>

2)      Find the file that is call ‘web.config’

3)      Locate in the code ‘<system.web>’

4)      Just before this code insert the following :

<requestLimits maxAllowedContentLength=” 524288000”/>

5)      The ‘524288000’ is bits. So if you are setting the limits to 500MB it needs to be ‘524288000’, 250MB it should be ‘262144000’.

Restart IIS

1)      On the SharePoint web front end server open cmd

2)      Type IISRESET


Now you will be able to upload documents larger than 50MB. Remember that this may slow down your site.

How to remotely change Windows service restart options from a command line

As an IT sysadmin you may often need to change the service restart actions to be taken in the event of a system service failure.  In large environments you’ll obviously want to do this from a script if possible, so the following command should do what you want if you’re tring to remove all restart actions from the Spooler service running on REMOTESERVER:

sc.exe \\REMOTESERVER failure spooler actions= “” reset= 0}

You can wrap this up inside a command prompt or PowerShell loop as follows (PowerShell example).  Please note the extra quotes to allow PowerShell to parse the command line and still pass the correct parameters to sc.exe.  In the example below, the change to remove all recovery actions from the Spooler service will be applied to SERVER01 – SERVER08.

1..8 | foreach {sc.exe \\SERVER0$_ failure spooler actions= “””””” reset= 0}

Please type sc.exe failure help at the command prompt for more details on this functionality.

Windows XP – active desktop recovery problem

Go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\SafeMode\Components

And delete the value for the DeskHtmlVersion component

Copy AD Group Members


This is something that should be built into AD. If you have a large security group in AD and you need to duplicate the members, you have to add each user one at a time into the new group. This isn’t just pain it takes ages and there is always to possibility that you miss a user or add the wrong user.

I have written a Powershell script that that will copy the members of one group to another. Create the new group in AD and then edit this script. This will copy all the members from one group to the other, saving you time.

Import-Module ActiveDirectory

$fromgroup = Get-ADGroup “From Group
$togroup = Get-ADGroup “To Group

foreach ($member in Get-ADGroupMember $fromgroup)
    Add-ADGroupMember -Identity $togroup -Members $member

SharePoint – The search request was unable to connect to the Search Service


You get the message ‘The search request was unable to connect to the Search Service.’ When searching in SharePoint.


Because the SharePoint Server has not been shutdown correctly or the server has been just powered off. Normally due the esx host problems.


Restart “Office SharePoint Server Search” Windows Services

Restart “Windows SharePoint Services Search” Windows Services


So that this is easier I have created a batch files that you can run and it will process all of this.

Create a batch file that contains the following:

net stop “Office SharePoint Server Search”
net start “Office SharePoint Server Search”
net stop “Windows SharePoint Services Search”
net start “Windows SharePoint Services Search”

Copy the batch file onto the SharePoint Server. Login to the SharePoint Server and run the batch file as administrator.
This will fix this problem

Secure Internet printing using IPP over SSL


• When we print over the Internet today, that print data is sent unencrypted

• Puts our data at risk

• Doesn’t force adherence to data protection laws


• By using IPP over SSL instead of a raw printer connection, we can enforce encryption of all print traffic traversing the Internet

• Secures our data • Complies with data protection law

• Doesn’t require any new network hardware

• Doesn’t require any new printer hardware (at least not a lot)

• We’ll need to ensure that any printers we purchase in future support IPP over SSL.


If we configure our existing Kyocera printers as follows then we can enable and use IPP over SSL.

• Enable SSL on printer

• Enable IPP over SSL on printer

• Open up firewall port on router to map a port on the external IP interface to the internal printer (TCP 443 by default)

• Connect to the printer Command Centre (web interface) and create a new SSL certificate who’s Common Name matches the external IP address of the remote site

• Ensure a password is set on the Command Centre web UI (which meets our Password Policy)

• Save this certificate and import it into the Trusted Root CAs certificate store on the print server

• Ensure the “Internet Printing Client” feature is installed on the print server

• Add a network printer to the print server, connecting to the URL of the externally visible port on the firewall (e.g.