Archives / 2012 / March
  • Speaking at the International SharePoint Conference London 2012

    Tags: SharePoint, SharePoint 2010, Presentations

    Square_web_banner_2bIn less than a month the greatest SharePoint conference on this side of the pond will take place in London - the International SharePoint Conference (ISC). The ISC is the new name for the conference held in London and previously called Best Practices Conference and Evolutions Conference. This will actually be my first year at the conference, but I always wanted to go there - and now I'm one of the speakers in the fantastic line up!

    This conference will not be just an ordinary conference - instead of having the traditional one hour demo sessions we will over the course of three days go from a functional specification to a deployable solution. The sessions will vary in length from less than one hour to a couple of hours long. There will be two parallel tracks like this - one focused on development topics and one focused on IT-Pro stuff.

    I will together with some fantastic SharePoint MVP colleagues and friends participate in a couple of sessions ranging from Visual Studio extensibility, to BCS and Managed Metadata thingies. It will be a blast presenting and I do think that the audience will enjoy this show. So, if you haven't already booked your tickers - now is the time!

    Se you there!

  • What is a Microsoft Certified Architect?

    Tags: Personal, SharePoint 2010

    MCA(rgb)_1417Last Friday I got the fantastic message that I had successfully passed the Microsoft Certified Architect - SharePoint 2010 (MCA) certification, something I'm really proud of - but something most of the community never ever heard of. During this weekend I've been pinged and messaged by a lots of people asking the question "What is a Microsoft Certified Architect?". In this post I intend to answer it as thorough as possible, including my own personal aspects of it.

    First of all let's answer the most common question - "How does the Microsoft Certified Architect relates to the Microsoft Certified Master exam?".

    I might agree that Master sounds way cooler than Architect, but that isn't the real story. The Master certification (MCM) is the most highly technical exam you could ever get in the Microsoft world. The term technical is important here. During the MCM rotation and the exam you explore and learn all the scary and exciting internals and externals of SharePoint (or the other MCM:able products/technologies) from a technical perspective. You will learn from the best teachers and SME's and you will be in a class together with some really awesome and skilled persons. The MCM is both a course (3 weeks on site, or 1 week on site and 10 weeks off-site), a written exam and a qualification lab. Read more about my MCM experience in one of my older posts. To even apply for the MCA you need to be an MCM on the specific product your applying for and on the current version. This means that Microsoft already tested and verified your technical skills! So one could actually say that the MCA is like the Microsoft Certified Grandmaster...

    "What is the MCA then?".

    So, let's take a look at the Architect certification (MCA). The MCA takes the certification to another level, and focus on the business side of SharePoint (or the other MCA eligible products; SharePoint, Exchange, SQL and AD). The MCA is not a course, it is not something you sit in class and learn for a couple of weeks, it is not something you can study for - it is something you learn over the course of several years of experience with the products, in real business cases together with one or more customers.

    "How do I apply for the MCA?".

    When applying for the MCA you must supply a portfolio which includes details about real customer gigs, your CV and other documentation to prove that you are in the business for real. Once the program manager thinks you have "what it takes" and that you proven that, you will be scheduled for a board appearance. You need to work on your documents and prepare for the board presentation. This is not something you should do with your left hand - you need to put in some real effort here to produce a good set of documents and a good presentation. It is up to you to prove that you have "what it takes".

    "So, how does the MCA board appearance work?".

    The board appearance is the certification. You will spend almost a day together with the MCA board (consisting of other MCA's or specific SME's). You will do a presentation, a case study and you will have several intense Q&A sessions. Enough to make you choke. The board will then grade you on six different competencies (full list and details on the official site). Once you are done - all you can do is wait for the pass/no-pass e-mail. This is an exhaustive day for which you need to prepare. But as I said earlier - it all comes down to the actual experience you have in the industry and how used you are to being in these situations with clients. You can't study for the Q&A sessions.

    "What's the value of an MCA certification?".

    The MCA, and the MCM for that matter, costs a lot of money. So is it worth it? In my opinion definitely. It's really hard to say what the exact payback is. We're currently early in the SharePoint MCA process with quite few certified MCA's and only time will tell. I can directly say that I learnt a lot while preparing for the board appearance - with a lot of time reflecting on past projects. Also the actual board appearance was great in that way that the board tested me; both on my strong areas and weak ones - and now I know what parts I might need to step up on. Studies done on the MCM community shows benefits such as a higher hourly rate, easier recruitment, better and safer deliveries. So the MCM/MCA are really a quality stamp, with MCM focused on the technical aspects and MCA on understanding and implementing business requirements.

    "Why did I do this?".

    This is the question my wife asks me! Well, first of all I always try to be better in what I'm doing. And going down the MCA route surely did this. I now know what I know and know what I don't know and know what I want to know... Also I think it is great for my company, Connecta, to have this certification - it will definitely be a USP in attracting clients and co-workers. A big thank you to Connecta and my managers who believed in me enough to send me on both the MCM and MCA journey! In the end I know that both me personally, my company and my co-workers will benefit from this.

    "I want to learn more about the MCA?".

    So, now I've been ranting about the MCA (from my perspective) and there are probably tons of questions that remains unanswered. Use the following links to learn more.

    That's it. I hope you have a far better understanding of what a Microsoft Certified Architect is.

  • How Claims encoding works in SharePoint 2010

    Tags: SharePoint 2010

    I've seen it asked numerous times on forums and I've been asked over and over how to interpret the encoded claims - so here it is: a post which will show you all the secrets behind how claims are encoded in SharePoint 2010.

    Updates: - 2012-03-09 Added Forms Authentication info. - 2012-03-11 Updated with information about how the claim type character is generated for non-defined claims


    If you have been using previous versions of SharePoint 2007, been working with .NET or just Windows you should be familiar with that (NETBIOS) user names are formatted DOMAIN\user (or provider:username for FBA in SharePoint). When SharePoint 2010 introduced the claims based authentication model (CBA) these formats was not sufficient for all the different options needed. Therefore a new string format was invented to handle the different claims. The format might at first glance look a bit weird...

    How it works?

    The claim encoding in SharePoint 2010 is an efficient and compact way to represent a claim type and claim value, compared to writing out all the qualified names for the claim types and values. I will illustrate how the claim are encoded in SharePoint 2010 focused on user names, but this claim encoding method could be used for basically any claim. Let's start with an illustrative drawing of the format and then walk through a couple of samples.

    The format

    The format is actually well defined in the SharePoint Protocol Specifications in the [MS-SPSTWS] document, read it if you want a dry and boring explanation, or continue to read this post...

    The image below shows how claims are encoded in SharePoint 2010, click on the image for a larger view of it.

    The SharePoint 2010 claim encoding format

    Let's start from the beginning. The first character must be an I for an identity claim, otherwise it has to be c. Note that the casing is important here. The second character must be a : and the third a 0. The third character is reserved for future use.

    It's in the fourth character the interesting part starts. The fourth character tells us what type of claim it is and the fifth what type of value. There are several possible claim types. The most common are; user logon name (#), e-mail (5), role (-), group SID (+) and farm ID (%). For the claim value type a string is normally used and that is represented by a . character. The sixth character in the sequence represents the original issuer and depending on the issuer the format following the sixth character varies. For Windows and Local STS the seventh character is a pipe character (|) followed by the claim value. The rest of the original issuers have two values separated by pipe characters, the name of the original issuers and then the claim value. Easy huh?

    Note: the f (Forms AuthN) as trusted issuer is not documented in the protocol specs, and this is what SharePoint uses when dealing with membership providers (instead of m and r). For more info see SPOriginalIssuerType.

    For full reference of claim types and claim value types, look into the [MS-SPSTWS} documentation.

    Charmap(Added 2012-02-13) If you are creating custom claim providers or using a trusted provider (as original issuer), you will see that you get some "undocumented" values in the Claim Type (4th) position (that is they are not documented in the protocol specs). The most common character to see here is ǵ (0x01F5). If the claim encoding mechanism in SharePoint cannot find a claim type it automatically creates a claim type encoding for that claim. It will always start with the value of 500 increment that value with 1 which results in 501. 501 is in hex 01F5 which represents that character. It will continue to increase the value for each new (and to SharePoint not already defined) claim type. The important thing here to remember is that these claim types and their encoding is not the same cross farms, it all depends on in which order the new claim types are added/used. (All this is stored in a persisted object in the configuration database)

    Update 2012-07-13: Make sure to read the "Introducing the SharePoint 2010 Get-SPClaimTypeEncoding and New-SPClaimTypeEncoding cmdlets" post to see how you can improve the custom claim type encoding experience in SharePoint 2010 June 2012 CU and forward.

    Some notes: the total length must not exceed 255 characters and you need to HTML encode characters such as %, :, ; and | in the claim values.

    Some samples

    If this wasn't clear enough, let's look at a few samples.

    Standard Windows claim

    Windows claim

    Another common claim. This time it's not an identity claim but an identity provider claim, and this is how NT AUTHORITY\Authenticated Users is represented.

    Authenticated users claim

    This is how a Windows Security Group is represented as a claim. The value represents the SID of the group.

    Security Group claim

    If we're using federated authentication (as in the Azure AuthN series I 've written) we can see claims like this. It's an e-mail claim from a trusted issuer called Azure.

    E-mail claim

    Here's how a claim can be encoded if we're having a role called facebook in the trusted issuer with the name Azure.

    Role claim

    This final example shows how the encoded claim for the Local Farm looks like. It's a Farm ID claim from the system Claim Provider and the claim value is the ID of the farm.

    Farm claim

    This is how a forms authenticated user claim looks like. image


    I hope this little post showed you all the magic behind the claims encoding in SharePoint. It's quite logical...yea really.

  • The sixth edition of the DIWUG SharePoint Magazine is out

    Tags: SharePoint 2010

    DIWUG no. 6The best free SharePoint magazine published online, the DIWUG SharePoint e-Magazine, did yesterday release their sixth edition. As usual this is a great edition with a mix of articles for every aspects of the SharePoint universe. The articles are written by SharePoint community members and the magazine is compiled and managed by Mirjam van Olst and Marianne van Wanrooij.

    This edition contains articles ranging from hard core Service Application federation, to SharePoint Online and Azure development to articles on how to engage your users and project teams in SharePoint. As usual - something you just must read!

    In this edition I've participated with one article about Dynamic Ribbon customizations with Page Components. It's quite lengthy (sorry about that) and contains a lot of code, and quite a few tricks that makes Ribbon customizations easy(ier). My idea behind the article was to show a real world implementation of a Ribbon customization, instead of any Hello World stuff. This customization actually improves the OOB user interface (IMO) and allows your users to work with Workflows much easier. You can basically take the code from the article and install it in your farms.

    So here's where to get it:

About Wictor...

Wictor Wilén is the Nordic Digital Workplace Lead working at Avanade. Wictor has achieved the Microsoft Certified Architect (MCA) - SharePoint 2010, Microsoft Certified Solutions Master (MCSM) - SharePoint  and Microsoft Certified Master (MCM) - SharePoint 2010 certifications. He has also been awarded Microsoft Most Valuable Professional (MVP) for seven consecutive years.

And a word from our sponsors...