ARB Security Solutions

Automating BizTalk 2009 Builds With TFS

adam — Thu, 18 Mar 2010 15:08:21 +0000

I was at a client today, working on a TFS 2008 cube corruption problem (I hate the super common code churn crap it always throws, requiring weird InstanceInfo and SetupWarehouse voodoo) when the subject of automating BizTalk 2009 projects came up.

The company heavily uses BizTalk, so they threw up a staging server with BizTalk 2009 on it and ran the Team Foundation Server Build Setup. After this, building non-BizTalk projects was working just fine, but BizTalk projects fail to build. After examining the box, they had copied various things from a BizTalk development workstation, but none of the additions had any effect. The rationale behind this was they don’t want Visual Studio on the staging server, but without it when running the BizTalk install the Developer Tools and SDK option is not selectable.

To get around this, look during the installation of BizTalk under Additional Software, and find the Project Build Component feature. While this allows for builds without Visual Studio, it should be noted that you can’t generate MSI packages, just build stuff.

TFS 2010 – Sequential As Opposed To Parallel Builds

adam — Thu, 18 Mar 2010 14:56:53 +0000

A client was asking me this today so I decided to make a quick note and send a link

In TFS 2010 when trying to make Sequential builds (i.e. for one you have several interdependent solutions in your automation strategy) in the DefaultTemplate XAML file you have to change the tag to . It should be noted that this is a lot different than TFS 2008. In TFS 2008, in the TFSBuild.proj file the solutions were just ordered correctly and made use of the BuildSolutionsInParallel property. This also required changing the setting for the MaxProcesses in the tfsbuildservice.exe.config file on the build server to a value greater 1, and also to restarting the build service on the build server. This is a lot more cumbersome than changing the type tag mentioned above.

ForeFront for SharePoint High Memory Utilization

adam — Fri, 19 Feb 2010 01:14:11 +0000

At a client of mine today, who has a robust FSSP environment, similar to the larger one I wrote about in this MSDN article:

http://msdn.microsoft.com/en-us/library/ee412237.aspx

or if you are just interested in the specific image:

http://i.msdn.microsoft.com/Ee412237.792e5c8b-f1b7-4cb4-9b87-5689c44973da(en-us,office.12).gif

was experiencing an abnormal amount of memory utilization on the WFE’s I had built for them. While they wanted a quick fix, it is important to remember that the scanning processes of FSSP will cause memory consumption depending on how you balance the engines being used. Forefront uses in-memory scanning (FSCRealtimeScanner.exe) and up to 5 scan engines can be employed so each scan process will load the engines that you have enabled under SETTINGS>Anti Virus.

For each of the scanning processes ~ 200-300MB RAM will generally be consumed depending the file being processed since the file being scanned is loaded into memory. Thus, if a scan is being executed on a file that is 200 MB and further 200MB RAM utilized. Once the scan is complete, this memory will return to the available pool.

All this being said, explicit reduction of processes spawned is controllable by modifying the RealtimeProcessCount registry value (HKLM\SOFTWARE\Wow6432Node\Microsoft\Forefront Server Security\SharePoint), which would require restarting FSSP and SharePoint services, however this should be approached with caution since having several real-time processes allow FSSP to scan more than one file, thus avoiding scan-related bottlenecks.

The only recommendation that can be made is a review of the memory consumption to establish whether the memory consumption is normal, and thus requires expanding the available RAM or whether there is a separate problem.

Developer Turnover and Maintaining Valid TFS Historical Data – TFS Error TF20015

adam — Wed, 17 Feb 2010 15:00:36 +0000

When maintaining a TFS environment where WI’s become crucial in terms of development artifacts, you may notice an issue with removed AD accounts causing a problem where WI’s are not privy to updates because the account has been removed from Active Directory. This becomes a huge issue because updates to the WI are no longer supported.

Generally, this will throw the error:

TFS Error: TF20015, stating that a field contains a value that is not on the supported list

This leads to the requirement where a developer, even though they have gone onto greener pastures, has an invalid account value, within a value restricted field. Bad news bear.

Fortunately, there is a supported route you can take with TFS in order to overcome this issue. Using the ALLOWEXISTINGVALUE rule allows entered value to still be valid even if that value is no longer a valid value. By customizing the process template work item types and use this definition for the field with invalid values.

Bada bing, good to go!

Exploding TFS Groups For User Investigation

adam — Tue, 16 Feb 2010 15:00:31 +0000

When users are using Team Explorer and viewing the group membership for a particular project (Team Project Settings -> Group Membership) it’s pretty easy because explicit users and groups are listed. However, this becomes a problem when you want to view all the users of that particular group. This is very, very evident when the groups are chained, i.e. Group X contains Group Y, which contains Group z, and so forth. This becomes an issue because viewing the security information for a particular security group becomes very limited.

Fortunately, to get around this limitation you can use the TfsSecurity tool, specifically the TfsSecurity /imx command, to get the direct members of the specified group.

It is important to remember that TfsSecurity.exe comes from Team Explorer, not the Visual Studio shell.

TFS Proxy Server Unexpected Shutdowns

adam — Mon, 15 Feb 2010 15:00:11 +0000

TFS Proxy Servers are essential for my current client’s TFSenvironment because they allow the disparate SharePoint development environment to experience improved network performance by caching copies of VC files. Since this particular environment is geo-distributed, this is a necessary architectural requirement in order to maintain appropriate developer efficiency.

Recently, a strange issue was occurring with my clients geo-environment where the proxy servers would start shutting down repetitively. The exact error you may run into is:

The VSTF Proxy Server stopped at [server]. The application is being shutdown for the following reason: HostingEnvironment. For more information ....."

Now this can happen for a variety of reasons, but first thing is you should enable proxy server tracing to get some more relevant error information by opening the web.config in the VersionControlProxy folder by setting the traceDirectoryName to a familiar storage location and changing traceWriter to true. For this particular error, one of the error returns can be:

Detailed Message: TF53002: Unable to obtain registration data for application VersionControl.
TF30055: Visual Studio could not find or read the Team Foundation Server server name in the configuration file. Contact your Team Foundation Server administrator. (type VstfNotConfiguredException)

If you get this error, the TfsNameUrl appsetting is not configured in the web.config file for the proxy server. Locate the:

PLAIN TEXT

XML:

key="TFSNameUrl" value="http://TFSServerName:8080" />

element and change it. After, check your IIS app pool setting and check that the recycle interval or memory limit. After, you should be good to go!

High QueryBuildQueue Execution Time? No Problem!

adam — Fri, 12 Feb 2010 15:00:03 +0000

For TFS administrators that are really keeping an eye on their environment, it may bubble up that there is a top-heavy amount of execution time in the QueryBuildQueue command. At first glance this may appear to be a problem with the TFS instance in terms of server load.

The QueryBuildQueue command is generated by TE and BuildNotification….when TFS queue a build, TE and BuildNotification it will query the status of the build about every 30 seconds. Naturally, this will result in a multitude of QueryBuildQueue commands being issued. When a query beings, TFS requires establishing a connection to the Build Agent, which results in a time lapse will the request is issued and the subseuquent response is listened for, during this lapse period within the request / response frame, threads are idle so the load is nothing to be concerned in terms of server load.

Rest easy, fickle TFS admins

Mirroring TFS – Consider Index Rebuilds When Using TLog Backups

adam — Thu, 11 Feb 2010 15:40:39 +0000

Mirroring a TFS DT is a very common action within large environments for a variety of reasons, redundancy and failover obviously being the primary catalysts for such an implementation but there are also a variety of other reasons why this is a beneficial action.

At a current client of mine where I was setting up initial, trial mirroring for the TFS instance, it because evident that the TfsIntegration Maintenance Job was causing issues with a long completion time which eventually resulted in TFS to respond uncharacteristically slow. Now this job does two things, firstly it re-indexes the TFS databases (TFSIntegration, TfsWarehouse, TfsWarehouse, TfsWorkItemTracking and TfsVersionControl) by calling the Re-indexing:TfsIntegration stored procedure. This is done by calling exec TfsIntegration.dbo.Prc_OptimizeTfsDatabases. As well, it also removes deleted process templates by calling exec TfsIntegration.dbo.prc_deleteTemplates. The first of these is the culprit though for this issue, and if you run the stored procedures directly you will see a Stop Request being issued which will result in the re-index has not being executed.

9 times out of the ten, because Index rebuilds and Defragmentation generate very hefty transaction logs, it is because a transaction log backup job (TLog backup job) is running while the re-indexing is executed. While calling TLog may help in log file reduction, it can also cause these issues when executed simultaneously with the index rebuild.

TMG Web publishing for SharePoint HTTPS, No Certificate Usage On TMG

adam — Wed, 10 Feb 2010 15:00:01 +0000

This question came up with a client this morning, which is the first time I have had to answer it but it's a very straightforward issue.

What if one is trying to use TMG to publish a SharePoint environment for both HTTP and HTTP access, while the certificate is appropriately setup in the SharePoint server it is not desirable to have the web publishing rule bound to the certificate, i.e. certificate stuff should be handled by the SharePoint environment. So, breaking the question down even more, they wanted to publish the HTTPS SharePoint instance WITHOUT using the certificate in the TMG instance.

This obviously is not a supported route, because logically it doesn’t make a ton of sense. One can’t use a HTTP web publishing rule without having the appropriate certificate accessibly and appropriately in place, and clearly is not a TMG limitation because it is the same requirement for ISA and Proxy Server stuff.

Programatically Working With TFS Check-In Policies

adam — Tue, 09 Feb 2010 16:23:59 +0000

Check-in policies within mature development environments are imperative, allowing the construction of code, to police checking in of code. Policies within TFS aid in enforcing restrictions and limitations whenever files are checked into TFS VC. TFS supplies a multitude of pre-existing check-in policies for actions like checking that unit tests are implemented, executing static code analysis to check for standards, and a bunch of others.

Unfortunately, there are some limitations however which I ran into recently with a current client of mine. The long and short of it is check-in policies cannot be included in process templates. However, there are custom development avenues you can use by building some managed code against the TFS API to execute this, the objects and methods that are used are fairly self explanatory. Consider the following that shows getting a collection of the current policies, and then setting the policies.

Firstly, getting an appropriate reference to the desired project:

PLAIN TEXT

C#:

TeamFoundationServer tfs = new TeamFoundationServer(http://tfs:8080);
VersionControlServer vcs = (VersionControlServer) tfs.GetService(typeof(VersionControlServer));
TeamProject tp = vcs.GetTeamProject("Project");

Off the TeamProject object instance, you can following call the GetCheckinPolicies method, which will allow you to return a Microsoft.TeamFoundation.VersionControl.Client.PolicyEnvelope array type. Essentially this is what we can refer to as the policy instance, representing the applied policy's of type IPolicyDefinition. Since you have an active array, you can do push the array into a typed collection of PolicyEnvelope objects using List.AddRange

PLAIN TEXT

C#:

tp.SetCheckinPolicies(policyCollection.ToArray());

ARB Security Solutions

Automating BizTalk 2009 Builds With TFS

Related posts

TFS 2010 – Sequential As Opposed To Parallel Builds

Related posts

ForeFront for SharePoint High Memory Utilization

Related posts

Developer Turnover and Maintaining Valid TFS Historical Data – TFS Error TF20015

Related posts

Exploding TFS Groups For User Investigation

Related posts

TFS Proxy Server Unexpected Shutdowns

Related posts

High QueryBuildQueue Execution Time? No Problem!

Related posts

Mirroring TFS – Consider Index Rebuilds When Using TLog Backups

Related posts

TMG Web publishing for SharePoint HTTPS, No Certificate Usage On TMG

Related posts

Programatically Working With TFS Check-In Policies

Related posts