in SharePoint 2010

SharePoint 2010 and PowerShell – Made for Each Other!

One of the cool new features introduced in SharePoint 2010 are the new set of PowerShell Cmdlets for SharePoint. I have been working on those PowerShell Cmdlets for some time now (mainly configuring SharePoint service applications than development) and I am quite impressed to see how simple things are!

If you are using MOSS 2007, stsadm command is the tool you would use to configure and manage your SharePoint environment. The SharePoint community was the only resource if you were looking to leverage the PowerShell strength in MOSS 2007. From SharePoint 2010, though the stsadm command is still available, Microsoft recommends using the new PowerShell Cmdlets which are more efficient than using stsadm command. In fact, there is a PowerShell Cmdlet for everything and anything in SharePoint 2010!

Where to Begin?

There are two ways to start using the PowerShell Cmdlets:

1) From the SP2010 Management Shell

image

This opens a PowerShell Console session with all the cmdlets loaded.

2) Adding the Microsoft.SharePoint.PowerShell snap-in

You can also open a new PowerShell window, add the Microsoft.SharePoint.PowerShell snap-in to start using the cmdlets.

image

The Cmdlets

Now the real fun begins :)

There are more than 500 cmdlets in total! Well, I have to really appreciate Dmitry for putting up the available cmdlets in his blog! So, I wont repeat them here. Remember, that list is not final, but still it gives you an idea of what is possible now.

Some examples for Administrators

Though I see a major investment for developers too, the Administrators are the ones who are going to benefit a lot from these cmdlets.

Some examples are below. Please bear in mind that this is still in beta and things may change gradually as it reaches the final release:

[These cmdlets involves the use of new Service Applications introduced in SharePoint 2010]

Creating a new User Profile Service Application and User Profile Service Application Proxy

$upa=New-SPProfileServiceApplication 
-Name "Demo User Profile Service"
-ApplicationPool "SharePoint Web Services Default"
-MySiteHostLocation "http://demo2010a/my"
-MySiteManagedPath "my/personal"
-ProfileDBName "DEMO2010A_ProfileDB"
-ProfileSyncDBName "DEMO2010A_SyncDB"
-SocialDBName "DEMO2010A_SocialDB" -Verbose

New-SPProfileServiceApplicationProxy 
-Name "Demo User Profile Service Proxy"
-ServiceApplication $upa
-DefaultProxyGroup

Note that this is also attaching existing databases for Profile, Social and Sync databases. This is useful when you are restoring the Users’ Profile, MySites databases and want to create a user profile service application based on those restored databases. If you dont supply any values for database, it should create a new databases.

Creating a new Secure Store Master Key & Application Key

The Secure Store Service Application manages the secure store accounts which we can use in many other service applications like Visio Services, Performance Point Services etc., for setting up authentication with external data sources. This initially requires a Master Key and Application Key to be generated based on which you can now create target applications IDs and set credentials and permissions. So below is the PowerShell script to create these initial keys:

First, let us get a reference to the secure store service application:

$secureStore=Get-SPServiceApplicationProxy | 
where {
$_.GetType()
.Equals([Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy
]) }

Now, we can create the Master Key:
 
Update-SPSecureStoreMasterKey 
-ServiceApplicationProxy $secureStore.Id
-Passphrase "passPhrase1"

And the Application Key:
 
Update-SPSecureStoreApplicationServerKey 
-ServiceApplicationProxy $secureStore.Id
-Passphrase "passPhrase1"

Setting the unattended account for Performance Point Services

Below is the PowerShell script to set the unattended account for authenticating with external data sources. Note how it also uses PSCredential object to get the user credentials:

Get-SPPerformancePointServiceApplication | 
Set-SPPerformancePointSecureDataValues
-DataSourceUnattendedServiceAccount
(New-Object System.Management.Automation.PSCredential "username",
(ConvertTo-SecureString "password" -AsPlainText -Force))

I have to agree the examples above are bit advanced, but you can see the power of PowerShell here. If you are going to do these in the SharePoint UI, its going to take at least 5-10 minutes, but with PowerShell its going to take only seconds!

But for now I will leave you to explore the possibilities of the other PowerShell cmdlets like:

1) Get-SPWeb

2) Get-SPWebApplication

3) Get-SPSite

4) Get-SPFarm

And some link love to Zach’s excellent blog posts:

1) PowerShell 2010: Basic Discovery

2) PowerShell 2010: Basic SharePoint Cmdlets

3) SP 2010: Intro to PowerShell Part 3

I will post more cmdlets as I start using them here in my blog :)

Write a Comment

Comment


8 × nine =

  1. Hey Chak. After I create a new Secure Store Master Key & Application Key, how do I set the credentials and refresh the keys in PowerShell?

    thanks

  2. Chakkaradeep,
    I used your create user profile cmdlet.. I am getting this error below, can you provide me some light here

    New-SPProfileServiceApplication : The timer job completed, but failed on one or more machines in the farm.
    At line:1 char:37
    + $upa=New-SPProfileServiceApplication <<<< -Name "Demo User Profile Service"
    -ApplicationPool "SharePoint Web Services Default" -MySiteHostLocation "http://
    cmhdspw01/my" -MySiteManagedPath "my/personal" -ProfileDBName "DEMO2010A_Profil
    eDB" -ProfileSyncDBName "DEMO2010A_SyncDB" -SocialDBName "DEMO2010A_SocialDB" –
    Verbose
    + CategoryInfo : InvalidData: (Microsoft.Offic…viceApplication:
    SPCmdletNewProfileServiceApplication) [New-SPProfileServiceApplication], S
    PException
    + FullyQualifiedErrorId : Microsoft.Office.Server.UserProfiles.PowerShell.
    SPCmdletNewProfileServiceApplication