Category Archives: Uncategorized

Upgrading a VSTO project from VS 2008 to 2013

To make sure all our Word documents are consistent we use a Word template that include VSTO action pane.


This allow us to insert standard blocks of text, T&C and the like, and also makes sure document revisions and reviews are correctly logged. We have used this for years without any issues, but I recently needed to make some changes to the underlying Word .dotx template and I had to jump through a couple of hoops to get it rebuilding in Visual Studio 2013 for Office 2013 (previously it had been built against Visual Studio 2008 generation tools)

The old VSTO project opened in Visual Studio 2013 without a problem, doing the one way upgrade. However, when I tried to build the project (which also signs it) I got the error

The "FindRibbons" task failed unexpectedly.
  Could not load file or assembly 'BMAddIn, Version=, Culture=neutral, 
  PublicKeyToken=null' or one of its dependencies.
  The system cannot find the file specified.

The  issue was that you need to remove the SecurityTransparent attribute from the end of the AssemblyInfo.cs file as detailed in MSDN.

Once this error was clear, I also got a problem when I tried to sign the assembly

error CS1548: Cryptographic failure while signing assembly. Unknown error (8013141c)

This was fixed by sorting the rights on my PC as I am running Visual Studio as a non-admin account. You need to give your current user ‘Full Access’ to C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys, or run Visual Studio as admin

So now it rebuilds and can be deployed I can make my modifications and enhance our VSTO solution, a much underused technology.

A walkthrough of getting Kerberos working with a Webpart inside SharePoint accessing a WCF service

In the past I have posted on how to get Kerberos running for multi tier applications. Well as usual when I had to redeploy the application onto new hardware I found my notes were not as clear as I would have hoped. So here is what is meant to be a walkthrough for getting our application working in our TFS lab environment.

What we are building

Our lab is a four box system, running in a test domain proj.local


  • ProjDC – the domain controller for the proj.local domain
  • ProjIIS75 – a web server hosting our WCF web service
  • ProjSQL2008R2 – the SQL box for the applications in the domain
  • ProjSP2010 –  a SharePoint server

The logical system we are trying to build is a SharePoint site with a webpart that calls a WCF service which in turn makes calls to a SQL database. We need the identity the user logs into SharePoint server as to be passed to WCF service via impersonation.


Though not important to this story, all this was all running a TFS Lab management infrastructure as a network isolated environment

Application Deployment

We have to deploy a number of layers for our application



  1. Using a SSDT DACPAC deployment we created a new DB for our application on ProjSQL2008R2
  2. We grant the machine account proj\ProjIIS75$ owner access to this DB (the WCF service will run as this account)


WCF Service

  1. Using MSDeploy we deploy a new copy of our WCF web site onto ProjIIS75.
  2. We bound this to port 8081
  3. We set the AppPool set to run as Network Service (the proj\ProjIIS75$  account we just granted DB access to)
  4. We made sure the web site authentication is set enable for anonymous authentication, ASP.NET impersonation and  windows authentication
  5. Set the DB connection string to point to the new DB on ProjSql2008R2, and other server specific AppSettings, in the web.config
  6. Made sure port 8081 was open on the firewall



  1. Add the WSP solution containing our front end  to the SharePoint farm (you can use STSadm or powershell commands to do this)
  2. Using SharePoint Central Admin we deployed this solution to the web application
  3. Activated the feature on the site the solution has been deployed to.
  4. Create a new web page to host the webpart e.g. http://share2010.proj.local/sitepages/mypage.aspx (Note here the name we use to access this SharePoint site is share2010 not ProjSp2010. This host name is resolved via the DNS on ProjDC of our lab environment. This lab setup has a fully configured SharePoint 2010 with a number of web applications each with their own name and associated service accounts, this is important later on)
  5. We added our webpart to the page and set the webpart properties to
    • The Url for the WCF web service http://ProjIIS75.proj.local:8081/callservice.svc
    • The SPN for the WCF web service http/ProjIIS75.proj.local:8081

Note: we provide the URL and SPN as a parameters as we build the WCF connection programmatically within the webpart. This is as it would be awkward to put this information in a web.config file on a multi server SharePoint farm and we don’t want to hard code them.

Our Code

The WCF service is configured via its web.config

           <binding name=”MyBinding”>
          <security mode=”Message”>
            <message clientCredentialType=”Windows” negotiateServiceCredential=”false” establishSecurityContext=”false” />
      <service behaviorConfiguration=”BlackMarble.Sabs.WcfService.CallsServiceBehavior” name=”BlackMarble.Sabs.WcfService.CallsService”>
        <endpoint address=”” binding=”wsHttpBinding” contract=”BlackMarble.Sabs.WcfService.ICallsService” bindingConfiguration=”MyBinding”></endpoint>
        <endpoint address=”mex” binding=”mexHttpBinding” contract=”IMetadataExchange” />
        <behavior name=”BlackMarble.Sabs.WcfService.CallsServiceBehavior”>
          <serviceMetadata httpGetEnabled=”true” />
          <serviceDebug includeExceptionDetailInFaults=”true” />
          <serviceAuthorization impersonateCallerForAllOperations=”true” />

The webpart does the same programmatically

log.Trace(String.Format(“Using URL: {0} SPN: {1} “, this.callServiceUrl, this.callServiceSpn));
var callServiceBinding = new WSHttpBinding();
callServiceBinding.Security.Mode = SecurityMode.Message;
callServiceBinding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
callServiceBinding.Security.Message.NegotiateServiceCredential = false;
callServiceBinding.Security.Message.EstablishSecurityContext = false;
var  ea = new EndpointAddress(new Uri(this.callServiceUrl),  EndpointIdentity.CreateSpnIdentity(this.callServiceSpn));
callServiceBinding.MaxReceivedMessageSize = 2000000;
callServiceBinding.ReaderQuotas.MaxArrayLength = 2000000;

this.callServiceClient = new BlackMarble.Sabs.WcfWebParts.CallService.CallsServiceClient(callServiceBinding, ea);
this.callServiceClient.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;

Getting the Kerberos bits running

First remember that this is a preconfigured test lab where the whole domain, including the SP2010 instance, is already setup for Kerberos authentication. These notes just detail the bits we need to alter to check.

To make sure out new WCF series works in this environment we needed to do the following. All this editing can be done on the domain controller

  1. Using ASDIEDIT, make sure the the computer running the WCF web service, ProjIIS75, has any entry in it’s ServicePrincipalName for the correct protocol and port i.e. HTTP/projiis75.proj.local:8081

  2. Using Active Directory  Users and Computers tool make sure the computer running the WCF web service, ProjIIS75, is set to allow delegation


  3. Using Active Directory Users and Computers tool make sure the service account running the Sharepoint web application, in our case proj\sp2010_share,  is set to allow Kerberos delegation to the computer SPN set in step 1. HTTP/projiis75.proj.local:8081. To do this you press the add button, select the correct server then pick the SPN from the list.


IMPORTANT Now you would expect that you could just set the ‘Trust  the user for delegation to any service’; however we were unable to get this to work. Now this might just be something we set wrong, but if so I don’t know what it was.

Once this was all set we did an IIS reset on ProjSP2010 and reloaded the SharePoint page and it all leapt into life.

How to try to debug when it does not work

There is no simple answer to how to debug this type of system, if it fails it just seems to not work and you are left scratching your head. The best option is plenty of in product logging which I tend to surface using DebugView, also WCFStorm can be useful to check the WCF service is up


So I hope I find this post useful when I next need to rebuild this system. Maybe someone else will find it useful too.

Changing targeted .NET version for a project means web.config changes for EF

I am upgrade an internal system from .NET 4.0 to 4.5 so that I can use the Team API features in TFS. The system is based around a WCF web service that links our customer help desk system to TFS to keep bug reports in sync. It uses Entity Framework to access our help desk SQL DB.

When I changed the targeted .NET framework  for the WCF project, I started to get warning to update the Nuget managed references for EF, which I did.

Once this was done, all my unit tests passed, however when i tried to load my test system it got the following  error (when it tried to create the EF DbContext)

An exception of type ‘System.TypeInitializationException’ occurred in EntityFramework.dll but was not handled in user code

Additional information: The type initializer for ‘System.Data.Entity.Internal.AppConfig’ threw an exception.

Turns out the issue was a reference to EF in the WCF project web.config

    <section name=”entityFramework” type=”System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089″ requirePermission=”false” />
    <!– For more information on Entity Framework configuration, visit –>

should have been

    <section name=”entityFramework” type=”System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089″ requirePermission=”false” />
    <!– For more information on Entity Framework configuration, visit –>


A misleading error message don’t you think?

Great support from BlogEngine.NET

I posted yesterday that we had upgraded to the current version of BE 2.9. We, as you might expect, had a few minor issues, but I must say the support on the discussion forums has been excellent.

This included the problems I had that were down to missing files and web.config issues (basically my copy errors when moving content from our BE 2.8 instance to the new BE 2.9 on) and a genuine bug in the new CustomFields code (fixed in All discussion posts were responded to, and in the case of the bug fix, within a very short period of time.

If you need a blog server and have not looked at at BlogEngine.NET I think it will be well worth your time taking a peek

Upgrading from BlogEngine 2.8 to 2.9

I have just upgrade our Blog Server from BlogEngine.NET 2.8 to 2.9, all seems to have gone well, as before basically it is just copies files and adds s table to the DB schema, so…

  1. backup your blogs folder and SQL DB in case of problems
  2. delete the contents  of the blogs folder
  3. copy in the the new release from the zip
  4. run the SQL upgrade script on your DB
  5. fix the SQL connection string in the web.config
  6. copy in the theme and extension files you were using as detailed in the release notes, but I found using updater utility did a great job for me

As many of our sites were using the standard theme, it picked up the new bootstrap based version. Anyone with the other themes just see what they saw before

A fix for power saving stopping my slow application installation

I am getting sick of the fact that the Samsung 500T tablet running Windows 8.1 I am installing applications on  keeps going into sleep mode to save power. I start the install, leave it to run, look back later it has been saving power, started and stopped Wifi and I have one very confused install. It is not as if it is anything weird, just Office 2013.

So the the workaround (as I admit I forgot to pickup it’s PSU this morning) is pop it into Presenter Mode (via the Windows key X and Mobility Center). This means it ignore Power saving and just runs for me. Install finish fine and I am good to go