Tools to make SharePoint Admin life easier

These are common tools help SharePoint admin to manage and audit SharePoint farm easily.
Automated SharePoint 2010/2013/2016 PowerShell-based installation script.
2-SharePoint Load Generation Tool
Load Generation Tool Visual Studio Template can be installed for Visual Studio 2013 Ultimate and Visual Studio 2015 Enterprise editions. The tool can be used to test load for SharePoint Server 2013 and SharePoint Server 2016 farms.
3-SharePoint Feature Administration and Clean Up Tool
FeatureAdmin is a tool for SharePoint administrators and developers to manage SP features. It finds and cleans faulty FeatureDefinitions and orphaned reminders.
4-Windows PowerShell for SharePoint Command Builder Guide
Explore a free online tool that enables IT professionals and power users to visually assemble commands related to SharePoint 2010 / 2013 and Office 365
5-ULS Viewer
ULS Viewer is a Windows application that provides a simplified view of ULS log files in SharePoint 2013
SPSFarmReport is a scripted-tool that can be used to gather topology-related details from SharePoint farms.
Generate SharePoint Documentation, Manage Permissions & Compare Farms
8-SharePoint Manager
The SharePoint Manager 2013 is a SharePoint object model explorer. It enables you to browse every site on the local farm and view every property.
9-Search Health Reports (SRx)
PowerShell-driven tool for surfacing complex diagnostics for SharePoint Search through new multifaceted reports. The SRx includes a battery of tests that leverage a customized SSA object extended with contextual data from many disparate sources.


Points to consider when upgrading to SharePoint 2016

Before upgrading to SharePoint 2016, the below points will guide you to get efficient solution and to minimize the project risks.


  • There is difference between upgrade and migrate where upgrade will take the whole database content but migrate will move the content only to the new farm
  • In general, if you have well-structured site, content and customization then go with upgrade else it’s better to migrate the content and start with fresh content database
  • You can only upgrade from SharePoint 2013 to SharePoint 2016 and if you have older version than SharePoint 2013 then you need to upgrade it to SharePoint 2013 before SharePoint 2016 or you can use third party tools
  • Build sold plan and strategy before upgrading by determines the current configuration, customization, dependencies and removed or deprecated services
  • List all SharePoint application services that could be upgraded or not
  • Test the content database and don’t ignore the issues
  • Testing is an iteration process and may repeated many times until you get stable status
  • Document every step and fix that will be found
  • Resolve content, missing web parts , orphans … in SharePoint 2013 and then upgrade it to SharePoint 2016
  • Make sure there is no 14 Mode sites before upgrade to SharePoint 2016
  • No Service pack or cumulative update required to upgrade from SharePoint 2013 to SharePoint 2016 but it’s recommended to have the last update
  • It is recommended to always migrate your Service Applications before you migrate your Web Applications and SharePoint sites
  • Make sure to have claim authentication before upgrade to SharePoint 2016 and avoid to use classic authentication
  • Delete and remove unused contents, services and customization before upgrade to SharePoint 2016


More References:

Error while running SharePoint Configuration Wizard 2013 – The process does not possess the ‘SeSecurityPrivilege’ privilege

While running SharePoint Configuration Wizard for SharePoint 2013, got the below error:


Even if the SharePoint user used for installation (spAdmin) belong to local administrators group of SharePoint Servers, but because there is security group policy could cause this issue , you need to add this user to Manage auditing and security log policy (Browse to GPEDIT.msc Computer Config\Windows Settings\Security Settings\Local Polices\User Rights Assignement).

Note: Don’t forget to logout and login after applying the new policy.

Create and configure a Search service application in SharePoint Server 2013/2016

Learn how to create and configure a SharePoint Search service application using PowerShell and then how to modify the search topology.

You can create Search service application using Central administration or PowerShell but with  PowerShell , you have more control over the database names and to avoid GUIDs.

Login to the server where All of search components will be hosted whether is configured as a “Search” or “Application with Search” MinRole server, or “Custom”.

Modify the highlighted parameters to be applicable to your SharePoint farm in order to create new search service in one server:

 Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue  
 # Settings   
 $IndexLocation = "D:\Logs\SearchIndex"  
 $SearchAppPoolName = "Search App Pool"   
 $SearchAppPoolAccountName = "domain\spssearch"   
 $SearchServerName = (Get-ChildItem env:computername).value   
 $SearchServiceName = "Test Search Service"   
 $SearchServiceProxyName = "Test Search Proxy"   
 $DatabaseName = "Search_ADminDB"   
 Write-Host -ForegroundColor Yellow "Checking if Search Application Pool exists"   
 $SPAppPool = Get-SPServiceApplicationPool -Identity $SearchAppPoolName -ErrorAction SilentlyContinue  
 if (!$SPAppPool)   
 Write-Host -ForegroundColor Green "Creating Search Application Pool"   
 $spAppPool = New-SPServiceApplicationPool -Name $SearchAppPoolName -Account $SearchAppPoolAccountName -Verbose   
 Write-host "Start Search Service instances...."   
 Start-SPEnterpriseSearchServiceInstance $SearchServerName -ErrorAction SilentlyContinue   
 Start-SPEnterpriseSearchQueryAndSiteSettingsServiceInstance $SearchServerName -ErrorAction SilentlyContinue  
 Write-Host -ForegroundColor Yellow "Checking if Search Service Application exists"   
 $ServiceApplication = Get-SPEnterpriseSearchServiceApplication -Identity $SearchServiceName -ErrorAction SilentlyContinue  
 if (!$ServiceApplication)   
 Write-Host -ForegroundColor Green "Creating Search Service Application"   
 $ServiceApplication = New-SPEnterpriseSearchServiceApplication -Partitioned -Name $SearchServiceName -ApplicationPool $spAppPool.Name -DatabaseName $DatabaseName   
 Write-Host -ForegroundColor Yellow "Checking if Search Service Application Proxy exists"   
 $Proxy = Get-SPEnterpriseSearchServiceApplicationProxy -Identity $SearchServiceProxyName -ErrorAction SilentlyContinue  
 if (!$Proxy)   
 Write-Host -ForegroundColor Green "Creating Search Service Application Proxy"   
 New-SPEnterpriseSearchServiceApplicationProxy -Partitioned -Name $SearchServiceProxyName -SearchApplication $ServiceApplication   
 Write-Host $ServiceApplication.ActiveTopology  
 Write-Host "Configuring Search Component Topology...."   
 $clone = $ServiceApplication.ActiveTopology.Clone()   
 $SSI = Get-SPEnterpriseSearchServiceInstance -local   
 New-SPEnterpriseSearchAdminComponent –SearchTopology $clone -SearchServiceInstance $SSI   
 New-SPEnterpriseSearchContentProcessingComponent –SearchTopology $clone -SearchServiceInstance $SSI   
 New-SPEnterpriseSearchAnalyticsProcessingComponent –SearchTopology $clone -SearchServiceInstance $SSI   
 New-SPEnterpriseSearchCrawlComponent –SearchTopology $clone -SearchServiceInstance $SSI  
 Remove-Item -Recurse -Force -LiteralPath $IndexLocation -ErrorAction SilentlyContinue   
 mkdir -Path $IndexLocation -Force  
 New-SPEnterpriseSearchIndexComponent –SearchTopology $clone -SearchServiceInstance $SSI -RootDirectory $IndexLocation   
 New-SPEnterpriseSearchQueryProcessingComponent –SearchTopology $clone -SearchServiceInstance $SSI   
 Write-host "Your search service application $SearchServiceName is now ready"  

Next step to modify the topology to match your requirement, let assume that we have 4 SharePoint Servers (2 as web servers and 2 as Search servers) , in this case we can divide the search components as following:


So Query Processing and Index Partition will be hosted in front end or web servers and the rest of search components will be hosted in Search or Application Servers because no direct interaction with end users.

1- Run SharePoint service on each host that will used to run the search components

$host1 = Get-SPEnterpriseSearchServiceInstance -Identity "server1"  
 $host2 = Get-SPEnterpriseSearchServiceInstance -Identity "server2"  
 $host3 = Get-SPEnterpriseSearchServiceInstance -Identity "appserver1"  
 $host4 = Get-SPEnterpriseSearchServiceInstance -Identity "appserver2"  
 Start-SPEnterpriseSearchServiceInstance -Identity $host1  
 Start-SPEnterpriseSearchServiceInstance -Identity $host2  
 Start-SPEnterpriseSearchServiceInstance -Identity $host3  
 Start-SPEnterpriseSearchServiceInstance -Identity $host4  

Don’t go to the next commands until all servers become Online, you can check the status using the following command:


2- Get Current Topology

 $ssa = Get-SPEnterpriseSearchServiceApplication  

3- Clone Current Topology to modify it

 $newSSA = New-SPEnterpriseSearchTopology -SearchApplication $ssa  

4- Create Search Components for each host

 #Recommanded in WFE Server (Query Component and Indexes only)  
 New-SPEnterpriseSearchQueryProcessingComponent -SearchTopology $newSSA -SearchServiceInstance $host1  
 New-SPEnterpriseSearchQueryProcessingComponent -SearchTopology $newSSA -SearchServiceInstance $host2  
 New-SPEnterpriseSearchIndexComponent -SearchTopology $newSSA -SearchServiceInstance $host1 -IndexPartition 0  
 New-SPEnterpriseSearchIndexComponent -SearchTopology $newSSA -SearchServiceInstance $host2 -IndexPartition 0  
 #Recommanded in Application Server (Admin , Crawl , Content Processing and Analytics processing)  
 New-SPEnterpriseSearchAdminComponent -SearchTopology $newSSA -SearchServiceInstance $host3  
 New-SPEnterpriseSearchCrawlComponent -SearchTopology $newSSA -SearchServiceInstance $host3  
 New-SPEnterpriseSearchContentProcessingComponent -SearchTopology $newSSA -SearchServiceInstance $host3  
 New-SPEnterpriseSearchAnalyticsProcessingComponent -SearchTopology $newSSA -SearchServiceInstance $host3  
 New-SPEnterpriseSearchAdminComponent -SearchTopology $newSSA -SearchServiceInstance $host4  
 New-SPEnterpriseSearchCrawlComponent -SearchTopology $newSSA -SearchServiceInstance $host4  
 New-SPEnterpriseSearchContentProcessingComponent -SearchTopology $newSSA -SearchServiceInstance $host4  
 New-SPEnterpriseSearchAnalyticsProcessingComponent -SearchTopology $newSSA -SearchServiceInstance $host4  

5- Activate New Topology

 Set-SPEnterpriseSearchTopology -Identity $newSSA  

It’s recommended to remove the inActive topologies to avoid confusion in future, you can find how to remove it and change search service account in the following link:


Plan for service accounts in SharePoint Server 2016

I just want to talk about two points related to SharePoint 2016 service accounts which show the differences between current version and previous version of SharePoint server.
In previous version, farm service account has to belong to local administrator group of SharePoint servers especially if you have Forefront Identity Manager and User Profile but because of Forefront Identity Manager is removed from SharePoint Server 2016 no longer requires Local Administrator rights on any SharePoint server.
The second point that Claims to Windows Token Service account is now the only account that continues to require Local Administrator rights (only servers running C2WTS services).
For more details, you can find the below links for Plan for administrative and service accounts in SharePoint Server.

OWASP Application Security Verification Standard 3.0.1 – Arabic Version

In collaboration with my friend Ismail (,  we translated OWASP Application Security Verification Standard 3.0.1 to Arabic language in order to increase the security awareness in application development between Arab people.

You can find the link in the following:

Points to consider before create Cost Plan for Cloud computing resources

Before create Cost Plan or Bill of Materials, the below points will guide you to get efficient solution or cost whether you are using AWS or Azure cloud computing resources.

Using the right resources help you to meet the client requirements, save money and get less operations, errors, less security vulnerabilities …


  • Meet business objectives and the budget (be specific)
  • Know if the workload or legacy applications is supported in cloud
  • Consider non-functionality requirements like High availability or maintainability
  • Consider security requirements and compliance
  • Know the cloud deployment models (Public or Hybrid)
  • Review cloud provider pricing pages and calculators
  • Consider support price
  • Go with Serverless and managed resources first and if they are not applicable then go with IaaS
  • Consume free tier and resources as much as you can
  • Cost based on hours and usage
  • Enable alarm on bills and stop unused resources (even if it’s for hours)
  • Review your design, review your deployment, review ongoing projects
  • Determine the baseline and watch the exception behaviors
  • Know the required environments (staging, production …)
  • Know if the license is provided by the customer or cloud provider
  • Pricing is estimated (expected) because it’s based on provided information, always go with maximums
  • Provision just in time, start small and then elastic your resources
  • Keep old billing files for tracing and tracking
  • Know about the cloud resources usage (on demand, reserved or spot resources)
  • Use when possible the cheapest region if the network latency is not an issue
  • Know what is free and cost resources
  • New generation of virtual instances is cheaper
  • Use the right resource size (don’t go bigger or smaller)
  • Consider optimization features like Caching or CDN which reduce the consuming cost
  • Consider Lifecyle or Retention policy for resources
  • Automate the scaling and shrinking process of resources
  • Consider consolidating accounts
  • Consider Backup solutions and storage and don’t keep them in one datacenter
  • Know cloud services limitations
  • Review Trusted advisor or center
  • Seek for discount or credit especially when you have big profile project
  • Know the refund policy, currency conversion

My security contribution in Technology Quality Forum in Jeddah

I participated in Technology Quality Forum as speaker for one of my favorite topic which is “Quality in Cyber Security Awareness” in Jeddah, KSA.


For the presentation link:

Also I want to thanks Dr. عايض العمري (President of the Saudi Council for Quality) and brother Nebal Anaim (Organizer) for the Honored.

before is simply a collection of best practices and recommendations that help IT community to improve their applications and environments and to maximize non-functionality requirements to the best. Our goals are to minimize the impact of operations and products, and to foster responsible environmental leadership. We’re dedicated to creating successes for everyone and making a difference in our communities around the world.

This contribution was built with the help of my friends (Ismail , Kasim and Riad) and we will be happy to get feedback or suggestions in this email