Ramblings from an IT manager and long time developer.


Project 2013 and Project Server 2013 Training Links

Training Links


2013 training for IT pros and developers

General Link:

Development Links

Administration Links:


Videos from Books 24×7


Project Server Conference 2014

Channel 9 link:

Interesting Development related
videos (I have not validated any of them yet)

White Papeters

General Information



Office 365 – Single Sign-On for SharePoint, Skydrive, CRM, etc. via Smart Links

Office 365 – Single Sign-On for SharePoint, Skydrive, CRM, etc. via Smart Links


Synopsis: One of the biggest problems I have seen
with Office 365 is ease in accessibility to all of the Office365
resources.  As pointed out on many of the Microsoft forums, SharePoint,
CRM, Skydrive, etc. do not automatically complete a single-sign on
request when browsing the website.

Problem: When a user
browses for example, the user is
prompted to enter in their email address.  What a user expects is that
they should automatically be logged in and see sharepoint when
navigating to  Additionally, for
whatever reason, users cannot remember the website address to  Instead, they want to do something like

Solution: Create name branded “fancy URLs” that will complete an idp claim to give the user a true SSO experience.



  1. Open up Internet Explorer
  2. Navigate to
    Sign into Office 365
  3. Press F12 to open up the developer tools console (I am running IE
    11, the console looks way different than previous versions of IE)
    Sign into Office 365 - Developer Console
  4. Scroll down and select the icon that looks like a little WiFi antenna
    Sign into Office 365 - Developer Console - Network
  5. Click the green play button
    Sign into Office 365 - Developer Console - Network - Start Capture
  6. Type in your email address as you would to login to sharepoint (
  7. You should be redirected to your ADFS server and inside the network
    console, you should see a link like………………  Copy this link into notepad.
    Office 365 - Federated URL
  8. Remove the extra stuff from the debug console
    Office 365 - Federated URL - Notepad

    Office 365 - Federated URL - Cleaned - Notepad
  9. Remove everything from cbcxt=….. to wa=wsignin1.0
    Office 365 - Federated URL - cbcxt removed
  10. Remove the ct%3D1386214464%26 and bk%3D1386214464%26 parameters
    Office 365 - Federated URL - ct and bk removed
  11. Next, open up another new notepad document named index.html and paste the following text into it
    1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
      ""><html xmlns=""><head>
      <meta http-equiv=”refresh” content=”0; url= link goes here” /></head>


      Redirect to URL template

  12. Replace link goes here with your new smart link and save the document.
    Redirect to federated URL
  13. Upload the index.html file to one of your your webservers
  14. Create a new A record called pointing to your webserver
  15. Now when a user browses, the user
    will automatically be redirected to your secure ADFS Proxy and
    authenticate automatically.

You will need to repeat the steps above for each of the Office 365
products your company uses.  The federated addresses do change, so you
will have to follow all of the steps over again for each Smart Link you
wish to create.

Here is an official article on creating smart links:


ColdFusion Manual Configuration & Issues with TCP ports 51011, 51010 and 51800 on IIS and Apache

Great post on configuring ColdFusion 7 on Server 2008 R2 here


Cisco AnyConnect

Cisco AnyConnect is an SSL VPN client that provides reliable and easy-to-deploy encrypted (SSL) network connectivity for Windows.

Typically, the Cisco AnyConnect client would be downloaded from the VPN site, but the version currently available from that location is not compatible with current versions of Windows 7 and Windows 8 and will not function properly due to Microsoft Windows security updates.

Note: Remember to verify you are running the most recent version of java (

Download Link



ULS Logs and the ULSViewer

u might have stumbled across this blog entry when looking for information on the ULS. If that is the case, while I will not
go into great detail on the ULS I can at least tell you that it stands for stands for Unified Logging Service and is a corner
stone of SharePoint troubleshooting and it is the first place I recommend looking at to start tracking down the details of any
errors you might be encountering. If you are looking for a decent article on the ULS I’d recommend checking out the general
MSDN article that gives a general

Now, assuming that you have at least a basic understanding of the ULS and where the files can be found (default is the
“SharePoint HIVE”Logs folder). If you open one of the files up, I am willing to bet that you would find yourself wondering
how on earth you can make heads or tails of the information stored in the file and if you have a large farm, how you can pull
it all together so you can track down any issues quickly and more efficiently. Well you are in luck as one of the better tools
out there is free, full of features, and rather easy to use. This tool is called the ULSViewer and can be downloaded from
here or

ULSViewer can be used in different modes. The log can be read from log files, real time ULS log, from multiple servers, or
even from the clipboard. Here’s some examples:

On a machine running SharePoint 2010, run ULS Viewer. Click File, Open From, then choose ULS (This could also be done by
simply press Ctrl+U).


Immediately the logs will be shown in real-time. From here you can do things like filter by message level by click the icons
in the of the tool bar


You can ask set filters based on what you are looking for (error message, correlation id, etc). You can do this by clicking
on the “filter” icon in the tool bar and then defining 1 or more filters.



Note: One of the great things you can also do is save filters and reuse them. I find that I have a number of filters that I
use over and over and this helps save a lot of time!

Another feature that I find really handy is the “Toggle Correlation Tree” button.


When you click on this it opens up a side panel that can show you a list of all of the correlation ids and when you click
on one of those nodes you immediately see the main area filters to show only the log entries related to that single correlation

The reason why this is so useful is because in SharePoint we use correlation ids to trace a series of events that occurred
at once (like a transaction).

For example if you look at the screenshot below you’ll see that I selected the correlation id
‘ce44ed9c-e3b3-c0ad-3409-5e8c8d8d317f’ and this one appears to be related to a UserProfileImport Sync job.


If you’re running this on a development machine or are trying to track down an error that doesn’t happen regularly
another good feature is the notifications. You can enable notification by level in side of ULS Viewer (by default it will pop
up notification for Critical message). For example in this screenshot, when Health Analyzer checked my machine for a security
rule, it wrote a critical message into the log. With ULS Viewer, you can quickly identify the location of the message. If
there’s an exception, you can also check the detail of that.


Another great feature is the ability to open up multiple ULS logs from different servers. So if you have a 4 or 5 server
farm, you could either review each log individually or you could open them up as a “FARM” and let ULSView take over the
complicated work of combining the log files into a single view. You can do this either from the tool bar by clicking on the
“farm” icon or by going to File -> Open From -> Farm (Ctrl+ R)

Farm Icon


File -> Open From


Which then opens this dialog


From here you can add all of your servers (NetBios, FQDN, or IP addresses work just fine) and then specify a share that is
available on ALL of the servers list.

Tip: The SAME share must be available on all servers for this to work. I normally create a standard share on all of my
SharePoint servers called “UlsLogs” and grant read only access to the development and operations teams.

Also another useful feature is that once you have configure ULSView for your environment (include what servers/files are
being monitored), you can save everything to a “workspace”. This workspace can be shared with others and opened at any
time. This provides a very quick way to start viewing a farm.


Tip: I usually create one workspace per environment and share what with the development and operations team.


Project Server and Synchronizing Users to Project Sites

Original post found here

This blog post looks at some slight behavior differences between Project Server 2010 and Project Server 2013 regarding user synchronization to project sites.  One key part of this change should be taken into account when migrating – as there is one 2010 setting that no longer has UI to change it – and if it is disabled before migration it cannot be turned on again in 2013.  I’ll get into details of that setting and a workaround later, but first I will set the scene for how the settings and behavior have evolved. 

In Project Server 2010 we had a checkbox in Server Settings, Project Site Provisioning Settings for Project Site Permissions – labeled “Check to automatically synchronize Project Web App users with Project Sites when they are created, when project managers publish projects, and when user permissions change in Project Server. When the check box is cleared, Project Server users are never synchronized with Project Sites.”:


In my example it is unchecked – this is reflected in the published database in the MSP_WEB_ADMIN table in the WADMIN_AUTO_ADD_USER_TO_SUBWEB column – which has 0 when unchecked and 1 when checked.


If I create a new project and add some resources and then publish – I see just the following jobs in the queue and I don’t see any permissions set for the resources in my plan.

Project Save from Project Professional  
Start Workflow Success
Project Publish Notifications
Project Publish Success
Reporting (Project Publish)
Project Site Create
Reporting (Project Sync)
Reporting (Enterprise Project Type and Workflow Information Sync)

If I go to Server Settings, Project Sites and select the project, then click Synchronize in the header:


then I see a couple of queue jobs executed:

Project Site Membership Synchronization
Reporting (Project Sync)

However, I still do not see my expected users added to my site.  Only when I check the checkbox in the first screenshot, and then click Synchronize on the Project Sites page do I see my users get added.  So this checkbox controls the addition of users to my subweb.

There are some other settings in 2010 that had no UI, but could be set programmatically (or by editing the database and were documented in the article and the table was the same MSP_WEB_ADMIN, but this time the column is WADMIN_USER_SYNC_SETTING:


As you can see, mine is set to 0, which means all synchronizations are enabled.  If I change this to 2, this still has no effect on the site synchronization as long as the checkbox is checked.  Sync happens both on site creation and also using the Synchronize button.

Now lets jump forward to 2013.  The dialog in my first screenshot has no equivalent in 2013, and in a new installation the database setting for WADMIN_AUTO_ADD_USER_TO_SUBWEB  is defaulted to 1.  The WADMIN_USER_SYNC_SETTING now has some UI – under Server Settings, Project Permission Sync Settings.  I should add that this only appears when you are using Project Server Permissions mode.  The dialog looks like this:  , and if you are interested in the behind the scenes activity in the pub.MSP_WEB_ADMIN table the values for :


If you are interested in the behind the scenes activity in the pub.MSP_WEB_ADMIN table the values for WADMIN_USER_SYNC_SETTING follow the numbers documented at like so:

Enabled                            Value=0.       Enable all synchronizations.

DisablePWA                     Value=1.       Disable synchronization with Project Web App.

DisablePWS                     Value=2.       Disable synchronization with project sites.

DisableEmailSync             Value=3.       Disable email synchronization.

DisableAll                         Value=4.       Disable all synchronizations.

DisableVisbilityProjects    Value=8.       Disable Visibility projects synchronization only.

DisableEverything            Value = 255. Disable everything.

Unchecking Enable Project Site Sync will give me a value of 10 in the database – as it disables project site sync and sync with SharePoint Task List Project (or visibility projects as they are sometimes called).

With these settings, which are equivalent to the ones described in the final 2010 test above  (DB value was 2 rather than 10 as visibility projects didn’t exist),  if I create a new project and publish, and/or if I click Synchronize on the Connected SharePoint Sites page I DO NOT see any synchronize queue jobs and NO users are added to my site.  In 2013 there is no longer a single click option to synchronize sites if I have used the new UI in front of the WADMIN_USER_SYNC_SETTING values to turn off site sync.

The other gotcha, and the piece that got me looking deeper into this topic in the first place is the issue I alluded to in the intro.  What if I am using 2010 and have that box unchecked – then migrate to 2013?  In this case it can leave you confused as to why your users aren’t able to access their sites after you create a project.  The behavior you will see is that on initial publish of a project, assuming you create a site, then even if you have ‘Enable Project Site Sync’ enabled you will still not see your users added – and neither will you see the expected additional ‘Project Web App Synchronized’ groups – you will just see the default members, Owners and Visitors if you go to Site Settings, Site Permissions:


If you click on the Synchronize option you will see things put right – and the new groups will get added and your users added.  So we still take notice of the old DB setting which carried over from migration – but only on the project publish.


This last piece is certainly a bug – not sure at this point how it will be addressed, but we will be updating our upgrade documents to suggest checking that box before migration.  If you have migrated from 2010 (or earlier!) and are not seeing permissions on sites set as expected when you publish a plan then take a look at the database (change ProjectWebApp to the name of your database),


should return a 1.  If it shows a zero then you could run

Update [ProjectWebApp_PPM].[pub].[MSP_WEB_ADMIN]

This will show (1 rows(s) affected) as it resets the value.

We are reviewing this behavior change – so I will update if we do make any changes here.

For Project Online this last piece can never be an issue – as it will always be a 1 – and Project Online now has new defaults for the other Project Permissions Sync Settings – so by default we don’t sync anything.  And like 2013, if you have this sync turned off then Synchronize in Connected SharePoint Sites does nothing.


Remove and Re-add product key for Office 2013 and Office 365

Having been on Microsoft Office 365 for a few months now, we started to notice that when users who had activated software on a PC were removed from Office 365, the software would go into “grace period” and would continually notify the new user of the PC that there was a problem. The trouble was I could not figure out how to reassign the software license to the new user. Finally I have found steps that will accomplish this without having to repair/reinstall office.

Open Command Prompt on PC
Open a Command Prompt window, and then take one of the following actions:

  • If you installed the 64-bit version of Office 2013, move to the following folder: C:Program FilesMicrosoft OfficeOffice15
  • If you installed the 32-bit version of Office 2013, move to the following folder: C:Program Files (x86)Microsoft OfficeOffice15

Display the Current License(s)
Type the following command to display the license status. Note the last five characters of any and all license keys that display in the output:

cscript ospp.vbs /dstatus

Remove the License(s)
Now run the following command as many times as needed to remove all of the license keys you noted from the previous step.

cscript ospp.vbs /unpkey:[LAST 5 numbers of existing product key]

Restart the Computer

Once the remove commands are successfull, close the command prompt and restart the PC.

Reactivate MS Office 2013 with New Account

Launch one of the MS Office 2013 applications (I like to use Word). The application should prompt you to reactivate the by providing your sign-on ID. Enter in the new user’s credentials and the software will now be licensed under their ID.


Project 2013 and Project Server 2013 Technical Training Links

Microsoft Training Links

Project 2013 training for IT pros and developers

General Link:

Development Links

Administration Links:


Office Web Apps 2013 Server Install and Configuration

Copied from here

Installing Office Web Apps

Office Web Apps 2013 is a stand-alone server web application that provides capabilities to open and render a Microsoft Office Word, Excel, PowerPoint, or OneNote document as a web page. Microsoft SharePoint 2013, Exchange 2013, and Lync 2013 can share the rendering service to display Office documents in those applications as a web page. Additionally, when accessed from within a SharePoint 2013 farm, Office Web Apps also enables rich editing features for those documents.

Note: You cannot install Office Web Apps on the same server as SharePoint 2013

Please follow the server preparation process in the following sections for the appropriate server, either Windows Server 2008 R2 or Windows Server 2012.

Windows Server 2008 R2 Preparation

Start by installing the following prerequisite software for Windows Server 2008 R2:

Open a PowerShell command running as an Administrator and execute the following commands to install the required roles and services for Office Web Apps.

Import-Module ServerManager
## Run the following command as a single line
Add-WindowsFeature Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,Web-Security,Web-Windows-Auth,Web-Filtering,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Console,Ink-Handwriting,IH-Ink-Support

Please continue with the “Office Web Apps Installation” section below.

Windows Server 2012 Preparation

To begin, open a PowerShell command running as an Administrator and execute the following commands to install the required roles and services for Office Web Apps.

Add-WindowsFeature Web-Server,Web-Mgmt-Tools,Web-Mgmt-Console,Web-WebServer,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Security,Web-Filtering,Web-Windows-Auth,Web-App-Dev,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,InkandHandwritingServices

Please continue with the “Office Web Apps Installation” section below.

Office Web Apps Installation

Open and run the Office Web Apps setup.exe media to launch the setup wizard.

  1. In the Office Web Apps Server 2013 Wizard, on the Read the Microsoft Software License Terms page, select I accept the terms of this agreement and then select Continue.
  2. On the Choose a file location page, select the folder where you want the Office Web Apps Server files to be installed (for example, C:Program FilesMicrosoft Office Web Apps), and then select Install Now. Note that, if this folder does not exist, Setup will create it for you.
    The Choose a file location screen on the Office Web Apps install wizard.

    The Choose a file location screen on the Office Web Apps install wizard.

  3. When Setup finishes installing Office Web Apps Server, choose Close.

After installing the Office Web Apps 2013 server software, you are ready to install any additional add-ins and updates. You can also install any language packs your farm requires. To install the language packs, run the setup media for each of the language packs you desire.

If applicable, install the latest service pack Microsoft has released for Office Web Apps 2013 and then apply the latest service packs Microsoft has released for Office Web Apps 2013 language packs.

Finally, check for updates on Microsoft Update in the server’s control panel.

Configuring Office Web Apps

This section describes how to configure an Office Web Apps farm and join servers to it.

Important: Low memory conditions can cause Office document previews to fail in Office Web Apps. Verify that any servers that run Office Web Apps have sufficient memory.

On the first server for the Office Web Apps farm, execute the following PowerShell command to provision the farm:

New-OfficeWebAppsFarm -InternalUrl "" -ExternalUrl "" -SSLOffloaded –EditingEnabled

The SSLOffloaded command switch configures Office Web Apps for hardware load-balancing, where the load-balancing device manages the SSL certificate and then relays the request to an Office Web Apps server over HTTP unencrypted traffic. This improves the overall performance but does require a secure network between the load-balancer and the Office Web Apps servers.

The following image provides an example of the expected output from the PowerShell command.

PowerShell results from configuring an Office Web Apps farm

PowerShell results from configuring an Office Web Apps farm

Critical: Before you can use the Office Web Apps farm, you must add your domain to the list of allowed hosts.

Run the following PowerShell command to add your domain to the list of allowed hosts, substituting your domain for “”

New-OfficeWebAppsHost -Domain

Once you have provisioned an Office Web Apps farm and allowed your domain, you can join additional Office Web Apps servers to the farm. To join additional servers, install the Office Web Apps software by following the steps in the previous section and then execute the following PowerShell command.

New-OfficeWebAppsMachine –MachineToJoin “

You can test the Office Web Apps configuration by navigating to this URL and verifying it displays a Web app Open Platform Interface (WOPI)-discovery XML file:

Note: For more information on deploying and configuring Office Web Apps, please see this TechNet article:

Configuring the Windows Firewall for Office Web Apps Traffic

On each Office Web Apps 2013 Server, you will need to set a firewall rule to allow Office Web Apps inter-farm traffic and HTTP/HTTPS traffic. Alternatively, you can disable the Windows Firewall if you choose and if you have another firewall solution.

You can set the Windows Firewall rules by navigating to the Control Panel, then click System and Security, then click Windows Firewall, and finally click Advanced settings. In the Inbound Rules area, ensure that the server allows connections on port 80 (HTTP) and port 443 (HTTPS). Add the port for the Office Web Apps inter-farm communication by following these steps:

  1. In the Windows Firewall with Advanced Security window, click Inbound Rules.
  2. In the Actions panel, click New rule…
  3. In the New Inbound Rule Wizard window, select Ports as the Rule Type and click Next.
  4. Select TCP and enter “809” for the Specific local ports. Click Next.
    Windows Firewall Port Rule for Office Web Apps communication

    Windows Firewall Port Rule for Office Web Apps communication

  5. Click Next. On the Profile screen, uncheck Public and click Next.
  6. On the Name screen, enter “Office Web Apps Inter-Farm Communication” and click Finish.

Configuring a SharePoint 2013 Farm for Office Web Apps

Logon to the SharePoint application server that hosts Central Administration and open the SharePoint 2013 Management Shell (PowerShell), running it as an administrator. Next, enter the following PowerShell command:

New-SPWOPIBinding -ServerName “

Run the following PowerShell command to enabled OAuth over HTTP.

$config = (get-spsecuritytokenserviceconfig)
$config.allowoauthoverhttp = $true

Run the following PowerShell command to change the WOPI zone to external-https.

Set-SPWOPIZone –zone “external-https”

Finally, verify that Office Web Apps is working by navigating to a SharePoint 2013 document library and verify that you can open a document as a web page.

Note: For more information on how to configure a SharePoint 2013 farm to use Office Web Apps and for troubleshooting information, please see this TechNet article:



System.ServiceModel.ServiceActivationException: The service ‘/SecurityTokenServiceApplication/securitytoken.svc’ cannot be activated due to an exception during compilation.

Re-post from here

I had performed an in-place upgrade of a Team Foundation Server from Windows Server 2012 to Windows Server 2012 R2. Overall, no issues detected until a couple of weeks later when all the Developers came back to work (after XMas break) and informed me that Documents were not available via the Visual Studio 2012 application. The following error was occurring in Visual Studio; Please contact your administrator. There was an error contacting the server.Technical information (for administrator): HTTP code 200: OK
So off to the TFS Server it was….

First stop was the Event Viewer and there were two errors that I believe were related and occurring.

Error 1 – Event ID 3 System.ServiceModel WebHost failed to process a request. 

Sender Information:System.ServiceModel.ServiceHostingEnvironment+HostingManager/4032828
Exception: System.ServiceModel.ServiceActivationException: The service ‘/SecurityTokenServiceApplication/securitytoken.svc’ cannot be activated
due to an exception during compilation. 

The exception message is: Exception has been thrown by the target of an invocation.. —> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> System.ArgumentNullException: Value cannot be null. Parameter name: certificate at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate, String id, Boolean clone, Boolean disposable) at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate) at Microsoft.SharePoint.Administration.Claims.SPSecurityTokenServiceManager.ConfigureTokenHandlerCollection(SPSecurityTokenServiceManager manager, SecurityTokenHandlerCollectionManager collectionManager, String key, SecurityTokenHandlerCollection& tokenHandlerCollection) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceConfiguration.ConfigureTokenHandlerCollectionForLocalIssuer(SPSecurityTokenServiceManager manager, SecurityTokenHandlerCollectionManager collectionManager, String key) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceConfiguration..ctor() — End of inner exception stack trace — at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean&bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache, StackCrawlMark& stackMark) at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache, StackCrawlMark& stackMark) at System.Activator.CreateInstance(Type type, Boolean nonPublic) at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes, StackCrawlMark& stackMark) at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceHostFactory.CreateSecurityTokenServiceConfiguration(String constructorString) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses) at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath, EventTraceActivity eventTraceActivity) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(ServiceActivationInfo serviceActivationInfo, EventTraceActivity eventTraceActivity) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity) — End of inner exception stack trace — at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity) at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath, EventTraceActivity eventTraceActivity) Process Name: w3wp Process ID: 5664

Error 2 – Error ID 8306 SharePoint Foundation

An exception occurred when trying to issue security token:
The requested service, ‘http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc’ could not be activated.
See the server’s diagnostic trace logs for more information.. 

Error 3 – Error ID 6398

The Execute method of job definition Microsoft.Office.Server.UserProfiles.LMTRepopulationJob (ID 1b0c4725-fbcf-476d-af60-3aeabbdbd35c) threw an
exception. More information is included below. System.ServiceModel.ServiceActivationException 

The common problem here appeared to me to be with relation to the SecurityTokenServiceApplication, which can be sussed out within IIS… First I check that the Application Pool was configured with correct TFS Account and started…check Next went to browse the SecurityTokenServiceApplication web page itself (IIS Manager –> Sites –> SharePoint WebServices –> SecurityTokenServiceApplication, click on ‘Content View’ down at the bottom, right click on Securitytoken.svc and click Browse)…ERROR Basically you get a ‘Server Error in ‘/..’ Application + Error 1 above, or Internet Explorer cannot display the webpage etc.
From here I knew that the only way to fix this was to focus on the SecurityTokenServiceApplication web service but I wasn’t really sure where to start except that I knew this would be easy with PowerShell. 🙂

Thanks to gurus such as Syed and Abhishek Saigal, this is what fixed my issue.

The below PowerShell commands re-provisions all the SharePoint Web Services.
Don’t worry about losing any data/applications on SharePoint, all will remain intact.
Run the following commands one by one on SharePoint PowerShell:

$h = Get-SPServiceHostconfig
$services = Get-SPServiceApplication
foreach ($service in $services) { $service.provision(); write-host $} 

The output will take a little time and display each service one after another, patiently wait until it finishes.
Perform an IIS Reset and give another shot to browsing ‘http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc’ This page then displayed correctly, e.g. no error messages and Documents then worked within Visual Studio.