Good news for all the on-premises SharePoint Infrastructure Admins and Developers. An improved ULS Log viewer for SharePoint 2013 has been released a few days ago. I was concerned for a couple of years that there wasn’t any movement on updating my number 1 favourite SharePoint tool. However, I did see a video where Bill Baer there was a hint of how bad the tool was and they’d do something about the tool.. so here it is – a new ULS Log Viewer……

Download it here:

Some new features:

1. Monitor multiple servers simultaneously


2. Locate specific log entries via command line

3. Highlight and personalise the output if a filter match occurs

Some fixes I have noticed:

1. More stability when working with the filters

2. Multiple fixes such as filtering on pause state


Can we use it for SharePoint 2010?

Yes! It works well for SharePoint 2010. However, you would need to ensure that .NET 4.5.1 is installed on the server you run ULS Viewer on. With SharePoint 2010, .NET 3.5 is used and you might not find .NET 4.5.1 on your SharePoint 2010 servers.

Download Microsoft .NET Framework 4.5.1 (Offline Installer) here:

I have tested it successfully on Windows Server 2012, Windows Server 2012 R2 and Windows Server 2008 R2.

When configuring Site Mailboxes in SharePoint 2013 on-premises, you may be presented with a few errors such as:

‘Your SharePoint Server configuration is not supported’

Your Organization’ SharePoint Server configuration is not supported. Please contact your system administrator for more information.

Site Mailboxes finally work:


Another error that is displayed is:

Sorry, something went wrong

An unexpected error has occurred.


To troubleshoot these errors, open your favourite ULS Log viewer and look up the Correlation ID.

With Site Mailboxes, there are specific ‘error codes’ or ‘error keywords’ that will be found in the ULS logs.

Here is a table that I found useful when troubleshooting SiteMailbox configuration issues:


Please review the following table if you encounter issues.

Table of error codes for reference when you run a configuration checklist script

Error Code Error Notes
0 NoError Review Prerequisites.
1 ExchangeClientNotAvailable EWS client was not found on the SharePoint WFE. Run the Check script and ensure the entries are properly in the GAC; you may need to reinstall the EWS client.
2 UnsupportedVersion EWS client version is incompatible with SharePoint. Run the Check script to ensure the version meets minimum requirements. Alternatively, the Exchange server may be 2010 or earlier.
3 InvalidUser The TeamMailboxDomain parameter is not a valid FQDN or SMTP address.
4 UnauthorizedUser The script received a 401 from the Exchange Server, review the Exchange setup steps.
5 ServerBusy Exchange timed out during AutoDiscovery. It should be intermittent, please retry, but if it is persistent, follow-up with the Exchange Administrator.
6 URLNotAvailable AutoDiscovery failed to return a URL for ECP/OWA, which means typically that the EWS client version is incompatible with SharePoint. It may also mean Site Mailboxes are not enabled on Exchange, which would require follow-up with the Exchange Administrator.
7 OAuthNotSupported Unsuccessful in generating an OAuth token on behalf of SharePoint. This is typically caused by claims-based authentication being disabled on the SharePoint web application.
8 OAuthException An error occurred during the OAuth handshake between SharePoint and Exchange. This is typically caused by server to server configuration issues, such as a realm value mismatch on either side, certificate issues for Exchange or SharePoint, etc. Review certificates and attempt to establish or reestablish trust.
9 InvalidAutodiscoverDomain The AutoDiscover domain property is not set to a valid FQDN.
10 UnknownError An unknown error condition has occurred. Run the Check script and confirm that a valid, trusted instance of SharePoint is available, review prerequisites, confirm AutoDiscover has been set-up properly with the Exchange Administrator.
101 OAuthNotSupportedOverHttp If this error is thrown, your web application’s default zone is not set to SSL, and AllowOauthoverHttp is also set to false. Run the Check script to ensure that any web application you intend to host site mailboxes are set with SSL in the default zone, as outlined in the prerequisites.
102 AssociatedOwnersGroupNull One or both of the default Owners and Members groups for the site have been deleted. Each of these two default groups are required to exist on any site where users install site mailboxes. A site administrator should be able to direct a site owner to recreated these required groups.
103 ExchangeTeamMailboxDomainNotSet The ExchangeTeamMailboxDomain property has not been set.
104 ExchangeAppPrincipalNotFound No Exchange app principals were found to be trusted. Typically, this means the New-SPTrustedSecureTokenService step was missed. Run the Check script and ensure that the app principal URL(s) outputted are the correct one(s).
105 ExchangeAppPrincipalMissingPermissions The Exchange app principal being connected to doesn’t have the right permissions on the SharePoint farm. Run the Check script and ensure that the Exchange app principal has the required permissions on the farm.

From <>

In my case, I had an Error 104 – ExchangeAppPrincipalNotFound.

No Exchange app principals were found to be trusted. Typically, this means the New-SPTrustedSecureTokenService step was missed. Run the Check script and ensure that the app principal URL(s) outputted are the correct one(s).

I rechecked my OAuth trust settings with Exchange 2013 and I had an issue with the Enterprise partner configuration.


If you don’t have access to your organisations password safe or if you or your team mate has forgotten to add a password to a certain service account used in SharePoint, it is possible to retrieve the password from IIS!

There is a way to find out the application pool identity password via command line thanks to the inetsrv appcmd! 🙂

Open IIS and take note of the application pool name that runs the application pool identity with the password you want to retrieve.
In my example, I have demonstrated the extract of the “SecurityTokenServiceApplicationPool“, which runs the SharePoint farm service account as its identity. So, if you are after another application pool, please replace this with the corresponding Application Pool name in your IIS.

Keep in mind – this works for any IIS application pool – SharePoint web app, SharePoint service applications or non SharePoint IIS / .NET sites application pools!

Open a command prompt and run this:

&$env:windir\system32\inetsrv\appcmd.exe list apppool "SecurityTokenServiceApplicationPool" /text:ProcessModel.Password


It may be necessary to clear the SharePoint cache, depending on the circumstance and symptoms such as unexpected results with timer jobs may occur.

Clearing the SharePoint cache can be summaried by the following 4 steps:

1. Stop the Timer service on all servers in the farm

2. Backup the Cache.ini file on all servers in the farm

3. Delete XML files on all servers in the farm

4. Start the Timer service on all servers in the farm

When troubleshooting SharePoint issues, the best way to filter out all the noise from your log files and sort it for easier troubleshooting is to use the ULS Log viewer tool.

Refer to my blog post on the ULS Log viewer comparison and verdict to get a feel for the other options and see how I got to my conclusion there.

However, this ULS Log viewer tool does not display logs from other servers in the SharePoint farm, unless obviously its a single server farm.

The way to help you with a multiserver farm is to run the Merge-SPLogFile command in the SharePoint management shell. This command “merges” all logs from other servers in the farm and combines them into one ULS log file on the local server. That file can then be opened in your favourite ULS log viewer for troubleshooting.

Note: this works in both SharePoint 2013 and SharePoint 2010.

So how do we use it?

Here is an example of how I use it to grab all logs between say 10AM and 10:30AM on the 23rd July 2013:

Merge-SPLogFile -Path "D:\Temp\MergedLog-20130723-1000-1030.log" -StartTime "23/07/2013 10:00:00" -EndTime "23/07/2013 10:30:00"

If I know the correlation ID, then I would recommend you run the following command after updating it to your correlation ID:

Merge-SPLogFile -Path D:\Temp\MergedLog-419ac99c-81b2-0077-378d-3c23767d2955.log -Correlation 419ac99c-81b2-0077-378d-3c23767d2955



Merge-SPLogFile looks across all the servers in the farm, aggregates the logs with the correlation ID and creates the aggregated .log file.
The merged log file containing only the  information you specified and require. In this case, a certain correlation ID.
The merged log file containing only the information you specified and require. In this case, a certain correlation ID.


Open the log file up in ULSViewer!
Open the log file up in ULSViewer!


There are a lot more examples of what you can do with Merge-SPLogFile you can get by typing this in the SharePoint management shell:

Get-help Merge-SPLogFile -examples 

There has been some confusion on which SharePoint ULS log viewer to use when troubleshooting SharePoint issues. In May 2010, I blogged about the SharePoint 2010 ULS Log viewer published by Microsoft (

SharePoint 2013 Alert: In August 2014, I blogged about a re-released ULS Viewer for SharePoint 2013 enhanced by Microsoft.

Read more about it here:

In this post, I have discussed all the ULS log viewer tools here with screenshots and my final verdict..

When troubleshooting SharePoint 2010 issues, you often find the need to have a tool that can give you performance, availability and usage metrics over a period of time across the farm.

One such tool is Microsoft’s SharePoint Diagnostic Studio 2010 that comes free as part of the SharePoint 2010 Administration Toolkit v2.0.
Download here:

For the updated ULS Viewer go to:

When using SharePoint 2010 or SharePoint 2013, you will notice much said about the “ULS logging”.  Here is a tool that greatly helps when troubleshooting ULS log files. Its from Microsoft but its unsupported now as they have stopped further development / improvements on it.


ULSViewer allows users to open a ULS log file and display its contents in a user friendly format. Users can then perform advanced functions such as filtering, sorting, highlighting, loading logs, appending logs, etc in order to single out the data that is important to the user. This information can be used to diagnose problems with machines running ULS services, or to monitor machines and the events they create in realtime.