PowerShell How to: Get Audience membership for a User in a Web

If you want to get Audience membership for a particular user then you can use GetUserAudienceIDs method. In this method you can pass the UserName of the user.

I have wrote a sample PowerShell script to achieve this.

$site = GetSPSite “http://SharePoint-2013”

$web = $site.Openweb()

$context = [Microsoft.Office.Server.ServerContext]::GetContext($site)

$audMgr= newobject Microsoft.Office.Server.Audience.AudienceManager($context)

[System.Collections.ArrayList]$audIDNames = audMgr.GetUserAudienceIDs(“Contoso\\Garthf”, $true, $web);

$audNameID = newobject Microsoft.Office.Server.Audience.AudienceNameID()

for ($i=0;$i lt $audIDNames.Count; $i++)

{ WriteHost $audIDNames[$i].AudienceName }

SharePoint and Permissions for Style Resource Readers Group

​This one is interesting as someone asked me this question as to what permission does the Style Resource Readers group need access to?

Here is what you need to know about style resource readers group.

When you create a new site collection SharePoint assigns the required permission to Style Resource Readers group. By default it will read Limited Access. You do not need to modify anything with Style Resource Reader group unless you are planning on adding users to that group. Personally I will advise against it.

Limited Access in SharePoint means that there are permission assigned to a user or group on one or more site artifacts i.e. list, folder, item but no permission is assigned to access site.

So Style Resource Readers group out of the box has the Read permission to master page gallery. If you read the description it reads.

“Members of this group are given read permission to the master page gallery and the Restricted read permission to the Style Library. By default, all authenticated users are a member of this group.”

So don’t worry about this group and leave it as is given SharePoint already assigned required permission at the master page gallery and style library level for this group.

Word web app cannot open the document due to an unknown error

​Recently I ran into an interesting error. This is related to SharePoint 2010 and Office Web Apps 2010. When opening any Word or PowerPoint documents SharePoint 2010 started throwing the following error.

“Word web app cannot open the document due to an unknown error. If the Problem persist try opening the file in Microsoft Word. ”

After searching around there were couple of articles which provided some help but I was not able to fix the issue.



Since none of the above article helped I started looking into ULS logs and found few errors in there related to Office Web Apps.

w3wp.exe (0x0D6C) 0x0DD4 Office Web Apps Office Viewing Architecture b5es Monitorable Cannot create process for “C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\PowerPoint\bin\Converter\AppServerHost.exe” /id 6c1f5a42-46c1-44b2-b919-100270bc58ad /convertingService net.pipe:// /assembly Microsoft.Office.Server.Powerpoint.Core.WebConversion.dll /type PowerPointServer.PowerPointServer /IsBatchedTracing True /LogQuota 10000 – err = 1314 
w3wp.exe (0x0D6C) 0x0DD4 Office Web Apps                Office Viewing Architecture    b10r Monitorable Failed to create the sandboxed process  


This led me to the following Microsoft Knowledge Base article.


I followed the instructions mentioned in the above article and it worked like a charm.

Resolution: Basically you will need Office Web Apps service account to have Replace a process level token on the local policy.

Just to save time for others I am going to post the steps here.

  • On the Windows 2008 server, select Start | Programs | Administrative Tools | Local Security Policy
  • Expand Local Policies | User Rights Assignment
  • In User Rights Assignment | Click on the Replace a process level token policy. Click on Add user or group. Type in the service account, resolve the name. Click OK. Click OK. Click apply. Click OK. (Below is a screenshot of the policy)
  • After the permission is set then launch a command prompt and type the following: gpupdate /force

Note: I need to reboot the server for this to work as after running gpupdate /force it did not work for me.