How to patch SharePoint Distributed Cache the proper way

SharePoint 2013 runs a service called the SharePoint Distributed Cache. The underlying application is Microsoft App Fabric. You may be running an old version of App Fabric and it needs your attention now!

An unpatched Distributed Cache may be the cause of a lot of your SharePoint farms performance issues.

The problem: A lot of blogs have misleading and wrong information on how to properly patch the SharePoint Distributed Cache. Following them will only cause you more issues down the track. Out of frustration, I have documented the steps on how to patch the SharePoint Distributed Cache the proper “manual” way with manual checks. If you follow these steps, you will have zero down time and hopefully a better performing SharePoint 2013 farm if you were on a very early App Fabric CU.

Which AppFabric / Distributed Cache CU do I install?
My advice is to generally update AppFabric with the latest providing it fixes issues that you are currently facing. Also, ensure that there are no obvious regressions with it by doing some research on the Internet. To determine the latest App Fabric Cumulative Update, http://www.jeremytaylor.net/tag/cumulative-updates+appfabric

 

Here are the steps on how to patch the SharePoint Distributed Cache:

1. Take stock of your Distributed Cache servers

Get-SPServiceInstance | ? {($_.service.tostring()) -eq "SPDistributedCacheService Name=AppFabricCachingService"} | select Server, Status

 

2. Ensure that Microsoft .NET Framework 4.5 is installed

Regedit: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full

Ensure the version contains “4.5.xxx”. E.g. 4.5.51209

 

3. Remove server from the load balancer if applicable.

4. Shutdown the service instance on one machine

Add-pssnapin Microsoft.SharePoint.PowerShell
Stop-SPDistributedCacheServiceInstance –Graceful
Remove-SPDistributedCacheServiceInstance

(wait for a few minutes after running this cmd)

5. Run this to check what SharePoint thinks the list of Distributed Cache servers are:

Get-SPServiceInstance | ? {($_.service.tostring()) -eq "SPDistributedCacheService Name=AppFabricCachingService"} | select Server, Status

Reference: http://blogs.msdn.com/b/sambetts/archive/2014/03/19/sharepoint-2013-distributed-cache-appfabric-troubleshooting.aspx

 

6. Patch AppFabric 1.1

Manually run the Cumulative update file. E.g. AppFabric-KB3042099-x64-ENU.exe

It should generate a log file here for troubleshooting purposes if required:

C:\ProgramData\Microsoft\E-Business Servers Updates\Updates\Uninstall<number>\Setup.log

 

7. Check version number

Running the below command should display the desired version level.

(Get-ItemProperty “C:\Program Files\AppFabric 1.1 for Windows Server\PowershellModules\DistributedCacheConfiguration\Microsoft.ApplicationServer.Caching.Configuration.dll” -Name VersionInfo).VersionInfo.ProductVersion

 

8. Apply the Background Garbage collection fix

Skip this step only if the Background Garbage collection fix has been already configured on all SharePoint Distributed cache servers.

To enable the fix, go to the following folder:

%ProgramFiles%\AppFabric 1.1 for Windows Server\

Open notepad and edit DistributedCacheService.exe.config

Paste in the following between the  </configSections> and    <dataCacheConfig> settings in the file:

<appSettings>
<add key=”backgroundGC” value=”true”/>
</appSettings>

Example:

</configSections>

<appSettings>

<add key=”backgroundGC” value=”true”/>

</appSettings>

<dataCacheConfig>

DistributedCacheServiceGarbageCollection

Don’t try it any other way as you will have issues starting the Distributed Cache service.

 

9. Post-patch operations

1. Some additional checks:

  • The Distributed Cache service was stopped earlier

No need to restart AppFabric Caching Service in Windows Services as it should be in the disabled state – since we removed this CacheHost from the Cache Cluster.

 

2. Reset IIS by running: iisreset /noforce

3. Start the service instance

Run:

Add-pssnapin Microsoft.SharePoint.PowerShell
Add-SPDistributedCacheServiceInstance
  1. Verify if the SharePoint Distributed Cache Service has been started on the server:
Get-SPServiceInstance | ? {($_.service.tostring()) -eq "SPDistributedCacheService Name=AppFabricCachingService"} | select Server, Status
  1. Ensure that the Cache host is up and running:
Use-CacheCluster
Get-CacheHost

AppFabricServiceStatus

10. Add back the server in the load balancer

11. Restart from 1 on the next machine

12. Don’t forget the rest of your SharePoint farm has AppFabric installed by default (even though not running). AppFabric on those servers need to be updated too without stopping or starting any services.
For this, run steps 6, 7 & 8 above.

 


Cumulative Update – Fixes June 2015 SharePoint 2013 (201506-SP2013)

Its hard to keep track of what bugs were fixed a cumulative update. I intend to share my reading and document the fixes that come out every month across SharePoint products. Some call it regurgitating what’s already out there… but good luck finding it in Google search! Some updates aren’t cumulative – like Project Server 2013 June 2013 for one issue (see below). Hope this blog posts help someone some day!

Disclaimer: Cumulative Updates are to be applied specifically when you have an issue fixed by it, I recommend you keep a close eye on the security fixes that come with Cumulative Updates and then decide accordingly. Don’t rush to apply a Cumulative Update just for the sake of it. Many Cumulative Updates have had serious issues in the past and there’s no easy rollback! http://www.jeremytaylor.net/2014/04/12/latest-cumulative-updates-service-packs-hotfixes-sharepoint-sql/

 

Name: June 2015 Cumulative Update for SharePoint 2013

Build: ​​​15.0.4727.1001

For previous build numbers: http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=346

 

SharePoint Foundation 2013 fixes

When you switch views by using the view selector for a document library that has the metadata navigation settings and the per-location view settings enabled, you are directed back to the root of the document library.

  • When you use a REST call to fetch items with an expanded lookup field on a list that has many items with uniquely-defined permissions, you receive the following error message:
    System.ArgumentException: Value does not fall within the expected range.
  • If hundreds of resources are added to the project team, you cannot scroll to see the all the resources in the right-side grid of the build team page.

Source https://support.microsoft.com/en-us/kb/3054867

 

  • This update translates some terms in multiple languages to make sure that the meaning of time zone settings is accurate in SharePoint Server 2013.

Source https://support.microsoft.com/en-us/kb/3054871

 

SharePoint Server 2013 fixes (includes the above fixes)

  • Fixes the translation of the “Feel free to mention me in a post” link on My Site in a SharePoint Server 2013 installation that has the Polish language pack installed.
  • Translates some terms on SharePoint Server 2013 sites in multiple languages to make sure that the meaning is accurate.
  • Updates the English proofing tools.
  • Fixes the following issues:
    • Assume that you have a SharePoint search service application (SSA) that consumes a managed metadata service (MMS) from a remote farm through an MMS proxy. If you set this as the default MMS proxy and create a query rule that uses terms from the remote MMS, the query rule is not triggered because of a failure of the Query Classification Dictionary Update timer job when those terms are imported.
    • When you update one of the metadata columns of a document set by using a client-side object model (CSOM), default values for the taxonomy fields are lost.
  • The date and time on the Welcome page of a document set differ from the date and time in the View Properties dialog box of a document set when region settings on the site differ from those in the user profile.
  • Assume that you have SharePoint search configured to crawl both internal and external sites. When you configure the proxy settings on the Search Administration page, pages that have friendly URLs do not appear in search results after a full or incremental crawl is completed.
  • When you configure the query text in the query builder to contain a query string parameter, the results appear only for the first few pages on the Search Results Web Part.
  • When you upload certain PFD files to a SharePoint Server 2013 document library, CPU usage spikes to 100%.

Source https://support.microsoft.com/en-us/kb/3054859

 

This update improves the performance of InfoPath forms solutions in certain cases for SharePoint Server 2013.

 Source https://support.microsoft.com/en-us/kb/3054789

 

  • When you apply a filter that contains many parameters to a SQL Server Reporting Services 2008 (SSRS) report, the report is displayed much smaller than expected.
  • When you create a dashboard to hold a scorecard that has custom formatting in SharePoint Server 2013, the custom formatting is not applied to the scorecard. The scorecard uses the default formatting.
  • When you use the Export to Excel function for an analytical grid on a business intelligence center site, you receive an “Access Denied” error message.

Source https://support.microsoft.com/en-us/kb/3054860

 

  • This update improves the English proofing tools.

Source https://support.microsoft.com/en-us/kb/3054857

 

 

Security Updates in June 2015 for SharePoint Server 2013:

None

Project Server 2013 fixes (does NOT includes all the above fixes – see last point)

  • You add a nonstandard line for a task in your timesheet, add actual work to it, and then save the timesheet. In this situation, the actual work for the same day is replicated onto the standard line. Therefore, the total actual work is doubled.
  • In Project Web App, when you create a project from a template in which a budget resource is assigned to the project summary task, the project cannot be published. Additionally, you receive an error message that resembles the following:
    Your new <project_name> has been created successfully, but failed to publish and will not be listed in the Project Center.
  • Tasks and approvals are not displayed on the home page in Project Web App when the Polish language pack is applied.
  • After you use the Turn in Final Timesheet function to send a timesheet in Project Web App, the timesheet can still be edited and saved.
  • From a project detail page in Project Web App, you save a project that contains cost resource assignments. In this situation, the costs on the assignments may change unexpectedly. For example, a cost of $1.16 changes to $1.00.
  • In Project Professional, assume that a summary task is edited in such a way that its subtasks are hidden, and the plan is later published to Project Server. However, when you edit the project in the Schedule Web Part in Project Web App, the previously hidden subtasks cannot be displayed and edited.
  • When you import external data from an OData data feed to a workbook in Microsoft Excel 2013, you receive the following error message:
    The content of the data fee is not valid for an Atom feed.
    This issue occurs if the data feed has a custom field that has a lookup table and a graphical indicator.
  • When you apply a grouping to a view, and the view contains an enterprise custom field that has a formula, the values from the custom field do not roll up into the grouping row.
  • When you create a project that’s based on a template in Project Web App, you do not become the owner of the project. This means that you cannot see it in the project center. Additionally, the user who created the template is set as the owner of the project.
  • After you rename a custom field that’s used in a timesheet, the changed field name is not displayed correctly in the dbo.MSP_TimesheetLine_UserViewCF table, and it may be associated with another field.
  • When you set a SharePoint list indicator on a timeline Web Part on a SharePoint Server 2013 site, a duplicate timeline Web Part is displayed when you refresh.
  • In single entry mode, after you submit a timesheet, the timesheet manager can adjust the time that you submitted. However, these changes are not reflected in the tasks in the project. This means that the work that was recognized in the timesheet in out of sync with the project.
  • In Project Web App, when you create a project that’s based on a template, the tasks do not have the TaskOutlineNumber field value that’s set in the template. This is reflected when you view the data in locations such as the dbo.MSP_EpmTask database table.
  • When you update a plan by submitting updates through a timesheet or tasks in Project Web App, auto approval rules may not apply the update. Instead, the approval appears on the status manager’s approvals page.
  • The Configure Columns settings (for example, column width, or order) on a timesheet are reset unexpectedly to the default every time that the timesheet is refreshed.
  • When you publish a project that has a task marked as a milestone in Project 2013 to a Project server, the task is not displayed as a milestone in the timeline view in Project Web App.

Source https://support.microsoft.com/en-us/kb/3054869

 

Office Web Apps Server 2013 (excludes the above fixes)

The Decrease List Level and Increase List Level functions are unavailable in PowerPoint Web App in the Chrome web browser.

Source https://support.microsoft.com/en-us/kb/3054863

 

 Security Updates in June 2015 for SharePoint Server 2013:

None


Cumulative Update 6 for AppFabric 1.1 KB3042099 – CU6

Once again, an AppFabric 1.1 Cumulative Update has been released without a notification from the AppFabric / Windows Azure / Distributed Services Support Team.

Cumulative Update 6 for AppFabric 1.1:

Contains bug fixes for both the caching and hosting services provided in AppFabric 1.1.

 

Cumulative Update 6 File publish date:

21st April 2015

KB3042099 publish date:

1st May 2015

 

Issues that are fixed:

Issue 1: Caching issue

Under certain rare conditions, a cache item could end up in an inconsistent state. Therefore, the AppFabric Cache service may crash because of an unhandled exception. Examples of such an exception include the following.

Exception 1

System.NullReferenceException at Microsoft.ApplicationServer.Caching.MultiDirectoryHashtable.PreProcess(), with the error message “Object reference not set to an instance of an object.”

Exception 2

Microsoft.Fabric.Common.ReleaseAssertException at Microsoft.Fabric.Common.ReleaseAssert.Fail(), with the error message “Operation of type COMMIT_DELETE is not expected to fail during postoperation – System.NullReferenceException: Object reference not set to an instance of an object.”

 

 

Since I haven’t come across this issue, I wasn’t sure if these ‘rare conditions’ would apply to our Distributed Cache service in SharePoint 2013. Here are some questions that I hope I could answer:

 

Question: Have other users experienced this?

Answer: According to this post, this was a known issue way back in May 2011 and a Microsoft rep answered that it ‘will be fixed in coming release of appfabric caching’ – May 25, 2011.

https://social.msdn.microsoft.com/Forums/en-US/1e5b050f-d365-495d-bbd2-011313f4a250/appfabric-service-crashing-frequently?forum=velocity

 

Question: Does this apply to SharePoint 2013 Distributed Cache?

Answer: Yes it does! Because SharePoint Updates do not update the AppFabric software running on the SharePoint 2013 server. After AppFabric and SharePoint are installed on the server, AppFabric will continue to be updated independently from SharePoint. Reference: https://support.microsoft.com/en-au/kb/2843251

 

AppFabric can be installed on the following operating systems:

  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2
  • Windows Server 2008 Service Pack 2

AppFabric can be installed for development and testing on the following operating systems:

  • Windows 8
  • Windows 7
  • Windows Vista Service Pack 2

Supported Architectures:

  • 32-bit (x86)
  • 64-bit (x64)

Software Requirements:

  • To apply this Cumulative Update package, AppFabric 1.1 for Windows Server must already be installed on the computer.
  • Additionally, you must have the Microsoft .NET Framework 4.5 installed.

 

ATTENTION AppFabric support:

On 2nd April 2015, Microsoft announced end of support for Microsoft AppFabric 1.1 starting 2nd April 2016. However, we learned that SharePoint Server 2016 will utilise AppFabric, so what will happen to AppFabric support? At the Ignite Conference, Bill Baer announced that Microsoft will support technologies such as SharePoint 2016 that have a dependency on AppFabric.

 

 AppFabric 1.1 cache dll versions Microsoft has released:

RTM: 1.0.4632 (29-Nov-2011)

CU1: 1.0.4639 (20-Feb-2012) – KB2671763

CU2: 1.0.4644 (29-May-12) – KB2716015

CU3: 1.0.4652.2 (27-Nov-2012) – KB2787717

CU4: 1.0.4653.2 (28-Mar-2013) – KB2800726

CU5: 1.0.4655.2 (03-Mar-2014) – KB2932678

CU6: 1.0.4656.2 (27-Feb-2015) – KB3042099

 

To check AppFabric version on your server, run this in PowerShell:

(Get-ItemProperty “C:\Program Files\AppFabric 1.1 for Windows Server\PowershellModules\DistributedCacheConfiguration\Microsoft.ApplicationServer.Caching.Configuration.dll” -Name VersionInfo).VersionInfo.ProductVersion

 

How to patch the Distributed Cache in SharePoint 2013

Don’t forget to gracefully stop the SharePoint Distributed Cache Service Instance before applying the Cumulative Update.

http://www.wictorwilen.se/how-to-patch-the-distributed-cache-in-sharepoint-2013

 

To read more about this Cumulative Update 6, visit:

https://support.microsoft.com/en-us/kb/3042099

 

 To search for other Cumulative Updates for AppFabric, visit:

https://support.microsoft.com/en-us/search?query=Cumulative%20Update%20Microsoft%20AppFabric%201.1&p=

 

 

 

I highly recommend you to visit & bookmark my page on SharePoint, SQL Update Centers:

http://www.jeremytaylor.net/2014/04/12/latest-cumulative-updates-service-packs-hotfixes-sharepoint-sql/

 

 

 


Cumulative Update – Fixes May 2015 SharePoint 2013 (201505-SP2013)

Name: May 2015 Cumulative Update for SharePoint 2013

Build: ​​15.0.4719.1002

Its so hard to keep track of what bugs were fixed a cumulative update. I intend to share my reading and document the fixes that come out every month across SharePoint products. Who knows it may help someone some day!

Disclaimer: Cumulative Updates are to be applied specifically when you have an issue fixed by it, I recommend you keep a close eye on the security fixes that come with Cumulative Updates and then decide accordingly. Don’t rush to apply a Cumulative Update just for the sake of it. Many Cumulative Updates have had serious issues in the past and there’s no easy rollback! http://www.jeremytaylor.net/2014/04/12/latest-cumulative-updates-service-packs-hotfixes-sharepoint-sql/

For previous build numbers: http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=346

 

SharePoint Foundation 2013 fixes

Improves the translations of some terms in multiple languages on SharePoint Server 2013 sites to make sure that the translations are accurate.

  • Improves the translation of the term “selected refinements” in Dutch in Web Part settings to make sure that the translation is accurate.
  • Fixes the following issues:
    • When you crawl external content on Internet web sites, it is impossible to pass the username and password for proxy authentication.
  • When you search content on a SharePoint Server 2013 site of which the URL path contains characters that use language-specific casing rules, no result is returned even though there are matching items on the site.
  • If the service account that is used for search is configured to use a different culture than US English, the modified date of items may be indexed incorrectly.
    Note If you experience this issue, a full crawl after you apply the update will index the dates correctly.

 

  • Alert email message always displays strikethrough for rich text fields even though the fields are not changed.
  • When you create a page for a page library in SharePoint Server 2013, you are not redirected back to the page library and you are unaware that the page is created.
  • No result is returned when you search content that contains the Italian prefix “un'” indefinite article in a SharePoint Server 2013 site in which the language is set to Italian. For example, no search result is returned when you search for “un’alternativa” by using “alternativa”.
  • When you create a server name mapping from a file share to an http address and then crawl content, some items in the file share cannot be indexed nor returned in search results.

 

Source: https://support.microsoft.com/en-au/kb/3039703

 

  • Translates some terms for Portuguese and Hungarians to make sure the accuracy of the meaning.

Source: https://support.microsoft.com/en-au/kb/3054824

 

 

SharePoint Server 2013 fixes (includes the above fixes)

  • Fixes the following issue:
    • When you try to view a PerformancePoint scorecard that is created on a SharePoint Server 2013 site in which the regional setting is Switzerland, you receive a JavaScript error.

Source: https://support.microsoft.com/en-au/kb/3039710

 

  • Updates Yoruba proofing tools.

Source: https://support.microsoft.com/en-au/kb/3023053

 

 

Security Updates in May 2015 for SharePoint Server 2013:

Microsoft Security Bulletin: MS15-046

  • Vulnerabilities in Microsoft Office Could Allow Remote Code Execution – Memory Corruption Vulnerability CVE-2015-1682

Microsoft SharePoint Server 2013 Service Pack 1 – Remote Code Execution (3039736)

Vulnerability information:

Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.

Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message.

An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

 

Source: https://technet.microsoft.com/library/security/ms15-046

 

Microsoft Security Bulletin: MS15-047

 

  • Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution –

Microsoft SharePoint Page Content Vulnerabilities – CVE-2015-1700

Microsoft SharePoint Foundation 2013 Service Pack 1 (3054792)

Vulnerability information:

Remote code execution vulnerabilities exist when SharePoint Server improperly sanitizes specially crafted page content. An authenticated attacker could attempt to exploit these vulnerabilities by sending specially crafted page content to a SharePoint server. The attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site. Systems that are running an affected version of SharePoint Server are primarily at risk.

 

Source: https://technet.microsoft.com/library/security/MS15-047

Project Server 2013 fixes (includes the above fixes)

 Fixes the following issue:

  • When you view a Gantt view of a task list in SharePoint, you cannot filter items if grouping is applied to the list.
  • You receive the following error message in Status Updates history:
    There was an internal error applying the update.
    This issue occurs if the decimal separator is a comma in Windows Regional settings, and an enterprise custom field that is displayed as a graphical indicator contains a decimal value.
  • If a Project Web App team member inputs actual work that is earlier than the task and project start date, when the updates are applied to the project, time-phased actual work may display an incorrect value.
  • When you go to a project detail page and then go back to another project detail page in Project Web App, the values in project-level custom fields may disappear. This issue occurs after you edit and save projects through different project detail pages.
  • When you use your keyboard and then press ENTER on the SHOW MORE link during editing or adding a task in SharePoint Server 2013, the focus is reset to the first field of the form instead of the first field of the added list of fields.
  • When you apply status updates to a project, you may receive the following message in the status field in the status updates history:
    There was an internal error applying the update.
    This issue occurs because the Project Calculation Service failed. When you view the Unified Logging Service (ULS) logs, you see an error message that resembles the following:
    Microsoft.Office.Project.Server (0x06A4) 0x3598 Project Server Project Calculation Service (M) adf34 Unexpected Failed to create a new desktop
  • When you publish a project to a project server that has the Project Site Sync permissions synchronization options enabled, the publish job takes a long time.
  • When you publish a project that contains thousands of tasks, it may take longer than expected. In addition, the Project Publish queue job stays at 78% for an extended time. This issue may occur when the corresponding SharePoint tasks list exists and it is synchronized.
  • Assume that you change a view of a Project Server 2013-based task list to display the item count for a column. When you filter the items in the column, the item count does not update correctly.
  • When you clear the User can be assigned as a resource check box on the Edit User page in Project Server 2013, publish errors or a loss of resource in projects may occur.

Source: https://support.microsoft.com/en-au/kb/3054804

 

 

 

Office Web Apps Server 2013 (excludes the above fixes)

  • This update contains fixes for the following nonsecurity issues:
    • When you open and save a workbook that contains Time Grouping data in the Excel Data Model in Excel Web App, the data is lost.
    • Updates the color scheme in PowerPoint Web App. It matches the color scheme when you present a PowerPoint presentation in Skype for Business.

Source: https://support.microsoft.com/en-au/kb/3039748

 

 

Security Updates in May 2015 for SharePoint Server 2013:

Microsoft Security Bulletin: MS15-046

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution – Memory Corruption Vulnerability CVE-2015-1682

Microsoft Office Web Apps Server 2013 Service Pack 1 – Remote Code Execution (3039748)

Vulnerability information:

Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory.

Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message.

An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.