Thomas Odell Balkeståhl

Hi all.
This is me. I’m Thomas Odell Balkeståhl and this is my blog. In the ‘first version’ of this blog (2011 – 2017), I have written around 125 posts and guides about SharePoint, Office 365, Windows Server and a few other topics. Today these have generated over 3.5 Million views…wow! Thanks for the interest. The last post however in the first version happened in early 2017.
Since then I have completely changed focus in my work life, from collaboration to all in Azure. I’m now a Microsoft certified Azure Solutions Architect Expert. This is the area that I will post about from now (Jan/2020) on.
Azure Architecture – IaaS/PaaS – Cost management – Governance – Security – Basically, everything and nothing…

Use any information you find on this blog at your own discretion, but please remember where you found it!

I am a humble IT servant that has been in the business full time since 95, more precisely since only a few weeks after the release of the revolutionizing new operating system Windows 95. Many product releases, certifications, employers, job roles and years later, I am now completely in love with SharePoint. It was not love at first site, I doubt that it is for anyone…but once you get to know this individual, you learn that you can never get enough, or rather…you will never learn enough. For some it is the other way around though, pure hate. My faithful commitment to SharePoint started in 2007 when I worked at Microsoft Support trying desperately to help everyone.

One pretty interesting anecdote that I can share with everyone is this, my very first real meeting with SharePoint was co-hosting a SharePoint Portal Server 2001 presentation as a technical account manager for Microsoft, we were presenting for HP and a bunch of customers they had invited. It was a tough crowd and nobody really got what this new ‘SharePoint’ product would be good for, it certainly wasn’t any good for document management, that was the general feeling …me and my presale engineer left and when we got back to the Microsoft office, we learned that something terrible had happened. The day of my first real encounter with SharePoint was on September 11th 2001. 9-11

And yes, I really hate listing this stuff, but it seems like a general rule to list the acronyms, so here we go, just for fun, this is what I have on paper YTD:
MCSA | MCITP | MCTS | MCSA | MCSD | MCDBA | MCSE (x4) | MCP | Microsoft certified Azure Fundamentals | Microsoft certified Azure Solutions Architect Expert

Between April 1 2013 and March 31 2014, I was awarded the MVP (Most Valuable Professional) title from Microsoft on SharePoint Server.


Stay tuned!

Best regards

 Twitter | Technet Profile | LinkedIn


13 thoughts on “About BLKSTHL

  1. Hey there.
    I am looking into usinf User Profile Services in Sharepoint and I found your post on
    In order for them to grant my connection user synchronization rights I must find a trusted source to say I will not write back with that user, just pull my info.
    Where can I find an official source to say -‘(Contrary to what most people think, this permission is a read only permission, it allows the UPS to read a replication attribute so that it knows what is new and what is replicated allready.)’
    Please help.
    I’m a newbie and will look good if I find this.

    Thanks a lot!

    1. Hi Luiza.
      Sorry for the late reply, I hope that you have already found th einfo you need, but if not here it is:
      In the Technet article on how to grant the replicate changes permission:
      Grant Active Directory Domain Services permissions for profile synchronization (SharePoint Server 2010)
      which is what is needed, click on the section that is normally used:
      Grant Replicate Directory Changes permission on a domain
      Here you will see in the second sentence what the change really does:
      The Replicate Directory Changes permission enables the synchronization account to read AD DS objects and to discover AD DS objects that have been changed in the domain. The Grant Replicate Directory Changes permission does not enable an account to create, modify or delete AD DS objects.
      That should be evidence enough for the relative harmlessness of the change.

      It is really needed because the UPS needs to see what objects have been changed since the last replivcation. It only reads this info, UPS knows when the last replication was and it knows what time it is now, with this intel it can filter out only the objects(users) that have been changed since last, this so that you don’t have to read the entire selected containers from AD, only news.

      I hope that helps.

  2. Hi Thomas

    Your site is great. I would love to see a tutorial on how to set up Visual Studio to develop Office 365 sites…configuring VS and getting all the prerequisites set up. I’d be willing to work with you if you like as I am currently figuring out how to do all of this.

  3. Hi Thomas. Your blog is great, and a great resource for all of us SP devs. I have a question for you today. I am running Office 365 and have applied CSS to change the top navigation in all Team sites and MySite collections. However I am unable to change the top navigation for Outlook, Calendar and People. Do you have a solution for this?

  4. Hi Thomas,

    i watched your guide with the AAM. It was helpful though i still stuck with “my” Server.
    I had to set up a Sharepoint Foundation Server 2010 all of a sudden and iam stuck, I cant acces it through internet.
    Aswell i have trouble to connect it with a other Domain in the Trusted Zone.

    Is there a change to get your Help directly ?



    1. Hi Benjamin.
      Unfortunately, I prefer to keep my advise here in written form 🙂
      Regarding the internet access, try to access the same site using the external URL (use host file if you have to)
      When you can access it using the planned external URL, then start t-shooting why the internet access fails.

      Could that be a start?
      // Thomas

      1. Hey there,

        thanks for the advice, i will try that now.

        For further explainations. The problem is i never knew where to start. My boss just figured something out on the firewall and i dont even know what. (TMG Forefront 2010).

        So basically we can acess our exchange over (https://owa.domainname.de/exchange) and he said we should be able to access the sharepoint over (https://owa.domainname.de/sharepoint).

        I do get two Loginmask’s, One for the TMG, and actually one for the Sharepoint – after i tryed everything possible with all the Administrator rights in the world i just get a 404 Page not found.

        Sorry for the long text, thanks in advance 🙂

      2. Hi.
        First you will need to add that URL as a public url in AAM.
        Every url used to access SP needs to have a AAM entry, else only the first connection finds its way, not the second.

  5. Hej! Jag försökte nå dig via twitter tidigare idag då jag har lite frågor gällande sharepoint som jag hoppades att du skulle kunna svara på. Jag håller på med ett intranät till en arkitektkoncern och min tanke är att det skall finnas en gemensam hemsida med länkar till olika sidor som de olika kontoren då själva kan klicka runt på. På första sidan hade jag tänkt mig 2st rss feeds ifrån bloggar, en ”vds ord” och en ”nyhetsblogg” som alla kan tillföra till. Problemet är, som jag har förstått det, att när man ska hämta infon via rss läsaren krockar det med säkerheten eftersom att den vill ha en ”säkerhetsautentiering” åt båda håll. Min tanke är då att installera Kerberos. Min fråga här är om du tror att det kan tänkas finnas en annan lösning på problemet då jag inte är någon expert på området och att få kerberos att fungera som det ska tycks vara rätt svårt. Jag undrar även om själva kerberos installationen är värd mödan om det endast var i säkerhetsavseende. Svar uppskattas hjärtligt!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s