Kevin Remde's IT Pro Weblog
IT Pro Resources
TechNet EventsMicrosoft Security Response CenterMicrosoft Virtual AcademyKevin’s Evaluation Download Center
IT Pro Evangelist Blogs
Blain Barton Blain Barton's Blog@BlainBar
Brian LewisMy Thoughts on IT...@BrianLewis_
Dan Stolts IT Pro Guru Blog@ITProGuru
Jennelle Crothers TechBunny@jkc137
Kevin RemdeFull of I.T.@KevinRemde
Tommy PattersonVirtually Cloud 9@Tommy_Patterson
Yung Chou Yung Chou on Hybrid Cloud@YungChou
Below are the best of the questions and answers that occurred during our TechNet Webcast entitled, "SharePoint Server 2007 (Part 2 of 6): Securing Data in Windows SharePoint Server 2007"
Keith Combs (pictured on left ** ) was kind enough to help out with the questions and answers during the webcast. Much of what you see below is either specifically his answer, or based on the answer he gave during the session. I've expanded upon them, and added answers to questions we didn't get to answer or were answered verbally on the webcast. But basically this was possible as a result of his effort, and I wanted to give him credit here. Thanks, Keith!
Questions and Answers
“Can you provide me with a link to get hardware specific server requirements, ie processor, RAM, etc.”
“I attended part 1 on 1/18 and was wonderng the url to the first part for downloading and does it come with the audio as well as all parts(2 -6 as they become available)?”
When the recording becomes available, it includes audio and video. Check the area for the webcast and it will have a link to the recording.
“I have an internet website that I want our employees to be able to access it from anywhere... using the same url <http://intranet.mycompany.com/> regardless where they are. If they access it from outside the domain using <http://intranet.mycompany.com/> it would change the url to httpS://intranet.mycompany.com <https://intranet.mycompany.com/>, and accessing it from inside the domain, it should not use ssl. Any idea how to configure my aam, isa and dns to do that?”
You have more options than I really could address in the webcast; or even here, for that matter. Let’s forget about ISA 2006 for a minute (though that’s a good option for doing the application publishing for secured access to your internal server). As I said when I answered your question verbally – you’re able to set up the SharePoint so that your external URL is mapped to gain access to the internal one. Personally, I don’t see why you wouldn’t want SSL for both the external AND internal access (it’s not that much overhead; certainly not worth having to do special configuration to make up for it or have separate URLs people use).
“Can you go over what SSP does again?”
The main benefit is that this is the configuration and management of services that are shareable – we broke out the marriage of services from the portals that use them, so that you could have more flexibility and less redundancy. Multiple portals on a farm, or even multiple farms, can use the same Search Indexing (for example), so you define it once, and then use it multiple places. (Can you say “Amazing Scalability”? I knew you could!)
See the SSP information at http://technet2.microsoft.com/Office/en-us/library/cce2f987-3949-44be-8057-663b38fc949d1033.mspx?mfr=true
“Can I used ISA and use the same URL for accessing both the internet and Intranet so the user doens't have to remember two URLs.”
Yes. If SSL is set as a requirement for the website, then just use the http protocol and it will automatically use https and SSL.
“I listened to Kevins Webcast on Friday "SharePoint Server 2007 (part 1 of 6) Planning and Deploying Sharepoint Server 2007" He mentioned the recorded version of the webcast was going to be placed on his blog site. I am looking at http://blogs.technet.com/kevinremde/archive/2008/01/18/itprodsk101.aspx and don't see the recorded Webcast. Where are you putting his Webcast series ?”
Well.. I never promised I’d put the recording on my blog – but I do have a link to the webcast signup there (and at the top of this page as well) – and that’s the one that you use for watching the recording. It’s the same link that you used to sign up for or join the webcast, and now it should bring you to the recording.
It does typically take 24-48 hours for the recordings to be processed and made available.
“Are there any third party MOSS2007 Anti Virus products? We are using McAfee for our SPS2003 currently.”
Why would you ever want to even look at a “third-party” product?! (Just kidding!)
Of course, Microsoft has Microsoft Forefront Security for SharePoint.
There is McAfee PortalShield for Microsoft SharePoint. And a search on the Norton/Symantec site didn’t come up with a single hit on “SharePoint”.
“Does the virus program need to be sharepoint aware?”
For performance and reliability – Yes. (And do I hope you meant ANTI-virus…)
“Does the content deployment path topic also apply to developers creating content for MOSS? ie from a developers machine to the Production server?”
As I mentioned during the webcast – yes, you can use content deployment as a way to keep any content (source code in this case, I assume) synchronized. And also as I mentioned, you might want to look into employing workflows for digitizing any approval or other work-related process. Click HERE for more information on what workflows are in SharePoint Server 2007.
“What about stsadm with the export/import commands, that will work for subsites right?”
I wasn’t 100% sure of the answer to this, so I did some digging and found a very interesting blog post by one of Microsoft’s MVPs, Gary Lapointe. His post here talks about the trials and tribulations of automating a move from sub-sites to site collections using STSADM. He even wrote a script that automates the process. Pretty smart!
“Hi. Does the integrated backup also backup the config database?
Hi yerself. Yes, it does. Hopefully you’ll be attending (or will view later) the webcast I’m presenting on 1/23/08, which is a deeper-dive into Disaster Recovery technologies you can use to protect and recover SharePoint installations.
“Can we not use Microsoft SSO if we are using forms authentication for the portal?“
I have to confess that I’m not an authentication expert. But I have found some resources that I’m sure have the answer for you:
Plan Authentication Methods (SharePoint Server) http://technet2.microsoft.com/Office/en-us/library/40117fda-70a0-4e3d-8cd3-0def768da16c1033.mspx?mfr=true
About Data Connections, Authentication, and Alternate Access Mapping http://msdn2.microsoft.com/en-us/library/ms771995.aspx
And Jeff Schroeder does an excellent job summarizing the options (yes, including forms authentication) on his blog, with links to even more resources: http://blogs.interknowlogy.com/jeffschroeder/archive/2007/02/08/11331.aspx
“Can we backup/restore SSO key on ANY drive or just floppy drive (like in SPS2K3)?”
SharePoint now lets you restore to any removable media; not just a floppy (thank goodness).
“Do you have any resources for using psconfig? I only found one page on Microsoft.”
Doing a Windows Live Search on psconfig, I found several references on the web (and my blog post here, of course, will be another. <grin>). This is probably the one you found – but in case it’s not, here it is again: http://technet2.microsoft.com/Office/en-us/library/a59c4e8f-9b7f-4127-8199-1b9ab76991501033.mspx?mfr=true
“Can you use Content Deployment from MOSS Admin site with WSS 3.0 site in order to deploy, for instance, content from a WSS 3.0 site to a MOSS Site ?”
The Content Deployment mechanism that we demonstrated isn’t a part of WSS 3.0, so it’s not going to be the tool you’ll use for moving content from WSS to MOSS.
You can do an in-place upgrade of WSS to MOSS without losing any of the sites you’ve created, so that’s one option. It’s basically the install, followed by the initial configuration wizard. http://technet2.microsoft.com/Office/en-us/library/3f8fc632-4493-430b-baca-49f60e5508cd1033.mspx?mfr=true
Or you can use stsadm.exe and the export / import commands to move site collections.
“Can SSO be used as a solution in our .NET applications via some MOSS web services? Would be nice if all our enterprise desktop apps and websites used the same auth/auth.”
Yes, you can. Check out the question and resources I posted further up on this post around authentication methods available.
“What does Content Deployment does? Does in copy file to Document library or Index documents?”
Content deployment do do just what I described – it copies documents or items from one place to another, and keeps the destination looking like the source. If you want to set up indexing for both locations, then you’d want to make sure that search has been configured to do that. So, this is not really related to setting up search or changing indexing settings.
“How does recovery works if a server is recovered to a differ server how will users credential work since they did not have access on the new server?”
This sounds just like the migration scenarios and the sorts of questions described and answered in this “Migrate Office SharePoint Server 2007 by using Central Administration” technical document: http://technet2.microsoft.com/Office/en-us/library/391fd37a-daf0-47e3-810b-5cd8c2a4fc341033.mspx?mfr=true
**Just kidding. Keith's much better looking.
Hi! Below are the best of the questions and answers that occurred during our TechNet Webcast entitled,