We recently published a couple of resources targeted to designing sites for WSS collaboration:
Based on some of our popular Microsoft Office SharePoint Server 2007 assets, the design guidance is scaled to Windows SharePoint Services 3.0.
The sample design illustrates, describes, and contrasts how to implement collaboration with three different types of collaboration sites represented:
By following the design guidance, you can soundly implement any one or all of the different types of collaboration sites.
Also, as a feature of collaboration, we expect that many of you will be accessing sites remotely or from outside of your company firewall. The article and poster for the design sample provide pointers to guidance on designing for secure external access.
Let me know if this type of "scenario" content is helpful.
Thanks, Brenda Carter, IT Pro Writer, SharePoint Products and Technologies
Hi there—we’re wondering if you've got feedback on the Best Practices Resources Center that we blogged about a couple of weeks ago.
Which is your favorite article?
· Operational Excellence
· Team Collaboration Sites
· Publishing Portals
· Search
· My Sites
Are there any more topics that you’d really like to see a group of best practices developed for?
And, of course, do you have any feedback on what we could do to make the information more discoverable or useful?
Thanks!
Earlier this year, we published operations procedures and resource centers for Records Management and Web Content Management. This week, we completed the Enterprise Content Management operations content and resource centers by publishing the Document Management operations procedures for both MOSS and WSS, and the Document Management resource center.
What’s covered?
The Document Management operations procedures include procedures for managing document libraries, managing content types and permissions for a document library, and describe how to configure Information Rights Management settings.
The Document Management resource center lists resources you can use to evaluate, plan, deploy, and operate a document management system using Microsoft Office SharePoint Server 2007. Here you will also find community resources, case studies, Webcasts and podcasts which provide you with additional resources to help you get the most out of your Microsoft Office SharePoint Server 2007 document management system.
Feedback welcome!
Have you ever wished you could have a say in the way documentation is written here at Microsoft? Well, now’s your chance. We welcome your feedback on the new Managing Documents procedures and the new Document Management resource center and will do our best to make the improvements you suggest. What would we like to know? We’d like to know things like: Is this content useful? Is it detailed enough? Did we leave something out that you feel would be helpful? Did we include something that you feel has no value? We’re also interested in hearing what you like about this content so we can keep doing it. Anything you feel we should know about the Managing Documents content or the Document Management resource center is very important to us. Let us know what you think!
There are three ways that you can provide feedback about the new Managing Documents procedures and the new Document Management resource center:
- The upper-right corner of each page has a Click to Rate and Give Feedback section. Click a star to rate the page and optionally provide feedback.
- You can e-mail us at uablog at Microsoft.com.
- You can use the “Leave a Comment” feature in this blog to provide comments, either about this blog post, the Managing Documents procedures or about the Document Management resource center.
We look forward to hearing from you and to working with you to make our content the best it can be.
-- Claudia Lake
SharePoint IT Pro documentation team
Many issues that customers run into with Office SharePoint Server 2007 can be traced back to a small set of specific design problems. The SharePoint Customer Advisory Team and the Microsoft Consulting Services team for SharePoint have collaborated to bring you a set of guidelines that lay out the best practices for success with Office SharePoint Server 2007. Following these practices will help you avoid some of the common deployment pitfalls and keep your SharePoint environments available and performing well. Get the details now from the Best Practices Resource Center.
Also, by popular demand, we've created a CHM download for the Windows SharePoint Services 3.0 Technical Library. Enjoy!
-- Samantha Robertson
Alternate access mappings enable multiple internal URLs to be mapped to a single public URL. An internal URL is the URL of a Web request as it is received by Office SharePoint Server 2007 or Windows SharePoint Services 3.0. A public URL is the URL of an externally accessible Web site.
The public URL is the base URL that Office SharePoint Server 2007 and Windows SharePoint Services 3.0 use in the pages that they return in response to Web requests. Alternate access mappings support Internet deployment scenarios in which the URL of a Web request is not the same as the URL that was typed by an end user because the URL has been modified by a reverse proxy.
A reverse proxy sits between end users and Web servers. Requests to a Web server are first received by the reverse proxy and, if those requests pass the proxy's security filtering, the proxy forwards the requests to the Web server. Reverse proxies can be configured to receive a Web request over the Internet by using HTTPS (Hypertext Transfer Protocol over Secure Socket Layer), and then forward the request to a Web server by using HTTP. This is referred to as off-box SSL termination.
Alternate access mapping collections can contain up to five authentication zones, but each zone can only have a single public URL. Mapping collections correspond to the following authentication zones:
- Default
- Intranet
- Internet
- Custom
- Extranet
Administrators need to make sure that alternate access mappings are configured correctly for every SharePoint deployment, no matter how simple or complex. For more information about alternate access mappings, see:
Plan alternate access mappings (Windows SharePoint Services)
Plan alternate access mappings (Office SharePoint Server)
For more information about authentication for Windows SharePoint Services 3.0 and Office SharePoint Server 2007, see the Authentication Resource Center for SharePoint Products and Technologies.
Douglas Goodwin, Writer
SharePoint Server UA team
There is a tremendous wealth of technical performance and capacity–related information available for Office SharePoint Server 2007 on TechNet. I know, because I wrote quite a lot of it. However, the greater the volume of content that becomes available, the harder it can be to find.
Yes; I can hear you now. “Kelley,” you’re saying, “thank you so much for sharing with us this valuable piece of information, that is in no way extremely obvious and well-known by every sentient being in existence, and even some non-sentient ones, such as fruit flies.”
You’re welcome.
And now, allow me to introduce the (begin drum roll here) Performance and Capacity Planning Resource Center for SharePoint Server 2007 (cue trumpet flourishes and fireworks)! We’ve rigorously reviewed, analyzed, folded, starched, ironed, and consolidated every existing bit of performance and capacity planning content available today in one easy-to-use page.
Some highlights include:
· Topics organized into meaningful categories:
o Planning
o Recommendations
o Estimate performance based on test results
· Sections listing available resources:
o Demos
o Tools from Microsoft
o Tools from partners and the SharePoint community
o Community resources
We hope you’ll find this resource center helpful, and that it will save you time, money and precious, precious tears. We would like to hear from you if there’s anything we can do better. We actually do read customer comments and suggestions, and in fact, a large part of our work is improving our content based on your input.
Enjoy!
-- Kelley Vice
SharePoint IT Pro Writer
Freshly updated: Office SharePoint Server Operations TOC.
You seemed to like the tinkering we did in the Planning section for SharePoint Server, so we decided to extend the exercise to the Operations section. We've adopted a structure that is similar to the planning structure, with two main sections for administration tasks:
- Site and solution administration contains administration tasks for sites and solutions.
- Infrastructure administration contains administration tasks for the infrastructure supporting the sites and solutions.
We've also added a third section to the outline called Administration tools, to collect overviews and information about the tools you need to use when performing administration tasks.
Again, before:
And after:
Note that we're still busily working on content in these areas, so this TOC re-org does not mean we're done writing operations content. But in the meantime, we hope this organization makes it easier for you to find the content that's there. As always, we'd love your feedback.
- Samantha Robertson, Technical Writer
To enable Kerberos authentication for services in Office SharePoint Server 2007, you must create and register Service Principal Names (SPNs) in Active Directory. To create SPNs in an Active Directory domain, you must have domain administrative-level permissions.
Authentication clients
Clients use these registered SPNs to identify each instance of a service. A Web browser, such as Microsoft Internet Explorer, is the client when you attempt to render a Web page from an Office SharePoint Server 2007 Web application. The Microsoft .NET Framework is the client when Office SharePoint Server 2007 crawls local content sources or makes a call to the Shared Services Provider (SSP) infrastructure. An SSP is a logical grouping of a common set of services and service data that can be provided to Web applications and their associated Web sites. An SSP infrastructure enables the sharing of services across:
- Server farms
- Web applications
- Site collections
The Office Server Web Services Web site is the SSP infrastructure for Office SharePoint Server 2007. The SSP infrastructure exists on any server running Office SharePoint Server 2007 that is deployed using the Complete installation option. Kerberos authentication does not work with the Office Server Web Services Web site unless the Infrastructure Update for Microsoft Office Servers is installed. For information about downloading and installing the Infrastructure Update, see the Updates Resource Center for SharePoint Products and Technologies.
Farm deployment
To deploy an Office SharePoint Server 2007 server farm using Kerberos authentication, you must install and configure a variety of applications on your computers to support the following functionality:
- Communication between Office SharePoint Server 2007 and Microsoft SQL Server database software.
- Access to the SharePoint Central Administration Web application.
- Access to other Web applications, including a portal site Web application, a My Site Web application, and an SSP Administration site Web application.
- Access to shared services for the Office SharePoint Server 2007 Web applications in the SSP infrastructure.
When a client (Internet Explorer or the .NET Framework) attempts to access a resource using Kerberos authentication, the client must construct an SPN to be used as part of the Kerberos authentication process. If the client does not construct an SPN that matches the SPN that is registered in Active Directory, Kerberos authentication will fail, usually with an “access denied” error.
There are versions of Internet Explorer that do not construct SPNs with port numbers. If you are using Office SharePoint Server 2007 Web applications that are bound to non-default port numbers in IIS, you might have to direct Internet Explorer to include port numbers in the SPNs that it constructs. In a farm running Office SharePoint Server 2007, the Central Administration Web application is hosted, by default, in an IIS virtual server that is bound to a non-default port.
In a farm running Office SharePoint Server 2007, by default, the .NET Framework does not construct SPNs that contain port numbers. This is why Search cannot crawl Web applications using Kerberos authentication if those Web applications are hosted on IIS virtual servers that are bound to non-default ports. It is also the reason why Kerberos authentication cannot be correctly configured and made to work for the SSP infrastructure unless the Infrastructure Update for Microsoft Office Servers is installed.
New, custom-format SPN
The Infrastructure Update for Microsoft Office Servers includes a new, custom-format SPN for Kerberos authentication for the SSP infrastructure. This custom-format SPN introduces a new Service Class: MSSP. The custom-format SPN uses the following format: MSSP/<host:port>/<SSP name>. This new custom-format SPN sets a .NET Framework property to direct the .NET Framework to use a specific SPN for a given URI. The .NET Framework is used to make inter-server calls to the Office SharePoint Server 2007 SSP infrastructure Web services.
The SSP infrastructure includes a Search shared service at both the root level and the virtual directory level in IIS. There is also an Excel Calculation Services shared service at the virtual directory level in IIS. After the SSP infrastructure is configured for Kerberos authentication, Kerberos will be used for accessing shared services at both the root level and the virtual directory level. You do not need to register SPNs for root-level Web services. You only need to register SPNs for virtual-directory-level Web services. This is because when joining a computer to a domain, a HOST-class SPN is automatically registered for the computer account in the domain, and the SPN will work for the root-level Web service. However, you do need to register SPNs corresponding to the virtual directories that actually correlate to the SSPs in your farm.
For more information about Kerberos authentication for Office SharePoint Server 2007, see Configure Kerberos authentication (Office SharePoint Server).
Douglas Goodwin, Writer
SharePoint Server UA team
By Brenda Carter, IT Pro Technical Writer, SharePoint Products and Technologies
Last March, Shane Young and I sat down with Dave Coleman at the SharePoint conference in Seattle to review the solution design for Twynham School in the UK. Shane Young is a Microsoft Most Valuable Professional (MVP) who has designed solutions for several schools, including the Boulder Valley School District and Central Michigan University. Typically in these sessions Microsoft experts give design guidance to customers. However, during this session Coleman showed us how it’s done.
Coleman described how he stumbled across the initial version of SharePoint Team Services years ago and has since developed a growing Web presence with each subsequent version of SharePoint Products and Technologies. With his small IT team and a strong partnership with the community at the school, Coleman has produced a world-class IT solution. His team also hosts sites for several feeder schools. Finally, Coleman’s team generously shares their expertise (and templates!) with the other 63+ secondary schools in the area, helping them get up and running with SharePoint quickly.
Young applauds Twynham for their savvy solution and especially for openly sharing their work with the education community: "Colemans' team is saving education providers worldwide countless hours by sharing their lessons learned and helping them start on the right foot." Young emphasizes that starting with a viable design that has been proven in the field can greatly reduce the learning curve.
The purpose of this blog article is to introduce you to Shane Young and the Twynham team and to let them field your questions right here on this blog!
Shane Young has over 12 years experience architecting and administering large-scale server farms using Microsoft enterprise technologies. He has architected SharePoint solutions for clients ranging from 20 to 25,000 users. He is the President and lead consultant of www.SharePoint911.com.
Twynham School is a secondary school on the south coast of the UK and is rated among the top 10% of schools nationally. From left to right, the Twynham team includes:
- Sylvia Haghighi (IT Technician)
- Dan Rolles (Senior IT Technician)
- Chris McKinley (SQL Admin/Web Developer)
- Darren White (Web Developer)
- Dave Coleman (Network Manager)
- Mike Herrity (Assistant Headteacher)
For information about Twynham’s solution architecture as well as the architecture that Coleman recommend for single schools, see the following technical case study resources:
The Twynham IT team also hosts a site to showcase their solution: http://www.twynhamschool.com/supportinglearning/.
Here are some highlights from the Twynham case study:
- While Twynham’s farm runs on five servers, Coleman reports that a single server is plenty of hardware for a single school. For the recommended specs, see the article!
- Coleman’s team spent a summer digitizing media assets and hosts a bank of media files that teachers can easily incorporate into classroom sites. The media files are hosted on a separate server that is directly attached to a Web server. The article describes how Coleman ensures that students have access only to media files that are appropriate for their age and curriculum.
- Teachers collaborate on the content that is offered on each subject site. For example, the French subject site incorporates RSS news feeds from French newspaper sites as well as links to other French media sites.
- Twynham makes extensive use of podcasts across many of the subject sites. Students can subscribe to the podcasts and listen to them on their MP3 players, mobile phones, and computers.
- The IT team and staff collaborated on sites to help students prepare for standardized exams. In the two months prior to the 2007 exams, Twynham Year 11 students viewed over 70,000 pages to prepare for their exams.
- External access to sites was a priority. Students can access class materials and blog about what they are learning from home and even during their travels to World War I sites in England or overseas trips to geological sites in New Zealand.
If you are a medium-size school district or university and are interested in working with me to produce a similar technical case study, let me know! (bcarter@microsoft.com).
Meanwhile, feel free to post questions for Shane Young and the Twynham IT team. Thanks, Brenda
Hi. I’m Rob Silver – one of the writers covering SharePoint Products and Technologies for the IT pro audience at Microsoft. I’m excited to announce two new articles that we are publishing this week. They are both related to SharePoint governance. Governance is the set of roles, responsibilities, and processes that you put in place in an enterprise to guide the development, adoption, and use of a solution based on SharePoint Products and Technologies. We know that this is an area of concern for our IT audiences and we will continue adding content to enhance our coverage of SharePoint governance.
Here are the articles we are publishing this week:
· Increasing SharePoint engagement (white paper): SharePoint MVP Robert Bogue has written many popular white papers. His new paper defines the problem of increasing Office SharePoint Server 2007 engagement in an organization, identifies typical engagement-blockers, and suggests strategies to increase engagement at the team, departmental, and enterprise levels.
· Sample code acceptance checklist for IT organizations: The ability to customize sites by adding custom solutions gives Office SharePoint Server 2007 power and flexibility. However, a poorly designed or implemented executable module that runs in a SharePoint farm can do harm even beyond the scope of the Web application for which it was intended. To help you ensure that the solutions that you deploy provide the intended benefits without exposing the enterprise to unnecessary risk, you can require developers to submit a checklist to verify that their solutions have been coded and tested according to best practices. Use this sample code acceptance checklist as a starting point for your own checklist to help verify the quality of solutions that are submitted for deployment.
I hope you find both these articles useful as you work out your approach to governing SharePoint and increasing SharePoint engagement. If you are interested in governance, be sure to visit our Governance Resource Center for more governance articles and tools.
Thanks,
Rob
We've been working hard behind the scenes, creating diagrams and articles to help you back up and recover MOSS, and plan and configure availability solutions. We've finally published and collected them into a resource center that you can bookmark and come back to.
In one location, you can now find:
- Planning and how-to content for backup and recovery.
- Pointers on how to use versioning and the recycle bins.
- Content describing how to use System Center Data Protection Manager to protect Office SharePoint Server.
- Availability content, including a great white paper and case study on using database mirroring in a single farm.
If you like large posters (34" x 44"), start with our models. They provide graphical overviews of key concepts and decision points.
Take a look, and let us know if there's more content you'd like to see.
- Margo Crandall
Technical Writer
We're tinkering a bit with the Planning section of the technical library for Office SharePoint Server. We've gotten feedback that it's tough to find the topics you want, and that there's a lot of extra words in the titles that we just don't need. So we're clearing out some unnecessary words and splitting the giant Planning table of contents into two parts:
- Site and solution planning contains all the content about planning what you want in your sites and solutions. Look here for topics on planning the overall design, workflows, Business Intelligence, governance, and so on.
- Infrastructure planning contains all the content about planning the infrastructure to support your sites and solutions. Look here for topics on system requirements, logical architecture, authentication, database storage, and so on.
We're hoping this makes it easier for you to find the topics you want.
The revised Planning TOC makes its debut this week.
Here's the before:
And here's the after:
It isn't a big restructure, but we're hoping it makes a difference for you. Please let us know what you think.
- Samantha Robertson
Technical Writer
Hi, I'm Cern McAtee, a technical writer for Office SharePoint Server 2007. I'm pleased to announce that the Office SharePoint Server 2007 content team and the Global Readiness team have combined efforts to write and publish a new walkthrough guide for content deployment:
End-to-End Content Deployment Walkthrough.
This downloadable guide is aimed at IT pros planning to use content deployment with their enterprise sites using Microsoft Office SharePoint Server 2007. The guide takes you through the steps for setting up source and destination site collections, creating a deployment path and job, and then running the job to see how it populates the destination site collection with the content from the source site collection. One important thing to note when it comes to implementing content deployment is that when you first set it up, the destination site collection must be empty. You can create the destination site collection using either the Blank site template, or by using the Stsadm createsite operation to create an empty site.
In addition to the walkthrough, we have also published a set of topics about Administering Web content management that cover publishing and content deployment operations, as well as cache settings and profiles, document conversion, and variations. These topics are intended for IT pros who manage publishing and content deployment for their enterprise sites.
But wait, there's more! We have also launched the Web Content Management Resource Center for SharePoint Server 2007. The center resources for IT pros to use in planning and implementing Web content management solutions. You'll find links to featured content on TechNet, community resources, and other blogs, as well as to videos, Webcasts, and podcasts.
We look forward to hearing from you and to continuing to improve this content in partnership with you!
A frequent request from customers and partners is to create a download that contains all of the content from our technical library in compiled help format (CHM). Well, it took a while, but due to some positive changes in our authoring environment, we can now build .chm files of our content. Now live and available for your downloading and searching pleasure: Office SharePoint Server 2007 Technical Library in Compiled Help format.
We'll refresh monthly, and post the updates on our newly published content list, so check back and grab the hot, fresh content regularly. If you like this one, we'll do one for Windows SharePoint Services too.
Thanks for your feedback.
Samantha Robertson, SharePoint IT UA Senior Writer
Hi, my name is Claudia Lake. I am a technical writer on the SharePoint IT Pro documentation team. In response to feedback from users, we have created Administering Records Management, which is a new set of IT Pro documentation on TechNet about records management in Office SharePoint Server 2007. We have also created a Records Management resource center on TechNet.
What’s covered?
Our intention is to provide you with all of the information you need to successfully set up, configure, and administer a Records Center site in Office SharePoint Server 2007.
In addition to providing information about how to create a Records Center site, the new records management administration documentation covers the following areas:
- Configuring an active document site for records management
- Configuring an Exchange Server 2007 e-mail server to send records to a Records Center site
- Managing holds
- Monitoring the Records Center site
The Records Management resource center provides additional resources for you to plan and implement a Records Management solution using Microsoft Office SharePoint Server 2007.
Feedback welcome!
Have you ever wished you could have a say in the way documentation is written here at Microsoft? Well, now’s your chance. We welcome your feedback on the new Administering Records Management documentation and the new Records Management resource center and will do our best to make the improvements you suggest. What would we like to know? We’d like to know things like: Is this content useful? Is it detailed enough? Did we leave something out that you feel would be helpful? Did we include something that you feel has no value? We’re also interested in hearing what you like about this content so we can keep doing it. Anything you feel we should know about the Administering Records Management content or the Records Management resource center is very important to us. Let us know what you think!
There are three ways that you can provide feedback about the Administering Records Management documentation and the Records Management resource center:
- The upper-right corner of each page has a Click to Rate and Give Feedback section. Click a star to rate the page and optionally provide feedback.
- You can e-mail us at uablog at Microsoft.com.
- You can use the “Leave a Comment” feature in this blog to provide comments, either about this blog post, the Administering Records Management content or about the Records Management resource center.
We look forward to hearing from you and to working with you to make our content the best it can be.
Sincerely,
Claudia Lake
SharePoint IT Pro documentation team
