Post on 21-Dec-2015
Installing and Configuring SharePoint Technology
Ryan DuguidTechnical SpecialistMicrosoft New Zealand
APAC Microsoft SharePoint Conference 2007May 14th to 15th, 2007Sydney, Australia
Session Objectives
Detailed understanding of product architecture Understand admin components and their usesUnderstand admin security
Understanding your deployment optionsDetermine topologyBuild your deployment plan
Topics
Design GoalsLogical Architecture
Re-architecting SharePoint administrationSecurity Map
Physical ArchitecturePicking your topologyMulti-farm topologiesHardware requirements
Key Customer Pain Points
Inconsistent setup between productsCentral admin just too hardTopology restrictions
Farms of various sizes and shapesFlexibility in renaming and repurposing servers
Network supportNT authentication onlyReverse proxies, SSL termination, IP-bound IIS virtual servers
Poor resource utilization and isolationPortal services model very inflexible
Upgrade
Administration Design Goals
Windows SharePoint ServicesSimplicityConsistencyExtensibility
Office SharePoint Server = WSS goals +Resource OptimizationDelegation
Topics
Design GoalsLogical Architecture
Re-architecting SharePoint AdminSecurity Map
Physical ArchitecturePicking your topologyMulti-farm topologiesHW Requirements
Re-Architecting AdminKey Concepts
SharePoint “farm”Servers
App servers: Generic server – all services installedWFEs: Web bits only
Config DB: Heart and soul of the farmSPTimer Service: Heartbeat of farmSharePoint Administration Service
Repeats tasks done in SharePoint by box admins across the farm
Shared servicesGrouped, high-value, resource intensive servicesOne to many per farmInter-farm capable
Admin sitesCentral administration: 1 per farmShared services administration: “special” content site
Central AdminIT AdministratorsFarm-level
Resource managementStatus
One per farmE.g. Create new site
Administrative Architecture
Three Tier AdminWeb-basedRole and Task DelineatedControlled DelegationSecure Isolation
Site SettingsBusiness site ownerSite specific configuration and tasksE.g. Create new list
Shared ServicesBusiness unit ITUp to one per business groupService level configE.g. Create search content source
Tier 1: Central AdministrationGoals
Reduce administrator timeQuickly identify what must be doneRapidly locate UI to do what’s needed
Single point administrationManage the applicationSingle change updates all servers in farm
Extensible platform for SharePoint adminConsistent UI experience for all products
Central AdministrationMajor Elements
Administrative task list Informs operators what must be doneExplains action needed, and provides link to UI
Home page topology view Quick view of farm servers and what is running on them
Services on Server pageManage the components running on a single server
Flat menu structureOperations: tasks affecting farm resource usageApp Management: tasks specific to a single application or servicewithin the farmSecurity trimming reduces UI clutter
Remote administrationWeb-based administration UITimer-based system updates
Central Administration
Tier 2: Shared ServicesKey Concepts
“Shared Services” = Office SharePoint Server InfrastructureGoal
Separation of services from PortalsRemove scale limitation for # of portals
Required for site and cross site-level Office Server features Logical/secure partition of farmServices act as a group
SSP ComponentsSSP admin siteSSP databases
Shared ServicesOffice Server SearchDirectory importUser profile synchAudiences
TargetingBusiness data catalogExcel calculation serviceUsage reporting
Shared Services Associations
SSP Default = 1st SSPCan be changed to different SSPCannot be deletedNew, existing web apps auto-associated
Content web applicationsALWAYS associated to 1 and only 1 SSPSecurity implications
Content app pool granted rights across SSPDisassociation: Accounts NOT auto-cleaned up
Actions auto-started/stopped:Search: Add start address to portal content sourcePeople: User Profile Synch
Shared Services
Web App Web App
CorpWeb FinWeb HRWeb LegalWeb
Office Server SearchDirectory importUser profile synchAudiences
TargetingBusiness data catalogExcel calculation serviceUsage Reporting
Shared Services
Office Server SearchDirectory importUser profile synchAudiences
TargetingBusiness data catalogExcel calculation serviceUsage reporting
Shared Services – # 2
Shared ServicesMultiple SSPs?
Vast majority of installs = 1 SSPUse cases for multiple SSPs
Secure isolation of services and service dataHosted environmentsRestricted sitesOrganizational/Political concerns
Web App Web App
CorpWeb FinWeb HRWeb LegalWeb
Office Server SearchDirectory importUser profile synchAudiences
TargetingBusiness data catalogExcel calculation serviceUsage reporting
Shared ServicesOffice Server SearchDirectory importUser profile synchAudiences
TargetingBusiness data catalogExcel calculation serviceUsage reporting
Shared Services
Shared Services Demo
Tier 3: Site Settings
UI for users to manage their sitesPermissions and users of siteStorage taken up within siteSite hierarchy
Key conceptsDelegate management of common tasks to usersExtensible
Consistent experienceFeatures merged directly into UI
Operators lack permission for contentChange from v2 Can take ownership or add policy (audited)
Security trimmed UI improves usability
Site Settings
Security Best Practices
Unique accounts for the followingFarm accountSSP process account
NOTE: Cannot be Network Service in a farm config.
SSP shared web service accountContent app pool
Kerberos on (default = NTLM)Each process account must be a registered SPN to work
SSL enabled (default = off)Turn on for admin sites and server to serverWarning provided on credentials pages if SSL is off
SPAdmin serviceSingle server: Off (recommend ‘On’ for OSS)Farm: On
Topics
Design GoalsLogical Architecture
Re-architecting SharePoint AdminSecurity Map
Physical ArchitecturePicking your topologyMulti-farm topologiesHW Requirements
Physical ArchitectureKey Concepts
TopologyGroup services on hardware as neededScale hardware based on your needs
# servers/role32 bit, 64 bit, mixed 32 and 64 bit
Server “roles”Web front end App server: Indexing, Search, Excel Calc, Project
No Job Server – replaced by SPTimer and SPAdmin service
DatabaseNetwork capabilities
Extranet as a 1st tier “feature”Span DomainsMultiple authentication providers
SQL auth supportSSL, IPSec, etc.
This Topology is Not Supported !!
User requests
Load balances webfront end servers
Applicationservers
Clustered SQL server
Index Search Excel Project
Large Farm
User requests
Web front ends + application(s)
Application(s)
Clustered SQL server
Medium Farm
Small FarmUser requests
Each load-balanced server includes:
• Web front end• Applications
Dedicated SQL server
Single Server
• Web front end • Application • Database
One Server which contains:
User Requests
Picking Your Topology
Availability
Perf
orm
ance
StrengthsFast & EasyNetwork considerations
LimitationsLimited data & user load capabilityAvailability & reliability
Single Server
User Requests
One Server which contains:
• Web front end
• Application
• Database
Small Farm
User requests
Each load-balanced server includes:
• Web front end• Applications
Dedicated SQL server
StrengthsData & user load capabilityAvailability & reliabilityExercise feature deployment
LimitationsLong running operationsNetwork considerations
Medium Farm
StrengthsData & user load capabilityAvailability & reliabilityExercise feature deploymentPerformance
LimitationsSetup / configurationNetwork considerations
User requests
Web front ends + application(s)
Application(s)
Clustered SQL server
Large FarmStrengths
Data & user load capabilityAvailability & reliabilityExercise feature deploymentPerformance
LimitationsSetup / configurationNetwork considerations
User requests
Load balances webfront end servers
Applicationservers
Clustered SQL server
Index Search Excel Project
User requests
Load balances webfront end servers
Applicationservers
Clustered SQL server
Index Search Excel Project
Large Farm
User requests
Web front ends + application(s)
Application(s)
Clustered SQL server
Medium Farm
Small FarmUser requests
Each load-balanced server includes:
• Web front end• Applications
Dedicated SQL server
Single Server
• Web front end • Application • Database
One Server which contains:
User Requests
Picking Your Topology
Availability
Perf
orm
ance
Multi-Farm Topologies
Security and process isolationDevelopment, test, productionBusiness demands
Content ManagementStaging environments in different networks
Authoring in intranet with AD authenticationProduction in premier network with forms authentication
Content Deployment copies content between networksPath connects source and destination site collectionJob defines schedule for incremental deploymentQuick Deploy feature allows authors to expedite specific articles
Inter-Farm Shared Services
Multi-Farm Topology
Hardware Recommendations
Single box installation - recommendedCPU: 2 x 3GHz Memory: 2GB +HDD: Scenario dependent
Farm Deployment Web server: 2 x 3GHz, 2GB + RAM
HDD – Sufficient storage for index if also a query serverApp server: 2 x 2.5GHz, 4GB RAM
HDD – Sufficient storage for index fileSQL: Dual proc 2.5GHz; 4GB RAM
HDD – Sufficient storage for content dataSupport both 32 and 64 bit
SummaryProduct Architecture
3-Tier Administration ArchitectureCentral AdministrationShared Services – what are they; how do they work?
ExtensibilityDelegation to power users
Site Admin
Deployment OptionsMachine “Roles”Picking Your Topologies
Single boxSmall, medium, large farmsMulti-Farm topologies (IFSS, Publishing)
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.