Scott Shearer SharePoint Evangelist/Developer FlexPoint Technology sshearer@flexpointtech.com SharePoint Evangelist and Consultant for FlexPoint Technology Based in Reston, VA Done everything from System Administration to C# development to helpdesk CPA Former Stock Broker Former Certified Financial Planner (CFP) Past Certifications Held: MCSE, MCSD, MCDBA, MCT, CNE Conference Speaker @ScottJShearer on Twitter http://spconcierge.wordpress.com sshearer@flexpointtech.com IT Consulting firm based in Reston, VA Cloud Technologies SharePoint consulting, “development”, training US Government and commercial customers My presentation today is based on my experience and research It’s just my opinion…. Discuss as much as we can about ◦ ◦ ◦ ◦ ◦ ◦ Dealing with SharePoint Security Content Types Dealing with end users Promoting user adoption Tips, tricks, etc… Focus is on team sites and other internal collaborative sites The top priority of the SCA is to secure the site collection Its all about inheritance It doesn’t have to be complicated ◦ “Trickle Down Theory” of permissions ◦ By default, all objects inherit permissions from their parent ◦ Manage SharePoint Groups – not people ◦ Leverage Active Directory Groups ◦ Use Members, Owners and Visitors groups Don’t assign permissions directly to users Keep the top level site open to members of subsites, if possible SharePoint doesn’t offer column level security Top Level Site Lists/Libraries Rows of data/documents Subsite Folders Rows of data/documents Lists/libraries Don’t make decisions on who should have site access Plan and document your security structure It’s OK to break inheritance, but think it through ◦ It’s not your data (usually) – data owner should make that decision ◦ Have an access request and approval process with a “paper trail” (CYA) ◦ Avoid the issue by using Active Directory groups ◦ Keep it as simple as possible ◦ If it starts getting complicated, think about another site collection ◦ The more you break inheritance, the harder it is to maintain your site Permission Levels vs Custom Permission Levels Site Owners group should own any group that you create Don’t give users full control unless they know what they are doing ◦ You’ll have to fix what they mess-up SCA vs Site Owner Have a written policy approved by management for creating site collections and subsites Archive and/or delete site collections that are inactive for a specified period of time ◦ Don’t keep project oriented sites around when the project is through Never create a site when a list, library or page will meet the requirement ◦ When a user asks for a new site, ask some questions Keep the site structure wide rather than deep Keep your sites as “Out of the Box” as possible ◦ Time to deployment is accelerated ◦ Much easier to maintain ◦ Avoid upgrade issues Don’t use Designer until you have exhausted what you can do through the browser Don’t make changes to your master page for Team Sites unless you really really need to ◦ The audience for your Team Site is your team ◦ It doesn’t need to have “rounded corners” ◦ Avoid upgrade issues What is a Content Type ◦ ◦ ◦ ◦ Template for collecting data in a list or library Made up of site columns All Content types inherit from another content type Demo Custom Content Types ◦ Demo – create leave calendar Allows for a standard way to record a given type of data Allows for slightly different types of data to be stored in a single list Allows for reuse Allows for easy updates Allows for standard policies Allows for standard workflows NEVER NEVER NEVER ALTER OUT OF THE BOX CONTENT TYPES OR SITE COLUMNS Users don’t care about SharePoint ◦ They care about solutions that help them get their job done ◦ “What’s in it for me?” Give users a reason to care ◦ ◦ ◦ ◦ Save them time Save them hassles Streamline processes Get Management Buy-in Big Bang Theory ◦ Not what they needed delivered too late Roll-out SharePoint one app at a time Identify the power users in each office and spend your time with them Show users what they need to know when they need to know it ◦ “Just in Time Training” If you use “out of the box” solutions, need for training is minimized Make use of online resources Easy customizations to your site ◦ Selectively show/hide columns Easy to find lots of examples SPServices is your friend ◦ ◦ ◦ ◦ ◦ jQuery library Cascading dropdowns Filter lookup columns Retrieve list data http://spservices.codeplex.com/ Mark Rackley has some great blog posts that will help get you started ◦ http://www.sharepointhillbilly.com Import data into SharePoint ◦ Clean-up data prior to import Export data from SharePoint Combine SharePoint data with data from other data sources Bulk updates of SharePoint data Reporting Not all data belongs in SharePoint ◦ Why move data out of Excel? ◦ Relational data belongs in a relational database DON’T CLOSE Web Parts ◦ Slows down page load time ◦ ?Contents=1 (Web Part Page Maintenance) Don’t enable any feature unless you know what it does and you need it ◦ Not all features “roll-back” cleanly when deactivated Use Choice instead of Lookup Columns whenever possible Never put spaces in the names of SharePoint objects when creating them ◦ ◦ ◦ ◦ Create with no spaces Add spaces to create “friendly names” after creation Keeps URLs much shorter Makes working with jQuery and JavaScript easier Don’t replicate a share drive folder structure in a document library ◦ Minimize the use of folders ◦ Use managed metadata