SharePoint Preparedness:
By Failing to Prepare, You
Are Preparing to Fail
Danny Jessee | Protiviti | June 14, 2013
Who Am I?
Agenda
• #SharePointHorrorStories
• What is Preparedness?
• Pre-Deployment Preparedness
• Hardware and Architecture Preparedness
• Authentication and Authorization Preparedness
• Content and Metadata Preparedness
• Disaster Recovery Preparedness
• Reigning in the Chaos
How many of you are…
• Developers?
• System administrators?
• IT professionals?
• Business users?
• What version(s) of SharePoint are you supporting?
• You all have unique “SharePoint Preparedness” responsibilities
#SharePointHorrorStories
• Everyone seems to have one…
• What’s yours?
• What do all these stories have in common?
What is Preparedness?
• Preparedness (pri-ˈper-əd-nəs) n. – the quality or state of being
prepared; especially: a state of adequate preparation in case of
war
• Are you at war with SharePoint? Why?
• “To defeat the enemy, you must first understand the enemy”
• Know and understand your options and who can help you
achieve your objectives!
SharePoint Preparedness
Hardware and Architecture
Preparedness
Authentication and
Authorization Preparedness
Governance
Content and Metadata
Preparedness
Disaster Recovery
Preparedness
Pre-Deployment
Preparedness
“What hardware and software do we need? Who is actually going to use this
thing?”
Hardware & Architecture Preparedness
• Hardware/software requirements
• Upgrading from an older version? Migrating from something else?
• Small/medium/large farm
• Physical/virtual
• On-premises/cloud
• Development/integration/staging environments
Hardware & Architecture Preparedness
• How many servers will you need?
• Physical or virtual? Or cloud?
• Topology: single-tier/two-tier/three-tier
• Size: small (2+1)/medium (2+2+1)/large
• Can be based on numbers of users or
documents
• Web/application/database servers
• Availability requirements? SLAs?
Authentication Preparedness
• How will your users log in?
• Windows
• Your company’s Active Directory domain
• Forms-based
• Custom identity store, AMS, etc. (ASP.NET membership/role providers)
• Custom trusted identity provider
• Public facing sites: OpenID (Facebook, Google, Yahoo, Windows Live)
• Classic vs. Claims
DEMO
Configuring authentication providers
Authorization Preparedness
• SharePoint groups/AD groups
• Best practice: assign permissions only to SharePoint groups
• Add individual users and AD groups to SharePoint groups
• Define these groups before sprawl (site and permissions) takes over
• Anonymous access?
• Requires action in central administration and the individual site
• Breaking inheritance/item-level permissions
• Resist the temptation!
Content and Metadata
Preparedness
“Taxonomy? Doesn’t the IRS handle that?”
Content and Metadata Preparedness
• What kind(s) of content will you be storing in SharePoint?
• How will users discover and consume content?
• Evaluate what SharePoint provides out-of-the-box
Content Type
Site Column
• New/Display/Edit forms
• Workflows
• Document Information Panel
• Document Template
• Name
• Type
• Validation
Content Type Publishing
• Allows you to define content types in one site that can be
shared/published across site collection and web application
boundaries (even across farms!)
• Controlled by timer jobs that run on each “content type
subscriber” web application
• Requires a Managed Metadata Service Application
• Managed metadata
• Group  Term Set  Term
DEMO
Sharing content types across web applications!
Search and Discovery Preparedness
• Content sources
• Crawl schedules
• Keywords, synonyms, and best bets
• Metadata navigation
DEMO
Search settings, managed metadata, and metadata navigation
Disaster Recovery
Preparedness
“The flood took out the server hosting our backups. Fortunately, the
production server survived.”
Disaster Recovery Preparedness
• A disaster does not necessarily
have to mean a hardware failure!
• But you should plan for those, too
• Monitor things like:
•
•
•
•
Health analyzer errors/warnings
Site collection storage quotas
Available disk space on DB server
Are your backups actually
succeeding? Test them!
Disaster Recovery Preparedness
• Sometimes “disasters” can come
from within
• Developers release untested code
• SharePoint Designer has been
known to cause a problem or two…
• Thoroughly research and test
“solutions” to problems before going to production
• Resist directly querying/updating the SharePoint databases at all
costs!
Disaster Recovery Preparedness
• Determine your RPO, RTO, and RLO
• Recovery Point Objective – how far back?
• Recovery Time Objective – how long to restore?
• Recovery Level Objective – how granular the content?
• Tradeoffs and associated costs
• When choosing a backup solution, consider:
• Speed of backups, resource requirements, granularity of backups
• It’s all (largely) about the databases!
The “G” word
“Ain’t nuthin’ but a G[overnance] thang”
Governance
• Governance is the set of policies, roles, responsibilities, and
processes that guide, direct, and control how an organization’s
business divisions and IT teams cooperate to achieve business
goals
• Good governance is essential to a successful SharePoint
deployment
Governance
• A SharePoint governance plan should
address:
•
•
•
•
Information architecture
IT service
Branding and customizations
Training
• “It takes a village”
• Don’t make writing the governance plan
an assignment for one person!
• Resist the temptation to rely (too heavily) on a template
Reigning in the Chaos
“Calgon…take me away!”
Chaos: patching and updates
• Not like updating iPhone apps
• Requires preparation!
• Don’t just install blindly
• Test in a non-production
environment first
• Make sure your test environment mirrors your production environment
to the greatest extent possible
• Do not deploy a Cumulative Update unless it addresses a
specific problem you are experiencing
Chaos: managing custom solutions
• If you are deploying custom code/
solutions from your developers,
make sure they are packaged as
solution (.wsp) files!
• Ensure custom code is thoroughly
tested in an integration environment first
• If a developer ever wants to copy files or manually alter system
configurations on a production server, hit the
button!
Chaos: list columns, choice fields
• It is almost too simple for end users to add columns directly to
lists
• These are list columns and not site columns
• Zero reuse potential
• Cannot “convert” a list column to a site column
• If you intend to use a column in more than one place, strongly
consider building out the appropriate hierarchy
• Site columns  Content types  Publish the content type for reuse
Reigning in the chaos
• Invest in separate development/integration/staging
infrastructure, especially if custom solutions are being
developed/deployed
• Thoroughly test custom code/in-house/third party solutions – don’t
test in production!
• Evaluate patches and updates, ensure CUs address an issue you have
• Before you create a list column, ask yourself:
• Will I ever need to use this column in another list?
• Should this be a “Choice” field or should I use managed metadata?
What does this all mean?
• You can’t do it alone!
• Requires support from:
•
•
•
•
•
•
•
•
C-level staff
IT staff
Developers
End users
Family
Friends
Pets
Your local SharePoint user group
Continuing Preparedness
• Remain vigilant!
• Know the right places to look for help
• Continually seek input from key stakeholders and users
• Be quick and responsive, proactively solve major issues
• Focus on the end user experience
Questions?
“Don’t worry; we’ve all been there.”
Thanks for your time!
@dannyjessee
dannyjessee.com/blog
danny.jessee@protiviti.com