For all of the things that can go wrong with your SharePoint implementation, one of the best things we can do is learn from others. From not accepting that implementing an established information architecture and having an available infrastructure are core tenants of every SharePoint installation to managing SLAs with your end users; join us as we share not only what we've seen as worst practices but also worst experiences.
Attendees will learn practices on how to properly manage their SharePoint environments, how to work with other IT department leads and plan for a more properly planned SharePoint environment instead of dealing with the headaches that precipitate themselves when systems are hastily thrown together.
4. what this talk is about…
Avoiding ending your day like this…
5. What could go wrong?
• It’s only a technology product that users use…
‐ For collaboration…
‐ And workflow and process management…
‐ And document management…
‐ And forms management…
‐ And search…
‐ And web content management…
‐ And records management…
‐ And knowledge management…
‐ And more…
6. One of the top blunders…
Let’s make SharePoint
not look like
SharePoint.
9. Make sure you have a plan…
Change Management Plan…
Training Plan…
User Adoption Plan…
Implementation Plans…
Project Plan Baseline for 2007:
http://bit.ly/1kROl1L
Project Plan Baseline for 2010:
http://bit.ly/1ksExqa
13. but wait… more technical challenges
Training
3rd Party Products and Integrated Systems
Variations and Multi-Lingual
14. business challenges
System Adoption
Design of System
Accessibility of System
Lack of Features
Lack of Federation
Business Process Management
Resource Availability and Training
16. social challenges
What is ‘Social’?
Disabling or not planning for OOTB functionality of
MySites, Audiences, etc.
Information Silos
17. social challenges
Lack of / Too much Governance
No planning for structured metadata
Not leveraging folksonomy, ratings, etc.
Lack of Directory Structure Impacts
Active Directory information (Manager, Reports, etc)
Findability of sites, communities and documents
18.
19. I just need a developer…
What kind though?
.NET Developer
Front End Developer
SharePoint Developer
20. Windows Updates
• Starting with the February 2015 Cumulative
Updates for SharePoint, they will be included
within Windows Updates
• Be sure to use WSUS or some other orchestration
software for patching
• Don’t forget your developer VMs
22. more development disasters
Features, Web Part Packs, Solution Packages, Apps
Scoping of Solutions
Solution Behavior (bin / GAC / Sandbox)
Install, Deploy, Retract, Remove
Upgrading an App
Cloud
Provider-hosted
SharePoint
Existing sites and
services
app web (optional)
Dedicated server / hosting service
REST + OAuth or
client object models
SharePoint-hosted
SharePoint
Existing sites and
services
app web
23. more development disasters
Knowing the differences between a site definition, a web
template, and a master page… Branding matters
Lack of Documentation
Requirements, Design, Implementation
Lack of Regression Testing
Disposing of Objects Properly
24. IT Governance & Service Level Agreement
Capacity Planning
System Maintenance
Disaster Recovery
Continuity of Operations
RTO / RPO / RLO
enterprise infrastructure processes
SourceSeanMcDonough@spmcdonough
26. misconceptions and gotchas
Disaster Recovery “Oops”
Patching Issues
Service Level Agreements
Consolidating and Migrating
Build Numbers
Workflow History
27.
28.
29. What’s a site collection?
It’s the boundary for permissions, features, templates…
It’s the limit* for pulling information together…
It’s what backups are made of typically…
It’s stored within a content database…
30. What’s a site collection?
The Recycle Bin lives here for on-premises…
It contains sites…
Site Collections have at least one site – it’s the root
Site Collections and Sites aren’t pages
31. creating orphans
IIS reset solves all qualms
or so we’d like to think…
During backup of a site collection
The backup is now invalid
During a restore of a site collection
The restore will have portions of the site collection and associated webs
restored (maybe)
32. permissions management
Breaking permissions for each and every file…
Removing the SharePoint group that you gave Full
Control…
Removing yourself from the SharePoint group that
has Full Control…
33. the recycle bin
The common misconceptions
The (cold) truth
“Regardless of whether or not an item is sent to the users'
Recycle Bin or to the Site Collection Recycle Bin, items are
deleted automatically after the number of days that the server
administrator specified in Central Administration.”
Manage the Recycle Bin of a site (Office.com)
34. permissive file handling
Users are being prompted to download PDFs
Enable permissive file handling for all files in Web
Application in Central Administration
Set specific mime types for a Web Application
> $webApp = Get-SPWebApplication("http://intranet.contoso.com")
> $webApp.AllowedInlineDownloadMimeTypes.Add("application/pdf")
> $webApp.Update()
35. hardware and software requirements
Under-sizing the infrastructure
Virtualizing on oversubscribed hardware
Attempting to use an IaaS cloud provider in a
stretched subnet mode
Underestimating storage and IOPS requirements
36. Forgetting the basics…
You’re browsing your site from the server. Or you’re
trying to get search to work. Or you’re trying to get
a web service to work. Or you just want anything to
work….
HTTP 401.1 - Unauthorized: Logon Failed and
you’ve got a FQDN on your site
KB896861 offers several options
DisableLoopbackCheck or BackConnectionHostNames
DisableLoopbackCheck & SharePoint: What every admin and developer should know
37. Pausing IIS
Bring up your SharePoint Products Configuration
Wizard on the second screen
Checking IIS to see your web applications
temporarily paused
38. lost passphrases
Passphrase is no longer known
Managed accounts and auto-password resets
Document your farm
TechNet
CodePlex
SPDocKit
> $passphrase = ConvertTo-SecureString -asPlainText -Force
> Set-SPPassPhrase -PassPhrase $passphrase -Confirm
39. certificate revocation list
Slow (up to 60 seconds) execution of stsadm and
Application Pool recycles
Enable outbound internet access to crl.microsoft.com
HOSTS file redirect
Set the State registry key for all users who will run a shell or application pool
Edit the machine.config for each server in your farm
Certificate Revocation List Check and SharePoint 2010 without an Internet Connection
SOFTWAREMicrosoftWindowsCurrentVersionWinTrustTrust ProvidersSoftware Publishing
40.
41. not enough service accounts
We only have a Farm account
Managing passwords is hard
We don’t like providing domain accounts local
admin
Wait, service accounts?
42. primary service accounts
Account Purpose Requirements
SQL Server Runs SQL Server • Domain user account
• No rights in SharePoint
Setup Account Installs the bits and performs
initial configuration
• Domain user account
• Member of Local Admins on each
server in the farm
• securityadmin and dbcreator on SQL
instance
Farm Account Used for configuring and
managing the farm and runs
primary services (e.g. SPTimerV4)
• Domain account
• Additional rights are automatically
granted as part of installation (both
server and SQL)
43. other service accounts
Account Purpose Requirements
MySites Application
Pool
Worker process identity for MySites • Domain user account
• Managed account
Content Application
Pool
Worker process identity for Content
web applications
• Domain user account
• Managed account
Services Application
Pool
Worker process identity for Service
Application Pools
• Domain account
• Managed account
Search Service
Process
Process identity for SharePoint
Foundation (Help) search service and
SharePoint Search service
• Domain account
• Managed account
Search Service
Default Content
Access
Used to crawl content specified in
content sources
• Domain account
User Profile Import
Account
Account used to import (and optionally
export) user data from an identity store
• Domain account
• Replicate Directory Changes in AD
44. still more service accounts
Account Purpose Requirements
Object Cache
Super User
Processes items in the object
cache of a web application
• Domain user account
• Managed account
• Full Control User Policy on target web
application(s)
Object Cache
Super Reader
Processes items in the object
cache of a web application
• Domain user account
• Managed account
• Full Read User Policy on target web
application(s)
PerformancePoint, Excel Services, Visio Services, Claims to
Windows Token Service…
…all require a service account as well.
45. running the farm configuration wizard
Don’t do it.
Really, don’t do it. Your GUIDs will thank you!
46. managing managed paths
46
Don’t create managed paths for URIs that
already exist!
Both sites exist, but only 1 is accessible
There are limits…
Thinking about Office 365?
Limited to three… sites, teams, personal
47. setting up Kerberos
Not reading the documentation
Not knowing how to use ADSIEdit or setspn
Not realizing that Kerberos usually dies at the
boundary
Not understanding the Claims to Windows Token
Service
Configuring Kerberos Authentication for Microsoft SharePoint 2010 Products
48. SharePoint 2013 Workflow
Remember to install Workflow Manager and Service
Bus...
Remember to set up User Profile Service…
Remember to make sure App Management Service
is running…
Remember to open your ports…
49. 49
Thank You EVENT
Sponsors
• We appreciated you supporting
the New York SharePoint
Community!
• Diamond, Platinum, Gold, & Silver
have tables scattered throughout
• Please visit them and inquire
about their products & services
• To be eligible for prizes make sure
to get your bingo card stamped
by ALL sponsors