Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

All presentation SharePoint O365 and everything else

This contains a combination of information of SharePoint 2013 and components

  • Soyez le premier à commenter

All presentation SharePoint O365 and everything else

  1. 1. SharePoint 2013 – How to get there! real world experience Technical Process
  2. 2. Centralized site collection policies control access Ensure compliance and increase manageability with audit resilience, filtering, and enablement Classify and identify information Mitigate threats and prevent malicious content. Protect, preserve, and persist information Support compliance via eDiscovery Encrypt and protect data with Rights Management Services (RMS). Purge information no longer needed with site closure policies
  3. 3. Reduce cost and complexity Ensure data compliance and security Solve fundamental business and IT challenges with a consistent, integrated approach Control costs with adaptable crosspremise environments, with public and private cloud, as well as on-premise, deployment options. Reduced disk I/O and bandwidth requirements Unprecedented scale Downtime mitigation through application aware routing and management
  4. 4. Balance the needs of users with those of IT Automate repetitive processes and improve operating economics with Windows PowerShell 3.0 Cut costs while improving the scalability, flexibility, and reach of IT systems Improve adoption and amplify users impact Empower site administrators to decide when upgrade is right for their users through delegation of upgrade. Create evaluation site collections and fix issues without affecting live data Preserve customizations and drive broad user adoption Create backward compatible site collections through selective provisioning.
  5. 5. Top business challenges we hear about Information Explosion     Unstructured Data Un-Organized Un-Categorized Exponential Growth Diverse User Requirements Data in Silos     100+ Systems No Interconnect Difficult to find info Frustration     Discrete Roles Diverse Systems Varied functions Lack 360 view of info 18
  6. 6. Silos for Challenges and implementation Ease of Implementation 3.6 Service Reliability 3.4 Industry Specific Consulting Advice 3.4 Initial Setup Cost 3.4 Vendor Responsiveness 3.3 Support for Specific Business Needs 3.2 Support Costs 3.1 Ease of Customization 3.1 Ease of Integration with on-prem systems 3
  7. 7. Information and application silos Marketing Siloed UI Applications Content Silos Sales IT Consulting Finance Procurement Production Research Support HR / Legal
  8. 8. Phase 1 Design & Plan • For Business and It Audience • To understand SP 2013 and its information • Understand value of information management • Gain Predisposition towards SharePoint Phase 2 Build & Deploy • For Business and IT Audiences • To understand the extent of Information and adoption management • Persuade for championing the cause • For End-user audiences • Messaging begins with education, but quickly turns into a risk adjusted persuasion campaign • Set expectations about potential negatives (data cleanup and migration Phase 3 Transfer & Operate • For End-user audiences • To Support the use of new tools and bolster confidence in the new environment • To promote cultural shift • Define companies message • Define company adoption plan • Define message and message with SharePoint Phase 4 Nurture and Improve • For End-user audiences • To maintain the cultural shift or paradigm in the organization • Collect feedback on the campaign for future iterations for SharePoint • Define Companies messages
  9. 9. SharePoint Adoption Define your Vision Simplify -> Start Small ->Stay Focused Identify Relevant Use Cases Execute Enable Technology Measure Success and Expand
  10. 10. Adoption Checklist  Define Your Vision  Identify Relevant Business Cases  Release your SharePoint functionality in phases  Increase awareness by creating a communication plan  Support users by creating a training plan  Ensure ongoing success by creating a user support plan  Generate excitement by creating an incentives and rewards plan
  11. 11. Define Your Vision • Establish the business priorities that SharePoint will address • Determine your timeframe • Establish metrics by which you'll measure success • Conduct a pilot to gather initial feedback • Create a good User Experience
  12. 12. Identify Relevant Business Cases • Determine the most appealing scenarios for business users • Identify "low-hanging fruit" • Review the list of use cases provided with this white paper to determine which ones apply to your business • Focus on Features for the Business and make them available
  13. 13. Release your SharePoint functionality in phases • • • • Start Small and Stay Focused Select a pilot group of users Do it iteratively Create a Task force
  14. 14. Increase awareness create a communication plan and strategy • Leverage Experts and Champions • Engage Leadership by identifying executive sponsors • Conduct town hall meetings to discuss your solution • Create a plan for continuous communication
  15. 15. Support users by creating a training plan and a strategy • Establish short, just-in-time training options for users • Ensure that your site owners are properly trained before giving them site ownership • Provide training to content contributors to ensure effective content management • Create a site owner community to enable users to help each other
  16. 16. Ensure ongoing success by creating a user support plan and strategy • Establish a contact person for every page • Establish a SharePoint Center of Excellence within your organization to provide high-end support for users • Survey users on a regular basis to gather feedback and establish metrics • Ensure content gets moved from legacy platforms to SharePoint in a planned manner
  17. 17. Generate excitement by creating an incentives and rewards plan •Demonstrate with real data how features are useful •Make it fun (buck the company culture) •Use an online scavenger hunt as a fun way to encourage usage •Provide recognition for content contribution
  18. 18. There are a lot of areas to cover… • • • • • • • ECM WCM Business Intelligence Social Search Services The New App Model/Development
  19. 19. SharePoint Share
  20. 20. Manage Risk Find the perfect balance between compliance and collaboration Manage Cost Manage Your Time Efficiently manage infrastructure while maximizing uptime, minimizing failures and downtime Empower end users while managing risk, complexity, and costs
  21. 21. • • • • • • Shredded Storage SQL Improvements Cache Service Request Management Themes Sharing
  22. 22. Create Create and organize content easily with the help of relevant discovered information Control Manage content policy, information architecture and taxonomy Protect Reduce risk and manage compliance with centralized eDiscovery tools
  23. 23. Site-level retention policies • • Compliance levels extended to sites Policies include: • Retention policy for sites and Team Mailbox associated with site • Project closure and expiration policy • • Designed for managing discovery cases and holds Establishes a portal through which you can access discovery cases to conduct searches, place content on hold, and export content
  24. 24. • • • Support for searching and exporting content from file shares Export discovered content from Exchange and SharePoint Seemless integration of Exchange and SharePoint to provide best of both world and end user flexibility
  25. 25. Use familiar tools to design rich and beautiful sites that represent your brand Create, reuse and consume content for any device and language
  26. 26. Engage in conversations to stay informed and make better decisions. Use community knowledge to gain insight and find answers. Make it easier to work as a team and manage your projects.
  27. 27. Microblogging • • Share content, links, and media Follow people, sites, content, and conversations Activity Feeds • Provides a view into recent activity related to content, links, media, and people
  28. 28. Communities • • Community sites with self-service administration and moderation Modern community features such as achievements and reputation Discussions • Modern discussion boards Blogs • • Client application integration Categories, comments, and moderation
  29. 29. Connected Platform Ensure that information communicated via internal social networks is secure and compliant with centralized IT policies. Provide a single view of the people in an organization and bring together identity-based information from many sources. Build new social apps, and bring important information from your LOB applications directly into the newsfeed.
  30. 30. • • • Excel PowerPoint Word
  31. 31. Find what you‟re looking for with intelligent results tailored to you Get answers and take action with an experience that‟s always a step ahead Build smarter applications that can scale for any need
  32. 32. Easily combine data from any source to create fully interactive reports and insights with guided exploration Visually discover and share insights for collaborative decision making across the organization Manage self-service BI with control & compliance for end user created assets
  33. 33. Excel BI • • Instant analysis through In Memory BI Engine Power View Add-in Excel Services • • • • Improved data exploration Field List and Field Well Support Calculated Measures and Members Enhanced Timeline Controls
  34. 34. • • • Filter enhancements and Filter search Dashboard migration Support for Analysis Services Effective User Visio Services • • • Refresh data from external sources – BCS and Azure SQL Supports comments on Visio Drawings Maximum Cache Size service parameter • Health Analyzer Rules to report on Maximum Cache Size
  35. 35. A new development model for building apps provides a secure and scalable way to build SharePoint solutions. SharePoint 2013 makes customizing sites easier for user, web designer and professional developer alike. The cloud provides you with the freedom to choose how and where to host your apps.
  36. 36. Summary SharePoint Server 2013 enhances the workload experiences by enabling new compelling scenarios that engage and work with the user.
  37. 37. • Social Interaction • Document Set Management • E-Discovery • Records Center • Enterprise Metadata Management • Search Visualization
  38. 38. Social Interaction Ask colleagues for expertise Follow relevant content and subject matter experts Preview content inline
  39. 39. Site mailboxes – Exchange and SP together Site mailboxes can receive emails and have their own email address Easy access from both Outlook Membership and SharePoint (same view!) Site Mailbox Outlook SharePoint Shared Storage Owners Members Emails stored in Exchange Documents stored in SharePoint Unified compliance policy applies to both IW Views Exchange 2013 Management SharePoint Farm Provisioning Lifecycle Exchange Site SharePoint Site Mailbox
  40. 40. Document Set Improvements Support for OneNote notebooks Document set icon in search results Folders supported Also for default documents set for document set Support for easier aggregation CBS & CBQ web parts understands document sets Better developer support Client side and Server side API improvements Versioning improvements Capture full document set as version Search directly in document set
  41. 41. eDiscovery - Exchange, SharePoint and Lync Unified console to add, manage and export discovery sets In-place discovery and holds Legal team does discovery, not information workers Discovery Center in SharePoint Unified Preserve, Search and Export Exchange Web Services Connect to Exchange to get mailbox data Lync Archiving to Exchange Exchange is the compliance store for Lync Search Infrastructure Exchange and SharePoint use the same search platform De-duplicate
  42. 42. eDiscovery Architecture
  43. 43. Site Based Compliance & preservation Compliance officers create policies, which define: The retention policy for the entire site and the site mailbox, if one is associated with the site. What causes a project to be closed. When a project should expire Can set also site collection as read only Policy also available optionally from self site creation Policies must be replicated from content type hub cross enterprises
  44. 44. Record Centers Specify retention schedules for content types Submit documents for long term archival
  45. 45. Enterprise Metadata Management Metadata as enabler for Navigation, term and search driven pages, etc. New term store manager features enhance term usage models Multilingual improvements Cross-site collection access to private local site collection groups Dataview editing support Share and Local properties Pinned Terms vs Term Re-Use Taxonomy API (CSOM and REST)
  46. 46. Term Store Manager in SP2013 Cross site collection term access for private groups Possibility to link different site collections to see others terms Pinning terms Read only reuse of the term in alternative location in the hierarchy User interface for custom property editing Specific by location properties also possible Indication of the term set usage for other SP2013 functionalities Additional Multilingual support Flexible LCID and automated translation support Block users from using keywords outside of specific term set
  47. 47. Search Visualization for ECM Content
  48. 48. • Easy Content Authoring & Management • Targeted User Experiences • Search As Content Provider • Managed Navigation • Content Re-Use • Multi-Lingual Support
  49. 49. Design Manager and general rendering changes Empowering web designers & developers Completely revamped CSS classes Web Part rendering with DIVs, not with TABLEs Minimizing ramp up time Site design & branding using the technologies web developers already know & love (HTML, CSS, JS) – using their preferred design tools. Creating and updating designs no longer requires deep SharePoint expertise Design manager for assisting uploading templates and modifying them on-fly
  50. 50. Image renditions & Video improvements Image transformation dynamically in SharePoint Renditions are actual thumbnails Consistency sized images Cropping for targeting areas of pictures Enable easy enterprise podcast scenarios Video support improvements Video player as HTML 5 implementation
  51. 51. Search Engine Optimization improvements • Numerous SEO improvements in site and page level Features SharePoint 2010 SharePoint 2013 Clean URLs http://www.c.com/Pages/cars.aspx http://www.c.com/cars Home Page Redirects HTTP 302 for http://www.c.com to redirect to /pages/default.aspx Home page served from address www.c.com – no redirect for browser Country code top-level domains (ccTLDs) http://www.c.com/en-us/Pages/cars.aspx http://www.c.com/esmx/Pages/coches.aspx http://www.c.com/cars http://www.c.mx/coches XML Sitemaps None Automatically generated and referenced in robots.txt SEO Properties (e.g. Meta Description) <title> and <h1> must be identical Browser title Meta description Meta keywords Webmaster Tools integration None Assists with ownership verification
  52. 52. Device based rendering - Channels Different channels defined in site collection level (SPSite) Define “channels” for single devices or groups of devices – based on user agents Assign alternate “Master Pages” (shared look and feel) per channel Selectively include and exclude portions of Page Layouts per channel by using specific control Possible to provide cookie level override for end users Same URL, different look and feel based on used device Target Different Devices (per Agent Substring)
  53. 53. Content Search Web Part Similar to Content Query Web Part – but based on indexed content Show content cross site collections Show content cross multiple site collections New presentation template model for easy content presentation fine tuning Content rendered in client side Provides full control on rendering capabilities using html templates Easy editors as web part editors for defining planned query
  54. 54. Managed navigation, search and topic pages Friendly URL http://contoso.com/computers TERM STORE NAVIGATION TAXONOMY Audio Cameras Computers Home appliances Phones TV and video Use page maincategory.aspx CONTENT SEARCH WEB PART Filter query by CATEGORY: COMPUTERS Search
  55. 55. Cross-site publishing (XSP) and catalogs Define content to share across site collections Author content in multiple site collections, then aggregate using Content By Search web part You can use catalog-enabled sites for scenarios such as a content repository, knowledge base, or product catalog
  56. 56. Multilingual support improvements Utilize translation service for automated or manual term translations
  57. 57. • Built-In Visualization • Excel & Excel Services • Performance Point Services • SQL Integration • Management (via Central Administration)
  58. 58. Excel Services Web-based interactive reporting and sharing Power View is built-in Powerful analytics with the built in PowerPivot SQL Server 2012 required A platform for building business applications Key Features Flash Fill Flexible Charts & Pivot Tables Auto-Chart Suggestions Chart Previews TimeLine Dashboards
  59. 59. Excel Services Architecture Excel Web Access Excel Web Services REST API JSOM Web Front End Application Excel Proxy User-Defined Functions Excel Calculation Service Server Backend XLSX/b/m
  60. 60. New features for Excel Services in SP2013 • Data exploration improvements with additional commands • Better integration with SQL Server Analyses Services data or PowerPivot models • Field list and field well support added to excel services for easier PivotChart and PivotTable control • Calculated measures and members supported in web rendering • Enhanced timeline controls for rendering • Application BI Servers support • Business Intelligence Center update • Touch and Device Support
  61. 61. Mobile devices support for BI – including excel Delivering great touch-based data exploration and visualization capabilities in a browser on iOS, Android and Microsoft platforms Excel Services 2013 PerformancePoint 2013 Reporting Service 2012
  62. 62. Excel Services Topology (On-Premise) SQL Server Analysis Services SharePoint Farm Excel Services You have different options for rendering: • View workbooks using Excel Services on SP; or • View workbooks using Office Web Apps Server (and potentially lose functionality) Office Web Apps 6 Farm
  63. 63. Excel Services vs. Office Web Apps Server SharePoint 2013 Web Part Web Service API Authenticated JSOM/REST/APIs Windows-Auth based External Data View Office Web Applications Un-Authenticated JSOM/REST User Defined Functions Connection string Unattended account External data* Embedding Edit documents New documents Co-authoring
  64. 64. PerformancePoint Services Context-driven dashboards across systems Provides transparency and accountability Interactive access using browser Can be created/updated by power-users/professionals
  65. 65. PerformancePoint Changes in SP2013 Architecture and general model has remained the same as in previous version Key changes and new capabilities Filter Enhancements and Filter Search Cascading Filters* PerformancePoint support on iPad Support for Analysis Services Effective User BI Center Update Theming support Dashboard Migration
  66. 66. SQL Server Analysis Services for advanced analytics SharePoint Excel Services SQL Server Analysis Services
  67. 67. Excel Interactive View Generates Excel table and chart views on-thefly from an HTML table hosted on a web page Export to Excel Web App or Excel file for further analyses Associated to any html table Not only in SharePoint, available cross platform
  68. 68. • • • • • Personal Sites Team & Project Sites Communities Connected Platform Integration
  69. 69. Personal Sites Share with everyone, or a smaller group Follow people, sites, hashtags, and documents Filter to see the company feed and mentions See the pulse of the company with trending tags
  70. 70. I‟m Following Gives information about all of the things that user is following number of people, Documents*, Sites* Tags Can easily identify all of the things that powers a user‟s newsfeed Allows the user to access all of those things within a single click from the newsfeed
  71. 71. Search powers experiences across SharePoint
  72. 72. About Me – What Other People See Update your profile Get to know someone by the activities they perform Join in on a conversation
  73. 73. Public Page, Personal Site, Social Features SP2013 social features mostly rely on data on the person‟s personal site and in the Windows Server AppFabric Cache Two lists are now located for providing social features: the Microfeed list and the Social List The personal site document libraries experience has been re-designed Profile Database is still used for following peoples and tags as it was in 2010
  74. 74. Personal site My Tasks One view of all your tasks Site feed for group conversations Synchronized with Outlook
  75. 75. Onedrive Provides a single place for users to create, share, collaborate and follow important documents In 2013 Personal Sites have a single document library that can be user for private document as well as documents shared with others It is “the” document library of your personal site and a set of views that give access to content people want to be connected with. All: provides an overall view of documents in the My Documents
  76. 76. Offline Libraries: OneDrive Pro Provides quick and easy access to Document Libraries in the familiar Windows Explorer experience Works for any SharePoint 2013 Document Libraries. Makes your documents accessible online, offline or in-between and your changes are automatically synced Syncs libraries across multiple devices Fully integrated with Office Document Center: every file that gets uploaded through Onedrive Pro is shredded Replace SharePoint Workspaces
  77. 77. Team & Project sites Make collaborative decisions
  78. 78. Lync Integration Work together as a team from anywhere in the world 8
  79. 79. Community Home Page
  80. 80. Community Members and My Membership At any time people can go to the Members list to see all members and rank them by various metrics People can also see their status and what is needed to move to the next level of reputation:
  81. 81. Search & Communities Contextual Search in Community Site Search results provide community and members information Custom Display template Search result contextualized within the Community site Key Features Find recent & featured content Search within and across communities People search Deep integration with search results
  82. 82. Connected Platform Secure information IRM Guest sharing Manage Identities SharePoint user profiles drive the single view of a person via the “Person card” Integrates w/AD Multiple platform connectivity Windows Phone, iOS
  83. 83. Integration Available APIs Get/Post feeds Get user profile properties Follow people, sites, documents Like, reply, mention, tag, link, add pictures REST & CSOM Development Models Authenticated Access Available in the cloud (& more with on-premises)
  84. 84. Yammer (& SharePoint, et al) Best-in-class enterprise social networking stand-alone social service + in-app social experiences Yammer Enterprise Social Networking Services
  85. 85. Enterprise Search People Search Deep Refinement Document Previews Query Rules & Result Sets • Search Verticals • Architecture • Analytics • • • • •
  86. 86. The launching point into other experiences via navigation and flashing in “intent” driven results Gives users an “Internet search like” experience for finding info and answers across the enterprise UI  Employee facing  Integrated with enterprise portal or standalone search  Search driven experience (versus browse)  Based on core results web part, refiners, search box Query  User query driven  Security trimming Relevance  General relevance algorithm  Task oriented experiences targeted to intent Crawl and Content  Diverse set of content across enterprise, including custom content sources Admin  Service managed by “search service” admin  Site managed by “search site” admin
  87. 87. Find people by name, expertise, group, etc  Find the right person faster – Query suggestions/type-down support combines browsing and searching – Find a broader range of experts based on documents they‟ve authored in addition to profile info – Fuzzy name search is now more accurate, works across more languages, is not based in Speech Server anymore – Social connections: see how you are connected to each person in search results – Search anywhere for people by name and expertise – in Lync or site search Same UI and Query features as Enterprise Search Hub Relevance  Specialized people search ranking model that incorporates fuzzy name matching and expertise finding Crawl and Content  Fixed set of content driven out of User Profiles (which themselves could aggregate people data from multiple locations) Admin  Site managed by “search site” admin
  88. 88. Search architecture mssearch.exe noderunner.exe noderunner.exe noderunner.exe Public API Unit of scale/role boundary 97 noderunner.exe
  89. 89. Other Service Applications Access Services Web Service Application App Management Service Application Business Data Connectivity Service Application Search Service Application PowerPoint Conversion Service Application Architectural model for Service Applications in SharePoint 2013 Introduction to model and changes compared to previous versions Secure Store Service Application Machine Translation Service Usage and Health Data Collection Service Application User Profile Service Application State Service Visio Graphics Service Application Introduction to individual service applications in SharePoint 2013 What has been changed? What is new? Security Token Service Application Work Management Service
  90. 90. Same services architecture as introduced in 2010 • Services can be individually consumed from any Web Application • Allows for a very rich (and complex) farm structure if required • Provide flexibility to utilize services based on application needs • Numerous platform enhancements
  91. 91. Key Service Application Changes New Service Applications: • App Management Service • Work Management Service • Translation Services (Re)Moved Service Applications: • Office Web Apps  Now a separate product • Web Analytics  Now part of Search service
  92. 92. Access Web Apps Collaborative web applications on SharePoint & SQL Server Access App is a SharePoint hosted SP App (own site) Database is a single SQL Server database Access is an abstraction layer over SQL Server Simplified designers Lowers barriers to entry Provide capability for creating data tracking applications easily as business users Developer-level experience not required Most robust SP App designer for SharePoint 2013
  93. 93. Apps Service Application 2 4 1 3
  94. 94. Business Connectivity Services Office Applications Design Tools SharePoint
  95. 95. Translation service application Provides built-in machine translation capabilities on the SharePoint platform Cloud-based translation services Based on Word Automation Service architecture Supports sync, async, streaming Can translate documents, pages and sites Extensible Full trust solutions and SP Apps supported REST API or CSOM available APIs for batch and immediate translations
  96. 96. PowerPoint Automation Services New service application in SP2013 All about file conversions Business scenarios Requirements to convert large amount of old PPT format files to PPTX Convert presentations from PPTX format to some read only format, like PDF, XPS or to images There‟s no out of the box functionality to perform conversion directly from UI Accessed programmatically by providing file streams which should be converted. Customization example: Enable conversion from all document libraries for PowerPoint presentations Customizations using PowerPoint Conversion Service Application have to be deployed as full trust solution or executed in SharePoint server Supported source presentation formats Open XML File Format presentation format (.pptx) PowerPoint 97–2003 presentation (.ppt) Supported destination document formats .pptx (Open XML File Format presentation format) .pdf .xps (Open XML Paper Specification) .jpg .png (Portable Network Graphics Format)
  97. 97. User Profile Service Stores information about users in a central location User profiles can be imported and synchronized with identity management systems like Active Directory Offers following features User profiles Profile Synchronization Audiences My Site Host My Site Social tags and notes Related service apps Managed metadata service app Search service application Business Connectivity Services
  98. 98. Profile Synchronization Performance Large organizations should be able to perform a full sync of AD and SharePoint data over a weekend. Reliability IT pros should be able to monitor the performance and stability of profile sync and have access to the information that they need to take corrective action when problems occur. Compatibility Common Directory Service configurations should be supported, including Forefront Identity Manager and generic LDAP providers.
  99. 99. Visio Services… Renders diagrams in the browser High quality PNG(s) for full fidelity No dependence on Silverlight Native support for Visio file format Diagram consumers do not need a Visio client Available across devices using desktop browsers and mobile browsers Accessible only via SharePoint On premises & in cloud using Office 365
  100. 100. Visio Services… Refreshes data from Multiple external data sources Configured using the Data Linking Wizard in the client All shapes visually refresh – not just Data Graphics Data driven shape behavior Integrated into SharePoint solutions Extensible using the JavaScript API and Web Part Connections
  101. 101. SP2013 for Word Automation New ”Immediate” based request (no waiting) New option to execute conversion immediately, not necessarily from timer job Operate on one file at the time per request Configuration options from CA for simultaneous request amount Notify or update items in SharePoint after completion Word Automation Services can perform file conversions and can update files (ex. update table of contents or fields) Allow WAS to support streams Convert streams from API perspective as inputs and outputs for file operations Streams are stored in memory within Application Server Manager and Worker – not in content database
  102. 102. Work Management Service – Task Aggregation My Tasks
  103. 103. Summary: Other Service Applications Access Services Web Service Application App Management Service Application Business Data Connectivity Service Application Search Service Application PowerPoint Conversion Service Application Secure Store Service Application Machine Translation Service Usage and Health Data Collection Service Application User Profile Service Application State Service Visio Graphics Service Application Security Token Service Application Work Management Service
  104. 104. Customization Management The New App Model
  105. 105. Customization packaging & deployment options Farm • Full trust solutions • Customizations to file system of servers • Hosted in same process as SharePoint • Server side SharePoint API access • Classic model from 2007 Sandbox SP Apps • Declarative elements • Partially trusted code service still included for limited server side support •Deprecated in SP2013 Hosted in isolated process • Limited server side SharePoint API access • New Apps model • Deployed from corporate catalog or SharePoint store • Manage permission and licenses specifically • Simple install and upgrade process • Preferred option
  106. 106. App Model Benefits No custom code on the SharePoint server Easier to upgrade to future versions of SharePoint Works in hosted environments w/o limitations Reduces the ramp-up time for those building apps Don‟t need to know/be as familiar with SharePoint “-isms” Leverage hosting platform features in new apps Enables taking SharePoint apps to different levels – further than what can be done with farm / sandbox solutions Isolation – private vs. public clouds
  107. 107. SharePoint Solutions & Apps Full-Trust Solutions Use Client-Side SharePoint API Use Server-Side SharePoint API Use Remote Services App-based Permissions (OAuth2) On-Premise Deployment Friendly Hosted Deployment Friendly Distribution via Marketplace SharePoint Provided Schematics for Install / Upgrade / Uninstall Sandboxed Solutions Apps
  108. 108. SP App Hosting Options Oauth + REST or client object models SharePoint Existing sites and services App web (optional) Oauth + REST or client object models Existing sites and services App web (optional) Existing sites and services App web The app and all resources are hosted by the provider in any environment suitable for the app. The app is hosted in the cloud. Windows Azure and SQL Server Azure components are provisioned automatically when an app is installed. (Available for SharePoint Online only) The app and all resources are hosted in your organization‟s SharePoint farm. Relies on client side technologies. Your IT organization supports the app.
  109. 109. Public API Exchange SharePoint Architecture overview Custom solution
  110. 110. Search Architecture
  111. 111. Service Applications with their own DBs: • • • • • • • • • • • App Management Service Business Data Connectivity Managed Metadata Service Search Secure Store Service Machine Translation Service State Service Usage and Health Data Collection User Profile Word Automation Service Access Services App databases
  112. 112. Remote farms don‟t need perms to parent farm DBs* Any farm can publish SAs One web application can use both local and remote SAs Enables centralized “enterprise” SAs Support only in specific service applications • • • • • • Business Data Connectivity Managed Metadata Service Search Secure Store Service Machine Translation Services User Profile
  113. 113. Cross farm services cross major versions SharePoint 2010 farms can consume some services from SharePoint 2013 farms (Other way around is not supported) Useful for upgrade process Supported services are Search User Profile Secure Store Managed Metadata BCS
  114. 114. Service Applications and WAN environments Service application Search Managed Metadata Machine Translation Service Business Data Connectivity User Profile Secure Store Service Allowed for WAN environments? Hybrid with Office365
  115. 115. Other Architecture Changes Shredded Storage SQL Improvements Cache Service Request Management Office Web Apps Social Changes Other Considerations
  116. 116. Shredded Storage
  117. 117. SQL Improvements We‟ve reduced scenarios that might invoke full table scans There have been lots of improvements around finding docs for link fix-up and alert handling Reduced data redundancy for some features Using advanced indexing features provided by SQL 2008 R2 Changes in architecture to support wide lists, i.e. lists where a single item spans multiple rows in the database to hold the data
  118. 118. Cache Service New Distributed Cache service in SharePoint 2013 Based on Windows Server AppFabric Distributed Caching. It is all provisioned by SharePoint setup Installed on each server in the SharePoint farm. Used in features like authentication token caching and My Site social feeds
  119. 119. Request Management (RM) Route to WFEs with better health, keeping low-health WFEs alive Identify harmful requests and deny them immediately Prioritize requests by throttling lower-priority ones (bots) to serve higher-priority ones (end-users) Send all requests of specific type, like search for example, to specific machines Isolates traffic to help troubleshoot errors on one machine Route heavy requests to more powerful WFEs
  120. 120. Office Web Apps Architecture Separate server product, not a service application WAC farm can support multiple SharePoint farms View files from multiple data sources, including SharePoint, Exchange, Lync, File servers 3rd parties can integrate with WAC to provide access to documents in their data stores, e.g. EMC Documentum, IBM FileNet, OpenText, etc. WAC version does not need to be in sync with SharePoint Connect SharePoint farm to WAC farm using PowerShell NewSPWOPIBinding
  121. 121. Office Web App URLs in SP 2013 URLs have been cleaned to be human friendly and understandable
  122. 122. Social Change Highlights User Profile Replication Engine (UPRE) Exact delivery mechanism remains TBD Profile Sync Improvements My Site Data Store Changes
  123. 123. Other Considerations Stretched farms are no longer supported in SharePoint 2013 “Stretched” means different data centers with less than 1ms latency All servers in the farm must be in the same data center now For 100% fidelity in 100% of features, all content must reside the same farm Certain social features will have a very slightly degraded experience unless content databases, personal sites and community sites are all together Still allows for geo-grouped farms with full fidelity Specific feature differences beyond scope of this discussion New: Azure Workflow Server - not exactly a service app, but provides externalized host to run workflows. Application Discovery and Load Balancer Service Application
  124. 124. Shredded Storage SQL Improvements Cache Service Request Management Office Web Apps Social Changes Other Considerations
  125. 125. Learn SharePoint 2013
  126. 126. Top 10 Features To Help Motivate Users • • • • • • • • • • #1-Enhanced Collaboration #2-Social Engagement #3-Find Experts and the right Content #4-Doc and Records Management, eDiscovery and Compliance #5-Portals - Intranet, Extranet and Internet #6-Next Gen Devices #7-Business Intelligence, Dashboards and Reporting #8-Organize Projects #9-Improve Service Delivery with Citizen Apps #10-Better Governance
  127. 127. Streamline common tasks Simplified Sharing: Drag and drop content directly into your document libraries and by hovering over a document Live document preview and at a glance see who you’re sharing with and when the document was last edited. Without leaving the library you can edit your documents using Office Web Apps, and in one click share it with a colleague. We’re taking document sharing and storage one step further with the introduction of Onedrive Pro.
  128. 128. Integrate Social Across Departments Connect your workforce and share knowledge with social capabilities in SharePoint and Yammer Follow colleagues, teams, documents, and sites to stay on top of the latest government happenings and improve collaboration across departments and agencies. New Community Sites help you engage in crowdsourcing and harness social networks and insights to drive knowledge sharing. Enhanced Collaboration Benefits Follow people, documents and sites #EmergencyPlan. Improve cross-agency knowledge sharing and collaborative processes #hashtags Crowdsource for best ideas Emergency Planning site Share ideas and get answers in real time on your Newsfeed Who typically works on #EmergencyPlan updates? EmergencyPlan GrantManagement EmployeePensions TGIF Feedback those type of updates. Pervasive presence integration ♡ Like @Mention people Reduce time to get new hires up to speed; promote team building
  129. 129. Deliver Better Portal Experience through Search Simplify how citizens retrieve public service information and get answers to questions Interact with live previews of documents SharePoint Search and FAST Search are brought together into a next generation search engine. Search is far more tuned to what citizens are doing, and what others have found successful. New Hover Card enables users to quickly inspect and find what they are looking for. Visual refiners View videoDive into the part of thumbnails the your without leavingdocument that search page matters most Create YouTube-like video experiences through Search New Hover Card changes based on content type Benefits Improve public awareness of citizen and business services; better address constituent needs Government Portals
  130. 130. Simplify eDiscovery for Compliance Officers Risk and Compliance Find it in one place with unified eDiscovery Reduce time spent and costs associated with discovery With advanced search technology (from the FAST acquisition) the new Office unifies the eDiscovery process by letting you retrieve content stored across Exchange, SharePoint, Lync and even file shares. Compliance officers can search and view content by project, legal matter, or business context. Benefits Use proximity searches to understand context Eliminate third-party security and compliance software Fine tune complex queries Get instant statistics Query results across Exchange and SharePoint Laser focused refiners to help find the data you need
  131. 131. Create dynamic site(s) Familiar Content Authoring and Management Managed Navigation/Friendly URL‟s Support Automated or Manual Translation Image Renditions Video Improvements Usage Analytics Design Manager Device Based Rendering
  132. 132. Work More Securely From Your Own Device Support BYOD and use Office Mobile across devices and platforms Benefits Securely manage mobile devices with policies that let you enforce PIN lock and remove confidential data from lost phones Improve productivity and satisfaction of employees who travel and work on projects and missions across geographic locations Workers on mobile devices stay productive with Office Web Apps and connected with presence and instant messaging. One-click into Lync meetings and view shared content. With Office 365, Exchange and Office enable Rights Management capabilities by default, including IRM in Office, OWA and Exchange ActiveSync. Next Generation Devices and Apps Reduce the risk and costs associated with unwanted disclosure, such as classified documents and citizen information Windows Phone iPhone Office Mobile apps available on Windows Phone 7.5 and Windows Phone 8 iPad OneNote and Lync apps available on iOS and Android phones Android Reduce device hardware and support costs (BYOD)
  133. 133. Create Budget Reports Faster, Help Officials Discover Insights Take budget data, citizen behaviors, and economic trends into Excel to discover insights Use Excel recommendations for the most suitable charts and pivot tables based on patterns in your data. Quickly preview your chart and graph options, and then pick the option that works best. Apply Timeline Slicer, a visual time filter, to see data quickly over different periods. Benefits Budget Report Timeline Slicer: See your data over different time periods, e.g., Month, Quarter, Year Save time creating budgets, reports and analyzing data Gain efficiencies and empower workers through self-service BI Budget Allocation Enable your leadership to make better, more informed decisions Count Recommended Charts: Excel recommends the most suitable charts based on patterns in your data. Discover different ways to visually represent Flash Fill automatically data recognizes pattern from list and proposes fill Business Intelligence
  134. 134. Keep things on track
  135. 135. Develop Apps Using New Cloud App Model Next Generation Devices and Apps Line-of-Business Applications Extend the way you create and consume information from within Office and SharePoint Work across Office apps and Office Web Apps Lower IT costs and time spent on deployment and delivery Reduce training costs by leveraging familiar Office UI Develop apps for Office and SharePoint with HTML/CSS, JavaScript or PHP. Increase insight into web content and LOB data to improve decision making and unlock the ROI in existing investments Hosted in the cloud with minimum device footprint. Apps can be accessed from any device with a web browser. Distribute and manage with IT app catalog (or public Office Store). Benefits The Bing Maps app in Excel maps the addresses highlighted
  136. 136. Manage app approvals and usage
  137. 137. Learn and Train the Trainer
  138. 138. Inform your user community • Information on what will happen during transition… • Communication on when and where it will reside ‘infrastructure’ • What will be converted and when will it occur… • Provided directions for using self-service… • Notifications and reminders are KEY … • Self-service is essential but training is a must… • Notification and ease and do it iteratively … • What IT support, training, and help will be available…
  139. 139. Understand The Differences 1.No Design View in SharePoint Designer 2013 2.No Breadcrumb (By Default) 3.Create Sub Site Has Moved 4.No Sign In As a Different User 5.App Naming & Organization (For Those Who Are Used To Previous Methods For Creating New Lists/Libraries The App Naming Can Be Confusing) 6.Share Instead Of Manage Permissions (Better Than Previous Model, But Requires Explanation) 7. BrandingUX
  140. 140. What did we learn? • Communication with stakeholders is key • Show the benefits, get their buy-in. • Explain the process • Get user Adoption • Train the trainer • Detailed Inventory of what Users want • 3rd party • Deprecated features • Prepare to do some design work • UAT is key
  141. 141. When You Leave, You Should Know… Search
  142. 142. Users and their data
  143. 143. Challenges: Data Complexity What we give to search engines What most search engines see 1234 away come contrastive customize for fs14 how optimizing our relevance (3) should simple some ss14 techniques view (2) what when with you Author: Title: victor poznanski conf relevancy sharepoint Date: 9.4.9 Type: ppt Authority: 6 Anchor: SPC presentation …
  144. 144. Challenges: Intent SharePoint Conference Where is my talk for the SharePoint conference? Are SharePoint Conferences always held at the same place? There is rarely a single right answer Different people have different intents Query Rules help you handle intents I wonder if there are any presentations from previous conferences
  145. 145. Customization Search Quality ≡ Relevance Query management tools Relevance management tools
  146. 146. Configuration in the Conceptual Relevance Flow Query: BT network quarterly report Search Web Part (WORDS BT, British Telecom) AND (WORDS network, networks, networked) AND (WORDS quarterly, quarterlies) AND (WORDS report, reports, reported) Query Processing Thesaurus: BT  British Telecom Best bets: BT Network  …/BTN.htm Dynamic Reordering Rules: Quarterly Report  {prefer docs from http://reports} Query Rule: {Terms} Quarterly Report  Mixed Results for: • BT Network best bet • BT network quarterly report • BT network ContentType=reports Engine Document Collection For all queries: Authorities: Level 1: http://networks Ranking model: {incorporate user ratings}
  147. 147. The Quality Improvement Cycle Identify the problem queries Diagnose the problems Deploy Try to fix
  148. 148. Fixing the Problem: Core Tools Authorities Result Source • Identify important data hubs • Scope or federate your searches
  149. 149. Fixing the Problem: New Tools Simplicity Control Query Rules: Reformulate the query Dynamic Reranking Rules: Reorder the Results Tuning Tool: Incrementally improve existing ranking model Custom Ranking Model: Build relevance from ground zero
  150. 150. Authorities: SSA-level configuration Takes ~24hrs to propagate Sites that are important Sites with low intrinsic relevance
  151. 151. Authorities: Disconnected Main Site: Second Site: Third Site:
  152. 152. Authorities: Connected
  153. 153. Authorities: Connected Setting an authority affects all sites connected through hyperlinks Sites are weighted by distance to the authority
  154. 154. Authorities: Connected 1 1 0
  155. 155. Authorities: Connected 1 0 Non-authorities do not affect connected sites
  156. 156. Queries are Sent to Sources Results from that source User aims a query at a source Protocol/ Location Query Transformation (scope restriction)
  157. 157. Scoping Your Queries with Result Sources
  158. 158. Scoping a Source I
  159. 159. Scoping a Source II User‟s original query Restrict to this site
  160. 160. • Conditionally rewrite the query • Conditionally federate to other sources
  161. 161. Query Rules: rewriting the query E.g. for monthly report customer support, • …results that might be monthly reports • …from particular sites • …with particular authors • …and the most recent date prefer:
  162. 162. Query Rules: conditional federation GlaxoSmithKline  bring results from the CRM vertical for this customer Benefits  bring results from the HR vertical
  163. 163. Query Rules: conditions and actions Query Condition Action
  164. 164. Query Rules: conditions and actions PHRASE-BASED MATCHES • Exact match, beginning or end • Ad-hoc or term store dictionary CURATED (BEST BET) • Show a promoted result HISTORICAL (LOG-BASED) MATCHES • Is this query more likely aimed at the following source…? REFORMULATE THE USER QUERY • Show a block of results • Replace the core results with a different query
  165. 165. Reformulating a User Query I monthly report customer support customer support site:http://reports/regular contenttype=“MonthlyReport”
  166. 166. Query Rules are Associated with Sources Results from that source + Best Bets + Result Blocks User aims a query at a source
  167. 167. Building a Rule (site settings)
  168. 168. Simple Search Verticals Search Box Sort Menu Nav Entry (all are verticals) Query Rules Refiners Results web part Result source for this site Item Templates
  169. 169. Federating Results in from a Vertical
  170. 170. Federating using More Likely Queries I
  171. 171. Federating using More Likely Queries II
  172. 172. Dynamic Reordering Rules Dynamic Rules let you reorder results according to a set of criteria They are configured as part of a query Result actions let you promote or demote results that match
  173. 173. Using the Query Builder
  174. 174. Using the Query Builder The query template
  175. 175. Using the Query Builder: Sorting
  176. 176. Using the Query Builder: Sorting This will ensure the freshest reports will come back, but there is no ranking If the primary sort key is not “rank”, you cannot add dynamic ordering rules
  177. 177. Using the Query Builder: Dynamic Rules
  178. 178. Result conditions and actions
  179. 179. Promotion and Demotion promotion-to-top promotion of 10 demotion-to-bottom demotion of 10
  180. 180. You can Tune a Custom Ranking Model After…
  181. 181. How Can You Change Ranking? Query: Ken Monthly Title=“XBOX Monthly report” Type=ppt Activity=2M clicks Author=Ian Rankem Rating = 5 ωrating Transform (normalization)
  182. 182. Summary Search quality is even better in this release Manage intent diversity Friendly tools for managing relevance
  183. 183. SharePoint 2013 Permissions managing access to sites
  184. 184. Assigning permissions • Permissions can be set per site, per app (list/library) and per content (folder, file or list item) within a list or library • Permissions can be inherited from the parent. This is the default option when creating new sites, lists/libraries, folders and items within lists or libraries • As a rule of thumb, permissions should start as open as possible and become more restrictive as you go deeper into the hierarchy within a site collection. E.g. the top-level site in a site collection may be open to everyone. A sub-site may have access restricted to a specific team, a library within that site may be further restricted to managers within the specific team
  185. 185. Choices to manage permissions Per SharePoint Group Per User Method • • Add users individually to the resource Set permissions per user • • Per Directory Group Add users to a SharePoint group Set permissions per SharePoint group • • Add users to a Directory group (AD DS) Set permissions per Directory group Pros • Struggling to think of any these days… • Delegated admin and can view membership • Lowest overhead across site collections Cons • Largest overhead to maintain • May have to duplicate across site collections • Requires centralized management Best use: • Quick demos and very small deployments • Want to delegate control to site owners • Granular configurations and large deployments
  186. 186. Microsoft recommendations – Part 1 • The old way • Add users to Active Directory groups. Add Active Directory groups to SharePoint groups. Assign access permissions to SharePoint groups Site Collection 1 Added to AD group The standard Microsoft approach for all solutions: add users to a security group, add the security group to a resource group, assign permission for a resource to the resource group Added to SP group Permissions granted Site Site Collection 2 Added to SP group Permissions granted Site
  187. 187. Microsoft recommendations – Part 2 • Since June 2010 • Add users to Active Directory Domain Services groups (AD DS). Assign permissions to AD DS groups. Do not use SharePoint groups Site Collection 1 Added to AD DS group New approach recommended because changes to membership of SharePoint groups triggers indexing and can affect performance Permissions granted Site Site Collection 2 Permissions granted Site
  188. 188. Realistic approach – Part 1 • Use AD DS Groups where possible • Best performance / can nest and re-use for other services • When a user needs to be added to a group, you only need to add them once to the appropriate Directory groups . The same directory group can be added to sites across multiple site collections • Best uses: • Groups that will contain the same users and will be re-used across multiple site collections – saves time/effort • When a large number of groups will need to be managed with frequent changes to memberships - easier to manage centrally as well as offering best performance • When information security requirements demand a strict change management procedure for controlling access permissions
  189. 189. Realistic approach – Part 2 • Use SharePoint Groups for ease of use in some scenarios • Site owners can manage the site permissions by adding people to groups within just their site • Membership can be displayed on site pages using the „Site Users‟ web part, everyone can see exactly who has access to the site • Best uses: • Team site collections, where site management is most likely to be delegated to site owners within the department/team, with governance procedures in place to guide controlling access • Specialist sites, where group membership is likely to be unique and there is a need for non-IT roles to view/manage membership • Small deployments where SharePoint day-to-day administration is delegated as much as possible due to limited IT resources
  190. 190. What‟s changed in SharePoint 2013? The following content applies to SharePoint 2013/SharePoint Online
  191. 191. „Sharing‟ instead of „Securing‟ • New terminology is used for changing permissions and controlling who can access sites and content. Throughout the user interface (UI), the word „Share‟ is used. Clicking this link will allow people to „share‟ the site with others • In some places, it can look a little confusing…
  192. 192. Sharing is everywhere It‟s easier than ever to share folders and documents, just like those pesky file sync/share tools like DropBox* * We love DropBox really 
  193. 193. Sharing can get messy With folders and documents, clicking „Share‟ behaves differently to sharing sites. Users cannot be added to groups. Instead, they are given item-level permissions This prevents them being given access to more than they should but could have a significant performance impact on large lists and libraries Lists also behave differently – you can‟t share items direct at all. Instead you have a „Shared with‟ link that takes you the permissions page for the item (the old method for managing access)
  194. 194. Beware sharing more than you want When you click the „Share‟ button to share a site, you may assume you are just sharing that specific site… You would be assuming wrong! When you click Share for a site, the default is to add the users to the first group in the site with permission to Edit content… If the site is inheriting permissions from a parent site, that group may have permission to edit a lot more than you realise…
  195. 195. Beware who you share with If sharing with external users has been enabled for the site collection, then anybody with Full Control permission for a site can share it with external users, i.e. anybody outside the organization In this image, I‟m inviting the one and only Bill Gates to check out my site Note: only users with Full Control can do this, and only in site collections where external sharing has been enabled. It is off by default. But the external user can be granted equivalent access – right up to Full Control of the site!
  196. 196. Sharing is not always sharing A standard dialogue box is used when adding users to any SharePoint group, regardless of activity e.g. if you decide to click the „Share‟ button and add a user to a site, you need to select what group to add them too. You are sharing access But if you have gone into Site Settings to set up a new group you might not have assigned any permissions yet. You are not sharing access, just sorting out group membership
  197. 197. Sharing challenges recommendations • When changing permissions by sharing content with people, you can only add them to SharePoint groups available to the current site. Domain groups will not be listed • i.e. Sharing will not follow Microsoft‟s recommendation for using Domain groups rather than SharePoint groups for permissions • For practical reasons, most deployments will benefit from a mixed approach. Use domain groups when possible, use SharePoint groups when necessary or when practicality trumps performance
  198. 198. What hasn‟t changed that should Within Site Settings, when you click on People & Groups, the next screen doesn‟t show you a list of people and groups, it shows you the membership of the first group in the list To see the full list of groups, click the More… link in the navigation bar on the left of the page (circled in red) It‟s a minor annoyance that you‟ll spot as soon as you click the New button from this page to create a new group
  199. 199. Governance and Administration Matters Will try and highlight which bits are only applicable to certain versions
  200. 200. Guidelines for managing access • Only enable external access on those site collections you intend to share content with people outside your organization • Only grant Full Control site permissions to non-IT roles who have been given training in how to manage their sites. And budget for refresher training and periodic audits to review • Keep permissions as simple as possible. You do not need groups to identify business roles, only to manage different permissions. Share at the highest level possible by default. Avoid creating custom roles or granular („fine grained‟) permissions per library, per folder or per item except for specific and rare uses
  201. 201. Optimize the design • If only certain functions need to share content with users outside the organization, use site collections to separate and control what content can be accessed by external users • Scenarios that require granular permissions management should be given dedicated site collections. They may even warrant dedicated web applications to fully isolate server resources (on-premise option only) • Scenarios that require granular permissions management (often involving forms and workflows) should use Active Directory Domain Services groups if possible for performance gains • Collaborative team sites that are most likely to share documents individually should be kept small in size, particularly the libraries
  202. 202. Pre-configure/Automate what you can • Have a central resource mailbox for access requests. Configure all attempts to access sites to prompt users to request access, and forward the request to the central mailbox for review by IT • For sites that are intended to be „shared‟ internally or externally with control delegated to site owners, set-up default SharePoint groups to make permissions granted as clear as possible • For sites that are intended to be shared, break inheritance for all top-level sites to avoid accidentally sharing more than intended. i.e. each top-level site should have its own unique set of permissions
  203. 203. …and document the manual steps • Provide clear guidelines on how access to sites is being managed and when more granular permissions are acceptable or not (e.g. unique permissions per sub-site, library or item) • Use a consistent naming method for SharePoint groups so that people become familiar with differences in access permissions • Beware the default new „Edit‟ permission. When sharing sites and content, site owners should always click „Show options‟ and ensure the correct group is selected
  204. 204. Example: Team Site Collection Finance X X X Teams Legal IT X = site = broken inheritance Directory group „Everyone excluding external users‟ added to Visitors group by default Site Owners trained to use only Contributors or Visitors group when sharing the site outside the team SharePoint Group Permission Purpose <Site> Owners Full Control Delegated site management <Site> Team Members Edit Team participation in the site <Site> Contributors Contribute Use for shared contributions <Site> Visitors Read Use for shared viewing
  205. 205. Bonus tip: Show group membership • When delegating control and using SharePoint groups to manage access permissions, to encourage self-auditing • Create a page for the site called „Site Permissions‟ and display each group membership using the „Site Users‟ web part. • It‟s an extra step when setting up each top-level team site but can lower ongoing maintenance overheads by making access transparent
  206. 206. Reference: What do the different permissions allow people to do? This bit is specific to SharePoint 2013 but the basics apply to all
  207. 207. Default Groups Part 1 • The following are the default groups created automatically for team sites in SharePoint 2013 Group name Permission Level Comments Owners Full Control Use (sparingly) when delegating management of sites Members Edit Use for participants who will be adding and updating content Visitors Read Use for people who will be reading but must not change content Viewers View Only Use to allow people to view but not download content
  208. 208. Default Groups Part 2 • The following are additional groups created for other site templates, specifically the Enterprise Publishing templates Group name Permission Level Comments Restricted Readers Restricted Read + Limited Access Can‟t see version history or permissions Style Resource Readers Read to Master Page gallery and Restricted Read to Style library Don‟t remove from root site in site collection Approvers Approve + Limited Access Can approve content before it is published Designers Design + Limited Access Can change visual layout Hierarchy Managers Manage Hierarchy + Limited Access Can change the structure
  209. 209. Default Permissions Part 1 Permission Access granted Notes/Comments View Only Can view pages and lists/libraries (browseronly). Cannot download (or view in client applications) Default for „Viewers‟ group in 2013. Limited Access Enables access to specific content without having full access to site. Built-in, cannot be edited. This is used when sharing individual documents Do not remove! Read Can view pages, lists/libraries and items, can download and view in client applications Default for „Visitors‟ group. No change from previous versions Restricted Read Same as Read but cannot see permissions or version history No change from previous versions.
  210. 210. Default Permissions Part 2 Permission Access granted Notes/Comments Contribute Can add or change items on pages and in lists/libraries Used to be the default for „Members‟ pre-2013. Can no longer delete items Edit Can add, edit and delete lists and libraries. Can add, edit and delete items within lists/libraries New permission for 2013 and now the default for „Members‟ Design Can view, add, modify, customize, approve and delete the layout of site pages using the browser or SharePoint Designer 2013 Altered in 2013 as some perms have been moved to „Edit‟. Full Control Full permissions including site creation and deletion and full access to all site settings No change to previous versions
  211. 211. Default Permissions Part 3 Comments: • The new „Edit‟ permission makes sense because many organizations have wanted a permission that does not include „delete‟. That is now the role of the „Contribute‟ permission • However, when the ability to delete is required, „Edit‟ now grants more permissions than the old „Contribute‟ such as adding and deleting lists/libraries too (previously required „Design‟) • That said, the Recycle Bin remains your friend and accidental deletions can be easily recovered. (Up to 90 days on Office 365, period to be defined for on-premise installations, default is 30) • Yes I missed off a couple of permissions: Approve and Manage Hierarchy. They‟re pretty self-explanatory and haven‟t changed
  212. 212. References & Further Reading • Overview of site permissions in SharePoint 2013 http://technet.microsoft.com/en-us/library/jj219771.aspx • Define permission levels and groups in SharePoint 2013 http://technet.microsoft.com/en-us/library/cc262690.aspx • Permission levels and permissions in SharePoint 2010 (Windows SharePoint Services 3.0) http://office.microsoft.com/en-gb/windows-sharepoint-serviceshelp/permission-levels-and-permissions-HA010100149.aspx • Clarifying guidance on SharePoint Security Groups versus Active Directory Domain Services Groups http://blogs.msdn.com/b/kaevans/archive/2013/05/06/clarifyingguidance-on-sharepoint-security-groups-versus-active-directory-domainservices-groups.aspx • Software boundaries and limits for SharePoint 2013 http://technet.microsoft.com/en-us/library/cc262787.aspx#ListLibrary
  213. 213. There is even more In case you‟re still not sure of the potential risk
  214. 214. Scenario: Following the defaults • All team sites are inheriting permissions from the root „Teams‟ site in the site collection. It‟s an open collaborative organization… Teams Teams Site Permissions Group Permission Owners Full Control Members Edit Visitors Read Finance Legal IT
  215. 215. Scenario: IT shares their site • Somebody in IT decides that their supplier should have access to the IT team site… Teams IT • If they just follow the defaults, they will add the external user to the „Teams Members‟ group and give them Edit permission to all the sites in the site collection, i.e. Finance and Legal sites as well • Yes there are warnings written in the dialogue box. From experience, people don‟t read the small print…
  216. 216. Scenario: Sharing lots of documents • If people are complaining about performance problems with their site, and specifically navigating a library within the site, check its size and whether or not documents are being shared (internally or externally) • Microsoft recommends to not exceed more than 5,000 unique security scopes per list or library. The absolute maximum is 50K • Avoid „sharing‟ documents in large libraries. Keep them small to avoid performance issues. Large libraries such as records archives should have standard, centrally managed, permissions
  217. 217. No-code SharePoint 2013 Solutions for users
  218. 218. Context sensitive Help items: • Videos • Images/Screenshot s • Documents • Links
  219. 219. What type of user do you want to be You have technical expertise Your organization understands business needs Does not want to code AKA Citizen developer, BUIT
  220. 220. “Let’s not write code until we have to write code.”
  221. 221. What is a no-code solution? Quick, useful, inexpensive Solves a common business need AKA SharePoint Composite, Mashup
  222. 222. Typical no-code solutions Human Resource portals Expense reporting Self-service reporting, financial dashboards
  223. 223. Typical no-code solutions Review and approve document workflows New-hire orientation sites Structured documents: contracts, RFPs, & invoices Ideation, feedback, & “suggestion boxes”
  224. 224. “Citizen Developers 25% of New Business Applications by 2014” Gartner
  225. 225. The customization continuum Customize SharePoint Out-of-the-Box (sites, docs, lists, social) Declarative Capabilities (Doc Sets, Records, Search) SharePoint Composites (Access App, BI, Workflow, BCS) Managed Code (Apps, CSOM, Reusable components)
  226. 226. Your New Favorite Website http://technet.microsoft.com/en-us/sharepoint/dn594430
  227. 227. Your New Favorite Handbook Handbook
  228. 228. Call to Action • Watch videos at: SharePoint-Videos.com • Check out: No-code solutions using SharePoint 2013 Composites • Read the Gartner article: Gartner Says Citizen Developers 25 % of New Business Applications by 2014
  229. 229. Overview Community sites Personal site administration Personal site feeds Personal site following OneDrive Pro
  230. 230. • Newsfeed: shows you updates on social activities for items and people you are following: • • • • • • • • People posts People profile changes Changes on followed documents Items tagged with followed tags Mentions & Likes Activities: all my activities Site Feed activities Company Feeds • I‟m Following • Trending Tags
  231. 231. About Me – What other people see
  232. 232. ©2012 Microsoft Corporation. All rights reserved.
  233. 233. Community home page
  234. 234.  Evolution of the SharePoint 2010 Forums  Builds on the concepts of discussions, likes, ratings, badges and reputations  Communities can be created by using a new Site Definition  Template available for site collections and sites  Uses Wiki Pages infrastructure  Each community site is self contained:  all community information is stored on local lists in the community
  235. 235.  Content is organized by Categories, with a rich UI set of image and data  Presentation pages are «wiki pages»  Rich content experience  Easier to customize, don‟t need to be SharePoint master for creating content  Users can use rating and liking for content  Can vote 1 to 5 stars, or Likes  Likes and rating are available on each site in SharePoint 2013  Community Site specific features     Reputation Moderation Best replies & Featured discussions Discussion Alerts …
  236. 236. Community categories Navigation Title Posts and replies Description
  237. 237.  Every post can be edited and deleted by the original owner as well as community owners  Every member of the community can report a post to the moderator (if the setting is enabled)  Marking a post as “featured”: once marked, a specific post will render at top of its category  Community administrators or moderators can set featured posts
  238. 238. Best Reply: bubbles up in a specific reply and shows it up as the first reply in the discussion thread • • Community Administrators and Moderators can set “best reply” on any replied to post Regular members can mark a reply as the “best reply” if they created the original discussion post
  239. 239. • Owners can enable ratings on Community Ratings can be a star or like system: Both are completely decoupled from Social DB and live only in the Content DB • Owner can switch between the two systems and rating values get preserved in the switch • Mouse hovering on the rating provides quick information at a glance: • Who rated • The value of the rate • Visual representation for your likes • •
  240. 240.  People reputation is impacted by activities like creating posts, adding replies, etc.  Reputation is per community – reputation in one does not affect it in another community  Reputation model cannot be directly extended  Community owners control points for each activity
  241. 241.  There are two type of badges in communities:  Achieved badges  Gained by people from collecting points for performing specific activities  Gifted badges  Assigned by community owners
  242. 242.  Administrators also configure the point thresholds required to achieve reputation rankings  Once a member reaches a specific level he/she receives a «badge» that shows achievement goals reached  Achieved badges can be displayed as a ranking level or text
  243. 243.  It‟s a way for Community Owners to “push” recognition to a member  Not achieved by members  Assigned by Community owners  List of Gifted Badges can be managed to add or remove badges  Gifted Badges are shown in the people status with a specific Icon to highlight the badge
  244. 244.  The Members list displays all members, their rank and various metrics  People can also see their status and what is needed to move to the next level of reputation:
  245. 245. • Allows any members to report any post (reply or discussion) to the Moderator • Reports with comments are stored in an hidden list • Members are notified real time of their reported activity • Moderators can then decide to delete, edit or remove the Report
  246. 246.  Displays a directory of Communities within the organization  Starting point for Communities, where and what they are and join  Site collection that gets provisioned by CA  Administrator defines the Community Portal entry point  Uses Search to populate the list of the existing communities  There‟s a lag between the time a new Community gets created and when it shows up in the Portal  Provides ability to search for Communities within the Portal  It is security trimmed: displays Communities based on permissions (access)
  247. 247. Community portal
  248. 248. Community walkthrough
  249. 249. ©2012 Microsoft Corporation. All rights reserved.
  250. 250.  Available in Central Administration in the User Profile Service Application  Administrators govern profile information that users can or cannot manage  Users can always override Admin settings regarding activities and following people privacy settings.  Simplified compared to SharePoint 2010 Policy settings:  Privacy setting is now “Only me” or “Everyone”
  251. 251.  Admins can also enable a “default“ privacy setting to make people following information and activities public.  Blocks administrators in CA from controlling privacy settings of newsfeed activities  Message informs administrators that policy control is override  If unchecked there are no system activities in Microfeed.
  252. 252. ©2012 Microsoft Corporation. All rights reserved.
  253. 253. Microblogging feed flow • User Generated • System Generated
  254. 254. • Latest activities from across SharePoint cached in-memory, so users can always see the latest activities when they go to their consolidated feed in real time. • That applies to both user activities like microblogging posts and system activities like doc modifications • What is not retrieved from the cache • • “User‟s Activities” in the Person.aspx page Everything.. If the cache is empty
  255. 255.  A mechanism for scoping conversations only to a specific set of people  By default Microfeed posts are public and accessible by everyone  Relies on a different Site for scoping the conversation  People share a site where they want to start private conversation  Group conversations don‟t get posted in personal site Microfeed list  The post lives only in the local site and Distributed Cache  If members of the conversation follow the site, group conversations also appear in their consolidated feeds web part  The person who initiates the conversation follows the site automatically, other people must manually follow the site  the text changes to show up the title (link) of the site where the conversation happens
  256. 256.  Team Sites have the site feed feature enabled during provisioning  Provides a Site Feed page in the site that shows microblogging posts related to that site  It also provisions a Microfeed list within the site and the Newsfeed web part  Can also be activated on other sites
  257. 257. • Offers a way to keep track of specific posts across all the microblogging activity • Likes: is a personal view to see things you liked* • Other people don't have access to the list of everything you liked, but they can see what you liked if they look at your profile feed (About me). • Useful to track Social activities • • The popularity of an item Tracking a specific post – thread • It shows in the main consolidated feeds web part
  258. 258. • Mentions give the ability to refer to a person in a microblogging post • It works independently from following • if a person gets mentioned that post will show in his or her mentions feed. • People lookup from different places • • “Followed People” list AuthN providers based on the Authentication type • User who gets mentioned receives a notification email always • • • In Site Conversation user gets a warning mentioning someone will send an email, regardless if he/she has access to the site In Communities user gets the email and the notification in Newsfeed web part, regardless if he/she has access to the site Newsfeed page also provides a visual notification of number of mentions
  259. 259.  It is a Personal Site feeds view of all users generated activities.    Introduces a new level of discoverability of new people and topics to the feed system, Helps on ramping new users to the feed system and its usage patterns in their company It is a great way to start following people you think are interesting  User generated activities are displayed for everyone in the company    Showing even activities of not followed people Only user generated activities are showed, not system generated activities (e.g. user x is following site y) Group conversations doesn‟t show up in the Everyone view
  260. 260.  Having a single UPA vs. multiple UPAs is best practices from the Social features standpoint  With multiple UPAs Microfeeds and people following will still work but people will experience delays in notifications  Community sites need to live in the same farm where My Site Host and Personal Sites are provisioned  They can live in different web applications  If in different farms, community notifications in the Newsfeed will not happen
  261. 261. ©2012 Microsoft Corporation. All rights reserved.
  262. 262. • Follow People Entry points • People Search • Newsfeed • People Page (About me)
  263. 263.
  264. 264. • Follow Document Entry points • Search • Library
  265. 265. • Follow Tags Entry points Newsfeed Profile TagProfile Trending #tags web part • • • • • through TagProfile page
  266. 266. • Gives information about all of the things that user is following • • • • number of people, Documents*, Sites* Tags • Can easily identify all of the things that powers a user‟s newsfeed • Allows the user to access all of those things within a single click from the newsfeed
  267. 267. ©2012 Microsoft Corporation. All rights reserved.
  268. 268. • Provides a single place for users to create, share, collaborate and follow important documents • In 2013 Personal Sites have a single document library that can be user for private document as well as documents shared with others • It is “the” document library of your personal site and a set of views that give access to content people want to be connected with: • All: provides an overall view of documents in the My Documents
  269. 269.  Provides quick and easy access to Document Libraries in the familiar Windows Explorer experience  Works for any SharePoint 2013 Document Libraries.  Makes your documents accessible online, offline or in-between and your changes are automatically synced  Syncs libraries across multiple devices  Fully integrated with Office Document Center: every file that gets uploaded through Onedrive Pro is shredded  Replace SharePoint Workspaces
  270. 270. SharePoint Permissions Worst Practices 290 | @bobbyschang | bobbyspworld.com
  271. 271. Why Worst Practices? Rather Than a List of To-Do’s
  272. 272. At Times It’s More Effective (and Fun) to Share What NOT To Do
  273. 273. And Scare You Share With You Its Consequences
  274. 274. Basic Overview SharePoint Permissions
  275. 275. Permissions Fundamental To Provide or Restrict Users with Access to SharePoint Content
  276. 276. Inherited Permissions by Default Site Collection Site Child Site List / Library Item
  277. 277. Site Collection Site Break Inheritance Child Site List / Library Item
  278. 278. Site Collection Site Break Inheritance Child Site List / Library Item
  279. 279. Permission Level • Determines how much access a user has • Most Commonly Used Permission Levels: 1. Contribute o Target Audience = Team Members, Supervisors o Create, Read, Update, Delete content 2. Read o Target Audience = Visitors, Clients, Extended Team Members o Read content 3. Full Control o Target Audience = Site Administrators, Site Managers o Create, Read, Update, Delete content o “The Kitchen Sink”
  280. 280. Worst Practice No Planning
  281. 281. Right?
  282. 282. Planning Matters Planning Matters
  283. 283. Do You Have a Permission Strategy? Photo Credit – Matthew Keagle & Creative Commons
  284. 284. - What is purpose of the site? - Gathering Info vs. Dissemination - Extranet vs. Intranet - Are there different member roles? - Any group specific classified info? - Who’s the Site Manager? - Who’s the target audience? - Is there any restricted content? - Access for anyone outside org? - What is documentation process? - How will you address training? - How will permissions be governed?
  285. 285. What Governance Can Do • Consensus on processes and set expectations • Increased team awareness • Better understanding of SharePoint intricacies • More effectively managed platform • Compliance with rules and regulations
  286. 286. “A governance strategy is never static – it is a living, breathing process and a set of rules that you should live by, not die by!” --Christian Buckley, SharePoint MVP
  287. 287. Governance Should Evolve as Your SharePoint Platform Matures
  288. 288. Worst Practice “Full Control” for Everyone
  289. 289. What You Can Do w/ Full Control Create & Delete Sites Create SharePoint Groups Manage Site & List/Library Permissions Activate & Deactivate SharePoint Features Create, Update, Delete List/Library Public View Generate Site Web Analytics Reports Create, Modify, Delete SharePoint workflow Create, Modify, Delete Site & List/Library Columns Delete Site & List Template Delete Master Page & Page Layout Add, Update, Delete a Wiki and Web Part Page Add, Update, Delete Web Parts Etc. etc. etc.
  290. 290. Full Control Pyramid Scheme
  291. 291. Don‟t Take Site Manager Delegation Lightly!
  292. 292. Dear Site Managers, You play a pivotal role to SharePoint success (or failure)
  293. 293. When asked to pleeasseee have access to EVERYTHING
  294. 294. Let’s not rush to give Full Control Image Credit: © SheKnows LLC
  295. 295. First Ask Follow-Up Questions • What type of “access”? • What exactly is “everything”? • Majority of the time, you may find: • “Everything” may pertain only to Documents • “Access” could mean Read/Update/Delete Documents • Thus Contribute access may be sufficient
  296. 296. Before Providing Full Control • Ensure user completed necessary training • Check or Refine governance policy • Consider other permission levels that may fulfill needs (e.g.: “Design”)
  297. 297. It’s not that you’re a control freak Thy requests must go through me …
  298. 298. Simply can’t have everyone manage your site
  299. 299. Worst Practice Assigning Permissions to Individual Users
  300. 300. How Will You Handle • Team Growth • Role Change for Existing Users: – Expanded Responsibilities – Rolling Off Project – Promotions • Onboarding New Employees • Employee Departures
  301. 301. Real World Example Where in the World is Carmen Sandiego?
  302. 302. • Hard to decipher who has what level of access • Cumbersome to manage, control, and update existing permissions • SharePoint Out-of-Box “Check Permissions” function is rather limited
  303. 303. Instead, Use … SharePoint Group
  304. 304. First, Assign Permissions to SharePoint Group Then Add or Remove Users from the Group
  305. 305. For SP2013 Microsoft recommends … AD Group (Active Directory)
  306. 306. AD Group
  307. 307. AD Group – Why & When • Recommended by MSFT for performance • Use AD group in SharePoint only if • AD group definition is well defined • IT Team is proactive in updating membership • Group info should be up-to-date to ensure proper access setup in SharePoint
  308. 308. Worst Practice Default Settings for SharePoint Groups
  309. 309. Have You Seen This Error?
  310. 310. How About This?
  311. 311. SharePoint Group Challenges • Site Managers could be locked out • Be Mindful of Default Settings when creating new
  312. 312. Group Owner Settings Default -> the user who created group ALWAYS assign a group as group owner Preferably Site Collection Owner or Site Owner group
  313. 313. Membership Visibility Settings Default -> only Group Members can view Instead open membership list to everyone
  314. 314. What to Look Out For in Site Creation
  315. 315. When Creating a New Site • “Unique permissions” option is available • This option: • Breaks site permission inheritance • Allows you to create 3 new SharePoint groups
  316. 316. Before Creating 3 New Groups Reflect and Assess! Do I really need unique site permissions? Do I need all 3 new SharePoint Groups? Is there an existing group that I can use?
  317. 317. Worst Practice Item Level Permissions
  318. 318. Item Level Permission • Item = Document, List Item (e.g.: Calendar, Task, etc.) • You can set permissions at the Item Level
  319. 319. Just because you can … doesn’t mean you should
  320. 320. Challenges • Library/List View doesn‟t differentiate unique permissions • Laborious admin • Manual process of checking broken permissions • Changing permissions require updates to each file • May lead to performance issue
  321. 321. F A C T : Reduced performance after 5000 files break inheritance See Microsoft references: http://bit.ly/1iMmyiC
  322. 322. What changed in 2013?
  323. 323. “Share” in SharePoint 2013 • Intuitive & Convenient • Embraces social • Great tie-in to other components
  324. 324. Sharing is Caring! Right??
  325. 325. “Sharing” a File in 2013 Available via File Preview The Gotchas • Convenient but hard to govern • UX is different than sharing a site • Breaks permission inheritance of the file • Grants permissions to individual users For more details, read this great resource by Sharon Richardson
  326. 326. Who can “Share” a File? Contributor Note: It contradicts Contribute permissions level
  327. 327. Let‟s Recap! Item Level Permission (Worst Practice #5) Permissions for Ind. Users (Worst Practice #3) Oh so easy + ________________________________ “Share” File in sp2013
  328. 328. *BONUS* Worst Practice Fun with Limited Access
  329. 329. Ever Seen This and Wondered Why?
  330. 330. Because Limited Access is The Devil
  331. 331. If user is not declared in site permissions, Permissions given to a user at library or list level leads to “Limited Access” creation for user at the site level Limited Access Contribute Site List / Library
  332. 332. Challenges with Limited Access • Clutters site permission page • Can‟t easily identify where access was granted • Important Note When You Delete User’s Limited Access at Site, SharePoint Automatically Removes User’s Permissions in Library/List/File
  333. 333. What if you’re already in a permission hole?
  334. 334. First Things First – Stop the Bleeding! e.g.: Change Full Control access for unqualified folks to Design
  335. 335. Assess the Damage and Document Findings
  336. 336. Gathering Permissions Info • SharePoint Out-of-Box • Unique access displayed in site permissions page • Manual process conducted per site • PowerShell script • Third Party Tools • Codeplex (v. 2010/2007): SP Permissions Manager • #SPYam Community Recommended: DeliverPoint by ControlPoint by
  337. 337. Few Considerations During Permissions Clean-Up
  338. 338. Remember that it‟s a process • Requires time commitment & effort • Warning: You may not get it done in a day • Don‟t do it yourself • Gather requirements from business users • Leverage other team members One is the loneliest number Photo Credit - The Daily Journal
  339. 339. For Worst Case Scenario, Consider Starting Over
  340. 340. For those in very bad shape • It may be more beneficial to start over by: • Inheriting all permissions • Then reconfiguring permissions appropriately • This route could be high risk, high reward • Before exploring this, be sure to: • Get executive buy-in • Devise a plan with Content/Site Managers and relevant business functions • Communicate impact to user community
  341. 341. Last and Certainly NOT Least Mitigate Survey the Field Clean Up Manage & Control Do NOT forget this step!!
  342. 342. Manage & Govern • Enforce permissions governance • Gain leadership support: • Illustrate level of effort to remedy issue • Quantify the business impact ($) • Form & engage Governance Committee • Provide continuous training for Site Managers
  343. 343. Monitor & Control • Define processes to periodically assess • Determine monitoring tools • SharePoint Audit log reports (Manual process) • Automated Audit via Third Party tool
  344. 344. Whatever you do,
  345. 345. “The greatest accomplishment is not in never failing, but in rising again after you fall” --Vince Lombardi Photo Credit - Journal Communications, Inc.
  346. 346. 370 | @bobbyschang | bobbyspworld.com
  347. 347. 371 | @bobbyschang | bobbyspworld.com
  348. 348. Provide Your Users with Value-Add Photo Credit – Matthew Keagle & Creative Commons
  349. 349. Folder = Physical Location • SharePoint appends all folders into URL • URL encoding applies, e.g.: Space = %20 /Proposal/Draft%20Copiesfrom%20Team… /ProjectDocuments http://mycompany.com/sites/TeamAlpha /Project%20SOW /MyPersonal%20Original%20Copies /I%20Very%20Much%20Like%20Subfolders My%20Favorite%20Document.docx / Team Alpha Site Project Document Library Project SOW Proposal Draft Copies from Team My Personal Original Copies I Very Much like Subfolders My Favorite Document.docx
  350. 350. Reason # 1 375 | @bobbyschang | bobbyspworld.com
  351. 351. A Linear Structure • Requires drilling down to sub-folders • Rigid structure leads to difficulty in finding content • Can be inefficient during file upload 2 1 3 4 6 # of user clicks 5 7
  352. 352. Reason # 2 377 | @bobbyschang | bobbyspworld.com