Friday 26 June 2009

SharePoint Security - Wimbledon, Strawberries and a Scotsman

This week I am going to talk about the tricky topic of Managing SharePoint Security. Three words that can bring many an IT Manager out in a sweat. Similar to when the Air-Con stops working in the Server Room. With still 52 days until the start of the new football season and Martin O’Neill still not thinking of spending any money I am forced to start thinking about the goings on at SW19. Yes, it is time to talk Wimbledon (no I am not going to mention the Wombles again this is about tennis!) and that time of year when all us English folk start eating strawberries and shouting that familiar shout of ‘Come on Tim’. Sorry, this year we have to shout ‘Come on the moody Scotsman’ and we become ‘British’ instead of ‘English’. Maybe this could be the year when we have a BRITISH winner and a new Virginia Wade. Can Andy Murray win Wimbledon or by the time you are reading this is he already saying ‘next year will be my year’? Wimbledon is a fabulous event and always seems superbly organised. Security, like in SharePoint, must be a nightmare with so many courts and so many people going between them. How do security keep track of everyone and insure everyone’s safety. I expect most areas are covered by surveliance cameras but still it can’t be easy to pick out if anyone is grabbing an extra strawberry and would they be able to spot a Paraguay shirt (that’s a reference to Andy Murray’s anti English behaviour in the 2006 World Cup). So what are the similarities between being Head of Security at Wimbledon (probably wearing a nice blazer) and being responsible for managing the SharePoint Security? I think that both jobs involve you keeping an eye on everything that is happening over quite a large area. Company SharePoint structures can grow very quickly and in no time companies can reach 100 plus sites. This is testamony to the success and ease of use of SharePoint but can quickly turn into a security nightmare. Don’t get me wrong in the right hands SharePoint is very secure with an extra level of security added to the normal network Shares. You can set exactly who can access a site, list or individual item and then decide the type of access that person has. The problem comes when you try to work out who has been given access to what. If you document all permission changes that is one way of doing this (it is Best Practice), but who really does this? When the IT Department is busy and loud Susan from Sales insists she urgently needs access to the latest Sales figures many IT personnel just make the change. Alternativiely when the MD requests access to all the Finance data on the Finance site the change is usually instantly made. So how can we keep track of all these changes? Similar to the Security at Wimbledon in their Control Centre we need a central place to manage all the SharePoint permissions. To manage SharePoint Permissions affectively we need to look at some third party solutions available because MOSS or WSS out of the box doesn’t give the option to audit all of a User’s current permissions or when somebody is unexpectedly sacked retract all of their permissions imediately. At Wimbledon when a rowdy spectator is ejected they don’t usually leave a trail behind them but in the SharePoint world there could be dozens of entries for that user spread around all the sites. So which third party Permission Management Tools for SharePoint are availble. My personal favourite is Control Point which was recently a winer at Microsoft Tech Ed 2009. I also awarded this software from Axceler my ‘Top SharePoint Application’ in my SharePoint 2009 awards but to be fair I want to talk about two other Permission Management Tools first, that do a similar job. Firstly, we have Deliver Point which is a great package for viewing permissions from a central control point. It is certainly a step forward and would be welcome by many IT Managers. You can now identify that the Cleaner has access to your company’s secret two hundred year old recipe. One problem people have found with Deliver Point is it can take over 20 hours to synchronise with the Active Directory which means it isn’t run very often and can get out of date. It is certainly worth a trial though. Second entry is Rohati’s Transaction Networking System (TNS) which I found quite enjoyable to use and was impressed with the graphical interfaces. It did exactly what it said it could do and was great for enforcing policies. Again this is worth a trial. So now to Control Point 3 which really can achieve all that it promises and goes further than the other two with the addition of the ability to easily move whole sites and web Application across different servers. Ok this is going further than fixing the security issue but for the same cost as Deliver Point the extra features put it ahead. Imagine if at Wimbledon the Centre Court could just be picked up and placed next to Court 18 who would need a retractable roof then. Control Point can do this with your SharePoint sites. I am a fan of Control Point and you can request a trial by clicking on the link below but don’t take my word for it why not try the others as well. Try Control Point So after buying Control Point the IT staff will have more time for a sneaky listen to the tennis on the radio while they are supposedly working in the Server Room. One warning though – Control Point does need some effort in configuring it when you first install it, but perhaps those nice men at Office Talk can help you with that. My SharePoint Tip this week is to always use Active Directory (AD) Groups when possible and add these to SharePoint. By using groups it will be much easier to make changes in the future. Even if you only have one or two people the best practice is to create an AD group instead of adding individual users. This also has the benefit of you not having to remember individual names when you add permissions. So even if you are only adding British players left in Wimbledon create a AD group called ‘British players Left’ and hopefully add Andy Murray to it. Good luck Mr. Murray the English are right behind you if you win. Now come on Mr. Villa manager start buying some players. Looking at this clip this Scottish player named Murray might be good.

Friday 19 June 2009

BPOS – SharePoint Online For Everyone

At last I can see daylight after spending most of the week in an IT Basement working at one of Office Talk’s Public Sector Customer Sites. It was just like the Channel Four sitcom ‘The IT Crowd’ with us hidden away from the real world with no mobile phone signal, no windows and unfortunately no air-con (at least the rightguard seemed to do its stuff). When Office Talk are out assisting with SharePoint Projects it is still quite common to find the IT Department living like Wombles underground, but what about companies/organisations who haven’t really got IT Departments (or even IS, ICT or whatever the latest trendy name for the Computer Department is)? Well, there is now a way that they can still enjoy the benefits of SharePoint without the hassles of an IT infrastructure. Microsoft now offers SharePoint Online as part of their BPOS package. Why did they call it BPOS? It could stand for’ Buy Post Office Stamps’, ‘Best Personal Officetalk Service’ (sounds saucy!) or ‘Blackpool Pier Of Shame’ (for all the Hen and Stag weekends), but it actually stands for ‘Business Productivity Online Suite’. Hardly the most appealing of names but for many companies this could be a package that will let them join the SharePoint Bandwagon. If you sign-up to BPOS you can experience all the joys of Windows SharePoint Services (Calendars, Contacts, Document Libraries, an Intranet, Picture/Video Libraries, Surveys, Alerts, Workflow and much more). This is an online system that you pay for with a low monthly fee and requires no server or IT Crowd in the basement. It is ideal for companies with maybe under 50 employees and with the help of a Microsoft Gold Partner like Office Talk you can be fully up and running in just a few days. Best of all you don’t have to even meet anyone from Office Talk (although we are reasonably clean and quite well presented) because we can do all of the work remotely. You can also sign up for online Exchange as well, but as Office Talk are purely SharePoint Specialists we will stick to the SharePoint side. So where do you find out more about this strangely named product? The best way is to have a 30 day free trial. Just click the link below and you can start the trial immediately and then if you like it you can then sign-up and continue to use and obviously develop your demonstration sites. You can become SharePointers and see what the hype really is about. Trial of SharePoint Online If however, you are not really sure what SharePoint is and have reached this blog purely because you typed in ‘Blackpool Stag Weekend’ into Google (or more worryingly ‘Womble Stag Weekends’) then try the link below to see a demonstration of what Windows SharePoint Services does. Windows SharePoint Services Demonstration If this still isn’t for you then click the following link to learn more about Stag weekends in Blackpool http://www.lastnightoffreedom.co.uk/stag-nights/blackpool/ For blog readers that already have the joy of SharePoint my SharePoint tip this week is - If you still have documents on shared drives outside of SharePoint then why not add a link to your Quick Launch bar so they open straight up by just entering the full UNC (\\server\sharename). So that’s the end for this week and I didn’t even mention the Villa’s lack of transfer activity. Hopefully Martin will get busy next week. Don’t forget coming soon the Premiership My Team Performance SharePoint Template for 2009/2010.

Thursday 11 June 2009

SharePoint Awards 2009 (Andy Dale’s)

New SharePoint Awards 2012

This week I am going to announce the first ever Andy Dale SharePoint Awards and also offer some similar Premiership football ones. June is here and as it isn’t a World Cup of European Championship summer it will seem a long time until the Premiership returns on August 15th (even longer for Setana subscribers). At least, we have the Ashes to hopefully enjoy. For any American readers ‘The Ashes’ is a tiny urn that England and Australia play cricket for every two years. So with the end of the 2008/09 football season it is very much a time for looking back and for topless big bellied Geordies to stop crying into their Brown Ale. So it seems a good time to make my awards for both SharePoint and the Premiership ones. Sorry there are no prizes, but the winners can happily mention their award on their websites, although not all of them might want to. Let’s start with the SharePoint Awards then I think it is best as this is primarily a SharePoint Blog; 1 Best SharePoint Information Site 2009 WinnerSharePoint Reviews The newcomer on the block which contains reviews of 100’s of SharePoint Products 2 Best SharePoint Webpart Provider 2009 WinnerSharePoint Boost Creating easy to install and use webparts as if they are going out of fashion 3 Best SharePoint Administration Tool 2009 WinnerControlPoint from Axceler Finally a way of really managing all those user permissions across all of your servers and sites. Oh, and very useful for moving complete sites. 4 Best Website built on SharePoint 2009 WinnerCadbury Chocolate and SharePoint have never tasted so good. 5 Best SharePoint Training Package 2009 WinnerCBT Clips Still the best solution to show End Users how to use SharePoint. 6 Best SharePoint Offline Solution 2009 WinnerColligo Contributor from Colligo Allows SharePoint to be with you even when the network isn’t. Don’t forget to download the free reader on the right. 7 Most Useful SharePoint Webpart 2009 WinnerBatch Check-in from SharePoint Boost Lets us finally get rid of the ‘Checked Out’ annoyance after we have move lots of documents. 8 Favourite Free SharePoint Webpart 2009 WinnerGoogle Search Webparts Keep your users in SharePoint as they Google away. 9 Most Fun Free Webpart 2009 WinnerPicture Puzzle Widget from Spring Widgets Spring Widget have lots of snazzy free webparts including cat clocks with moving tails 10 Biggest SharePoint Mess-up 2009 WinnerMicrosoft for 180 day expire error on SP 2. So those are my awards please feel free to add comments either agreeing with my list or ripping them to pieces. Now, onto my Premiership Awards. If you aren’t a football fan, or support Manchester United, please feel free to stop reading now. 1 Best Player Stephen Ireland (Man City) 2 Best Manager Tony Pullis (Stoke City) 3 Best Goal David Bentley (Spurs v Arsenal) 4 Best Signing James Beattie (Stoke City) 5 Most Improved Team Fulham 6 Worst Half Time Talk Phil Brown (Hull) on pitch against Man City 7 Best Game Liverpool 4 Arsenal 4 8 Biggest False Dawn Newcastle beating Boro 9 Biggest Mistake Making Tony Adams a manager 10 Most Annoying Git Christiano Ronaldo Now, to start designing a SharePoint Template for ‘My Team’s Premiership 2009/2010 Season Performance’. It will be available as a FREE download from the Office Talk website by 1st August 2009. Might have to work on the name for it!

Friday 5 June 2009

Bigger SharePoint Templates

Everyone these days wants more from their SharePoint. In fact it seems everyone wants more full stop. This week was sad for me not just because I suffered the effects of flu (hopefully not Swine Flu), but also after twelve great years Gareth Barry left Aston Villa. I first started watching him when he marked Ian Wright out of the game in his first full Villa match when he was just 17. But Gareth now, like our SharePoint users and a certain Oliver Twist, wants MORE. He wants more money and so has followed the money trail to the mega-rich of Manchester City. Where money does seem to be no object. Perhaps we shouldn't begrudge him an extra £30,000 a week at least all the tax he is paying will help replace the money the MPs have claimed in expenses. So why are SharePoint users asking for more? The one limit that seems to frustrate them the most is the limit on the size that Site Templates can be. Many of us use Site Templates to move individual sites between servers or duplicate sites. When it works it is great. All you have to do is go in Site Settings on the site you want to make a template and click the option 'Save Site As Template'. Checking the box 'Include Content' means you can include all the documents as well. Unfortunately, sometimes the depressing message 'The site is too large to save as a template. The size of a template cannot exceed 10485760 bytes' appears and you are left to shake your head. So how do Officetalk advise getting around this size limitation? The answer this time isn't to just move to Manchester City where there are no limits, but to use the most powerful tool in SharePoint the STSADM command. If you have never used the STSADM command before you will be surprised at what an immense tool it is. It is a command line application that can perform all of the SharePoint commands that the Central Admin can perform (without many of the limitations) and lots more. I will try not to put my Techie hat on, but it can backup, restore, move databases, add webparts, change the password of the System account, change Site owners and probably solve the problem to Life, the Universe and Everything. Ok maybe it isn't quite that clever but it certainly has got me out of a number of SharePoint problems. Click here to download a poster of the functions of the STSADM Command Before I get too distracted with the joys of STSADM let me remember the reason for this posting and that is how to increase the size allowed Site Templates. In MOSS 2007 and WSS 3.0 the almighty STSADM command can take this limit from 10MB to an impressive 500MB plus. So how do you do this? First, I always recommend on your SharePoint server copying the STSADM.EXE file to a place where you can find it because by default it is really hidden away in the real cellar of the Programme Files\Common Files\Microsoft Shared\.... Just search for 'stsadm' on the Server then copy it to the root of your C drive if you can. Then all you have to do is open the Command Prompt on the SharePoint Server (just type in CMD at the Run command). Now on the Command Prompt go to C:\ and then type the following (or copy and paste it from here I don't mind); stsadm.exe -o setproperty -pn max-template-document-size -pv 520000000 Press return and hopefully after about ten seconds (but be patient)it will come back and say successful. So now I think I had better make some suggestions to Martin O'Neill about who he can buy to replace Gareth Barry. I wonder if Victoria Beckham fancies shopping in the Bull Ring next season !!