Presentation is loading. Please wait.

Presentation is loading. Please wait.

SHAREPOINT SATURDAY OTTAWA

Published by刷 容 Modified over 7 years ago

Similar presentations

Presentation on theme: "SHAREPOINT SATURDAY OTTAWA"— Presentation transcript:

1 SHAREPOINT SATURDAY OTTAWA
December 3rd, 2016 WELCOME SHAREPOINT SATURDAY OTTAWA

2 SharePoint On-Premises Nirvana
Tips and Tricks for Installing, Configuring, and Operating a SharePoint Farm: Large or Small

3 SPS Ottawa is made possible by our Sponsors!
Platinum Gold Silver Bronze

4 1971 Baseline Road (corner of Woodroffe)
Summerhays Grill 5:30 pm 1971 Baseline Road (corner of Woodroffe) ShareP nt Please drink responsibly . We will be happy to call a cab for you

5 Agenda: SharePoint Nirvana
Prepare Install Configure Operate Tune SQL IIS Windows Server

6 Who Am I: John Calvert? SharePoint / .NET solution and technical architect Over 18 years experience developing business solutions for private industry & government Recent clients include StatCan, HoC, Justice Canada, NRC, NSERC, DFAIT, CFPSA, MCC, OSFI Specialize in Microsoft technologies Speaker at user groups and conferences

7 Who Am I: Brian-Paul Carline?
Senior Infrastructure and SharePoint Administrator

8 CloudShare: What We Do Specialized turnkey solutions for specialized cloud-based IT lab applications: Training Sales Enablement Dev & Test

9 CloudShare’s SharePoint Solution
CloudShare allows SharePoint professionals to build single server or multi-server SharePoint farms in minutes, at a fraction of the time and expense of traditional setup. No need for expensive on premise infrastructure. No IT experience required. Ease of Use Extensive Template Library Licensing Included Spin up a fully- configured and customized environment in minutes. A web browser is all you need! Individual SharePoint VMs or pre-configured, multi-server SharePoint farms – we have what you need Our SharePoint templates have licensing built-in. One less expense. One less thing to worry about. Quick Environment Cloning Sharing & Collaboration Resource Management Copy your whole environment with a single click – even its current memory state. Return to a clean image in minutes. Invite your colleagues to collaborate on your environment – across the office or across the world Fully configurable policies – including activity sensing and auto-suspend – to save your resources and money

10 – Kevin Streater, Director of Global Training –
CloudShare: About Us Over 500 customers in 100+ countries Patented cloud computing technology developed with over 200 man-years of top R&D talent Privately held with HQ in San Francisco and R&D in Tel Aviv With CloudShare, we have scaled the business without having to give another thought to the platform we’re running on. – Kevin Streater, Director of Global Training –

11 Wait: Go Cloud or Hosted!
Office 365 / SharePoint Online: Optimized topology and config Highly available, geo-replicated, and scalable Always patched / always current & cloud-only features No need for separate Office Online Server (OOS) farm Highly secure, latest encryption and configuration, BYO encryption keys Expert behind-the-scenes support team Requires 3rd party backup & restore / DR solution Multiple Office 365 services will make this complicated Don’t attempt on-premises if you have no / too few dedicated SharePoint IT Pro(s) for operations and support O365 & SPO are more robust and secure than any on-premises farm and IT Pros you can afford! Hybrid has certain complexities, especially with single sign-on and hybrid search, not a lower cost / effort option If Cloud / Hosted pricing appears too expensive, either you have the wrong supplier or you massively underestimate the effort for on-premises On-premises is not an install & forget about it business service; SharePoint farm and related systems eg SQL need constant care and attention

12 Initial Planning Workloads: Intranet/Internet WCM, Collaboration, Search, BI, etc? Third-party components: Office Store vs farm solutions Small vs large farm Load balancing High availability Disaster recovery Security Operations It is very likely you will want at least these workloads: SharePoint is the top WCM platform for corporate Intranets, per Neilson group (9 or 10 top sites in their survey) Small vs large: Number of SharePoint capabilities deployed, eg BI-related and search are both heavy weight Collaboration sites corpus (how many, how big) Search corpus (how many documents) Security isolation means multiple site collections (preferred) or breaking inheritance (OK but has other limitations) SharePoint is a platform / framework not a turnkey solution, you will want / need third party components to fill out the capabilities; Office Store is one way to achieve this

13 Small Farm Topology Topology is determined by: Budget
Availability reqs Disaster recovery reqs Operations capacity Requires Feature Pack 1 (Shared Roles) Ignores Office Web Apps Farm Feature Pack 1 is required for MinRole with shared roles Office Web Apps Farm is required for (i) document previews in search results hover panel, (ii) co-authoring of Excel Technical diagrams for SharePoint 2016, Announcing Feature Pack 1 for SharePoint Server 2016—cloud-born and future-proof,

14 Medium/Large Farm Topology
Topology is determined by: Budget Feature reqs Availability reqs Disaster recovery reqs Operations capacity Requires Feature Pack 1 (Shared Roles) Ignores Office Web Apps Farm Feature Pack 1 is required for MinRole with shared roles Office Web Apps Farm is required for (i) document previews in search results hover panel, (ii) co-authoring of Excel Technical diagrams for SharePoint 2016, Announcing Feature Pack 1 for SharePoint Server 2016—cloud-born and future-proof,

15 Search Topology Topology is determined by: Budget Feature reqs
Availability reqs Disaster recovery reqs Operations capacity Technical diagrams for SharePoint 2016,

16 Farm Topology: Workloads
Topology is determined by: Feature reqs Availability reqs Disaster recovery reqs Workloads include: Collaboration Intranet / Internet WCM Search Business Intelligence Etc Technical diagrams for SharePoint 2016,

17 Prepare Pre-reqs: AutoSPSourceBuilder Farm and service accounts:
Catrinescu model SharePoint 2013 Service Account Creator Place in custom dedicated AD OU Separate drives for indexing, logs, and data SharePoint SQL SP16 requires a separate install of SQL Server Can be same on server for small farm or Dev/Test DNS, Virtual IPs AutoSPSourceBuilder, SharePoint 2013 Service Accounts Best Practices Explained, Catrinescu model: SP_Admin is a user account not a service account; is responsible to “Configure and manage the server farm” Lapointe service account guidance, Lapointe: Do not use the AD group _Managed Service Accounts Don’t use SP_Farm account as service / web app application pool identity, except in low security option SharePoint 2013 Service Account Creator, Demo: Show Computer Explorer Drives

18 AutoSPSourceBuilder Off-line installes, eg VM / server is behind a firewall or proxy and cannot reach the Internet for direct download Standardized installs, eg ensure every VM / server gets the exact same binaries

19 SharePoint Admin and Service Accounts
Catrinescu Medium Security Model SharePoint 2013 Service Accounts Best Practices Explained, Note: There is an error on the Catrinescu website, “Configure and manage the server farm” is listed under SP_Farm but it should be under SP_Admin; configured verbally with Vlad Nov/2016

20 Active Directory Use a dedicated OU
Makes it easy to find and manage SharePoint users, groups and machines

21 Windows Server Separate drive(s) for indexing, logs, and data
Avoid inadvertently filling the OS drive Both SharePoint and SQL Server RAID 10 Better write performance and data integrity

22 Install Use AutoSPInstaller and AutoSPInstaller Online!
SP16 Feature Pack 1 MinRole for small farms: Shared roles; Requires only 2 servers nodes not 4! Auditing of changes made in Central Admin Simply the Nov/2016 Public Update; AutoSPInstaller handles it SP16 Distributed Cache service is a memory hog; 40% of total RAM Multiple servers in farm? Windows sysprep and/or two-phase AutoSPInstaller AutoSPInstaller handles RTM binaries, PU/CU updates, and language packs Use AutoSPInstaller Online to prep / validate the XML config input file DEMO: AutoSPInstaller config online tool Pause After Install under Installation Options in AutoSPInstaller Online

23 AutoSPInstaller Online
Prepares an XML config file to define the detailed config of SharePoint farm including topology, and service / web apps Supports host-named site collection Wizard-like hierarchy of options with extensive help comments and guidance AutoSPInstaller Online,

24 MinRole Shared Roles AutoSPInstaller Online

25 MinRole Shared Roles PSConfig

26 Multi-Server Farm with AutoSPInstaller

27 System Preparation Tool: Sysprep

28 Configure I Host-named site collections
Claims authentication mode (default in CA; not in PowerShell) Fully qualified domain names (FQDN) Portal Reader / User service accounts Health Analyzer rules Set default quota templates on all web applications Don’t create a host header web application for each division / business unit; either put them all in one with path-based site structure, or use host named site collections If you have an Intranet / Internet site collection for web content management, be sure to configure a web application user policy for the portal reader and full accounts Health Analyzer rules for disk free space will likely need tweaking to avoid false positives for too little space

29 Host-Named Site Collections
Single web app can host all your unique host name sites

30 Super Reader / Super User
Service accounts Content caching for publishing sites

31 Configure II Disable Certificate Revocation List
Wake-up script first thing once per day Use Alternate Access Mappings (AAM); work for HNSC too! Avoid extending your web apps, except for different authentication protocols Disable CRL an unnecessary time delay for servers with no outbound access to Internet Extending increases resource demands on servers; may require a new application pool which negatively impacts server performance Same reasons we use HNSC and avoid multiple host header web apps

32 AAM for HNSC

33 Configure Search Services affinity map eg
Crawl and Admin Content processing and Analytics processing Query processor and Index replica What about for smaller farm with only 2 or 3 server nodes in total

34 Large Farm Config Multiple HNSC web app containers on port 80 Simple
HNSC Group TEST HNSC Group QA Separate app pools for security Simple One IP per web app Less simple Single IP for all web apps Manual IIS bindings for each HNSC Mark Arend,

35 Operate I Use named personal AD accounts and groups
Avoid built-in Administrator account and generic / shared AD accounts Use web app User Policy to grant global permissions eg for admin / bulk operations AD group eg SP_Admins Assign site collection primary administrator to SP_Admin account; No need to assign primary / secondary administrator permissions to personal AD user unless you are a very large business with dedicated site collection administrators and specific training DEMO: Remote PowerShell and IIS Manager DEMO: Auditing of changes in Central Admin TODO: Link to Stefan Gossner blog posts (Sept & Oct 2016)

36 Operate II Don’t RDP to server / Use remote tools from workstation
Central Admin via browser Remote PowerShell Remote IIS Manager (requires specific features enabled on remote server and local install) Learn and use PowerShell Add-SPShellAdmin + AD groups = ? DEMO: Remote PowerShell and IIS Manager DEMO: Auditing of changes in Central Admin Add-SPShellAdmin may not work properly with AD groups, but you can manually configure missing SQL permissions; use custom PowerShell cmdlet Test-SPSite for farm admin health check of site collections or web app user policy and /_layouts/sitehealthcheck.aspx ; no need to assign site collection primary / secondary administrator permissions

37 Operate III Patching has changed in SP16 – Everything is a “Public Update” Auditing of changes in Central Admin (Feature Pack 1) Use SharePoint-specific SQL database roles when appropriate Customizations Encourage Apps / Add-Ins and client-side API integration SharePoint Framework (SPFx) is new pure web-dev approach, but not yet RTM Discourage farm solutions and code-based sandbox solutions Server Updates / Uber Updates, Security Updates / Public Updates / Cumulative Updates, SharePoint-specific SQL database roles: Don’t create your own or try to replicate them if they don’t exist; figure out why they are missing and use PowerShell cmdlets that cause them to be created, eg Add-SPShellAdmin for SP_DataAccess etc Web-dev skills are portable (good for dev) and standard (good for business), HTML5 and popular tools such as Yeoman for scaffolding and Gulp for packaging

38 Use SharePoint-specific database roles
Add-SPShellAdmin should take care of this But if ever you need to assign manually

39 SQL I SharePoint (SQL) DBA is not the same as regular SQL DBA!
Read Edwin Sarmiento’s blog… All of it! NTFS allocation unit size 64K, same for RAID stripe size Default collation order: Latin1_General_CI_AS_KS_WS (KB ) Use client alias not instance name Certain standard SQL config are no-no for SharePoint SQL Server; eg disable auto-create/update statistics NTFS allocation unit size cannot be changed after disk is formatted, only option is to re-format; Relatively easy to move files to another disk and then back after re-format Default collation order cannot be changed after SQL Server is installed, only option is to rebuilt SQL Server; Major effort, avoid Supportability regarding SQL collation for SharePoint Databases and TempDB, Client alias makes it much easier to repoint SharePoint to another SQL Server, eg for disaster recovery or maintenance

40 SQL Server NTFS Allocation unit size: 64KB
Default collation order: Latin1_General_CI_AS_ KS_WS Client Alias

41 SQL II Physically separate MDF and LDF files Don’t shrink databases
Backup compression MDF is random-access read/write; LDF is sequential-access write-only Put them on separate drives / spindles Shrinking databases causes extra processing, index fragmentation, and then just grows again

42 IIS Use fully qualified domain names, portal.softwarecraft.ca
Redirect non-FQDN to FQDN TLS 1.2 / SSL Redirect HTTP to HTTPS; Cross origin iFrame is a mess HTTP Module / Content-Security-Policy / X-Frame-Options Use IIS HTTP Rewrite module for redirects; note that SharePoint does not support rewrite module for clean URLs, use Managed Navigation termset for that

43 Cross-origin iFrame SharePoint injects X- FRAME-OPTIONS: SAMEORIGIN
Webpart used to turn this off Not flexible or modern, eg Content-Security- Policy

44 Windows Server Performance Options > Adjust for best performance
Power Options: High performance Page file: 1.5 times RAM Minimal / No desktop Turn off deprecated protocols and cipher suites Windows leaves deprecated protocols and ciphers enabled by default Credit: Gokan Ozcifci ESPC16

45 Windows Server “Maximize” performance

46 Tools, part I Notepad++ ULS Viewer Sysinternals Suite
PowerShell ISE / PowerGUI / Visual Studio PowerShell Extension Remote Desktop Connection Manager v2.7 or BP’s favourite tool SharePoint Manager 2013 Windows Sysinternals, PowerShell ISE is a Windows native tool SharePoint Manager

47 Tools, part II Farm solutions: Specialized:
Lapointe SharePoint PowerShell cmdlets Catrinescu Host-Named Site Collection Creator Havivi SharePoint Property Bag Settings Specialized: Claims to Windows NT Token Tester (C2WTS) Lapointe’s SharePoint PowerShell cmdlets, Catrinescu’s SharePoint Host Named Site Collection Creator, Haviv’s SharePoint Property Bag Settings 2013,

48 Lapointe PowerShell cmdlets
And more than shown, eg Export-SPTerms, Import-SPTerms, etc

49 Host-Named Site Collection Creator tool
Does not handle alternate access mappings for HNSC Use PowerShell cmdlet Set-SPSiteUrl for that DEMO

50 Property Bag Settings Only string data type
Open source, improve it yourself!

51 Claims to Windows NT Token Tester
Verify that the Claims to Windows Token Service (C2WTS) is working correctly

52 Summary Core config and common work loads
Did not discuss advanced workloads, eg BI, eDiscovery Automate, simplify, and standardize your farm config and operations with community tools

53 Other Links Vlad Catrinescu Pluralsight courses on SharePoint 2016 architecture and deployment Gokan Ozcifci presentations on SharePoint architecture and performance tuning Edwin Sarmiento blogging on SQL architecture and high availability for SharePoint Serge Luca presentation on SharePoint high availability and disaster recovery Stefan Goßner blog on patching and operations

54 Contact Us John Calvert, Chief Architect, Software Craft, Inc.
Brian-Paul Carline

55 CloudShare: Our Technology
Virtual environments that capture everything in the modern IT workspace: Software, servers, memory, and storage state Networking, appliances, and on-premise tools Complex networking support that allows networks to work on-cloud exactly as they do on-prem Environment access technologies designed to eliminate IT complexity: Full environment clones with no performance degradation Live sensing at user and network level Firewall-friendly access in-browser/using all protocols Robust RESTful API covering all application capabilities Hypervisor and hardware agnostic

56 CloudShare: How It’s Built
Technology built from the ground up with the ultimate solution firmly in mind App Tier Training Sales Enablement Dev & Test App Common Tier Invitations Package install automation End user portal w/customization RESTful API Tier Platform Tier Environment policies End user support HTML5 VM access (RDP, SSH, Console) Analytics & reporting Single sign-on (SSO) – SAML 1.x/2.x Hierarchy management (User/Team/Project) Included software licensing Self-service environment provisioning Workflows & integrations Orchestration Tier Environment paradigm Snapshot/revert Suspend/resume environment Activity sensing Standby environments VM import Environment & VM templates Advanced networking L2/L3 (SDN) Shared environment & VPN Cloud Folders (shared storage) Network isolation Virtualization VMWare AWS Coming Soon (2017) HW Tier CloudShare Data Centers: US, EMEA, APAC Compute ESX Storage NetApp Nexenta Network Cisco SDN Others Premium IT Labs as a Service Infrastructure as a Service

Download ppt "SHAREPOINT SATURDAY OTTAWA"

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
Gold Sponsors Bronze Sponsors Silver Sponsors Taking SharePoint to the Cloud Aaron Saikovski Readify – Software Solution Specialist.

Gold Sponsors Bronze Sponsors Silver Sponsors Taking SharePoint to the Cloud Aaron Saikovski Readify – Software Solution Specialist.
Intro to SharePoint 2013 Architecture Liam Cleary.

Intro to SharePoint 2013 Architecture Liam Cleary.
Fraser Technical Solutions, LLC

Fraser Technical Solutions, LLC
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
Module 8 Configuring and Securing SharePoint Services and Service Applications.

Module 8 Configuring and Securing SharePoint Services and Service Applications.
TechEd 2013 4/22/2017 5:40 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

TechEd /22/2017 5:40 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Terry Henry IS System Manager, SharePoint SME Micron Technology Inc.

Terry Henry IS System Manager, SharePoint SME Micron Technology Inc.
Partner Practice Enablement - Overview This session will focus on integration strategies for applications deployed using Microsoft Azure Websites and Microsoft.

Partner Practice Enablement - Overview This session will focus on integration strategies for applications deployed using Microsoft Azure Websites and Microsoft.
Module 11: Implementing ISA Server 2004 Enterprise Edition.

Module 11: Implementing ISA Server 2004 Enterprise Edition.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.

Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
System Center & SharePoint On- Prem Matija Blagus, Acceleratio

System Center & SharePoint On- Prem Matija Blagus, Acceleratio
Intro to Datazen.

Intro to Datazen.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Windows SharePoint Services Installation and Configuration.

Windows SharePoint Services Installation and Configuration.
Configuring SQL Server for a successful SharePoint Server Deployment Haaron Gonzalez Solution Architect & Consultant Microsoft MVP SharePoint Server

Configuring SQL Server for a successful SharePoint Server Deployment Haaron Gonzalez Solution Architect & Consultant Microsoft MVP SharePoint Server
Architecting Enterprise Workloads on AWS Mike Pfeiffer.

Architecting Enterprise Workloads on AWS Mike Pfeiffer.
The Ultimate SharePoint Admin Tool

The Ultimate SharePoint Admin Tool
ArcGIS for Server Security: Advanced

ArcGIS for Server Security: Advanced
Windows 2012R2 Hyper-V and System Center 2012

Windows 2012R2 Hyper-V and System Center 2012

Similar presentations

Ads by Google