Woody Windischman

Nov-12008

Getting Twittered at TechEd in Barcelona

MPj04390010000[1]As noted in an earlier post, I'm going to the IT Pro week of TechEd EMEA in Barcelona. Last week was Microsoft's Professional Developer's Conference (PDC), and even if you didn't go, you could keep up with the goings on vicariously using Twitter.

"Whatter?" you ask... Sometimes, with newer technologies - even cool ones - you can forget that "everyone" doesn't already know everything about it. Twitter is such a technology. Some folks call it a "micro blog". Others call it a "Massively Multi-User Group Chat". Basically, once you sign up, you can post anything you want - as long as it is 140 characters or less. This is called a "Tweet". One way to think of tweets is, if you took everyone's "what I'm doing" from Facebook, Messenger, etc... threw them into a continuous stream, and added the ability to subscribe to and search them, you would have Twitter.

Those last two points are critical, as they are what helps you keep the signal/noise ratio under control. You subscribe to someone's tweets by "Following" them. Then, when you access Twitter, you will see what the people you are following have said. The other side of the coin - searching - doesn't come from the main Twitter UI itself. Rather, it is done by third-parties through Twitter's API.

I'm using a tool called "TweetDeck". (http://www.tweetdeck.com). It provides a slick, multi-paned UI that lets you track based on your followings, searches, and replies, as shown below.

image

Yes, replies (that's the "chat" part). You can address a tweet to a particular Twitterer by prefixing their name with an @ (e.g. @woodywindy for me). Everyone can still see the message, but Twitter will also alert the intended recipient. There is a private ("direct") messaging function, too. TweetDeck isn't the only utility for managing tweets, by the way - but it sure helps.

In any case, even if you aren't going to TechEd, with Twitter, you can still keep up on the action - practically in real time!

Oh, by the way, yes, woodywindy really is my Twitter handle. Maybe if I don't see you in Barcelona, I'll catch you on the Twitstream (or in the Twitterverse).


Published: Nov-01-08 | 0 Comments | 0 Links to this post
Tagged as: Conferences, General

Oct-272008

Taking Accounts into Account

MCj02314460000[1]Every service which runs on a Windows server requires an account. While there are built-in accounts designed to facilitate these services ("Local Service" and "Network Service"), many times you will find it is better to use a domain user account when setting up services. This is especially true with Microsoft SharePoint products and technologies.

Whether it is Windows SharePoint Services, Search Server, or Office SharePoint Server, there are a number of places where you can specify a distinct account. In theory, it is possible to use the built-in accounts under some circumstances; however, it is rarely advisable. In fact, if you are setting up multiple servers in a farm, you must use domain accounts. In that instance, is also possible to use the same domain account for all of these functions, and SharePoint will "work". Doing so, however, is asking for trouble down the road.

On the other side of the scale, you could define separate accounts for virtually every aspect of SharePoint. That could quickly become an administrative nightmare.

The Big Three

While the exact set of accounts required will vary somewhat based on your individual company's requirements, for most installations you should count on setting up at least three accounts. These are for some roles that should always be kept separate:

  • The Setup User account
  • The Server Farm account
  • The Default Content Access account (for versions of SharePoint that include Enterprise Search - MSS/X, MOSS)

Combining these roles could result in administrative confusion, and/or excess information disclosure.

The Setup User Account

The Setup User account is unique among these accounts in that it is not a service account. Let me say that again: the Setup User account is not a service account. This is the account you use to log into your server(s) when you set up SharePoint.

This account is very powerful. You could think if it as a SharePoint Administrator, but it is even more. During setup, it gains some implicit power over SharePoint that cannot be removed. Even before starting setup, you need to assign the following permissions to it:

  • The Setup User must be a local administrator on each server in the SharePoint farm (SQL Servers not running SharePoint components not included)
  • The Setup User needs to have the Dbcreator and Securityadmin roles in SQL Server

While the Setup User account needs to be a Local Administrator on the SharePoint servers, it does not need to be a Domain Administrator. If your SQL Server environment is separate from your SharePoint farm (which it should be in most production environments), this account does not need to be an administrator on your SQL Servers. Instead it only needs the roles mentioned above. Finally, even though it is a is used to log into the SharePoint servers for installation and administrative purposes, it should not be the "day to day" account of any user. (Note, this separation is good practice for any administrative account - not just SharePoint.)

You can assign additional users to administrative roles within SharePoint following installation The Setup User account will always have that level of control, however, even if removed from administrative user listings.

Even after setup is completed, a user account with comparable capability will need to be maintained in order to provide full administrative functionality. In particular, services need to be started and stopped, IIS web applications and application pools need to be created and removed, etc...

This is the only account that needs permissions pre-allocated (as described above).

The Server Farm Account

The Server Farm account is a true service account in that it is not used by a user to log in. As noted above, you do not need to do any manual configuration of this account beyond its creation. When you specify this account during setup, it will be assigned appropriate rights and permissions. In particular, this account is used for the Central Administration site's application pool, and is assigned to the SharePoint Timer service. If someone does log into SharePoint using this account, they will be identified in the top navigation bar as "System Account", rather than with the "real" name or ID of the user.

image

There are other disadvantages of logging in with that account. Certain functions are restricted. For example, in SharePoint Designer (if you can open the site at all), contributor settings limit the kinds of customization allowed unless the account is also designated as the Site Owner - not recommended.

The Default Content Access Account

On versions of SharePoint that include Enterprise Search functionality, such as Microsoft Search Server 2008 (including Express), and Microsoft Office SharePoint Server 2007, you will also need to designate a Default Content Access account. This is the account used by the Indexing service to crawl SharePoint, as well as any other content sources (unless otherwise specified). It is given read access to all content in the SharePoint farm. Like the Server Farm account, while it should be a domain account, it should not be used by any users to actually log in to SharePoint.

Other Possible Accounts

Once you get past the big three, there are many other places in SharePoint where you can designate service accounts. The Search Services (crawl and query) themselves, for example, need an account which should not be the the same as the default content access account. Application Pool accounts can also each be assigned their own accounts, and this may be appropriate in your environment. In many cases, however, you can simply reuse the Server Farm account for these processes. Be aware, though, that you should never assign the Setup User account to any services in a production environment.

Summary

In this article, I have explained some of the accounts you should consider when planning your SharePoint deployment. In a single-server test or demonstration environment, you might be able to get by with built-in accounts, or a single domain account. But in production, you should have separate accounts for the major roles. While you can go overboard and assign distinct accounts to every possible aspect of SharePoint, most of the time, the three described above will be sufficient.

For more information, you should see the Microsoft guidance for the particular product you are configuring:

Plan for administrative and service accounts (Office SharePoint Server)

Plan for administrative and service accounts (Windows SharePoint Services)

Plan for administrative and service accounts (Project Server)

Plan for administrative and service accounts (Search Server 2008 including Express)


Published: Oct-27-08 | 0 Comments | 0 Links to this post
Tagged as: Administration, General, Governance, SharePoint, WSS

Oct-242008

Welcome to the Hotel...

 California Site DefinitionMCj02972890000[1] - Your Last Resort

"You can check out any time you like...

...but you can never leave."

(Apologies to the Eagles.)

Joel Oleson, ex of Microsoft, and now an independent consultant and speaker, has just published a new article called "Just SAY NO to Creating Custom Site Definitions". In this article, he provides several excellent arguments for not using Site Definitions. This is fully consistent with the article I wrote a few weeks ago - "First Do No Harm - The SharePoint Customization Hippocratic Oath."

In that oath, the last point was "The Definition of Success: If you must use a Site Definition, understand the ramifications." I expanded it as follows:

None of this is to say that Site Definitions are obsolete, or should never be used. You just need to be aware that this is a very fundamental construct. Once you build a site from a site definition, you cannot change it to a different definition later. You can still tweak it with additional features, but you can't change the "kind" of site it is. It will not be a "SharePoint Team Site", easily and transparently upgradable. It will be an "Acme Group Site", or whatever you have called it, and you need to plan for its entire life-cycle (Much like adopting a puppy). There may be extra steps in the upgrade process, for example (though, at this time, we don't know what those steps might be). You may have trouble getting support if the person who created the Site Definition moves on to greener pastures. This may be worth it for your environment, but it is something you need to take into account.

Elsewhere in that article, I also say that a Site Definition should be pretty close to your last resort. While I have always maintained this position, it is good to see others also coming around.

In many respects, for unwary developers, a custom Site Definition resembles another kind of lodging - euphemistically called a "motel". Site definitions may be attractive, but beware - Sites check in, but they don't check out!

Update:

Ian Morrish has also recently commented on the dangers of using Site Definitions indiscriminately.


Published: Oct-24-08 | 0 Comments | 0 Links to this post
Tagged as: Administration, Design, Governance, Programming, SharePoint Designer, SharePoint, WSS, Customization

Oct-212008

A List, a View, a Part, in SharePoint

MCj02305090000[1]

Today's subject is something of a "back to basics" article. I talk about some very fundamental SharePoint concepts, but I'm adding a little bit of a twist. Lists and libraries, Views, and Web Parts are interrelated components. Sometimes it is hard to tell where one of them stops, and the next one begins. In this article, I'll try to make those boundaries a little easier to find.

One of the great things about SharePoint is the way it hides the complexity of web design and data storage from the end user. When you want to add a piece of content - a Customer Contacts list, for example - to your page, just pick a web part, and "Poof!" like magic, there it is. But this simplicity and abstraction carries a down side, and that is potential confusion about exactly what it is you have just added.

What You See vs What You Get

Microsoft does little to allay this confusion within SharePoint itself. Consider the Add Web Parts dialog box...

image

(Note: You get to this by selecting Site Actions/Edit Page, then clicking on the Add a Web Part banner in a Web Part zone. Your available parts may vary.)

Notice that this section is entitled "Lists and Libraries", and it simply gives the name and description of the the publicly viewable lists and libraries on your site. As a typical user, you could be forgiven for thinking "If I want to add a new customer contact list to my site, I just pick this web part." Unfortunately, that isn't what you would get.

For example, let's say you have a web page that has a Customer Contacts "list" on it, and you want to add a new list, with different customers.

image

If you were to follow the instructions above to add a "new" Customer Contacts list, you would end up with the same list, displayed twice:

image

Obviously, this isn't what you want.

The reason for this confusion is because when you add the "Contacts list" to the page from the Web Parts dialog, you aren't actually creating a Contacts "list" at all. You are adding a "List View" web part, which points to an existing list. This is an important distinction. The web part you are adding does not contain the list itself. Rather it holds a "View" of the list.

So, What's the Difference?

What you have been working with are three distinct, though related, elements:

  • The list (or library) itself
  • A view of the list
  • A List View web part

Lists and Libraries

Lists and libraries are the fundamental elements of storage in SharePoint. In many ways, they behave like database tables or spreadsheets. They have rows of elements called "Items". Each item has a selection of columns or fields which hold the actual information. A contact item, for example, will have fields defined for First and Last names, company, address, phone numbers, etc... A document library's items will include the file itself, and could also have columns for such attributes as its title, author, ISBN number, or other information.

Note: For now, assume that all of the items in a given list or library have the same set of fields, or "schema"; but be aware that SharePoint has a feature called a "Content Type" which allows for exceptions to that rule.

Each site you create will have a number of lists and libraries pre-defined, depending on the template selected. You are not limited to the ones created by default, however. You can add more of your own. But you don't do it through the "Add a Web Part" dialog. Instead, you use the "Create" option on the Site Actions menu.

image

Views

While a list or library contains your data, in order to see it, a "View" needs to be defined. With a view, you can tell SharePoint how to display the information contained in the list or library. You can define almost any subset of the columns, and their order; define how many items to show - both per "page", and in total; select from various display formats, and even set filters for which items to display.

You can define any number of views for each list or library. For example, you can have views that are pre-filtered by one of the fields, or which contain the same information in several different formats.

Typically, when a list or library is created, a selection of views appropriate to the expected content is also created. One of these views will be the "Default" view, which is what you will see when you click on the list or library's name in the Quick Launch bar, or in the title bar of a web part. You select an existing view from the combo-box in the upper right hand corner of the display area, as shown below.

image

You can also create new views, or modify the existing view, from this menu. Views can be displayed as stand-alone pages, or within a List View Web Part.

List View Web Parts

This brings us back to where the article began. The web part labeled "Customer Contacts" in the dialog we started with is a List View Web Part. When a list or library is created, a corresponding List View Web Part is also created. (Note: It is still called a List View Web Part, even if it represents a library.) The List View Web Part allows you to place a list or library's views on any web part page in your site.

In addition, using the List View Web Part means that you aren't limited to showing lists or libraries just one time, or in just one place, or in one format. While each List View Web Part has a default View (typically called the "Summary View"), you can select any of the Views you have defined for the associated list. In addition, you can further refine the selected view within the web part.

You can, for example, have one view showing the list of contacts, with another view showing an individual contact laid out as a card. You could then use the Web Part Connections function to select which contact's details to display, as shown below.

image

Summary

Lists and libraries, Views, and the List View Web Part are distinct, but related elements of every SharePoint site. Site managers need to be aware of how they related to one another. In general:

  • Lists and libraries define and hold the content of your site,
  • Views define how to display that content, and
  • List View Web Parts allow you to select where to display the content.

Published: Oct-21-08 | 0 Comments | 0 Links to this post
Tagged as: Administration, Lists and Libraries, WSS, SharePoint, General

 Next >>