So Tech-Ed was last week. Unfortunately I had quite a few issues
keeping my laptop charged. It seems that American wall sockets are
quite temperamental. Fried a few adapters along the way. This has
basically meant that it has taken till now to publish
this post.
Anyway just have a few summaries and points of interest for some
of my favourite sessions over the week:
UNC320 - Transitioning Lotus Notes Applications to the
Microsoft Collaboration Platform
Presented By: Erik Ashby
This session was mainly about the tools and techniques available
for migrating Lotus Notes applications to SharePoint. A tool called
the Microsoft Transporter Suite for Lotus Domino has been developed
to analyse and perform the migrations. The interesting thing for me
about this tool was that it had been built almost entirely with
PowerShell. The GUI that is provided has been built on top of the
PowerShell app. Erik explained that MS utilities have historically
been built with the GUI side in mind first, and the command line
utility comes later. This can mean that the command line util is
not fully featured, or has differences in its operation - and it
takes extra time to develop. With the transporter the command util
provides the more advanced features and the GUI most of the
features for less-technical people to use. Erik suggested that
going forward, many MS utilities would use this PowerShell
developed approach. Which I think is great being a huge fan of
PowerShell.
The util itself provides two main types of operations - get
commands and move commands.
The get commands provide a powerful method of analysing the types
of applications, number of applications and level of customisation
of existing Lotus applications.
The move commands provide a means to perform actual migrations of
the Lotus applications. The migrations are not necesarily going to
be to SharePoint - however it was the focus of Eriks session. It
can also migrate users to AD and mail to exhange.
Links:
-
Resources
-
Download for the Transporter Tool
- MS
Blog about the tools and solutions used in moving to a
Microsoft collaboration platform
SVR320 - Using Windows Rights Management Services to Protect
Content in a Microsoft Office SharePoint Server 2007 Farm
Presented By: Michael Noel
This great session was all about incorparating Windows
Rights Management Services (RMS) with SharePoint. This allows
Information Rights Management (IRM) of documents at a document
library level. More specifically it allows the following document
operations to be locked down:
- View
- Edit
- Copy + Paste
- Print
Of course a determined information thief will be able to
get past this (screenshots or photographs), but it creates a good
deterrent . It definately does help with unintentional
document leakage - eg a document gets emailed to the wrong person.
In order for users to be able to view RMS enabled documents they
will need to install the RMS client.
Some things that I found interesting about RMS + SharePoint
integration:
- Supports Office 2003/2007
- Encyption Based on X.509 certificates (like SSL)
- Microsoft always acts as the Root Authority for the RMS
certificate
- RMS requires user CALs (but this may be part of Windows
Server?)
- If Save is enabled, and print disabled you still can't just
save as a new document and print.
- Windows Server 2008 will have an improved version of RMS
In order to make effective use of RMS you really need
to build an RMS server. Michael made it quite clear that it
was a bad idea to install the RMS components on one of your WFE -
although it is possible. The reason for this is that the RMS
component installs its own mini version of WSS for admin
management.
Some things to keep in mind when configuring RMS for
SharePoint:
- The RMS service account should be its own seperate domain
account (follow the least privilege principal)
- Each client needs the RMS client application (client included
with Vista)
- Very important to have a backup strategy for the RMS
database
- Even more important to have a backup of the certifcate private
key (for when things turn to custard)
Links:
OFC328 - Search in Microsoft Office SharePoint Server 2007:
Deploying, Managing, and Configuring
Presented By: Luca Bandinelli
This was a very infromative session about the
administerial side of search. A lot of it was to do with different
search topologies and was reasonably standard. There are a few
things about search that I did not realise:
Having more than one index server
This is only something you would be concerned about for a very
large SharePoint deployment. The rule of thumb here is when your
getting close to indexing 50 million documents. This is a
supported topology, however none of the out-of-the-box webparts are
designed to search through more than one index server. The message
from Luca was that it is possible, and will sometimes be neccesary
- you just need to know the implications and plan ahead.
64-Bit processors for search
The general theme was that 64-Bit processor enabled
servers are faster - not just for WFE/Query/DB servers
but also the index server. The main caveat to having your index
server on 64-Bit is any iFilters that you may be using. These all
need to be 64-Bit too. Adobe haven't yet released a 64-Bit version
of their PDF iFilter however Foxit Software
have released one. Other iFilters need to be taken on a case by
case basis.
Custom security trimmers
I wasn't aware that custom security trimmers even existed before
this session so this was very interesting. Basically you can define
your own security trimming. This is done quite easily
by implementing the ISecurityTrimmer interface. The
MOSS query process is really a bit of a black box - custom
trimming will always run after the standard query
process. Which means the results will first be trimmed by the
standard security, then the remaining results will be further
trimmed by your own custom trimmer.
This is quite important for the Business Data Catalog
(BDC) as it there is no security trimming by default. The BDC only
provides Application/Entity security. So if access is
given to a BDC application or entitiy all results will be
returned for that application/entity. There is even a BDC custom
trimmer available. To attach a custom security trimmer to a content
source you have to create a crawl rule and then run the stsadm
command registersecuritytrimmer.
One thing to keep in mind is that there is a performance hit when
using a custom trimmer. If checking thousands of results it
could take a long time. The trimmer should implement a check for
the number of results and throw a PluggableAccessCheckException
exception to stop the search and inform the user to
refine their query.
OFC324 - Microsoft Office SharePoint Designer 2007: It's for
Developers Too
Presented By: Dustin Miller
This was easily my fave session from Tech-Ed. If your getting
the session DVDs or just missed that session you should definately
have a look at the recording. Dustin is a very entertaining speaker
and kept everyone very interested. The focus was on using the DVWP
in a variety of ways. I thought I had a pretty good idea of what I
could do with that webpart but he really opened my eyes. Really
interesting demos, showed some cool ways of doing conditional
formatting that I really hadnt considered. Also didnt realise that
there was a version of SharePoint Designer called Expression Web.
Turns out it only has a subset of the features of SPD so you may as
well stick with SPD.
There were also a bunch of other great sessions that I went to
from the likes of Andrew Connell and Mike Ammerlan.
Won't be back in NZ for another week and a half so blog posts
are unlikely in that time.