Sharing Content

Data in SharePoint could not be easily shared outside the office, and data outside could not easily be shared in SharePoint. It looked like a web application but acted like a typical Windows application: once you put content in there, you couldn’t access it from other applications and you couldn’t draw in content from other locations easily. Options like Really Simple Syndication (RSS) were a way for other companies to share their content, but you had to write the Web Part and the XSL to read the RSS feed (an XML file) yourself. SharePoint did not become RSS enabled until 2007 (Figure 10-2), even though RSS had been available since the mid-90s. Now you could view SharePoint list data in other applications and vice versa, but it was still very basic and weak, and it was hampered by not having a simple and secure authentication mechanism.

Gradually, things changed, but I still think there is a long way to go. Sharing data between applications (between SAP and SharePoint, for example) means building more infrastructure and learning arcane knowledge like SPNego, BSPs, and WebDynPro. Web services and Business Connectivity Services (BCS) have helped with data sharing, but it is still a very technical domain.

Design and Development

SharePoint clearly used to be just another Windows application that happened to use web pages when you tried to extend it with new functionality. New code had to be manually installed directly onto the servers. It was very difficult to install, uninstall, proactively upgrade, or retract. Developing for SharePoint 2001 meant writing WebDAV and some XML/XSL, HTML, and JavaScript. ASP pages existed but could only be shown in iFrames in SharePoint 2001. Gradually, the .NET Framework and the SharePoint development platform became more like one platform. In 2007, ASP.NET Web Parts were not the same as SharePoint Web Parts. Development with Visual Studio in 2005 required adding third-party add-ons to automate packaging and deploying code to your SharePoint farm. Finally, because solutions and features are more mature today, you can deploy code to SharePoint, retract, and update it more easily.

The front end used to look more like a web site, so it appeared that if you knew Internet scripting languages like HTML or JavaScript you could easily customize it. The reality was that important parts like the navigation controls were locked black boxes or implemented in noncompliant, messy ways. Gradually, with themes and more support for cross-platform web design technology like CSS, AJAX, and REST, SharePoint now gives designers more free rein over the look of the interface.

Authentication

Verifying who users are (authentication) and what they are allowed to do (authorization) has always been something people using the Internet needed, and it has only grown more complex as the business world has gotten smaller and more connected. Even within a single, large, global organization it is a challenge to maintain one unique identifier for a member of staff across multiple domains within Windows. It becomes exponentially more complex when you want to share those credentials with other systems like SAP. Moving users to the cloud abstracts that complexity by creating a new platform for managing access, but there is still the issue of synchronizing those credentials with the existing ones in Windows. This can lead to greater complexity and insecurity when keeping your network connected to the cloud. I’ll discuss this more later.

Cloud Bursting

Load variation is also known as bursting. Take the example of a coffee shop in a train station. The staff at the registers sits idle until a train comes in, then 300 people have to queue for 10 minutes to get their morning caffeine fix. Then those people leave and the staff is idle again until the next train arrives. The same thing happens with servers: the load can be very high first thing in the morning and again just after lunch. The rest of the day it is quiet. Another example I saw recently was a company who made it possible for staff to request a new smartphone via an InfoPath form on the SharePoint intranet. Once the e-mail went out linking to this form, the load on the server increased 500%, performance crawled, and the staff was frustrated.

The problem with this peaking of load from a SharePoint point of view is the same as for the train station coffee shop. It takes time and money to procure and retain servers (both of coffee and SharePoint pages). It is a waste of resources if they are idle 90% of the time. For the coffee shop owner, the ideal situation would be able to hire 20 servers for the morning rush, pay them for 2 hours, then send 19 of them home at 9:30 a.m. But people don’t want to work like that, unless they are paid for the whole day, and no employer wants to do that.

The cloud, however, can support spinning up a set of new servers and then turning them off again after they’re no longer needed. Additionally, most providers only charge you for the time the servers are running. They don’t charge you for the procurement process or storing the servers when they are not in use because they are invariably virtual and the resources can be reallocated to another customer relatively instantly.

Managing the Unpredictable

The example I gave of a company offering staff a smartphone was one of predictable bursting, like knowing the 8:50 train will be full every business day. A benefit of the cloud in the case of the smartphone offer is you would be able to spin up new infrastructure to support the influx of load for just the first week. Most cloud providers also make real-time monitoring simple, so as the demand falls, you can offload the additional resources and thus only pay for it as long as it is needed. The availability benefit here is clear and one not to be underestimated.

However, bursting is oftentimes unpredictable, and it’s with unpredictable bursting that cloud computing really makes its availability, reliability, and resilience clear. Cloud providers all allow you to specify events when the system will automatically scale out to handle the demand. For example, you could specify an event where if the CPU loads of the front-end web servers are all averaging over 50%, the cloud provider will automatically add a new front-end server into the farm to help with the increasing load. This works 24 hours a day, every day of the week, anywhere in the world. Many businesses don’t have adequate coverage outside standard business hours in one country, but the Internet is global and 24 hours a day, every day of the year, irrespective of national or religious holidays. Whenever the spike happens, the farm will automatically scale out to handle the new unexpected load and then scale back again after the levels die off.

Dynamic Resource Allocation

SharePoint can be a victim of its own success. There is usually a pent-up demand of a collaborative solution like SharePoint in a business, and once IT can meet the business demands and match their requirements, it will grow fast. This growth comes as a surprise to some organizations; they roll out a pilot environment and see teams leap on it, demanding access. Storage is rapidly filled to capacity because no allowance was made for real production usage and so no capacity planning was done. Users are given sites without any guidance; some see it as a substitute for dwindling network capacity and thus dump content into this new storage space. SharePoint in the cloud has a significant advantage over a slow-moving internal procurement department. Though this is no substitute for good governance and planning, a cloud provider can allocate more virtual resources and spin up new virtual servers to accommodate the load because their capacity should be and usually is far greater than any one company can generate. This is not to say Microsoft, Amazon, or Rackspace don’t oversubscribe their capacity; they inevitably do, but they are not in the business of wasting money either. Oversubscription is not the same as overcapacity. It is fair to say that your problem of procuring enough hardware to cope with demand hasn’t gone away; you have just transferred it to your cloud provider. There is no such thing as infinite capacity, but a cloud provider can dynamically reallocate resources and so offer more than they actually have.

Meeting Demand

Let’s use the example of the coffee shop owner in the train station. Imagine he also owns the shoe repair and dry-cleaning services in the station. Once the coffee rush is over, he can reallocate his staff to fix the pile of shoes and clean the pile of clothes that have arrived at the other two businesses. Customers of coffee don’t need to know he’s using the person who serves their coffee with a smile every morning to clean someone else’s suit. Cloud providers can promise people resources to meet any demand so long as everyone doesn’t demand resources at the same time.

Migration

It is a common requirement of the business to migrate content from one location to the other. In my opinion, it’s more important to migrate processes to the utility of the public cloud than to migrate data. Focusing on the content generated in the past is usually a reflex defense mechanism, a generally unconscious fear of change. There is generally no need to migrate 95% of old content to the new platform. That doesn’t mean it should be deleted. The on-premises architecture can be slowly marked as read-only so it will not continue to grow. Some can be archived and eventually most can be deleted. There is more information on migration best practices in Chapter 11.

A reality I constantly meet when consulting for organizations is that users don’t readily accept that the majority of the content they generate is only useful during the initial collaboration phase. Much of it is a by-product of a larger effort such as documenting a decision or process. These records can be transitioned to the cloud, but this is best done by the business itself, not IT or via a third-party tool. Either way, transitioning such content is slower and more expensive than the benefits.

Users have to own their own content. If they really must preserve something, it can be easily moved from one environment to the other either by them gradually or perhaps with a tool. The real work in migration is

• Planning and coordinating the migration
• Identifying who owns what content
• Choosing what content to preserve
• Defining what metadata to apply to it
• Deciding what structure to put it in: sites, lists, and libraries
• Deciding what security to apply to the content

A tool can only apply what users have chosen. The majority of content no longer has an owner, has no metadata, and is unstructured, so it is impossible to know its future value to the business.

Evolution, like collaboration with SharePoint, is a process, and user processes can be quickly moved to a new platform. One of the strengths of SharePoint is rapid creation of new collaboration spaces, workflows, forms, and sites. This is where the potential benefits of the migration to the cloud lie. Moving large amounts of less current data is costly in terms of resources: hardware, software, and the time and effort of IT and business people. This is a reality rarely understood, but the real opportunity is in migrating business processes. Older information is still valuable but could be archived or kept on the older platform in read-only mode for reference.

Subscriptions

A site subscription sounds like something related to alerts, but it’s a piece of site metadata in the form of a unique GUID that associates it with a specific tenant. Think of it as a way of knowing which room in the building is being used by whom. Site subscriptions are created via PowerShell. The owner of the cloud creates a new tenancy for a new tenant and can then associate site collections with that GUID.

Administration Sites

This subscription GUID means a tenant can manage their site collections through their own administration site called the Administration Center. The Tenant Administration Site (Figure 10-5) is used to perform global configuration or structure changes such as creating further site collections, managing user profiles, term store, and other service applications.

Feature Packs

Feature packs are groups of features associated with one tenant. This is done the same way as site subscriptions: a GUID is associated with the feature to connect it to a tenant. This allows the cloud administrator or tenant to activate or deactivate features just for their site collections. It also creates the potential for an app store–like marketplace where cloud providers can sell or rent features to tenants. Tenants can also create stores in their own spaces. Features can be activated or deactivated through the web UI (Figure 10-6).

Host Header Site Collections

Host header site collections also existed in SharePoint 2007, but they are still an essential method to sandbox tenant sites. Host header site collections enable the cloud administrator to assign multiple vanity domains within a given web application (Figure 10-7). This will allow you to give each tenant in the web application its own root level domain. For example, if the web application has a URL of http://intranet.spsfaq.com, a site collection at http://intranet.spsfaq.com/sites/hr can be accessible via http://hr.share1point.com.

Service Isolation

As mentioned in relation to tenant administration sites, service applications can be deployed in what is called partitioned mode. This means the service application is associated with a specific web application that contains tenants, and each tenant will see their own administrative interface to configure that service application. This is especially powerful with service applications such as user profiles and the term store. This would not have been possible in SharePoint 2007 because of the limited scope for dividing up Shared Service Providers.

Sandboxed Solutions and SharePoint Apps

Sandboxed solutions mean two things that are essential to facilitating custom development in an environment where tenants are sharing the same resources. Previously, tenant’s apartments seemed isolated, but if one tenant left their bath running and it overflowed, it would spill into multiple apartments below it and ruin them, too. SharePoint now runs custom code in its own memory space so that if the code demands too many resources or crashes, it only impacts the tenant. SharePoint 2010/13 also allows tenants to allocate different portions of their apportioned resources to different solutions.

In SharePoint 2013 and SharePoint Online, sandboxed solutions are being deprecated in favor of Apps. These are even more sandboxed than sandboxed solutions and as such are safer for the stability of a tenant-based platform. Like with Apple’s App store, they add to what the SharePoint platform can offer the business but without compromising its integrity.

As you can see, multi-tenancy places the responsibility for much of the availability and resource management with your cloud provider, but certain parts can now be managed by the tenant and that applies to a public or private cloud. The greater complexity comes in planning single sign-on between your cloud and your Windows network.

A Federation Server Farm

You will install this server role on more than one server on your domain to provide redundancy. Collectively you’ll refer to these as your federation farm. You’ll place all these federation servers in your internal domain behind a firewall and use a NLB host to create a cluster with a dedicated cluster DNS name and cluster IP address. When you create your federation service you’ll want to use the same FQDN as your NLB cluster’s DNS name. This will give you redundancy at the server level. Also, from a resilience standpoint, the cluster DNS name and the federation service name must be the same, such as fs.share1point.com. The FQDN must also be Internet routable through your preferred third-party domain registrar.

Federation Proxy Servers

Federation proxy servers redirect client authentication requests coming from SharePoint Online in the cloud into your organization’s internal domain. These servers are most commonly placed in a DMZ that is segregated from your internal network. In addition to the redundant ADFS servers in your federation server farm on your internal network, you’ll need at least two more ADFS servers (proxies) for hardware and DNS redundancy as well as another dedicated NLB cluster. Having another AD domain is optional, but it is common to join the proxies to an external domain rather than your internal one.

This second NLB in the DMZ must be configured with an external IP address that the domain is registered to use. For example, you would want to register a domain similar to fs.spsfaq.com with your registrar, then point it to the NLB cluster in your DMZ. The NLB cluster FQDN also must use the same cluster domain name as the internal NLB cluster domain name. For example, both clusters as well as the federation service will use the same FQDN (fs.spsfaq.com). Also, the federation proxy servers themselves must be configured with Internet-accessible IP addresses. You’ll also need to set up redundancy at the database level during installation, which I will discuss next.

Certificates

All ADFS traffic that communicates through the firewall uses HTTPS on port 443 by default, so you’ll need to purchase a certificate to make the traffic encrypted and therefore secure. Otherwise, someone could intercept the packages and read your users’ credentials. Most organizations use the same certificate they use in their internal network.

WID vs. SQL

In the planning phase, you need to understand which database mode you should choose during installation. ADFS is set up separately from Active Directory; it’s just able to communicate with it. When you install ADFS, it creates a configuration database; this can be a Windows Internal Database (WID) or a SQL server database. From a redundancy point of view, SQL is the better option. That is because with a WID, there is only one primary copy on one server where you write changes. The others simply receive propagated copies of the changes. You can only write to the primary; the others are read-only. Therefore, if you make a change to the configuration, that change has to be propagated to the secondary servers.

With SQL Server you have more control and there is only one central database. This means that you can use any server to make configuration changes and there is no propagation delay. Because your data is in SQL Server, you now have all the benefits of scalability and high availability you have applied to your other SharePoint databases. You can use SQL Server’s clustering and mirroring capabilities for HA and you can add more SQL Servers to the cluster to increase throughput.

WID also has a scale limitation that may or may not affect you: you have a maximum of five servers in the federation farm. Five servers can support up to 60,000 users. If your organization has more than 60,000 users, you’ll need to use SQL Server so you can add more than five servers in your federation farm. Even though SQL has many benefits not available to WID, most ADFS installations still use WID because it’s so easy to configure. Irrespective of the users you have in your organization, I would recommend you have at least two federation servers to make them redundant. Also, if those servers are virtual, make sure they are split across two physical servers to prevent the host server becoming a single point of failure.

Further Considerations

You may have thought that setting up a cloud version of SharePoint would mean no longer having to plan or implement this level of technically complex infrastructure. It is possible to use SharePoint in the cloud without having identity federation. It just means users have to explicitly log on occasionally. SharePoint Online does do a limited amount of cookie caching so the user’s identity is retained between browser sessions, so this is not as inconvenient as it sounds. As well as setting up this federation farm, you can use the Microsoft Online Services Module for Windows PowerShell to establish a trust with Office 365. The Microsoft Online Services Module for Windows PowerShell is a download that comes with Office 365. This module installs a set of cmdlets to Windows PowerShell; you run those cmdlets to set up single sign-on for Office 365. Microsoft recommend you set up single sign-on before you set up Active Directory synchronization.

Microsoft also points out that activating directory synchronization is a one-way street. You can’t currently deactivate directory synchronization. Once you have activated directory synchronization, you can only edit synchronized objects using on-premises applications.

Additionally, there is the task of ensuring user client machines are ready for Office 365. This means installing the required updates for Office 365 from the Office 365 downloads page to ensure that your users are running the latest Windows updates.

In Office 365 Community, Microsoft also recommends all client machines install the Microsoft Online Services Sign-In Assistant (MOS SIA). “This provides the end user with sign-in capabilities to Microsoft Online Services like Microsoft Office 365. The MOS SIA installs client components that allow desktop applications like Microsoft Outlook and Microsoft Lync to authenticate to Microsoft Online Services. The MOS SIA also provides an improved sign-in experience so users can access Microsoft Online Services without re-entering their usernames or passwords.” There is a lot to consider beyond just the HA consideration I have detailed here.