Professional Documents
Culture Documents
Creating and Managing Portal Sites on a Single Server Lab B: Configuring a Single Server Deployment Lesson: Managing Rights and Permissions Lab C: Managing Users and Configuring E-mail Server Settings 1 2 15 19 36 41 50
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2004 Microsoft Corporation. All rights reserved. Microsoft, MS-DOS, Windows, Windows NT, Windows Server, Active Directory, BizTalk, FrontPage, InfoPath, Microsoft Press, MSDN, OneNote, Outlook, PowerPoint, SharePoint, Visual Basic, Visual Studio, and Windows Media are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
iii
Instructor Notes
Presentation: 2 hours, 30 minutes Labs: 2 hours, 30 minutes This module provides students with the requirements and best practices for installing and configuring a single-server deployment of Microsoft SharePoint Products and Technologies. The module begins by introducing the systems and networks requirements for installing SharePoint Products and Technologies. The next lesson deals with creating and managing portal sites as well as how to properly manage the portal settings. After this, students will learn about the concepts and procedures surrounding SharePoint Products and Technologies security, including managing users, groups and permissions. After completing this module, students will be able to:
!
Install SharePoint Products and Technologies for a single server deployment. Create a portal site. Configure a portal. Understand general portal settings. Manage security and additional settings.
! ! ! !
Required materials
Microsoft PowerPoint file: 2012B_02.ppt. Instructor computer with Dublin and Glasgow virtual computers. SharePoint Products and Technologies and SQL Server 2003 Developers Edition installed.
Important It is recommended that you use PowerPoint 2002 or later to display the slides for this course. If you use PowerPoint Viewer or an earlier version of PowerPoint, all the features of the slides may not be displayed correctly. Preparation tasks To prepare for this module:
! !
Read all of the materials for this module. Complete the practices and labs.
iv
SharePoint Central Administration Site Properties and Creation Settings Instructor-led Practice: Creating Portal Sites Instructor-led Practice: Managing Portal Sites Configuring Alternate Portal Site URLs Instructor-led Practice: Configuring Alternate Portal Site URLs
vi
This is almost a repeat of the instructor-led practice. In step 5b invite your advanced students to tour the other areas of the portal site. This is almost a repeat of the instructor-led practice. sign next to the Web Part indicates that this is a new Web Part. The Because this is a new installation, all of the parts on this page will be listed as new.
Managing User Permissions Instructor-led Practice: Managing Users and User Permissions Managing Alerts
Point out that there are two types of alerts: on-screen and email.
These user permissions will be used in later labs. Meng Phua and Jae Pak were created in Exercise 1, but still need to have their alias, job title and SharePoint Site Group filled in.
vii
Lab Results
Performing the labs in this module introduces the following configuration change:
!
Lab A: Completing the SharePoint Products and Technologies Installation. Exercise 1: Completing the SharePoint Products and Technologies Installation. At the end of this lab, students have completed the installation of a portal using SharePoint Products and Technologies that reflects the following details: An IIS Web server named Adventure works Group Intranet on the Dublin virtual computer. An instance of SharePoint Portal Server 2003 on the Dublin virtual computer that can be accessed as http://dublin with MSDE as the database storage.
Lab B: Configuring a Single Server Deployment. Exercise 1: Configuring Alternate Site Settings. At the end of this lab, students will have configured a portal site on the Dublin virtual computer with the intranet URL http://AdventureWorks.msft, the extranet URL http://AdventureWorks.adventure-works.com, and the custom URL https://AdventureWorksPartners.adventure-works.com. Exercise 2: Managing Site Properties. At the end of this exercise, students will have specified where users can create SharePoint Portal Server sites. If students do not change the default settings, sites will be created in the same database as the portal site and will have the same prefix. Exercise 3: Managing a Web Parts Gallery. At the end of this exercise, students will have added a new Web Part .SharePoint.WebPartPages.ImageWebPart on the portal site http://dublin and add it to the Web Part gallery. Additionally, students will assign this Web Part to a new Web Part group called Adventure works general.
viii
Lab C: Managing Users. Exercise 1: Managing Users. At the end of this lab, students will have added the following users to the adventure works portal http://dublin on the Dublin virtual computer: ADVWORKS\mengph with site group READER. ADVWORKS\JaePa with site group READER. Exercise 2: Configuring E-mail Server Settings. At the end of this lab, students will have configured the portal in order to send e-mail from SharePoint Portal Server to their users. Exercise 3: Managing User Permissions. At the end of this exercise, students will have created the following list of users on the portal http://dublin and assign them to site groups and permissions as shown below.
User Name User ID Site Groups / Permission
Kim Yoshida Suzan Fine Clair Hector Meng Phua Jae Pak
Overview
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction This module discusses the requirements and best practices for installing and configuring a single-server deployment of Microsoft SharePoint Products and Technologies. The module begins by introducing the systems and networks requirements for installing SharePoint Products and Technologies. The lessons that follow deal with creating and managing portal sites and portal settings. After completing this module, you will be able to:
!
Objectives
Deploy SharePoint Products and Technologies on a single server deployment. Configure and manage a portal. Manage rights and permissions on a portal.
! !
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction This lesson introduces you to the concepts and procedures necessary for installing a single-server deployment of SharePoint Products and Technologies. The first part of this lesson discusses pre-installation topics such as hardware, software, network, and database requirements for the server and client computers in order to correctly install SharePoint Products and Technologies. The second part describes how to actually install SharePoint Products and Technologies, how to repair the installation in case it fails, and how to uninstall an installation. Objectives After completing this lesson, users will be able to:
! !
Understand how to plan for a SharePoint Portal deployment. Understand the hardware and network requirements for a SharePoint Portal deployment. Understand the software requirements for a SharePoint Portal deployment. Understand the database server requirements for a SharePoint Portal deployment. Understand the client requirements for a SharePoint Portal deployment. Prepare the environment for SharePoint Products and Technologies install. Install SharePoint Products and Technologies.
! !
! ! !
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction When you are installing SharePoint Products and Technologies on a single server, you have two options for single server configuration:
!
Stand-alone configuration uses SQL Server Desktop Engine for its database. The Microsoft SQL Server 2000 Desktop Engine (MSDE) is not as feature rich as SQL server. MSDE has limited database analysis tools and publication subscription capabilities, among other limitations. Single server with SQL server configuration leverages the SQL server developers edition that includes the full suite of analysis and publication subscription capabilities. If your deployment requires significant scalability or you must store a large number of documents, it is recommended that you select the single server with SQL server configuration.
Stand alone
A stand-alone SharePoint Products and Technologies configuration has the following characteristics:
!
It consists of only a single computer that runs the: Web component. Index component. Search component. This computer operates as the job server. This computer does not have Microsoft SQL Server 2000 installed. The setup wizard installs MSDE to store the databases. MSDE has limited throughput ability and supports databases with a maximum size of two gigabytes (GB). This computer can optionally run the components for backward compatibility with SharePoint Portal Server 2001 document libraries.
! ! !
The single server with SQL server configuration has the following characteristics:
!
It consists of only a single computer that runs the: Web component. Index component. Search component. This computer operates as the job server. This computer has SQL Server 2000 installed. SQL Server is used to store the databases. This computer can optionally run the components for backward compatibility with SharePoint Portal Server 2001 document libraries. You can also install the components for backward-compatible document libraries on another server.
! ! ! !
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Installing SharePoint Products and Technologies requires an in-depth understanding of the current environment and the impact that installing SharePoint Products and Technologies will have on the network. The following issues will be discussed at length during this course:
!
Factors that affect SharePoint Products and Technologies performance: Hardware configuration. Network configuration. Software configuration. Server topology. Characteristics of different deployment scenarios: Single server deployment. Server farm deployment. Hardware, software, network, database, and browser requirements for the server and client computers. Tasks that users must perform to prepare their environment for SharePoint Products and Technologies installation. Best practices: Microsoft Solutions for Intranets. MSI Planning Guide. MSI Operations Guide.
Resources
! ! !
Real-world portal deployments must respond to a challenging set of requirements, including ease of deployment and management, service availability and throughput, and organizational flexibility. These requirements typically evolve with time and vary greatly depending on the size and complexity of the organization. SharePoint Products and Technologies Administrators can easily scale deployments to address changing requirements by adding hardware resources in any of the categories listed in the table below. Note that the numbers displayed below are reference numbers and vary depending upon configuration and product. For more specific information, please refer to the SharePoint Products and Technologies Hardware Capacity Planning Guide at the following URL: http://www.microsoft.com/Sharepoint.
Hardware Component Web Servers Database Servers Search Servers Index Servers Portal Sites Team Sites Number 1 to 10 1 to 5 1 to 4 1 to 4 1 to 100 1 to 50,000/DB
Note Server farm deployments will be covered in, Module 4, Deploying SharePoint Products and Technologies on a Server Farm.
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Partitions The operating system partition and any partitions on which SharePoint Products and Technologies components will be installed, including the paths chosen during setup for program and data files, must be formatted as NTFS file system. Caution Program and data file paths cannot point to removable or networked storage. Network domain requirements SharePoint Products and Technologies are supported only on servers that are members of a Microsoft Windows NT 4.0, Windows 2000, or Windows Server 2003 domain. Note Installing and operating SharePoint Portal Server on a server computer is supported only if this server is a member of a domain, not a member of a workgroup. All servers in a server farm must be members of the same domain. Hardware scalability key resources SharePoint Products and Technologies supports several scale-up and scale-out strategies to maintain throughput in a growing enterprise. Scaling is achieved by adding site collections to an existing virtual server, or by adding subsites to an existing site collection. As part of the scaling strategy, you can modify key hardware resources to ensure optimal performance. CPU capacity, RAM capacity, hard disk capacity, and network throughput are interdependent resources. A system that is light on any one of these resources will fall short of ideal performance. It is important to plan for hardware to deliver the CPU capacity and supporting resources that satisfy your requirements. Keep in mind that the most critical resource for responding to increased demand is CPU capacity.
Software Requirements
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Software Requirements One of the minimum system requirements for SharePoint Products and Technologies is Windows SharePoint Services. When you install SharePoint Portal Server 2003, Setup automatically installs Windows SharePoint Services if it is not already installed. It is not recommended that customers install Windows SharePoint Services instead of SharePoint Portal Server 2003. Before you install SharePoint Products and Technologies, make sure that the server meets the following software requirements: Operating System The server must be running one of the following operating systems:
!
Microsoft Windows Server 2003, Standard Edition, plus the latest service pack. Microsoft Windows Server 2003, Enterprise Edition, plus the latest service pack. Microsoft Windows Server 2003, Datacenter Edition, plus the latest service pack. Microsoft Windows Server 2003, Web Edition, plus the latest service pack.
Microsoft ASP.NET. Enable network COM+ access. Microsoft Internet Information Services (IIS) with the following components: Common Files. Internet Information Services Manager. World Wide Web Service.
Note If you are running SharePoint Products and Technologies on Windows Server 2000, Web Edition, you must have Microsoft SQL Server installed on a separate computer. You cannot use the SQL Server Desktop Engine for database storage. Backward compatibility The backward-compatible document store is an option provided for users who require features such as complex document routing and approval, folder-level security, minor-level version numbers, and multiple document profiles for each folder. If you are installing SharePoint Products and Technologies on a domain controller, you must install it without the database engine. When installing on a domain controller, the option to install with the database engine is not available. All servers in a server farm must run the same version and language of the operating system, and (where applicable) the same version and language of Microsoft SQL Server 2000, with the following exceptionthe computer running SQL Server 2000 can run on any supported operating system for SQL Server 2000. The backward-compatible document library server component of SharePoint Portal Server 2003 cannot run on servers on which the following are installed:
! ! ! !
Microsoft Exchange Server (any version). Microsoft Site Server (any version). Microsoft Office Server Extensions. Microsoft SharePoint Portal Server 2001.
Note For small, medium, and large server farm deployments, the component for backward-compatible document libraries and SQL Server 2000 cannot be installed on the same computer.
10
*****************************ILLEGAL FOR NON-TRAINER USE****************************** You must use one of the following for your database server:
!
Microsoft SQL Server 2000 Desktop Engine (MSDE 2000). You must use the version of the Microsoft SQL Server 2000 Desktop Engine that SharePoint Portal Server 2003 installs. SQL Server Desktop Engine has limited throughput ability and supports databases with a maximum size of 2 gigabytes (GB). If your deployment requires significant scalability or if you must store more than 2 GB of documents, it is recommended that you use SQL Server in your deployment.
! !
Microsoft SQL Server 2000, plus the latest service pack. Microsoft SQL Server 2000 Enterprise Edition, plus the latest service pack.
Note MSDE can be upgraded in place of SQL server, although it is not recommended. The Windows SharePoint Services instructions to upgrade are inherently difficult. Instead, customers should backup their data, reinstall the operating system, install SQL, install SharePoint Products and Technologies, and then restore their data. This scenario has been tested and has proved to be much easier than upgrading. For more information upgrading MSDE to SQL Server, see the documentation for SQL Server 2000 or http://www.microsoft.com/sql/.
11
Client Requirements
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Client hardware requirements The following are minimum hardware requirements for a computer running the client components for backward-compatible document libraries:
! ! !
Intel Pentium IIIcompatible 200 Mhz processor. 64 MB of RAM. 50 MB hard disk space on Microsoft Windows 98 and Microsoft Windows NT 4.0; 30 MB disk space on Windows 2000 and Windows XP. The disk can be formatted as NTFS, FAT, or FAT32.
Computers running the client components for backward-compatible document libraries must be running one of the following operating systems:
! ! !
Microsoft Windows 98. Microsoft Windows NT 4.0, plus the latest service pack. Microsoft Windows 2000 Professional, Server, or Advanced Server, plus the latest service pack. Microsoft Windows XP Professional, plus the latest service pack. Any version of Microsoft Windows Server 2003, plus the latest service pack.
! !
In addition to the operating system, client computers must have Microsoft Outlook Express 5.01 or later installed. Computers that use coordinators for backward-compatible document libraries must be running Windows 2000 Professional, Server, or Advanced Server, Windows XP Professional, or Windows Server 2003.
12
To access the portal site, computers must have one of the following Web browsers installed:
! ! ! ! ! ! !
Microsoft Internet Explorer 5.01, plus the latest service pack. Internet Explorer 5.5, plus the latest service pack. Internet Explorer 6.0, plus the latest service pack. Netscape Navigator 6.2 or later. Internet Explorer 5.2 for Mac OS X, plus the latest service pack. Netscape Navigator 6.2 for Mac. Netscape Navigator 6.2 for UNIX.
Computers running the client components for backward-compatible document libraries must have one of the following Web browsers installed:
!
Microsoft Internet Explorer 5.01 with Service Pack 2 and update Q324929. Microsoft Visual Basic Scripting support is required. This is included in the default installation of Internet Explorer 5. Internet Explorer 5.5 with Service Pack 2 and update Q324929. Microsoft Visual Basic Scripting support is required. Internet Explorer 6.0 with update Q324929. Microsoft Visual Basic Scripting support is required. Netscape Navigator 6.02 or later.
13
*****************************ILLEGAL FOR NON-TRAINER USE****************************** In this instructor-led practice, use the following values:
Variable Virtual Computer Virtual Computer Virtual Computer - Domain Controller Virtual Computer- SQL server Value Cardiff Dublin (Keep this computer running in the background for use in the next lab) Glasgow Melbourne
14
15
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Objective After completing this lab, you will be able to install a portal using the Microsoft SharePoint Portal Server wizard. Note This lab focuses on the concepts in this module and, as a result, may not comply with Microsoft security recommendations. Prerequisites Before working on this lab, you must have introductory-level knowledge of:
! ! ! ! !
Scenario
The Adventure Works Company is deploying SharePoint Products and Technologies to develop an intelligent portal that seamlessly connects users, teams, and knowledge so that people can take advantage of relevant information across business processes to help them work more efficiently. You are Suzan Fine, a server administrator at Adventure Works. As the server administrator responsible for the SharePoint Products and Technologies computer, you are responsible for installing SharePoint Products and Technologies at the Adventure Works headquarters building.
16
Lab Setup
You should have the following virtual computers running: 1. 2012_0-Glasgow_DomainController. 2. 2012_1-Dublin_Simple SPS Server.
17
18
6. On the Create Portal Site Confirmation for DUBLIN page, click OK to begin creating the portal. The Operation Status page displays. Note This step takes about ten minutes to complete. 7. At the end of a successful portal creation, the Operation Successful page displays. After reading the on-screen material, close the Operation Successful page. 8. On the Microsoft Office SharePoint Portal Server 2003 page, click Exit, and eject the SharePoint Portal Server 2003 CD.
19
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction This lesson introduces the concepts and procedures for configuring a portal. You create and manage your portal using the links under the Portal Configuration section of the SharePoint Portal Server Central Administration page. You will learn how to extend and configure virtual servers, create and manage portal sites, and configure portal site information such as external access settings and sets of quotas. You will also learn the general portal settings that you will use when managing your portal site. You can use the links under Security Configuration on the SharePoint Portal Server Administration page to view or configure security settings for your portal. Lesson objectives After completing this lesson, you will be able to:
!
Understand your permissions as a SharePoint Products and Technologies Portal Administrator. Manage all aspects of your portal using the Central Administration page. Manage site property and creation settings. Create a new portal site. Manage the portal sites. Configure alternate portal site URLs. Understand the function of Web Parts and how to use templates.
! ! ! ! ! !
20
Administrative Rights
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Two sets of users are allowed to perform administrative functions for Microsoft Windows SharePoint Services: members of the administrators group for the local server computer and members of the SharePoint administrators group. The local server administrators group is allowed to perform all of the usual administrative functions on the local server only. The SharePoint administrators group is a Microsoft Windows NT domain group that is registered with Windows SharePoint Services. Members of this domain group can perform central administration tasks without having to be given administrator rights to the local server computer. This is particularly useful in a server farm, because you can grant rights across the server farm, rather than individually for each computer in the server farm. This is also useful for applications that call into the administrative object model for Windows SharePoint Services. If the application process can be configured to run as a member of the SharePoint administrators group, it can create new sites, modify quota values for sites, and so on. Note To manage the SharePoint administrator's group, you must be a member of the administrators group for the local server computer.
21
Members of the SharePoint administrators group do not have access to the Internet Information Services (IIS) metabase or to the local server's file system, so they cannot perform the following actions for Windows SharePoint Services:
!
Extend virtual servers. They can, however, create top-level Web sites or change settings for a virtual server. Remove Windows SharePoint Services from a virtual server. Manage paths. Change the SharePoint administrators group. Change the configuration database settings. Use the Stsadm.exe command-line tool.
! ! ! ! !
Members of the SharePoint administrators group can perform any other administrative action using the HTML Administration pages or object model for Windows SharePoint Services. For example, members of the group can view and manage all sites created on their servers. This means that a member of the SharePoint administrators group can read documents or list items, change survey settings, delete a Windows SharePoint Services site, or perform any action on a site that the site administrator can perform.
22
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction The SharePoint Portal Server Central Administration page links to various pages that enable you to configure SharePoint Portal Server components, manage server topology settings, and to manage portal sites. Server Configuration enables users to:
! ! ! !
Server configuration
Configure server topology. Configure the configuration database server. Configure e-mail server settings. Configure server farm account settings.
Component configuration
Manage the search service. Manage settings for single sign-on. Configure usage analysis processing. Configure the HTML viewer. Configure diagnostic settings.
23
Create a Portal site. List and manage portal sites. Extend an existing virtual server from the Virtual Server List page. Configure virtual server settings from the Virtual Server List page. Configure site quotas and locks from the Virtual Server List page. Configure alternate portal site URLs for intranet, extranet, and custom access.
Security configuration
Set the SharePoint administrative group account. Manage site collection owners. Manage Web site users. Manage blocked file types. Configure antivirus settings.
24
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Site branding You can quickly customize the branding for your portal site. Use the Change Portal Site Properties and SharePoint Site Creation Settings pages to edit portal site names and descriptions, specify site logos, specify locations for additional SharePoint sites to be created, and specify the file location of any custom cascading style sheets that you want to use. The following character limitations apply:
!
Character limitations
Portal title. The portal title is limited to 80 Unicode characters. The portal title can consist of all alphanumeric characters, as well as the following special characters: #%*+\|"?><$@[]{}.
Portal description. The portal description is limited to 200 Unicode characters. The portal description can consist of all alphanumeric characters, as well as the following special characters: #%*+\|"?><$@[]{}.
URL for creating sites from the Sites Directory. The URL for creating sites from the Sites Directory is limited to 2,048 ASCII characters. In addition, no component of the URL, such as the virtual directory or virtual server, can exceed 128 characters. The URL must end with _layouts/language/scsignup.aspx. As an administrator, you can use this feature to provision team sites on a separate virtual server or server farm.
25
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction The first step in creating a portal site is to extend one or more virtual servers in IIS through Windows SharePoint Services from the Web Server. Each virtual server has its own set of content databases in SQL Server or WMSDE, and the content for sites within a site collection is stored in the same content database. You then need to set the configuration database to direct each of these virtual servers to the appropriate content database for a given Web site. You may scale your portal by adding site collections to an existing virtual server, or by adding subsites to an existing site collection. You can create up to 50,000 site collections on a single virtual server and each site collection can contain up to 2,000,000 Windows SharePoint Services sites.
26
*****************************ILLEGAL FOR NON-TRAINER USE****************************** In this instructor-led practice, use the following values:
Variable Virtual Computer Virtual Computer - Domain controller Virtual Computer- SQL server Value Cardiff Glasgow Melbourne
27
28
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction You can use the Manage Portal Sites page to:
! ! ! !
Go to a portal site home page. Go to the Site Settings page for the portal site. Create a portal site. Delete a portal site.
29
30
*****************************ILLEGAL FOR NON-TRAINER USE****************************** About Alternate Portal Access Settings Alternate access settings provide a mechanism for server farm administrators to identify the different ways that portal sites are accessed, ensuring that URLs are displayed appropriately for the access method. Administrators often deploy portal sites that users can access by using different URLs. It is important that functionality, such as search results for portal site and document library (Web Storage System-based) content, be appropriate for the URL that was used to access the portal site. External URLs must be provided to the user in a form that is appropriate for how the user is currently accessing the portal site. Without alternate access settings, search results might be displayed in a way that would make them inaccessible to users. Users might receive search results that they cannot access whenever they access the portal site by using a URL that is different from the original URL used for crawling the content. The Microsoft SharePoint Search service consults the alternate access setting entries when crawling a document. If the URL of the document matches one of the mapping entry URLs, the URL is replaced with the mapping ID for the entry. When the search result is displayed, the mapping ID is replaced by the appropriate URL if the user is requesting the document from an access point listed in the alternate access setting entries. If there is no appropriate alternate mapping, the search results display the default URL. Every alternate access setting entry must have a default URL. Each entry can have additional alternate access methods for either intranet, extranet, or custom access. Each URL must be different from all other URLs. These mappings are stored in the configuration database. SharePoint Products and Technologies uses the default URL for any requested URL that is not found in the mapping table. You cannot delete entries for virtual servers that currently host portal sites or document libraries.
31
If an entry has been deleted, but URLs for that mapping ID still exist in the index, then those results will be displayed with a message stating that the content is not currently accessible. The server farm administrator must update the content index in order to update the URLs. Note For more information, see About Alternate Portal Access Settings in SharePoint Portal Server online help or http://www.microsoft.com/sharepoint/. Character limitations The mapping name has a maximum length of 64 Unicode characters and must not be null. The following character limitations apply for the default, intranet, extranet, and custom URLs:
!
Each URL has a maximum length of 255 Unicode characters and a minimum length of 5 characters. The user can enter the URL in any combination of uppercase and lowercase letters, but the URL is always saved in lowercase. Each URL must be different from all other URLs.
The URL can include the protocol (for example, http, https, ftp), server name, and port number portion only. For example, http://server_name.domain.com or http://server_name:port_number. Do not include the portal site name, such as http://server_name.domain.com/portal_site_name.
32
*****************************ILLEGAL FOR NON-TRAINER USE****************************** In this instructor-led practice, use the following values:
Variable Virtual Computer Virtual Computer - Domain controller Virtual Computer- SQL server portal intranet_URL extranet_URL custom_URL Value Cardiff Glasgow Melbourne http://cardiff http://cardiff.AWPortal.msft http://cardiff.AdventureWorks.com http://cardiff.AdventureWorksPartners.com
33
4. On the Change Alternate Access Setting page, do the following: a. In the Default URL field, verify that the default URL is set to the portal. Search services will use the default URL when crawling content, and search results will display the default URL when no other access mapping is available. The default URL field cannot be blank. b. In the Intranet URL box, type the intranet_URL. The intranet URL is normally optional, but it is used in this exercise. c. In the Extranet URL box, type the extranet_URL. The extranet URL is normally optional, but it is used in this exercise. d. In the Custom URL box, type the custom_URL. The custom URL is normally optional, but it is used in this exercise. The custom URL can be an intranet or an extranet address. 5. Click OK.
34
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Web Parts Web Parts are componentized Web page elements that allow developers to create modular Web sites. Web Parts provide a connection to information or an application, and display it inside a Web page in Microsoft Windows SharePoint Services or SharePoint Products and Technologies. Some examples of Web Parts include lists, calendars, weather updates, a stock ticker, news updates, and search fields. Administrators can install Web Parts on any site based on Windows SharePoint Services. The level of freedom to modify Web Parts and Web Part Pages on the portal or Web site depends completely on the site group to which a user is assigned. Users can make changes that apply to all the users of a shared page, or they can make changes that apply only when they view the page. You can use the Site Collection Web Part Gallery to store and retrieve Web Parts. The Web Parts in this gallery are available to top-site and all sites under it. Microsoft Office FrontPage 2003 Microsoft Office FrontPage 2003 is a Web editor that is fully integrated with Windows SharePoint Services. FrontPage 2003 provides a variety of WYSIWYG tools you can use to customize and manage your SharePoint sites, including an improved table editing tool and a collection of dynamic templates for SharePoint sites. With FrontPage 2003, you can edit and control SharePoint site components, such as team sites and Web Parts. You can also control navigation and customize the look and feel of a SharePoint site. FrontPage 2003 also enables you to prepare usage analysis reports for SharePoint sites, so you can track who is using your site and how they are using it. To edit Web pages in a SharePoint site, you must be a member of a site group with the Add and Customize Pages right for that SharePoint site.
35
You can upload templates available for use in Web site or list creation by adding them to the site or list galleries. The templates in these galleries are available to this top-level site and all sites under it. Note that the default site and list templates are not displayed in the galleries. Note To learn more about customizing SharePoint Products and Technologies using Web Parts and Microsoft FrontPage 2003, see Workshop 2014, Customizing SharePoint Products and Technologies or http://www.sharepointcustomization.com/default.aspx.
36
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Objective After completing this lab, you will be able to configure alternate portal site settings, manage the portal site properties, and modify the Web Part galleries. Note This lab focuses on the concepts in this module and, as a result, may not comply with Microsoft security recommendations. Prerequisites Before working on this lab, you must have introductory-level knowledge of:
! ! ! ! !
Scenario
You are Suzan Fine, a server administrator at Adventure Works. It is your job to configure and manage the SharePoint Products and Technologies at the Adventure Works headquarters building. As the portal site administrator, you have several responsibilities, including adding alternate access to enable users to access portal sites in different ways, specifying where users are allowed to create SharePoint sites, adding Web Parts and setting their properties, and then populating the Web Part galleries.
Lab Setup
You should have the following virtual computers running: 1. 2012_0-Glasgow_DomainController. 2. 2012_1-Dublin_Simple SPS Server.
37
38
7. Verify that the proper URLs are displayed for each category:
Mapping Name Default URL Intranet URL Extranet URL Custom URL Adventure Works Group Intranet http://dublin http://adventureworks.msft http://adventureworks.adventure-works.com https://adventureworkspartners.adventure-works.com
39
40
41
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction This lesson introduces you to the concepts, procedures and nuances of managing users, groups, and permissions. SharePoint Products and Technologies security may seem complex until you understand why users and groups are managed by role-based security settings, and how these settings can change from site to site. After you learn about these security settings, you will be able to develop a good plan for managing the users and groups across your organization. After completing this lesson, you will be able to:
! ! !
Objectives
Define Site Groups and their rights. Manage users and cross-site groups. Manage alert settings.
42
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction SharePoint Products and Technologies use a security model based on site groups and rights. Site groups are a collection of NT users and groups. Security rights are assigned to each security group. You can customize the rights assigned to these site groups or add new site groups to combine different sets of rights. By default, Windows SharePoint Services includes the following groups:
!
Administrator site group members have complete control over a Web site. They can configure settings, manage users and site groups, and view usage analysis data. Web Designer site group members can use a SharePoint Products and Technologies-compatible Web page editor such as Microsoft Office FrontPage 2003 to customize the Web site. Content Manager site group members can create and manage areas, lists, libraries, and sites. Contributor site group members can interact with Web Parts, lists, and document libraries. Additionally, they can create and manage personal views and cross-site groups and personalize Web Part pages. Reader site group members can view items in lists and document libraries, view pages in the site, and create a site using Self-Service Site Creation. Member site group members can view and personalize portal site content and create sites.
Custom Groups
Domain groups and Local groups can be members of site groups. Cross-site groups are collections of users who can be managed as a single group across multiple SharePoint Products and Technologies site collections. Cross-site groups can be members of a site group. Domain groups and local groups can also be members of site groups; however, domain groups are preferred over local groups.
43
Managing Users
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Administrator The Administrator has all rights from other site groups and rights to manage:
! ! ! !
Site groups. Manage list permissions. Create SharePoint sites. View usage analysis data.
You cannot customize or delete the Administrator site group. In addition, there must always be at least one member of the Administrator site group. Members of the Administrator site group always have access to, or can grant themselves access to, any item in the Web site. The owner and secondary owner of a site collection are members of the Administrator site group for their site. These site groups are defined per SharePoint site. Users assigned to the Administrator site group are administrators only for a particular SharePoint site. To perform any administrative tasks that affect settings for all SharePoint sites and virtual servers on the server computer, a user must be an administrator for the server computer (also known as a local machine administrator) or a member of the SharePoint Administrators group, rather than a member of an Administrator site group for a specific SharePoint site. Managing Users and Cross-Site Groups Every Web site has users, and part of your job as administrator is to make sure the users of a Web site have the appropriate rights to use the site. To grant access to a site, users must be added to the site, either individually or as part of a cross-site group and assigned to a site group. In Windows SharePoint Services, users and cross-site groups can be added by using one of two modes:
!
Domain account mode is used inside organizations to grant access to users and groups with existing domain accounts. Active Directory account creation mode is used by Internet service providers to create unique accounts for customers. This mode of creation can only be used on Windows SharePoint Services sites, not SharePoint Portal Server 2003 sites.
44
You determine which mode to use when you first install and configure Windows SharePoint Services, and you cannot switch between modes later. Whichever mode you use, you can add users and cross-site groups to your site by using either the command-line tool or HTML Administration pages for your Web site. About Domain Account mode If you are using Windows SharePoint Services inside an organization that uses Microsoft Windows domain accounts, you can use domain account mode for user and cross-site group accounts. With domain account mode, you add users and cross-site groups to your site using their existing domain account information, including their account names and e-mail addresses. You can also add Windows NT domain groups to your site, which is not possible in Active Directory account creation mode. Domain account mode is the standard mode for Windows SharePoint Services. Note that you can use Active Directory directory service to manage domain accounts - the difference between the modes is the type of account you use and how and when the accounts are created. If you host Web sites based on Windows SharePoint Services for customers on the World Wide Web, you can configure Windows SharePoint Services to automatically create Active Directory accounts for new users and cross-site groups. You must enable Active Directory account creation mode when you first configure Windows SharePoint Services. When you use Active Directory account creation mode for a site collection, you cannot use pre-existing domain accounts. Instead, new accounts are created whenever you add users. It is important to note that you cannot use SharePoint Portal Server 2003 in Active Directory account creation mode. Creating users and cross-site groups with Active Directory account creation mode is the same as creating users with domain account mode, except that you only enter the e-mail address or group name, not a domain account, when adding the user or cross-site group to a site. Windows SharePoint Services checks Active Directory to see if an account with that e-mail address or group name already exists. If the user or cross-site group already has an account in Active Directory, the account is used. If the user or cross-site group is new, an account is created for them in Active Directory using the Windows SharePoint Services credentials, and they are notified of their account name and password through e-mail. Note When you are in Active Directory account creation mode, there are certain administrative tasks that are unavailable in the HTML Administration pages. For example, you cannot create a top-level Web site, you cannot enable Self-Service Site Creation, and you cannot add a user to a site from the Central Administration pages. To perform these actions in Active Directory account creation mode, you must use the command line or the object model. For more information on using the object model to manage Windows SharePoint Services see Windows SharePoint Services online help or http://www.microsoft.com/sharepoint/. The Minimum Password Age group policy on the domain controller must be set to 0 days. Failure to do so will result in users being unable to change their passwords, unless they have administrator rights on the server. For information on setting the Minimum Password Age group policy, see Windows 2003 Server online help or http://www.microsoft.com/sharepoint/.
45
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Manage Users from SharePoint Central Administration Use HTML Administration Pages to Manage Users and Cross-site Groups If you are an administrator on the server computer or a member of the SharePoint administrators group, you may have administrative rights to change settings on the Site Settings page for any individual site on your server. The SharePoint Central Administration page includes a link for managing users for sites even if the administrator does not have rights to the site. You can add users or cross-site groups, remove users or cross-site groups, change site group membership, and change owners, without having to be an administrator on a specific site. However, you must know the URL for the site, and the specific user name that you want to change. The steps for adding users and cross-site groups are the same, no matter which account mode you are using. Using either method, you can manage users and cross-site groups from the Site Settings page for your Web site. To manage users and cross-site groups, you follow the Manage users link on the Site Settings page to the Manage Users page. By using this page, you can view a list of users and cross-site groups, check which site group a user or cross-site group is assigned to, add new users and cross-site groups, delete users and cross-site groups, or assign users and cross-site groups to site groups.
46
When you add new users or cross-site groups, you also have the option to send an e-mail message to them, inviting them to use the site. You can even include a custom message in the invitation e-mail message. For example, you can describe your site and what it should be used for, or add a personal message to the default e-mail invitation. Note If you do not see the Manage users link on your Site Settings page, you are probably in a subsite that uses the permission settings of a higher-level Web site of the server or virtual server. To work with user accounts and permissions, either go to the parent-level Web site, or change to using unique permissions for the subsite. For more information about subsite permissions, see Managing Site Groups and Permissions in Windows SharePoint Services online help or http://www.microsoft.com/sharepoint/.
47
*****************************ILLEGAL FOR NON-TRAINER USE****************************** In this instructor-led practice, use the following values:
Variable Virtual Computer Virtual Computer- Domain controller Virtual Computer- SQL server Value Cardiff Glasgow Melbourne
Managing users
! From the Manage Users page, you are able to do the following
1. Change site group membership for a user or cross-site group. You can also add new users and cross-site groups to your site from the Manage Users page. 2. Add a new user or cross-site group. Note that local accounts must exist before you attempt to add them. Also when using Active Directory account creation mode, you cannot add local accounts or security groups. This does not delete the user or cross-site group account, but does remove all rights to the Web site.
48
3. Add all users from an e-mail distribution list. You can only add e-mail distribution lists that reside on the same e-mail server as your current e-mail account. For example, in Office Outlook 2003, the names of distribution lists that reside on the same e-mail server appear in bold text. Adding or removing users from the e-mail distribution list will not add or remove them from the site. You must manually add or remove users from the site after changing your distribution list membership. 4. Delete a user or cross-site group from all site groups. 5. Manage users in a site collection. Every Web site with unique permissions has a Manage Users page that the site's administrator can use to add, modify, or delete users. In addition to this page, the top-level Web site in a Web site collection also includes a page that server administrators or the site collection administrator can use to view and delete users. This page lists all users for the site collection, including the users of the top-level Web site and users of any subsites in the site collection. When you remove a user from this list, the user is removed from all sites and subsites in the site collection. Note It is important to understand that even though you can remove users from a site, they may still have Reader site group access to other sites in the site collection.
49
Managing Alerts
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Alert management You can use the Manage Alerts Settings page to:
!
Manage alerts. Delete or deactivate an individual users alerts. Remove all alerts and alert results stored on the portal site for all users. Create quotas to limit the number of alerts per site, the number of alerts per user, and the number of alert results per alert. The portal site now automatically identifies and optimizes alerts that have the potential for generating large numbers of results; it will deactivate any alert that generates an excessive number of results.
Manage e-mail alerts. Configure an SMTP server to enable users to receive e-mail alerts. Remove all alert results e-mail messages waiting to be sent in the alerts notification queue. Specify a user profile field to use as the source of the default e-mail address when a user adds an alert. Prevent misdirected e-mail messages by locking e-mail address fields to use only user profile data. Customize the format of the alert results e-mail messages by using an .xsl file.
50
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Objective After completing this lab, you will be able to create and maintain multiple users and assign them to the appropriate site group based on their portal requirements. Furthermore, you will be able to configure the e-mail server settings on the portal in order to send e-mail from SharePoint Portal Server to your users. Note This lab focuses on the concepts in this module and, as a result, may not comply with Microsoft security recommendations. Prerequisites Before working on this lab, you must have introductory-level knowledge of:
! ! ! ! !
51
Scenario
The Adventure Works Company is deploying SharePoint Products and Technologies to develop an intelligent portal that seamlessly connects users, teams, and knowledge so that people can take advantage of relevant information across business processes to help them work more efficiently. You are Suzan Fine, a server administrator at Adventure Works. You are responsible for completing the installation of SharePoint Products and Technologies at the Adventure Works headquarters building, and configuring the newly installed SharePoint Portal Server. As the portal site administrator, you are also required to create and maintain a list of portal site users, organize their credentials, and provide access based on their roles. You are also required to establish permissions around site creation. As the portal site administrator, you are required to create multiple users, provide them access and permissions to certain areas of the site. You must also create and manage templates for Web Parts.
Lab Setup
You should have the following virtual computers running: 1. 2012_0-Glasgow_DomainController. 2. 2012_1-Dublin_Simple SPS Server.
52
53
10. On the Add Users page, in the Choose Site Groups section, select the site group Reader, and then click Next. 11. In the Confirm Users section, verify the data displayed for each category:
Category E-mail Address User Name Display Name Data MengPh@advworks.msft JaePa@advworks.msft ADVWORKS\MengPh ADVWORKS\JaePa Meng Phua Jae Pak
12. In the Send E-mail section, if you want to send an invitation, select the check box Send the following e-mail to let these users know they've been added. Type the subject and body text information to be sent in an e-mail message to inform and welcome Meng Phua and Jae Pak as users of this portal site. 13. Click Finish. 14. You should see the following error message: The user or users have been added successfully, but there was an error in sending the e-mail message. The server may not be set up correctly to send e-mail. To verify that e-mail is configured correctly, contact your server administrator. This error was generated because the portals e-mail server settings have not been configured. Exercise 2 (on the next page) will lead you through the steps to correct this error. 15. Close the Internet Explorer window. Note You can also delete users or cross-site groups from all site groups by using the Manage Users page. This does not delete the user or cross-site group account, but does remove all rights to the Web site.
54
55
56
8. Once you have all the users displayed on the Selected account name(s) area (except Meng Phua and Jae Pak, if added previously in Exercise 1), click the OK button to add them as users. Note When running Windows SharePoint Services in a server farm, you cannot add local accounts. Local accounts must exist before you attempt to add them. Windows SharePoint Services does not create local accounts like SharePoint Team Services v1.0 does. When using Active Directory account creation mode, you cannot add local accounts or security groups.