You are on page 1of 104

SharePoint 2007 Administration Configuration

Aivea Proprietary Information

Version History
REVISION CHART Version
0.75 1.00 2.0

Author(s)
Scott Ellis Scott Ellis Pankaj Mathur

Description of Version
First Version Design Review Version Updates and changes for training use

Date Completed
8/28/2008 9/4/2009 3/5/2010

Aivea Proprietary Information

Table of Contents
1 1.1 CENTRAL ADMINISTRATION: OPERATIONS ............................................................................................ 9 TOPOLOGY AND SERVICES.................................................................................................................... 9 1.1.1 Servers in farm ............................................................................................................................. 9 1.1.2 Services on server .......................................................................................................................10 1.1.2.1 Services Configuration ............................................................................................................... 11 1.1.2.1.1 Configure the Document Conversion Load Balancer Service .................................................. 11 1.1.2.1.2 Office SharePoint Server Search Service ................................................................................. 11 1.1.2.1.3 Windows SharePoint Services Help Search .............................................................................13 1.1.3 Outgoing e-mail settings ............................................................................................................14 1.1.4 Incoming e-mail settings ............................................................................................................14 1.1.5 Approve/reject distribution groups ............................................................................................15 1.2 SECURITY CONFIGURATION .................................................................................................................15 Service accounts .........................................................................................................................15 Information Rights Management ...............................................................................................16 Antivirus ......................................................................................................................................16 Blocked file types ........................................................................................................................16 Update farm administrators group............................................................................................17 Information Management Policy Configuration .........................................................................17 Manage settings for single sign-on ............................................................................................17

1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3

LOGGING AND REPORTING .................................................................................................................18 Diagnostic logging ......................................................................................................................18 Usage analysis processing ..........................................................................................................19 Information management policy usage reports .........................................................................19

1.3.1 1.3.2 1.3.3 1.4

UPGRADING AND MIGRATION ............................................................................................................20 Microsoft Content Management Server Migration ....................................................................20 Enable Enterprise Features .........................................................................................................20 Enable Enterprise Features .........................................................................................................20 Convert License Type ..................................................................................................................21

1.4.1 1.4.2 1.4.3 1.4.4 1.5

GLOBAL CONFIGURATION ...................................................................................................................21 Timer job status ..........................................................................................................................21 Timer job definitions ...................................................................................................................21 Master site directory settings .....................................................................................................22 Site directory links scan ..............................................................................................................22 Alternate access mappings .........................................................................................................22 Manage farm features................................................................................................................23 Quiesce farm ...............................................................................................................................23 Solutions management ...............................................................................................................23

1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6

BACKUP AND RESTORE ........................................................................................................................23 Perform a backup .......................................................................................................................23 Backup and restore history .........................................................................................................24 Restore from backup ...................................................................................................................24 Backup and restore job status ....................................................................................................24

1.6.1 1.6.2 1.6.3 1.6.4

Aivea Proprietary Information

1.7

DATA CONFIGURATION ........................................................................................................................25 Default database server .............................................................................................................25 Data Retrieval Service .................................................................................................................25

1.7.1 1.7.2 1.8

CONTENT DEPLOYMENT ......................................................................................................................26

1.8.1 Content deployment paths and jobs ...........................................................................................26 1.8.1.1 New Path ...................................................................................................................................26 1.8.2 Content deployment settings ......................................................................................................27 1.8.3 Content deployment object status ..............................................................................................28 2 2.1 CENTRAL ADMINISTRATION: APPLICATION MANAGEMENT ................................................................29 SHAREPOINT WEB APPLICATION MANAGEMENT ..............................................................................29 Create or extend Web application ..............................................................................................29 Create Web application .............................................................................................................29 Extending Web Application .......................................................................................................31 Remove SharePoint from IIS Web site .........................................................................................32 Delete Web application ..............................................................................................................32 Define managed paths ...............................................................................................................33 Web application outgoing e-mail settings ..................................................................................33 Web application general settings ...............................................................................................33 Content databases ......................................................................................................................35 Add Content Database...............................................................................................................36 Manage Web application features .............................................................................................36 Web application list ....................................................................................................................36

2.1.1 2.1.1.1 2.1.1.2 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.7.1 2.1.8 2.1.9 2.2

SHAREPOINT SITE MANAGEMENT ......................................................................................................37 Create site collection ..................................................................................................................37 Delete site collection ...................................................................................................................38 Site use confirmation and deletion .............................................................................................38 Quota templates .........................................................................................................................39 Site collection quotas and locks ..................................................................................................39 Site collection administrators .....................................................................................................40 Site collection list ........................................................................................................................40

2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.2.7 2.3

EXTERNAL SERVICE CONNECTIONS .....................................................................................................40 Records Center ............................................................................................................................40 HTML viewer ...............................................................................................................................40 Document conversions ................................................................................................................41

2.3.1 2.3.2 2.3.3 2.4

INFOPATH FORMS SERVICES ................................................................................................................41 Manage form templates .............................................................................................................42 Configure InfoPath Forms Services .............................................................................................42 Upload form template ................................................................................................................43 Manage data connection files ....................................................................................................44 Manage the Web services proxy .................................................................................................44

2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.5

OFFICE SHAREPOINT SERVER SHARED SERVICES ................................................................................44

2.5.1 Create or configure this farms shared services ..........................................................................44 2.5.1.1 New SSP .....................................................................................................................................45 2.5.2 Grant or configure shared services between farms ....................................................................47 Aivea Proprietary Information

2.5.3 2.5.4 2.6

Check services enabled in this farm ............................................................................................47 Configure session state ...............................................................................................................47

APPLICATION SECURITY .......................................................................................................................48 Security for Web Part pages .......................................................................................................48 Self-service site management .....................................................................................................48 User permissions for Web application ........................................................................................50 Policy for Web application ..........................................................................................................51 Add Users ..................................................................................................................................51 Creation Unique Permission Levels ............................................................................................52 Authentication providers ............................................................................................................52 Changing Web application authentication ................................................................................52

2.6.1 2.6.2 2.6.3 2.6.4 2.6.4.1 2.6.4.2 2.6.5 2.6.5.1 2.7

SEARCH ................................................................................................................................................53

2.7.1 Manage search service ...............................................................................................................53 2.7.1.1 Farm-Level Search Service .........................................................................................................53 2.7.1.1.1 Farm-level search settings ......................................................................................................53 2.7.1.1.2 Crawler impact rules ..............................................................................................................54 2.7.1.1.2.1 Add Rule ..............................................................................................................................54 2.7.1.2 Query and Index Servers ............................................................................................................55 2.7.1.3 Shared Service Providers with Search Enabled ..........................................................................55 2.8 WORKFLOW MANAGEMENT ...............................................................................................................56 Workflow Settings ......................................................................................................................56

2.8.1 3

SHARED SERVICES ADMINISTRATION ....................................................................................................57 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 Managing Farms Share Services ................................................................................................57 Creating a New SSP ....................................................................................................................57 Change Default SSP ....................................................................................................................60 Change Associations ...................................................................................................................60 Restore SSP .................................................................................................................................60

3.2

SHARED SERVICES ADMINISTRATION: MAIN SCREEN ........................................................................62

3.2.1 User Profiles and My Sites ..........................................................................................................62 3.2.1.1 User profiles and properties ......................................................................................................63 3.2.1.1.1 Refresh ....................................................................................................................................63 3.2.1.1.2 Add user profile ......................................................................................................................63 3.2.1.1.3 View user profiles ...................................................................................................................63 3.2.1.1.4 Configure profile import .........................................................................................................64 3.2.1.1.5 Start full import ......................................................................................................................64 3.2.1.1.6 Start incremental import ........................................................................................................65 3.2.1.1.7 View import connections ........................................................................................................65 3.2.1.1.8 View import log ......................................................................................................................65 3.2.1.2 User Profile Properties ...............................................................................................................65 3.2.1.2.1 Add profile property ...............................................................................................................66 3.2.1.2.2 View profile properties ...........................................................................................................67 3.2.2 Profile services policies ...............................................................................................................68 3.2.2.1 Edit Policy ..................................................................................................................................68 3.2.3 My Site Settings ..........................................................................................................................68 3.2.4 Trusted My Site Host Locations ...................................................................................................70 3.2.5 Published links to Office client applications ................................................................................70

Aivea Proprietary Information

3.2.6 3.2.7 3.3

Personalization site links .............................................................................................................71 Personalization services permissions ..........................................................................................71

SEARCH ................................................................................................................................................72

3.3.1 Search settings............................................................................................................................72 3.3.1.1 Crawl Settings ............................................................................................................................72 3.3.1.1.1 Content sources and crawl schedules .....................................................................................72 3.3.1.1.2 New Content Source ...............................................................................................................73 3.3.1.1.3 Manage Crawl Rules ...............................................................................................................76 3.3.1.1.3.1 Add Crawl Rule ....................................................................................................................77 3.3.1.1.4 File Types - Managing .............................................................................................................78 3.3.1.1.5 Crawl Log ................................................................................................................................79 3.3.1.1.6 Default Content Access Account .............................................................................................79 3.3.1.1.7 Metadata Property Mappings ................................................................................................79 3.3.1.1.7.1 New Managed Property ......................................................................................................80 3.3.1.1.8 Metadata Property Mappings ................................................................................................82 3.3.1.1.9 Search-based Alerts ................................................................................................................82 3.3.1.1.10 Search Result Removal .........................................................................................................82 3.3.1.1.11 Reset Crawled Content .........................................................................................................82 3.3.1.2 Scopes ........................................................................................................................................83 3.3.1.2.1 View/ Create Scopes ...............................................................................................................83 3.3.1.2.1.1 Create Scope ........................................................................................................................83 3.3.1.2.2 Update Scopes/Updating .......................................................................................................84 3.3.1.3 Authoritative Pages ...................................................................................................................84 3.3.1.3.1 Specify a new Authoritative Pages .........................................................................................85 3.3.2 Search usage reports ..................................................................................................................85 3.3.2.1 Search Queries ...........................................................................................................................86 3.3.2.2 Search Results............................................................................................................................87 3.4 EXCEL SERVICES SETTINGS ...................................................................................................................88 Edit Excel Services Settings .........................................................................................................88 Excel Services Trusted File Locations ...........................................................................................90 Adding Trusted File Location .....................................................................................................90 Excel Services Trusted Data Connection Libraries .......................................................................92 Excel Services Trusted Data Providers .........................................................................................92 Excel Services User-Defined Functions ........................................................................................93

3.4.1 3.4.2 3.4.2.1 3.4.3 3.4.4 3.4.5 3.5

AUDIENCES ..........................................................................................................................................94

3.5.1 Create Audience..........................................................................................................................94 3.5.1.1 Add Audience Rule .....................................................................................................................95 3.5.2 View Audiences ...........................................................................................................................96 3.5.2.1 View Audience Properties ..........................................................................................................96 3.5.3 Start Compilation........................................................................................................................97 3.6 OFFICE SHAREPOINT USAGE REPORTING ...........................................................................................97 Usage Reporting .........................................................................................................................97

3.6.1 3.7

BUSINESS DATA CATALOG ....................................................................................................................98 Import application definition ......................................................................................................98 View applications......................................................................................................................100 View Entities .............................................................................................................................100

3.7.1 3.7.2 3.7.3

Aivea Proprietary Information

3.7.3.1 Entity Information ...................................................................................................................101 3.7.3.2 Actions to Add or Edit Entity ....................................................................................................102 3.7.4 Business Data Catalog permissions ..........................................................................................102 3.7.5 Add Users/Groups.....................................................................................................................102 3.7.6 Copy all permissions to descendants ........................................................................................103 3.8 Edit Profile page template .............................................................................................................103 3.8.1 Customize _BusinessDataProfileTemplate.aspx before importing the application definition ..104 3.8.2 Customize _BusinessDataProfileTemplate.aspx after importing the application definition .....104

Aivea Proprietary Information

Aivea Proprietary Information

Central Administration: Operations

The Operations are of the Central Administration windows is designed to provide a location for the Farm Administrator to manage the server or server farm, such as changing the server farm topology, specifying which services are running on each server, and changing settings that affect multiple servers or applications. This section will cover the recommended settings for the Operations Area.

1.1 Topology and Services


The Topology and Services section of the Operation Area focuses on defining the servers in the farm, the services associated to the servers, along with e-mail communication settings. There are 5 configuration choices within the Topology and Services area: Servers in farm Services on server Outgoing e-mail settings Incoming e-mail settings Approve/reject distribution groups

1.1.1 Servers in farm


This option lists the following information: o o o Version of the farm Configuration database server name Configuration database name

In addition is provides a list of each server on the farm, along with Services Running, versions on the server, and the option to Remove Server from the farm at any time.

Aivea Proprietary Information

1.1.2 Services on server

This option gives the administrator the option to review the services running on each server in the farm. Recommended that you configure your Web Servers and Index Servers at this step to retain the roles they are planned to be supporting. Roles available by default are: o o o o o Single Server or Web Server for small server farms All services run on this server Web Server for medium server farms Web application and Search Query services run on this server Search Indexing Search Indexing service runs on this server Excel Calculation Excel Calculation service runs on this server Custom Services you choose run on this server

We recommend the following configurations for your servers. For each Web Server the following services should be enabled. These services will support optimal load balancing: o o o o o o o Document Conversions Launcher Service Document Conversions Load Balancer Service Excel Calculation Services Office SharePoint Server Search Windows SharePoint Services Help Search Windows SharePoint Services Incoming E-Mail Windows SharePoint Services Web Application

The implementation of an Index Server as a stand alone server is recommended to be implemented. A stand along Index server should only run one service to ensure optimal performance: o Office SharePoint Server Search

Aivea Proprietary Information

1.1.2.1 Services Configuration 1.1.2.1.1 Configure the Document Conversion Load Balancer Service
You can configure the Document Conversions Load Balancer Service on a stand-alone server or on one server in a farm. When you configure the load balancer service, it points to a load balancer server that distributes the work.

Selecting Server This option allows you to select the specific server you want to target. Communication Scheme Specify the scheme that the Load Balancer will use for communication. This should match the scheme in the configuration xml file for the load balancer service. It is recommended that you use the default HTTP. If you are planning to apply certificates, then the HTTPS option should be applied here. Port Number Specify the port number the Load Balancer will use for communication. It is recommended you use a port such as: 8091, 8092, or 8093

1.1.2.1.2 Office SharePoint Server Search Service


Each server running the Search Service should be configured independently. There is 6 areas to configure. Query and Indexing Use this option to specify if you want to use this server for search queries or indexing or both. You will check each option depending on if this function is being performed: Use this server for indexing content Use this server for serving search queries Contact E-mail Address Specify an e-mail address that external site administrators can contact if problems arise when their site is being crawled. This setting applies to all servers in the farm. E-mail Address: Example: someone@example.com Farm Search Service Account The search service will run using this account. Setting or changing this account affects all index and query servers in the server farm.

Aivea Proprietary Information

The farm search service account must not be a built-in account for security reasons and for it to access the database and content index. Examples of built-in accounts are Local Service and Network Service. This should be a unique account created specifically to support the Search Configuration and not an administrative account created to manage the farm. Username: Example: SearchAdmin Index Server Default File Location The search index will be located at this path by default on this server. For index servers, you can specify a different path when you create a Shared Services Provider. To change this index file location for an existing Shared Services Provider, use the command stsadm.exe -o editssp. Default index file location: Example: C:\Program Files\Microsoft Office Servers\12.0\Data\Office Server\Applications Indexer Performance Indexing information can place a large load on the local SQL Server database and might slow down the responsiveness of the local SharePoint sites. However, reducing the maximum allowed indexing activity will slow down the speed at which items are indexed, and therefore might cause search results to be outdated. Use information about the local server load to select the appropriate indexer performance level. The three options provided are: Reduced, Partly reduced, and Maximum. It is recommended to use the Partly Reduced option. Web Front End And Crawling Use this option to specify a dedicated web front end for crawling. Crawling through a dedicated web front end will reduce the impact of crawling on the other web front ends in the farm. If your index server is not running other shared services, it is recommended to enable the web front end role on this computer and use it as the dedicated web front end for crawling. If your index server is also running the Excel Calculation service or other shared services, select no dedicated web front end for crawling. Otherwise, these services may not work as expected. Use all web front end computers for crawling Use a dedicated web front end computer for crawling

Aivea Proprietary Information

1.1.2.1.3 Windows SharePoint Services Help Search


Use this page to configure Windows SharePoint Services Search Service Settings. NOTE: There is a warning provided at the top of this menu page. Warning: this page is not encrypted for secure communication. User names, passwords, and any other information will be sent in clear text. Service Account The search service will run using this account. The search service account must not be a built-in account in order to access the database. Examples of built-in accounts are Local Service and Network Service. Example: SearchAdministrator Content Access Account The search service will access all content using this account. The account will be added to the Full Read policy, giving it read-only access to all content. For proper search functionality and information security, do not use an administrator account, and do not use accounts that can modify content. Example: SearchRead Search Database Use of the default database server and database name is recommended for most cases. Use of Windows authentication is strongly recommended. To use SQL authentication, specify the credentials which will be used to connect to the database. Indexing schedule: This option is used to configure the Index schedule for your servers.

It is recommended that you start with a Every 15 Minutes schedule, then based on both performance and need change this schedule to optimize based on availability of new content and impact of performance on the Index servers.

Aivea Proprietary Information

1.1.3 Outgoing e-mail settings


Configuring the default outgoing e-mail settings configures the default outgoing e-mail settings for all Web applications. Specify the Outbound SMTP mail server to use for Windows SharePoint Services e-mail-based notifications for alerts, invitations, and administrator notifications. Next personalize the From address and Reply-to address. Character set: This by default should be set to 65001 (Unicode UTF-8)

1.1.4 Incoming e-mail settings


Use this page to change the e-mail settings for this server. You can enable or disable incoming email, specify e-mail options, and configure the Microsoft SharePoint Directory Management Web Service. Enable Incoming E-Mail If enabled, SharePoint sites can receive e-mail and store incoming messages in lists. Sites, lists, and groups will need to be configured individually with their own e-mail addresses. If this servers is to received e-mail, ensure you enable here. In automatic mode, all required settings are retrieved automatically. Advanced mode is necessary only if you are not using the SMTP service to receive incoming e-mail. When using advanced mode, you need to specify the e-mail drop folder. E-Mail Drop Folder Windows SharePoint Services checks periodically for incoming e-mail messages from the SMTP service. This setting specifies the folder in which to look for e-mail messages. When incoming email settings are set to automatic mode, the e-mail drop folder is set automatically to the folder specified by the SMTP service. Note: When incoming e-mail settings are set to advanced mode you need to ensure that the log on account for the Windows service "Windows SharePoint Services Timer" has modify permissions on the e-mail drop folder. E-mail drop folder: Example: c:\inetpub\mailroot\drop Directory Management Service The Microsoft SharePoint Directory Management Service connects SharePoint sites to your organization's user directory in order to provide enhanced e-mail features. This service provides support for the creation and management of e-mail distribution groups from SharePoint sites. This service also creates contacts in your organization's user directory allowing people to find e-mail enabled SharePoint lists in their address book.

Aivea Proprietary Information

As we are not recommending SharePoint Management Service create distribution groups we suggest turning this option to NO. To use the Directory Management Service you need to provide the SharePoint Central Administration application pool account with write access to the container you specify in the Active Directory. Alternatively you can configure this server farm to use a remote SharePoint Directory Management Web Service. Incoming E-Mail Server Display Address Specify the e-mail server address that will be displayed in Web pages when users create an incoming e-mail address for a site, list, or group. This setting is often used in conjunction with the Microsoft SharePoint Directory Management Web Service to provide a more friendly e-mail server address for users to type. Safe E-Mail Servers Specify whether to restrict the set of e-mail servers that can route mail directly to this server farm. This setting can help ensure the authenticity of e-mail stored in SharePoint sites. Recommend leaving default.

1.1.5 Approve/reject distribution groups


Use this page to change any SharePoint Directory Management Service Approved groups. This list will remain empty as the recommended setting for the Microsoft SharePoint Directory Management Service was not to utilize this option.

1.2 Security Configuration


1.2.1 Service accounts
Credential Management Windows services and web applications in the farm are configured upon start to use an account. For web applications, these are linked to a web application pool. This is used to update any account changes or adjustments that need to be made after the servers have been configured. This is done by selecting the component to update, change the associated Web application pool; if this is being changed, then enter the new credentials.

Aivea Proprietary Information

1.2.2 Information Rights Management


IRM helps protect sensitive files from being misused or distributed without permission once they have been downloaded from this server. Windows Server 2003 SP1 has the Rights Management Service, as part of the OS. This can be activated and configured on any server running it, the recommended is that it is activated on the Active Directory server to support SharePoint. Instead of adding an additional server to the farm.

1.2.3 Antivirus
Use this page to configure settings for virus scanning. You must install virus scanning software on all Web servers that are hosting documents before these settings can take effect. This is recommended to defend and protect your servers from viruses. Antivirus Settings Specify when you want documents stored in document libraries and lists to be virus scanned, and whether you want your virus scanner to attempt to clean infected documents. Antivirus Time Out We recommend using a Time out duration of 300 by default, if the server response time is slow while scanning, you may want to decrease the number of seconds. Antivirus Threads You can specify the number of execution threads on the server that the virus scanner may use. If server response time is slow while scanning, you may want to decrease the number of threads allowed for virus scanning.

1.2.4 Blocked file types


Use this page to prevent specific file types from being saved or retrieved from any site on this server. If a user tries to save or retrieve a blocked file type, he or she will see an error, and will not be able to save or retrieve the file. NOTE: To allow a file type that is currently blocked, you must delete it from both the global and Web application lists.

Filenames that include braces (for example, filename.{doc}) are blocked automatically. Aivea Proprietary Information

Update farm administrator's group Information management policy configuration Manage settings for single sign-on

1.2.5 Update farm administrators group


Members of this group have full access to all settings in the farm. They can also take ownership of any content site. Administration accounts such as FarmAdmin or MOSS Administrator should be applied to this group for ease of management of the server. Personal accounts for staff should not be used in this group or given access at this level.

1.2.6 Information Management Policy Configuration


This list displays all of the available information management policy feature for use within lists, libraries, and content types. Labels: Generates labels that can be inserted in Microsoft Office documents to ensure that document properties or other important information are included when documents are printed. Labels can also be used to search for documents. Microsoft Available Auditing: Audits user actions on documents and list items to the Audit Log. Microsoft Available Expiration: Automatic scheduling of content for processing, and expiry of content that has reached its due date. Microsoft Available Barcodes: Generates unique identifiers that can be inserted in Microsoft Office documents. Barcodes can also be used to search for documents. To deactivate these select the Availability option and decommission any option new wanted as part of the IMP options. It is recommended to leave all of these option default and enabled for general use.

1.2.7 Manage settings for single sign-on


Use this page to manage single sign-on settings and enterprise application definitions. It is recommended to use defaults, unless you need to change or update any single sign-on changes. SharePoint needs to be configured to utilize the single sign-on server that is deployed to your network. It is recommended that you utilize this functionality to limit the impact of credential management of your farm.

Aivea Proprietary Information

1.3 Logging and Reporting


This section is used to activate and manage usage reporting and diagnostic logging on your SharePoint server farm. It is recommended to activate these only as needed, and deactivate one analysis is completed or review period in finished.

1.3.1 Diagnostic logging


Sign up for the Customer Experience Improvement Program The Customer Experience Improvement Program is designed to improve the quality, reliability, and performance of Microsoft Products and Technologies. With your permission, anonymous information about your server will be sent to Microsoft to help us improve SharePoint Products and Technologies. The default is Yes, I am willing to participate anonymously in the Customer Experience Improvement Program (Not recommended for this deployment) Error Reports Error reports are created when your system encounters hardware or software problems. Microsoft and its partners actively use these reports to improve the reliability of your software. During the initial launch of your SharePoint servers, it is recommended to have this option enabled. Error Reporting has two sub options that need to be considered. First is the option to Collect error reports. If enabled, you will need to make a determination of Periodically download a file that can help identify system problems or Change this computer's error collection policy to silently send all reports. This changes the computer's error reporting behavior to automatically send reports to Microsoft without prompting users when they log on. It is recommended that you use the Periodical approach. It is not recommended to choose the option to Ignore errors and don't collect information. Event Throttling Use these settings to control the severity of events captured in the Windows event log and the trace logs. As the severity decreases, the number of events logged will increase. You can change the settings for any single category, or for all categories. Updating all categories will lose the changes to individual categories. You will need to select a category, it is recommended during your initial launch period all events be tracked, then based on resulting review and determination this be tailored back to only show critical issues based on your needs. Trace Log If you enabled tracing you may want the trace log to go to a certain location. Note: The location you specify must exist on all servers in the farm. Additionally, you may set the maximum number of log files to maintain, and how long to capture events to a single log file. Learn about using the trace log.

Aivea Proprietary Information

Path It is recommended that you define a path location that has adequate storage space for large logs as needed, and a location with strong security. As these logs can contain mission crital and sensitive information. Path Example: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\LOGS Number of log files Number of log files to use must be between 1 and 1024. It is recommended to use 96 log files. Number of minutes to use a log file Number of minutes specified must be between 1 and 1440. Recommended to have the initial setting to 30 minutes, and change this based on criticality of the reporting needs.

1.3.2 Usage analysis processing


Use this page to enable and configure usage analysis processing. Logging Settings Special log files are used to run usage analysis processing efficiently. Use these settings to enable logging, identify the location to store log files, this should be a location with adequate space to support your logging efforts. Path Example: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\LOGS Enter a number between 1 and 30 for the number of log files to create. By default you should create 1 log, unless you need to divide the review among separate individuals, at which time you should create the corresponding amount to team members. Important: Before changing the log file location, click Show me more information to review security requirements. Processing Settings Specify whether to enable usage processing on Web server computers, and set the time of day to run usage processing. This should be targeted around traffic times to determine usage. You will need to fine tune this based on need.

1.3.3 Information management policy usage reports


This option allows you to create reporting around your IMP process. As you will not be implementing this in the initial phase it will not need to be adjusted. Web Application Specify the web application for which you want to configure information management policy usage reports. This is a dropdown that will allow you to select each web application to apply reporting. Schedule Recurring Reports This option is used to determine how frequently you want the server to create reports of which policies are being used, and the number of items subject to these policies, in each site collection. Daily reporting is recommended to keep the report size manageable. Aivea Proprietary Information

To schedule an immediate one-time reporting job, click "Create Reports Now". Report File Location Specify where you want to store reports. The report for each site collection will be stored as a separate file. Path Example: http://.gov/IMPReports/Forms/AllItems.aspx Report Template Specify the template you want to use for creating reports. It is recommended that you use the default report format initially. If you wish to develop your own template you will need to store it in a location and link in through the use a custom report template option.

1.4 Upgrading and Migration


This section is used to in 4 general methods. Content Migration, enabling of features and activation of Enterprise features, and updating of SharePoint license type.

1.4.1 Microsoft Content Management Server Migration


Use this page to start a migration, check the status of a migration, and view migration reports. As a migration is being discussed is another document this is not covered this material. This is only if you are performing a migration scheme.

1.4.2 Enable Enterprise Features


As your organization starts implementing Enterprise functionality, it is recommended to follow this process to enable Enterprise features for this SharePoint installation, select the corresponding radio button. You need to do this only once for each installation. Once you have upgraded to Enterprise, you cannot switch back to use only the Standard features. For evaluation purposes, it is recommended that you configure a separate installation and deploy Office SharePoint Server Trial.

1.4.3 Enable Enterprise Features


Currently installed Office SharePoint Server features may not be available on all sites in this SharePoint installation. Check the 'Enable all sites' checkbox to make these features available to all sites in the installation. Once this has been performed newly created sites will have these features and you do not need to run this operation again for new sites.

Aivea Proprietary Information

This operation may take a long time to complete depending on the number of sites in your SharePoint installation. So it is recommended to either activate this option after initial installation, or early in the site creation process.

1.4.4 Convert License Type


This option gives you the ability to update your license at any time. Either changing keys, or updating a Standard license to and Enterprise. Type in the 25 character license key for the new license. You will find this key printed on your Client Access License Agreement.

1.5 Global Configuration


This section is used to define your global options for your farm.

1.5.1 Timer job status


Use queue is used by the administrator to review all timer jobs. From here you have the option to filter by Service or Web Application for easier access. It is recommended that the Farm Administrator review this area on a regular rotation to identify any failed or timer job complications.

1.5.2 Timer job definitions


Use this queue to rename, or Disable any timer job as needed.

Aivea Proprietary Information

1.5.3 Master site directory settings


This option is recommended for ease of navigation long-term. By deploying and enforcing a best in practices Site Directory, navigation of your sites will become easier to document. Site Directory Location Please enter the path to the master Site Directory where you would like to capture all new site collections. Example: http://farm/sitedirectory. Site Creation Metadata Specify what information is required to be filled in by new site creators. It is recommended to enforce all sites be listed to ensure easy transition if you choose to deepen the view of all sites at a later date.

1.5.4 Site directory links scan


Choose views to scan: This scan will look for broken links in views of the site directory. Enter URLs to site directory views that you want to scan for broken links. Separate multiple views by commas. Example: http://[ServerName]/sitedirectory/lists/siteslist/allitems.aspx. Note: The site directory is updated when the site directory timer job is next run. By default this timer job is scheduled to run daily. Update Site Properties Specify whether the Site Directory Links Scan automatically updates link titles and descriptions. This will change entries in the site directory to match the actual site title and description. Note: The site directory is updated when the site directory timer job is next run. By default this timer job is scheduled to run daily.

1.5.5 Alternate access mappings


Use this configuration screen to provide alternate URL mapping of public to Internal urls. Also provides a method to map to External Resources. External Resource Mapping To define a URL mapping for a resource outside of SharePoint, you must supply a unique name, initial URL, and select a zone for that initial URL. The URL for this resource must be unique in the farm. The name you supply will be the identifier for this set of mappings, and will be added to the list of items to select from via the Change button on the other URL mapping pages. The name you supply must be unique within that list.

Aivea Proprietary Information

1.5.6 Manage farm features


Use page is used to activate and manage any farm level features. This is critical to maintain any features that are farm wide.

1.5.7 Quiesce farm


Quiesce to take the farm gradually offline for maintenance. Quiesce the farm to stop accepting new user sessions for long running operations.

1.5.8 Solutions management


This page has a list of the Solutions in the farm. As this will be a new deployment there will not be any solutions to consider. Before you can deploy a solution package, you must submit the solution package to the solution store in the configuration database by using the stsadm -o addsolution command. After a solution is added to the solution store, you can use this solution management page to view the status of your solutions or deploy your solution to the entire server farm.

1.6 Backup and Restore


This section is used to configure and perform SharePoint based backup processes.

1.6.1 Perform a backup


This window is used to perform the actual backup process. Select the items you want to backup now. To start a backup, click Continue to Backup Options. To see a list of previous backups, click View History and provide a path for backup history location.

Aivea Proprietary Information

Once you make your selection of the component to be backed up.

Backup Content Specify content to include in the backup. This will identify the selected component: Farm\WSS_Administration\Web Application\SharePoint_AdminContent_52ad6098d231-4edc-bd6d-d341f139505d Type of Backup Specify which type of backup to start: Full - backs up the selected content with all history. Differential - backs up all changes to the selected content since the last full backup. Backup File Location Specify where to store the backup files. Each backup job is stored in a separate subdirectory at the location you specify, and each object is backed up to an individual file in that subdirectory.

1.6.2 Backup and restore history


This option allows the administrator to define a unique backup file location. It is recommended that this location have adequate storage, security, and management defined.

1.6.3 Restore from backup


This option allows the administrator to locate the backup files to be utilized for the backup process.

1.6.4 Backup and restore job status


Use this page to view the backup or restore job status.

Aivea Proprietary Information

1.7 Data Configuration


1.7.1 Default database server
Content Database Server It is recommended to use this page to set the default content database server. When you extend new web applications, the content databases for those web applications are created on the default content database server unless you specify a different server. Database Username and Password Use this section only if you are using SQL Server authentication to connect to SQL Server. It is strongly recommended that you use Windows authentication instead, in which case you should leave these fields blank.

1.7.2 Data Retrieval Service


It is recommended to use his page to configure your settings for the data retrieval services. Web Application Select a Web application. Enable Data Retrieval Services The set of data retrieval services on this server can be disabled so that no query requests will be processed. This setting applies to the following data retrieval services: Windows SharePoint Services OLEDB SOAP Passthrough XML-URL

Limit Response Size The size of the SOAP response that the data source returns to the data retrieval service can be limited with this setting. Specify the size limit in kilobytes (KB). This setting applies to the following data retrieval services: OLEDB

Update Support Support for update queries can be controlled with this setting. This setting applies to the following data retrieval services: OLEDB

Aivea Proprietary Information

Data Source Time-out The data retrieval service will time out if the data source does not respond within the duration you specify. Specify the timeout in seconds. This setting applies to the following data retrieval services: OLEDB SOAP Passthrough XML-URL SoapDataSource XmlUrlDataSource

Enable Data Source Controls The set of data source controls on this server can be disabled so that no query requests will be processed. This setting applies to the following data source controls: SPXmlDataSource XmlUrlDataSource SoapDataSource AggregateDataSource

1.8 Content Deployment


1.8.1 Content deployment paths and jobs
This page is used to manage content deployment jobs and paths. This is a recommended method to allow content from one site collection into another site collection. The source and destination site collections can be in the same farm or in different farms. Content deployment is managed using paths and jobs: A content deployment path defines a relationship between a source and destination site collection for content deployment. Once a path is created, jobs can be created and associated with the path to begin deploying content. A job is associated with a path, and defines the specific content to be deployed from the source to the destination, and the schedule on which the deployment should occur. After running a content deployment job, refresh this page and click the link in the Status column to view updated status information. This can be utilized to support the Finance and HR departments with allowing cross site deployment of policy and report documents.

1.8.1.1 New Path


Name and Description Specify the name and description of the content deployment path.

Aivea Proprietary Information

Source Web Application and Site Collection Specify the Web application and site collection on the source server. Destination Central Administration Web Application Specify the URL for the Destination Central Administration Server. Authentication Information Specify the authentication method and credentials you want to use for the destination server. The specified account must have SharePoint Central Administration credentials on the destination server. It is recommended to use the default settings for your credentials. Click Connect to connect to the destination server and specify settings for this path. Destination Web application and site collection Specify the URL for the destination Web application and site collection. These will be activated once you connect in the Authentication step above. User Names Specify whether or not to deploy the user names associated with content. Security Information Specify whether you want to deploy security information (such as ACLs, roles, and membership).

1.8.2 Content deployment settings


These settings apply to all content deployment paths and jobs. This will be used to configure your servers to accept incoming or outgoing connections. In addtion defining security and configuration files. Accept Content Deployment Jobs Specify whether you want to permit this server farm to receive content deployment jobs from another farm. Even with this setting enabled, the remote farm will need to authenticate to Central Administration to deploy content. Import Server Specify the server you want to receive incoming content deployment jobs. This server must have enough available disk space to store the incoming jobs, and it must be running an administration Web application for the farm. This server will experience additional load when a content deployment job runs. Aivea Proprietary Information

Export Server Specify the server to which you want to send outgoing content deployment jobs. This server must have enough available disk space to store the outgoing jobs, and it must be running an administration Web application for the farm. This server will experience additional load when a content deployment job runs. Connection Security By default, content deployment can only occur if the connection between source and destination farms is encrypted by using the HTTPS protocol. If you deploy content over a connection that is not encrypted, the user name and password you use to authenticate with the destination farm could be intercepted by malicious users, as could the content you are deploying. Temporary Files Specify where you want to store temporary files for content deployment jobs. These files are automatically deleted when the deployment job is finished. This folder must have enough available disk space to store all the content that is deployed at one time. Example Path: C:\WINDOWS\TEMP\ContentDeployment Reporting Specify the number of reports you want to keep for each content deployment job that originates from this farm. The oldest reports will automatically be deleted to make room for new ones.

1.8.3 Content deployment object status


Use this page to check the deployment status for a particular object. Type the URL of the object below, and then click Check Status. This will not be poluated unless deployments have been established.

Aivea Proprietary Information

2 Central Administration: Application Management


The Application Management of the Central Administration windows is designed to help you configure settings for applications and components that are installed on the server or server farm. This section will cover the configuration and best practices relating to your options.

2.1 SharePoint Web Application Management


The SharePoint Web Application Management section of the Application Management Area focuses on the creation, configuration, and management of your farm Web applications.

2.1.1 Create or extend Web application


Use this page to create a new Windows SharePoint Services application or to extend an existing application to another IIS Web Site. Adding a SharePoint Web Application Creating a new Web application is the most common option. When creating a new SharePoint Web application, you create a new database to store data, and define the authentication method used to connect the SharePoint application to that database. Choose Extend an existing web application if you need to have separate IIS Web Sites that expose the same content to users. This is typically used for extranet deployments where different users access content using different domains. This option will reuse the content database from an existing Web application.

2.1.1.1 Create Web application


Use this page to create a new Windows SharePoint Services Web application IIS Web Site First option is to determine between using an existing IIS web site or create a new one to serve the Windows SharePoint Services application. It is recommended to create a new IIS web site for each new Web application, it will be automatically created on all servers in the farm. If an IIS setting is not present, this will create a basic site, then update it using the standard IIS tools. Description should be intuitive, example of a standard naming convention. Example: SharePoint yoursitename port# Port that should be used is depending on your communication configuration or IT practices. Common port assignments are 80 for internal and external facing collaboration sites, 19840 for Shared Service and Administration sites. Aivea Proprietary Information

Host Header must be the complete header name which you want to be present in your final site. It is recommended that you leave the path default as it will follow a best practices naming. If for any reason this is changed, it needs to be fully documented. Security Configuration Kerberos is the recommended security configuration to use with Integrated Windows authentication. Kerberos requires the application pool account to be Network Service or special configuration by the domain administrator. NTLM authentication will work with any application pool account and the default domain configuration. Allow Anonymous is not recommended to be deployed at this level. It at a later time the need to open to an external anonymous audience arises; it can be reactivated in the Permissions of the Collaboration Site. As no Secure Sockets Layer (SSL) usage will be deployed at this time this should remain NO. If at a later time SSL is deployed, you must add the certificate on each server using the IIS administration tools. Until this is done, the web application will be inaccessible from this IIS Web Site. Load Balanced URL The load balanced URL is the domain name for all sites users will access in this SharePoint Web application. This URL domain will be used in all links shown on pages within the web application. By default, it is set to the current server name and port.

Application Pool Choose the application pool to use for the new web application. This defines the account and credentials that will be used by this service. It is recommended to re-use existing common application pools. Create new application pools for top level collaboration sites, or sites that require added levels of security or administration. Use a uniform naming convention for all application pools, this will make future administration easier, and organize in the management queue less challenging. Authentication: It is not recommended to use the Predefined Network Service account, you should associate the appropriate Administration account to the Site Collection and application pool. Reset Internet Information Services It is recommended to use the automatic restart for your IIS, use this section to allow SharePoint to restart IIS on other farm servers. The local server must be restarted manually for the process to complete. If this option is not selected and you have more than one server in the farm, you must wait until the IIS web site is created on all servers, and then run "iisreset /noforce" on each Web server. The new IIS site will not be usable until that is completed. If you are creating multiple sites, a manual reset after all site creations will be a better process. Aivea Proprietary Information

Database Name and Authentication Use of the default database server and database name is recommended for most cases. Refer to the administrator's guide for advanced scenarios where specifying database information is required. Database naming convention should also be maintained at this level. Example: WSS_yoursitename_Content Use of Windows authentication is strongly recommended. To use SQL authentication, specify the credentials which will be used to connect to the database.

2.1.1.2 Extending Web Application


Use this page to extend a web application onto another IIS Web Site. This allows you to serve the same content on another port or to a different audience. Web Application Select the Web application in which you plan to extend. IIS Web Site Choose between using an existing IIS web site or create a new one to serve the Windows SharePoint Services application. If you select an existing IIS web site, that web site must exist on all servers in the farm and have the same description, or this action will not succeed. Example: SharePoint yoursitename port# Ensure you choose a compliant and uniform Host Header. If you opt to create a new IIS web site, it will be automatically created on all servers in the farm. If an IIS setting that you wish to change is not shown here, you can use this option to create the basic site, then update it using the standard IIS tools. Security Configuration Kerberos is the recommended security configuration to use with Integrated Windows authentication. Kerberos requires the application pool account to be Network Service or special configuration by the domain administrator. NTLM authentication will work with any application pool account and the default domain configuration. Allow Anonymous is not recommended to be deployed at this level. It at a later time the need to open to an external anonymous audience arises, it can be reactivated in the Permissions of the Collaboration Site. As no Secure Sockets Layer (SSL) usage will be deployed at this time this should remain NO. If at a later time SSL is deployed, you must add the certificate on each server using the IIS administration tools. Until this is done, the web application will be inaccessible from this IIS Web Site.

Aivea Proprietary Information

Load Balanced URL The load balanced URL is the domain name for all sites users will access in this SharePoint Web application. This URL domain will be used in all links shown on pages within the web application. By default, it is set to the current server name and port.

2.1.2 Remove SharePoint from IIS Web site


Use this page to remove Windows SharePoint Services from an IIS Web site. Web Application Select a Web application. Deletion Options Decide if you would like to remove the association of the IIS Web site with this Web application, or actually delete the IIS Web site. If you choose delete, all IIS metabase entries referring to these Web sites will be deleted, even if other nonSharePoint applications are using them.

2.1.3 Delete Web application


This page allows you to delete an entire Windows SharePoint Services application, including all of its content and settings. Web Application Select a Web application. Deletion Options Decide if you would like to delete the content databases associated with this web application. If you choose to delete these databases, all of the sites in them will be lost unless you restore the database from a backup. Decide if you would like to remove the association of the IIS Web site with this Web application, or actually delete the IIS Web site. If you choose delete, all IIS metabase entries referring to these Web sites will be deleted, even if other non-SharePoint applications are using them.

Aivea Proprietary Information

2.1.4 Define managed paths


Use this page to specify which paths in the URL namespace are managed by Windows SharePoint Services. Web Application Select a Web application. Included Paths This list specifies which paths within the URL namespace are managed by Windows SharePoint Services. All top level sites should be root. Add a New Path Specify the path within the URL namespace to include. You can include an exact path, or all paths subordinate to the specified path. Use the Check URL button to ensure that the path you include is not already in use for existing sites or folders, which will open a new browser window with that URL.

2.1.5 Web application outgoing e-mail settings


Use the settings on this page to configure the e-mail settings for this web application. Web Application Select a Web application. Mail Settings Specify the SMTP mail server to use for Windows SharePoint Services e-mail-based notifications for alerts, invitations, and administrator notifications. Personalize the From address and Reply-to address.

2.1.6 Web application general settings


Use this page contains settings which apply to all site collections in the web application. Web Application Select a Web application. Default Time Zone Choose the time zone for sites that get created on this web application. It is recommended that you use the location of the home location of the headquarters or central location of your office. As this is common as a centralized time.

Default Quota Template

Aivea Proprietary Information

Select the quota template used by default for all site collections. If you have not defined a quota for your sites by this step, you can click Quota Templates to define new quota templates. This is listed under the SharePoint Site Management section of this guide. Person Name Smart Tag and Presence Settings With Person Name smart tag and Online Status enabled, online presence information is displayed next to member names and the Person Name smart tag appears when users hover over a member name anywhere on this site. This is recommended to be YES by default. This works in conjuction with your Microsoft Office Communication System. Maximum Upload Size Specify the maximum size to allow for a single upload to any site. No single file, group of files, or content, can be uploaded if the combined size is greater than this setting. A good max size is 100mb, however you will need to adjust this depending on the size needs of the site and departments working within the site. NOTE: Maximum size allowed is 2047mb or 2gb in size. This is a hard limit in SharePoint and SQL and cannot be changed. Alerts Specify the default settings for e-mail alerts on this Web application. It is recommended to allow Alerts, in addition limiting the amount of alerts is critical. The default of 500 is considered acceptable for medium to large companies, and will usually support all departments and sites. This may need to be increased for teams such as Finance or HR who depend heavily on automated alerting. RSS Settings Specify the server-wide settings for RSS feeds. The RSS functionality is a recommended tool or function that can be used in conjuction with Alerting and notifications. Blog API Settings Choose whether or not to enable the MetaWeblog API for this Web application. The default of YES is recommended. It is recommended to that the option to accept user name and password remain off, this will ensure the currently configured authentication method will be used. Web Page Security Validation Security validations expire after a configurable amount of time, requiring the user to retry his operation. It is recommended to have this On and set a expiration of 30 minutes for sites.

Send User Name and Password in E-Mail Specify whether to send users their user name and password by e-mail. If this option is turned off, a new user can't access the site until an Aivea Proprietary Information

administrator changes the user's password and notifies him or her of the new password. Backward-Compatible Event Handlers Turn on or off backward-compatible event handlers for this Web application. If this is turned off, users cannot bind document libraries to backward-compatible event handlers. Change Log Specify how long entries are kept in the change log. Log storage of 15 days is recommended. Recycle Bin Specify whether the Recycle Bins of all of the sites in this Web application are turned on. Turning off the Recycle Bins will empty all the Recycle Bins in the Web application. Defining the retention of the Recycle Bin will be based on your Retention plan and governance. 30 days is considered standard and recommended to offer the function, but limit its overall impact on storage and performance of the supporting servers. The second stage Recycle Bin stores items that end users have deleted from their Recycle Bin for easier restore if needed. Administrators find that 50% of the overall live site quota offers sufficient recovery time for users.

2.1.7 Content databases


Use this page to manage content databases for this web application. Click a content database name to change its properties.

It is recommended to ensure optimal storage capacity. New Content Databases should be added as needed or prior to limits being reached. Ensure to use correct naming conventions.

Aivea Proprietary Information

2.1.7.1 Add Content Database


Use this page to create a new content database or to add an existing content database to this web application. Web Application Select a Web application. Database Name and Authentication Use of the default database server and database name is recommended for most cases. Refer to the administrator's guide for advanced scenarios where specifying database information is required. Use of Windows authentication is strongly recommended. To use SQL authentication, specify the credentials which will be used to connect to the database. Search Server This identifies the Search Server assigned to support this database. Database Capacity Settings Specify capacity settings for this database. Standard settings here are recommended.

2.1.8 Manage Web application features


Use this page allows you to manage web application features.

By selecting to either Activate or Deactivate the feature it will be enabled for your Web Application.

2.1.9 Web application list


Use list will provide you a list of all web applications on your farm. You can access each by selecting it, this will open that application.

Aivea Proprietary Information

2.2 SharePoint Site Management


The SharePoint Site Management section of the Application Management Area focuses on the creation and management of site collections on your farm.

2.2.1 Create site collection


Use this page to create a new top-level Web site. Web Application Select a Web application. Title and Description Type a title and description for your new site. The title will be displayed on each page in the site. Web Site Address Specify the URL name and URL path to create a new site, or choose to create a site at a specific path. Follow standard web url practices for the naming convention. Keeping it small and intuitive. If the managed path is not as needed, it is recommended to make the change prior to this step, however, a new URL Path can be added dynamically here. Any managed path changes should be fully documented and comply with the governance plan. Template Selection At this step you will need to make determination of the required site template. It is recommended that the use of the Collaboration Portal be used for each top level site. Primary Site Collection Administrator Specify the administrator for this Web site collection. Secondary Site Collection Administrator Specify the secondary administrator for this Web site collection. Quota Template Select a predefined quota template to limit resources used for this site collection. To add a new quota template, go to the Manage Quota Templates page.

Aivea Proprietary Information

2.2.2 Delete site collection


Use the settings on this page to completely delete a top-level site and any subsites of that site on this web application. Site Collection Select a Site Collection. Once this is selected the information will populate in the lower pane. Warning All content and subwebs will be lost. Deleting this site collection will permanently destroy documents and document libraries; lists and list data, including surveys, discussions, announcements, events; site configuration and settings; roles and security information relating to the site; subsites of this Web site, their contents, and user information.

Critical warning: Deletion at this level cannot be recovered, except for recovery from a backup. Please ensure you performa backup prior to deleting any Site Collection.

2.2.3 Site use confirmation and deletion


Use this page to require site owners to confirm that their Web site collections are in use. Additionally, configure automatic deletion for unused Web site collections. Web Application Select a Web application. Confirmation and Automatic Deletion Settings It is not recommended to use the automatic deletion functionality by default. This option is useful on test sites, and sites that are designated a temorary. Specify whether site owners must confirm that their site collection is still in use, and how frequently to send e-mail confirmation notifications. If notifications are enabled, you can also specify whether to delete the site collection automatically after sending a specific number of confirmation notices.

Aivea Proprietary Information

2.2.4 Quota templates


Use this page to create or modify a quota template. It is recommended to fully utilize quotas. Suggested quotas are: Personalization Sites Project Sites Document Workspaces Meeting Sites Blogs Determining the size of each quota will depend on the impact of the template and the departments utiltizing the sites. Template Name Edit an existing quota template, or create a new template. For a new template, you can start from a blank template or modify an existing template. Storage Limit Values Specify whether to limit the amount of storage available on a site, and set the maximum amount of storage, and a warning level. When the warning level or maximum storage level is reached, an e-mail is sent to the site administrator to inform them of the issue.

2.2.5 Site collection quotas and locks


Use this page to change the quota template or individual quota values for a Web site collection, or to clear a lock set by an application or caused by exceeding a quota. Site Collection Select a Site Collection. Site Lock Information Use this section to view the current lock status, or to change the lock status. Site Quota Information Use this section to modify the quota template on this Web site collection, or to change one of the individual quota settings.

Aivea Proprietary Information

2.2.6 Site collection administrators


Use this page to view and change the primary and secondary site collection administrators for a site collection. As site collection administrators, these users receive any quota or auto-deletion notices and have full control over all content in the site collection. Site Collection Select a Site Collection. Primary Site Collection Administrator The primary site collection administrator is displayed. Type a user name, and then click OK to save the change.

2.2.7 Site collection list


Use this page to review the site collections on this farm.

2.3 External Service Connections


Use this section to configure Records Center connections, html viewers, and external document conversions.

2.3.1 Records Center


Use this section to connect to a Records Center, enter the URL and a display name for a Records Center server. As a Records Center will implemented on this farm, you will want to assign it now. Note the Records Center needs to be created prior to this step. Ensure the address has the /_vti_bin/officialfile.asmx on the end. Unless the Records Center is configured to allow records to be anonymously submitted, you must configure each Web application to use a domain user account.

2.3.2 HTML viewer


Use this page to view, change, and configure the HTML Viewer service.

Aivea Proprietary Information

Turn on HTML Viewer Select this checkbox to turn on the HTML Viewer service for the document libraries on Windows SharePoint Services. Server Location This path specifies where you have installed the HTML Viewer application. You can use a remote server or the server running Windows SharePoint Services. Maximum Cache Size Enter the maximum size for the HTML Viewer cache in megabytes (MB). This cache counts against the size of the content database. Maximum File Size The integer size in kilobytes (KB) of the largest file the service will view in HTML. Timeout Length The integer number of seconds the service will wait for HTML Viewing to complete.

2.3.3 Document conversions


Use this page to customize the usage of Document conversion, and assigning of a specific server to support this functional request. Web Application Specify the web application for which you want to configure document conversions. Enable Document Conversions You can allow files to be converted from one type to another on this site. Load Balancer Server Specify the Load Balancer with which to associate this Web application. Conversion Schedule Specify how often the Document Conversion timer job should run. Converter Settings Customize installed converters. These will include InfoPath, Word, and XML documents.

2.4 InfoPath Forms Services


Use this section to configure your usage of InfoPath Form Services for your farm. This will include the upload of templates into the farm gallery, configuring the services, and managing all data connections.

Aivea Proprietary Information

2.4.1 Manage form templates


It is recommended to manage all InfoPath Form templates from this gallery.

Functions will include the ability to Activate, Deactivate, Quiesce, and Remove the forms as needed.

2.4.2 Configure InfoPath Forms Services


Use this page to configure your farm InfoPath Form Services. User Browser-enabled Form Templates It is recommended that you allow user to use browserenable form templates, and render form templates that are browser-enabled by users. Data Connection Timeouts Specify default and maximum timeouts for data connections from browser-enabled form. The connection timeout can be changed by code in the form template, but will never exceed the maximum timeout specified. The defaults are configured for a best practice. Data Connection Response Size It is recommended that this be set to no more that 3000 kilobytes, however if you are using forms that are large or having attachments inbedded in the submission process you can increase this. However monitoring is recommended to ensure this does not cause an impact on server performance. Specify the maximum size of responses data connections are allowed to process. HTTP data connections If data connections in browser-enabled form templates require Basic Authentication or Digest Authentication, a password will be sent over the network. Check this box to require an SSL-encrypted connection for these authentication types. Embedded SQL Authentication Forms that connect to data bases may embed SQL username and password in the connection string. The connection string can be read in cleartext in the UDC file associated with the solution, or in the solution manifest. Uncheck this box to block forms from using embedded SQL credentials. Authentication to data sources (user form templates)

Aivea Proprietary Information

Data connection files can contain authentication information, such as an explicit username and password or a Microsoft Office Single Sign-On Application ID. Check this box to allow user form templates to use this authentication information. Cross-Domain Access for User Form Templates Form templates can contain data connections that access data from other domains. Select this check box to allow user form templates to access data from another domain. Thresholds Specify the thresholds at which to end user sessions and log error messages. Form Session State Form session state stores data necessary to maintain a user session. File attachment data in the form will receive an additional 50 percent of session state space.

2.4.3 Upload form template


Use this page to upload any InfoPath Forms into your gallery. In addition use this to determine how the server sill handle any current sessions. Upload Form Template Browse to the form template you intend to add to the server. Upgrade Set the behavior if the server contains a previous version of this form template with the same Form ID. This option also allows the server to complete any current filing sessions, or actively terminate them. It is recommended to in most cases allow the completion to ensure no lost data. The use of the Quiese feature in Manage form templates will support this request.

Aivea Proprietary Information

2.4.4 Manage data connection files


Use this page to upload and dedicated form data connections. Select File Browse to the data connection file you intend to upload. Category Specify the category of this file. Web Accessibility Select whether clients such as Microsoft Office InfoPath can access this file over HTTP.

2.4.5 Manage the Web services proxy


Use this page to define if proxies are applied to any Web application. It is not recommended to use a proxy. If a proxy is needed for the farm, select the Web application that will be effected. Enable the Web service proxy Use the proxy for data connections between InfoPath forms and Web services. The data connections must be defined in universal data connection (UDC) files and they must be enabled to use a proxy. Enable the Web service proxy for user forms Use the proxy for data connections in user forms

2.5 Office SharePoint Server Shared Services


Use these setting to create, manage and configure the Share Services on the this farm or between farms.

2.5.1 Create or configure this farms shared services


Use this page to manage shared services providers (SSPs). SSPs provide the infrastructure databases, Web services, and admin pages - for shared services. From this page, create new SSPs, control which SSP is used by each Web application, and reconnect the pieces of an SSP as part of database recovery.

Aivea Proprietary Information

2.5.1.1 New SSP


The Shared Services Provider (SSP) is the set of resources such as databases, the admin site, and Web service hosting used by shared services. SSP Name Specify a unique, descriptive name for this Shared Services Provider. This name will be used to identify this SSP in administration pages. Ensure you use a solid naming convention to allow for the SSP Name to support the easy association. A Web application is required for the SSP administration site. Select an existing Web application from the list or click "Create a new Web application". For security reasons a new Web application is recommended for any new SSP you create. NOTE: For server farm installations, the selected Web application cannot have an application pool that uses Network Service as its process account. Users will be able to navigate to the SSP administration site by typing this Web site address (URL) into their browsers. My Site Location A Web application is required for My Sites. This Web application will be used to host personal sites and profile pages. To use an existing Web application, select from the Web applications in the drop down list. If a new Web application is needed, select the "Create a new Web application" link. We recommend using a different Web application than the one used for the SSP administration site, so that you can backup and restore My Sites independently. To host My Sites at a location other than the root, change the Relative URL. SSP Service Credentials It is recommended that you use a unique credential set for all SSP authentication. Example: SSPAdmin Specify the credentials for the SSP Web services to use for inter-server communication and for running SSP-scoped timer jobs.

Aivea Proprietary Information

SSP Database Each SSP requires a database for service specific data. Use of the default database server and database name is recommended for most cases. Refer to the Office SharePoint Server TechCenter on TechNet for advanced scenarios where specifying database information is required. Use of Windows authentication is strongly recommended. To use SQL authentication, specify the credentials that will be used to connect to the SSP Database Search Database In addition to the SSP database, a separate database is required for frequently changing search related data. Use of the default database server and database name is recommended for most cases. Refer to the Office SharePoint Server TechCenter on TechNet for advanced scenarios where specifying database information is required. Use of Windows authentication is strongly recommended. To use SQL authentication, specify the credentials that will be used to connect to the SSP Database. Index Server Select the index server which will crawl content in all Web applications associated with this SSP. Specify the path on the index server where the indexes will be located. NOTE: Changing the index server will reset the index. To move the index without a reset STSAdm must be used. SSL for Web Services Use Secure Sockets Layer (SSL) to protect communications to and from Web services. NOTE: If you choose to use SSL, you must add the certificate on each server using the IIS administration tool. Until this is done, the Web services will not be available.

Aivea Proprietary Information

2.5.2 Grant or configure shared services between farms


It is recommended to use this page to configure shared services between server farms allows Web applications from one server farm to use shared services from another server farm Farm Configuration Select how this farm participates in inter farm shared services.

2.5.3 Check services enabled in this farm


Use this page to check for any errors of services within your farm. The following issues were found in your farm. Example:

2.5.4 Configure session state


Use this options to configure the session state stores specific user session information and is required for some Office SharePoint Server applications. It is enabled when a Shared Service Provider is created. Enable Session State, it is recommended to leave this enabled at all times. Timeout Specify the duration (in minutes) after which the session should timeout. By default it is set to 60 minutes, however for higher level of security as 30 minute setting is recommended.

Aivea Proprietary Information

2.6 Application Security


Use this section to configure the security for specific Web applications.

2.6.1 Security for Web Part pages


Use this options to configure the session state stores specific user session information and is required for some Office SharePoint Server applications. It is enabled when a Shared Service Provider is created. Web Application Select a Web application. Web Part Connections This options will allow you to specify whether to allow users to connect Web Parts by passing data or values from a source Web Part to a target Web Part. It is recommended to allow users to create connections. This will lessen the amount of overhead administration. Online Web Part Gallery It is recommended to prevent users from accessing the Online Web Part Gallary. This is due to security concerns. This options specifies whether to allow users access to the online Web Part gallery. Users can search, browse, and preview Web Parts and add them to Web Part Pages. NOTE: If your server is behind a proxy server or firewall, you may need to specify some additional settings to enable the online Web Part gallery. Learn about specifying a proxy server.

2.6.2 Self-service site management


You can enable users to create their own top-level Web sites by using the Self-Service Site Management page. To turn on the Self-Service Site Management feature for a particular Web application, a site collection must be at the root level of the Web application. NOTE: Users can also create subsites of any site for which they have the Create Subsites permission. The Create Subsites permission is included in the Full Control permission level by default, so any user or group assigned to that permission level can create a subsite of that site. Web Application Select a Web application. Enable Self-Service Site Creation It is recommended to have this option set to Off. Self-Service Site Creation allows users with the

Aivea Proprietary Information

"Use Self-Service Site Creation" permission to create sites in defined URL namespaces. NOTE When you enable Self-Service Site Creation, an announcement will be added to the Announcements list on the home page of the top-level Web site in the root site collection for the Web application. The announcement provides a link to the site creation page (scsignup.aspx in the _layouts directory; Example: http://server_name/_layouts/scsignup.aspx). To require users of Self-Service Site Creation to supply a secondary contact name on the signup page, select Require secondary contact.

Aivea Proprietary Information

2.6.3 User permissions for Web application


Use this options to configure the session state stores specific user session information and is required for some Office SharePoint Server applications. It is enabled when a Shared Service Provider is created. Web Application Select a Web application. Permissions It is recommended to leave all permissions levels enabled. This will allow for the highest level of flexibility when creating functional security groups, or granular secuity groups around job duties. Use the check boxes to specify which permissions can be used in permission levels within this web application. To disable a permission, clear the check box next to the permission name. To enable a permission, select the check box next to the permission name. Use the Select All check box to select or clear all permissions.

Aivea Proprietary Information

2.6.4 Policy for Web application


Use this option to create unique security policies for each Web application. This is done if Security is not being managed at the Site Collection level. Our recommendation is having only one Web application for all sites, if additional Web applications are deployed to support site-collections these optios may be considered. The default recommendation for this deployment will not require any changes to these options.

If you choose to make changes please follow the recommendations below.

2.6.4.1 Add Users


Web Application Select a Web application. Select the Zone The security policy will apply to requests made through the specified zone. To apply a policy to all zones, select "(All zones)". All zone policies are only valid for Windows users. Choose Users You can enter user names, group names, or e-mail addresses. Separate with semi-colons. Anonymous User Policy As it is not recommended that anonymous user access be enabled, this will not active or greyed out by default. Choose Permissions This option allows you to specify the specific permission set to apply.

Aivea Proprietary Information

2.6.4.2 Creation Unique Permission Levels


This option will not be utilized in this deployment, however the usage of this if Web application level of security is implemented at a later time. Manage Permission Policy Levels Use this to create granular permission levels beyond the defaults available. It is recommended to not adjust these unless a unique security need is determined.

2.6.5 Authentication providers


Use this options to add additional authentication methods to your Web application. This option also gives the capability to edit the existing authentication method for each Web application. As following the recommendations this option will not need to be changed. If method is changed please follow the next steps.

2.6.5.1 Changing Web application authentication


Choose the desired Zone in which you want to alter. Web Application Select a Web application. Zone These authentication settings are bound to the following zone. Authentication Type Choose the type of authentication you want to use for this zone. Learn about configuring authentication. Anonymous Access You can enable anonymous access for sites on this server or disallow anonymous access for all sites. This by default should not be enabled at anytime. Enabling anonymous access allows site administrators to turn anonymous access on. Disabling anonymous access blocks anonymous users in the web.config file for this zone. IIS Authentication Settings NTLM is configured by default with this deployment. If Kerberos has been enabled at a later time, this option may be different then the screen shot provided. Kerberos requires the application pool account to be Network Service or special configuration by the domain administrator. NTLM authentication will work with any application pool account and the default domain configuration.

Aivea Proprietary Information

Client Integration It is recommended to leave Client Integration on for all Web applications. Disabling client integration will remove features which launch client applications. Some authentication mechanisms (such as Forms) don't work well with client applications. In this configuration, users will have to work on documents locally and upload their changes.

2.7 Search
2.7.1 Manage search service
The Manage Search Service area of Search allows for the configuration of three main functions; Farm-Level Search Settings, Query and Index Servers, and Shared Service Providers with Search Enabled.

2.7.1.1 Farm-Level Search Service


The Manage Search Service area of Search allows for the configuration of three main functions; Farm-Level Search Settings, Query and Index Servers, and Shared Service Providers with Search Enabled.

2.7.1.1.1 Farm-level search settings


Contact E-mail Address Specify an e-mail address that external site administrators can contact if problems arise when their site is being crawled.

Aivea Proprietary Information

Proxy Server Settings It is recommended not use a Proxy server. So this option should not be adjusted per our recommendation.

Timeout Settings Type the amount of time that the search server will wait while connecting to other services. It is recommended for best performance to use a 60 second timeout and acknowledgement time.

2.7.1.1.2 Crawler impact rules


Use this page to manage crawler impact rules. Crawler impact rules define the number of documents to request simultaneously and the amount of time to wait between requests during an update of a content source. This should be used to lessen the impact of a document heavy site during your crawls.

2.7.1.1.2.1 Add Rule


Site Type the name of a site. Do not include the protocol (for example 'http://'). Request Frequency Indicate how the crawler will request documents from this site. For minimal impact, request fewer documents simultaneously or set a delay between requests. A setting of 8 documents at a time is considered best practice. This can be altered later to optimize the impact of the crawl.

Aivea Proprietary Information

2.7.1.2 Query and Index Servers


This option will allow the configuration or addition of additional Query and Index Servers.

To access the Search service to change configuration, select the Office SharePoint Server Search Indexing and Query, next to the Search service. This will take you back to the Service configuration window.

2.7.1.3 Shared Service Providers with Search Enabled


This area will identify the SSP assigned to your Search Service, in addition provide a dynamic link to the service. Select the SSP link to go the the SSP window.

Aivea Proprietary Information

2.8 Workflow Management


2.8.1 Workflow Settings
Use this options to will give you the ability to change global workflow settings below. Web Application Select a Web application. User-Defined Workflows We are recommending that users cannot assemble new workflows out of building blocks deployed to the site. By default these workflows cannot add code. They can only reuse code already deployed by the administrator. However it is recommended that only workflows deployed by the administrator be used. Workflow Task Notifications Set options for how users without access to the site are notified of pending workflow tasks. It is recommended to allow alerts to be issued to users who do not have access to the site. This provides them a notification, that can be used to either correct the action, or request rights to the site.

Aivea Proprietary Information

3 Shared Services Administration


Use this page to manage shared services providers (SSPs). SSPs provide the infrastructure - databases, Web services, and admin pages - for shared services. The major services that are handled by the SSP are: Profiles and Audiences My Sites Search All of Excel Services All of the BDC (Business Data Catalog)

3.1.1 Managing Farms Share Services


From this page, create new SSPs, control which SSP is used by each Web application, and reconnect the pieces of an SSP as part of database recovery.

3.1.2 Creating a New SSP


The Shared Services Provider (SSP) is the set of resources such as databases, the admin site, and Web service hosting used by shared services. Warning: this configuration page is not encrypted for secure communication. User names, passwords, and any other information will be sent in clear text. For more information, contact your administrator. SSP Name Specify a unique, descriptive name for this Shared Services Provider. It is recommended to use a descriptive name identifying the association; this is critical if additional SSPs are created overtime. A Web application is required for the SSP administration site. Select an existing Web application from the list or click "Create a new Web application". It is recommended to use existing Web Applications as this limits overhead.

Aivea Proprietary Information

NOTE: For server farm installations, the selected Web application cannot have an application pool that uses Network Service as its process account. Users will be able to navigate to the SSP administration site by typing this Web site address (URL) that you see on the screen into their browsers, this is a secure page, and will only be visible by Farm Administrators. My Site Location A Web application is required for My Sites. This Web application will be used to host personal sites and profile pages. It is recommended that a new Web application is created for My Sites. This is a multiple reasons for this. First is that this allows for a higher level of security, allowing the SSP to administrated independently of the My Sites. Second is to limit impact of performance. As My Sites will be more active, a dedicated Web application will not impact general performance of your Site Collections. In addition this allows for the backup and restore My Sites independently. To host My Sites at a location other than the root, change the Relative URL. SSP Service Credentials Specify the credentials for the SSP Web services to use for inter-server communication and for running SSP-scoped timer jobs. It is recommended to have an independent account for SSP administration. This account is only used for SSP administration. Example: SSPAdmin or SSPAdministrator SSP Database Each SSP requires a database for service specific data. Use of the default database server and database name is recommended for most cases. If alternate servers are needed to be implemented for this ensure the SSPAdmin account has the appropriate privileges for administration. Database name should be easily identifiable in comparision to other SharePoint databases. Example: _Shared_Services Use of Windows authentication is strongly recommended. For higher level of security the use of the SQL authentication can be utilized, specify the credentials that will be used to connect to the SSP Database. Example of the credential naming convention: SQLAdmin or DBAdmin Search Database In addition to the SSP database, a separate database is required for frequently changing search related data.

Aivea Proprietary Information

Use of the default database server and database name is recommended for most cases. If alternate servers are needed to be implemented for this ensure the SSPAdmin account has the appropriate privileges for administration. Database name should be easily identifiable in comparision to other SharePoint databases. Example: _Shared_Services_Search Use of Windows authentication is strongly recommended. For higher level of security the use of the SQL authentication can be utilized, specify the credentials that will be used to connect to the SSP Database. Example of the credential naming convention: SQLAdmin or DBAdmin Index Server Select the index server which will crawl content in all Web applications associated with this SSP. If only one server is running the Index Service this option will be greyed out. If additional servers are running the Index Service, then the drop down will allow the selection of a specific resource. Specify the path on the index server where the indexes will be located. This should be accessible by SharePoint, and have adequate space for future growth of the index logs. NOTE: Changing the index server will reset the index. To move the index without a reset STSAdm must be used. SSL for Web Services Use Secure Sockets Layer (SSL) to protect communications to and from Web services. As this is not being utilized in this deployment this option should remain No. NOTE: If you choose to use SSL, you must add the certificate on each server using the IIS administration tool. Until this is done, the Web services will not be available. WARNING:

This warning is an advisory that prior association to another SSP has been configured. You should only get this warning if the associated has been established during the intial configuration, or subsiquent configuration changes. If OK is selected you will need to ensure to fully configure your new SSP, and ensure all other Central Administration configurations comply with the new association. If this is the first SSP you have created you will not get this warning.

Aivea Proprietary Information

Your new SSP should now be listed in the Manage this Farms Shared Services window.

3.1.3 Change Default SSP


Shared farm services, such as Search, must be accessible for many features to work correctly. Web applications are automatically associated with the default SSP to ensure access to shared farm services. Shared Services Provider Select the shared services provider with which Web applications will automatically be associated.

3.1.4 Change Associations


The association defines which shared services are used by a Web application. A Web application may be associated to one SSP, but each SSP may have multiple Web applications associated with it. Shared Services Provider Select the shared services provider with which the Web applications will be associated. Web applications Select the Web applications which will be associated with the selected shared services provider.

3.1.5 Restore SSP


Use this page to create a Shared Services Provider using an SSP database that you have restored from a backup. Warning: this page is not encrypted for secure communication. User names, passwords, and any other information will be sent in clear text. For more information, contact your administrator. SSP Name Specify a unique, descriptive name for this Shared Services Provider. This name will be used to identify this SSP in administration pages. A Web application is required for the SSP administration site. Select an existing Web application from the list or click "Create a new Web application". NOTE: For server farm installations, the selected Web application cannot have an application pool that uses Network Service as its process account. If the Web application you select contains an SSP site, that site will be used as this SSP's administration site. Users will be able to navigate to the SSP administration site by typing this Web site address (URL) into their browsers.

Aivea Proprietary Information

My Site Location A Web Application is required for My Sites. This Web application will be used to host personal sites and profile pages. By default, the restored SSP will continue to use the existing location, which may be located on the original farm. You can also select an existing Web application on this farm where you have already restored personal sites. Alternatively, you can create a new Web application for hosting personal sites. Until you restore personal sites to the selected Web application, new personal sites will be created when users try to access them.

SSP Service Credentials Specify the credentials for the SSP Web services to use for inter-server communication and for running SSP-scoped timer jobs.

SSP Database Each SSP requires a database for service specific data. Specify the server and name of the database this SSP is to connect to. This database must already exist. To use SQL authentication, specify the credentials that will be used to connect to the SSP Database. Search Database In addition to the SSP database, a separate database is required for frequently changing search related data. Use of the default database server and database name is recommended for most cases. Refer to the Office SharePoint Server TechCenter on TechNet for advanced scenarios where specifying database information is required. Use of Windows authentication is strongly recommended. To use SQL authentication, specify the credentials that will be used to connect to the SSP Database.

Aivea Proprietary Information

Index Server Select the index server which will crawl content in all Web applications associated with this SSP. If only one server is running the Index Service this option will be greyed out. If additional servers are running the Index Service, then the drop down will allow the selection of a specific resource. Specify the path on the index server where the indexes will be located. This should be accessible by SharePoint, and have adequate space for future growth of the index logs. NOTE: Changing the index server will reset the index. To move the index without a reset STSAdm must be used. SSL for Web Services Use Secure Sockets Layer (SSL) to protect communications to and from Web services. As this is not being utilized in this deployment this option should remain No. NOTE: If you choose to use SSL, you must add the certificate on each server using the IIS administration tool. Until this is done, the Web services will not be available.

3.2 Shared Services Administration: Main Screen


From this page, the administration of the following areas can be addressed: User Profiles and My Sites Search Excel Services Settings Audiences Office SharePoint Usage Reporting Business Data Catalog

3.2.1 User Profiles and My Sites


This section should be used to customize your personalization, profiles, and My Sites.

Aivea Proprietary Information

3.2.1.1 User profiles and properties


User profiles provide detailed information about individuals in your organization. A user profile organizes and displays all of the properties that are related to each user, as well as documents and other items related to that user. User profiles are presented to users in three distinct views: The personal view shows the user his or her properties and related items that only he or she can see. The public view shows users the profiles of other users. The edit view appears when changes are being made to a user profile.

3.2.1.1.1 Refresh
This option is used to refresh the Settings menu.

3.2.1.1.2 Add user profile


Use this page to add a user profile by typing manual values to create a profile, this is done for accounts that are not imported into SharePoint.

3.2.1.1.3 View user profiles


Use this page to manage the user profiles in this Shared Service Provider. From this page you can also manage a user's personal site. This also allows the review of Active accounts, and Profiles Missing from Import.

Aivea Proprietary Information

3.2.1.1.4 Configure profile import


Use this page to configure settings for importing user profiles from Active Directory or LDAP compliant directory service. Source Important: To successfully complete this task, you must have detailed information about your directory service structure and the correct syntax for mapping properties. Use this page to manage the list of connections to import sources such as Active Directory, LDAP Directory and the Business Data Catalog. This will need to be defined prior to configuring the remainder of the import. Default Access Account Enter the account name and password for a default account that can access the source. The default account will be used for connections that do not specify an import access account. When choosing Use Default Content Access Account verify that the account has access to the source. NOTE: For an Active Directory directory service connection that enables "Server Side Incremental", the account must have the Replicate Changes permission for Active Directory directory services provided by Windows 2000 Server. Contact the domain administrator to request the proper security changes. That permission is not required for Windows Server 2003 Active Directory. Full Import Schedule Specify when and how often to import the complete user data set. This should match your desired import and backup routines that you perform. It is recommended to do a full update weekly. Perform a full import regularly so that users who have been deleted from data source can be removed from the user profile database.

Incremental Import Schedule Specify when and how often to import information about users whose records have changed since the last update. It is recommended to do a incremental update daily during normal updates and backup times.

3.2.1.1.5 Start full import


This option allows the forces start of a full import of profiles. This is recommended to be used if a schema change has been applied to the Active Directory.

Aivea Proprietary Information

3.2.1.1.6 Start incremental import


This option allows the forced start of a incremental import. This use is recommended if significant changes have been made and an immediate update to the profiles is needed.

3.2.1.1.7 View import connections


Use this page to manage the list of connections to import sources such as Active Directory, LDAP Directory and the Business Data Catalog.

3.2.1.1.8 View import log


Use this page to review crawl logs. Critieria can be applied to only look at specific logs of interest.

3.2.1.2 User Profile Properties


Use the below links to manage the properties of user profiles.

Aivea Proprietary Information

3.2.1.2.1 Add profile property


Use this page to add a property for user profiles. Property Settings Specify property settings for this property. The name will be used programmatically for the property by the user profile service, while the display name is the label used when the property is shown. After the property is created the only property setting you can change is the display name. Examples: Functional Unit, Organization, Site, Location User Description Specify a description for this property that will provide instructions or information to users. This description appears on the Edit Details page. It is recommended to give as detailed as possible descriptor to eliminate any possible confusion or misunderstanding about the desired content requests. Policy Settings Specify the privacy policy you want applied to this property. Select the Replicate check box if you want the property to display in the user info list for all sites. To replicate properties, the default privacy must be set to Everyone and the User can override check box must not be selected. The option to allow the user to override should not be selected by default, it is recommended not to enable this option. Edit Settings It is recommended not to allow user to change the values for properties in their user profile. This option allows for the allowance of such a request. Display Settings Specify whether or not the property is displayed in the profile properties section on the My Site profile page, whether the property is displayed on the Edit Details page, and whether changes to the property's values are displayed in the Colleague Tracker web part. This will be dependent on the property being created. NOTE: These display settings will obey the user's privacy settings.

Aivea Proprietary Information

Search Settings It is recommended to have all properties Indexed by default. Aliased properties are treated as equivalent to the user name and account name when searching for items authored by a user, targeting items to a user, or displaying items in the Documents Web Part of the personal site for a user. Alias properties must be public. Indexed properties are crawled by the search engine and become part of the People search scope schema. Only index a property if it will contain relevant information for people finding or if you want the data displayed in people search results. Property Import Mapping Specify the field to map to this property when importing user profile data. When importing from a Business Data Catalog source you can import data from associated entity fields by selecting the association. Mapping a multi-valued field to a single value property is allowed, importing will attempt to get only the first value. Mapped properties cannot be modified by users. If you are using a high privilege account for profile import, you will be able to read and import directory attributes that are not normally viewable by all users, make sure the appropriate default privacy setting is selected.

NOTE: The selection of directory service properties may be disabled if the shared service provider is in an untrusted domain or if profile import is not configured. NOTE: The selection of directory service properties is disabled because the portal is in an untrusted domain or no directory service import is configured yet. SECURITY NOTE: If you are using a high privilege account to import, you will be able to read and import directory attributes that are not normally accessible by users.

3.2.1.2.2 View profile properties


Use this page to add, edit, organize, delete or map user profile properties. Profile properties can be mapped to Active Directory or LDAP compliant directory services. Profile properties can also be mapped to Application Entity Fields exposed by the Business Data Catalog.

Aivea Proprietary Information

For adding a new property see the previous section and Adding a New Property.

3.2.2 Profile services policies


Use this page to manage the policy for Profile Services. These settings will affect user profiles and My Sites.

3.2.2.1 Edit Policy


Specify the policy you want applied to this item. Select the policy, default privacy setting, and whether or not the user can change the privacy setting for items of this type. Policy Settings You can specify the privacy policy, default privacy setting, and whether or not the user can change the privacy for this item.

3.2.3 My Site Settings


Use this page to manage the policy for Profile Services. These settings will affect user profiles and My Sites. These settings will only effect My Sites on this specific Shared Service Provider. Preferred Search Center Setting the preferred search center allows you to control which search center users are taken to when they execute a search from the My Site profile page. Personal Site Services Setting a personal site provider allows you to use a designated site to host personal sites. All users accessing personal sites for this Shared Service Provider will be automatically redirected to the server you specify. If there are any existing personal sites, you must manually transfer their contents to the new location. NOTE: To change the location hosting personal sites, create a new site collection at the desired location using the My Site Host site template.

Aivea Proprietary Information

Personal Site Location Select the location at which to create personal sites. Recommended Example: personal_site Existing personal sites will not be affected. Site Naming Format Select the format to use to name new personal sites. Recommended that you use the first option User name (do not resolve conflicts). Existing personal sites will not be affected. Language Options This option will allow you the option to select whether users are allowed to choose the language of their personal site. It is not recommended that this is selected unless the staff is fully versed in the languages, this will eliminate confusion or possible future issues.

The list of languages offered to users will correspond with the installed language packs on the hosting server. Multiple Deployments It is recommended that this option be used. However, it is recommended that you implement a profile replication solution before enabling My Site to support global deployments. Without a profile replication solution in place users that have their My Site hosted on a different Shared Service Provider will have a disconnected user experience. Multiple My Site deployments can exist in the same environment allowing for specific users to have their My Site hosted by a different Shared Service Provider, this is common with global deployments. When a user's My Site is hosted by a Shared Service Provider other than this one, that user will be blocked from using My Site related personalization features provided by this Shared Service Provider. The loss of functionality includes the ability to add users to their Colleagues list, the use of My Links and viewing people search results grouped by social distance. Enabling My Site to support global deployments, will allow a users who's My Site is hosted by a different Shared Service Provider to perform actions such as adding colleagues and links to their default My Site and viewing people search results grouped by social distance. To associate specific users with different Shared Service Providers use the Trusted My Site hosts list.

Aivea Proprietary Information

Default Reader Site Group Enter the accounts that will be added as Readers in the personal site when it is created. Verify that the accounts have the correct Personalization services permissions to use personal features and create personal sites. Also, verify that the public page has the correct permissions by browsing to the permissions page on the My Site Host. NOTE: Changes to the default reader site group will only affect personal sites created after the change.

3.2.4 Trusted My Site Host Locations


Use this list to identify trusted My Site host locations, serviced by other Shared Service Providers. Apply audiences to identify which user's My Sites are hosted in that location.

This used when Multiple Deployments has not been enabled or configured. If that option is being utilized this option does not need to be configured.

3.2.5 Published links to Office client applications


Use this list to publish links to SharePoint sites and lists when opening and saving documents from Office client applications. Links published here will show up under the My SharePoints tab when opening and saving documents . Use audiences to specify if a link should only be published to a specific set of users.

It is recommended to use this to lessen the impact of navigation, also can be utilized for specific groups to allow for team, group, or project specific publishing locations.

Aivea Proprietary Information

3.2.6 Personalization site links


Use this list to add personalization site navigation links to the My Site horizontal navigation bar. Links added here will show up as navigation links between My Home and My Profile on the navigation bar. Use audiences to specify if a link should only appear for a specific set of users.

3.2.7 Personalization services permissions


Use this page to control access to Shared Service Rights. Includes the linking to additional permissions configuration screens. The defaults applied here at the time you configured your SSP are the recommended settings to leave in-place.

Aivea Proprietary Information

3.3 Search
This section is utilized in the configuration and reporting of your Search for SharePoint. It is broken into two functional areas; Search settings, and Search usage reports.

3.3.1 Search settings


This section is utilized in the configuration and reporting of your Search for SharePoint. It is broken into two functional areas; Search settings, and Search usage reports.

3.3.1.1 Crawl Settings


This section is utilized in the configuration and reporting of your Search for SharePoint. It is broken into two functional areas; Search settings, and Search usage reports.

3.3.1.1.1 Content sources and crawl schedules


Use this page to add, edit, or delete content sources, and to manage crawls.

Aivea Proprietary Information

3.3.1.1.2 New Content Source


Use this page to add a content source. Name Type a name to describe this content source. Content Source Type Select what type of content will be crawled. NOTE: This cannot be changed after this content source is created since other settings depend on it. There are 5 basic options for crawl sources: SharePoint Sites Web Sites File Shares Exchange Public Folders Business Data Depending on option that you select you will need to populate the desired fields. This will also dynamically change the Start Addresses option and Crawl Settings below. Staggering your crawl schedules and grouping based on availability and priority is of the upmost importance. To limit the impact on your Index Server, and provide high availability to search results is critical. Start Addresses SharePoint Sites Type the URLs from which the search system should start crawling. This includes all Office SharePoint Server sites and Windows SharePoint Services sites. It is recommended that you group like higher availability sites. This allows for schedules to be tailored around the content sources. In addition sites with content that is not updated regularly can be set to a limited schedule to not impact the daily operation. Crawl Settings Specify the behavior for crawling this type of content. This is the recommended option for most sites. Selecting to crawl everything under the hostname will also crawl all the SharePoint Sites in the server.

Aivea Proprietary Information

Web Sites Type the URLs from which the search system should start crawling. It is recommended that you group like web sites, or higher availability sites. This allows for schedules to be tailored around the content sources. This includes any content, from a single web page to an entire web site. Crawl Settings Specify the behavior for crawling this type of content. It is recommended to crawl only within the server of each starting address, unless you can validate where the hops to other servers will be directed. Page depth specifies how far to follow each series of links, starting from each link in the content source . Server hops occur when a link from on Web site leads to a site/page on another server. File Shares Type the URLs from which the search system should start crawling. This includes contents of a file share, such as documents and other files. Security that is applied to file shares should be taken into consideration prior to performing this action. Crawl Settings Specify the behavior for crawling this type of content. It is recommended to crawl the subfolders only if you know the content of the folders. As this can expand the volume of miss hits, or miss categorized files. Choose which folders to include in the crawl.

Aivea Proprietary Information

Exchange Public Folders Type the URLs from which the search system should start crawling. Multiple folders can be defined in one schedule, this allows for independent schedules for multiple users or folders. This adds to the ability to provide higher availability to key exchange data. This includes messages, discussions and collaborative content. Crawl Settings Specify the behavior for crawling this type of content. It is recommended to crawl the subfolders only if you know the content of the folders. As this can expand the volume of miss hits, or miss categorized files. Choose which folders to include in the crawl. Business Data Catalog

Select whether to crawl all applications in the Business Data Catalog, or include only selected applications in this content source. It is critical to understand the content that is stored in your Business Data Catalog; as the option to crawl entire, can impact your performance of your Index Server depending on load. If you can break out each application or structure your schedules to limit impact this is recommended. An application may be included in only one Business Data content source. Applications Select whether to crawl all applications in the Business Data Catalog, or include only selected applications in this content source. Before selecting to crawl an entire BDC, ensure the total volume of the data is appropriate for your requirements. It is the recommended setting. An application may be included in only one Business Data content source.

Aivea Proprietary Information

Crawl Schedules Select the crawl schedules for this content source. It is recommended to define a Full and Incremental crawls for all sources. Create Schedule This option can be chosen for either the Full or Incremental Crawls. Common schedules include a daily, and routine every 15 and 30 increments. It is recommended you create unique schedules to best approach your data sources. Overlap or heavy indexing during operational hours is not recommended and full or multiple indexes should not be ran at the same time to lessen the overall burden on the Index Servers.

Start Full Crawl Select "Start full crawl of this content source" and click "OK" to start a full crawl of this content source. It is not recommended to force a full crawl during operational hours, or during a period when the impact could burden operational readiness. It is recommended only to force a full crawl if a major change has been applied to an existing schedule, or the need for the search data mandates its immediate need.

3.3.1.1.3 Manage Crawl Rules


Use this page to include or exclude paths from being crawled and specify authentication accounts. The order listed is the order in which the rules are applied while content is being crawled.

Aivea Proprietary Information

3.3.1.1.3.1 Add Crawl Rule


Test Path Use this option to test a url link and determine if a current rule currently supports the request. This will limit the possibility of overlapping or redundant rules being implemented.

Path Type the path affected by this rule. If your choosing to use the * in your path, ensure you are aware the application of this wildcard states all items within and sub of this location will be effected. Crawl Configuration Select whether items in the path are excluded from or included in the content index. Exclude: This option allows the exclusion of content under a site or structure that could be currently indexed. This allows for specific targeted exclusions of sensitive data or information. Include: This option is used to allow the expansion or handling of common indexing exceptions. This includes the ability to search links without including the content. This is commonly used for outside websites, or SharePoint sites that employ the use of links lists as a method of navigation.

Aivea Proprietary Information

Specify Authentication Type an account name and password for an account that can access the content specified. These options will be grayed out if the configuration options is and exclusion, the authentication option will only be active if defining an inclusion option. Use the default authentication. This is the SharePoint server administrator credentials, this should be only used if the content rule is focusing on content on the SharePoint server itself. Specify a different content access account. This options should be content specific such as a Content Admin, or account created in AD specifically for this and other similar crawl rules. Specify client certificate. This option is a server specific credential. It is recommended this only be used if the content resides on that server.

3.3.1.1.4 File Types - Managing


Use this page to specify file types to include in the content index. This is critical to update this with new file types, or unique file types that are specific to your organization or not present on this list. Any file type not included in this list will not be included in the index process. It is not recommended to include all file types, as databases, or files that do not have indexable content may cause bad results, or may impact the performance of your index.

Aivea Proprietary Information

3.3.1.1.5 Crawl Log


This log and reporting feature, provide the administrator a method to locate Successful Crawls, Warnings, Errors, and Totals for specific crawl sources.

Additional logs are available by selecting the Hostname of interest. Additional filtering and sorting conditions can be applied to locate target specific information.

In addition review of the site can be done by selecting the URL of the item. Reporting cannot be exported out from this screen, however content can be printed or saved via the browser being utilized.

3.3.1.1.6 Default Content Access Account


Specify an account to use as the default account when crawling content. This account must have read access to the content being crawled. It is recommended that a specific AD user account should be created for this process. Examples: ContentAccessAdmin or ContentAdmin This is also crucial as the deactivation or changing of passwords on this account could have substantial effects to the access of the data. It is critical to avoid crawling unpublished versions of documents, ensure that this account is not an administrator on the target server.

3.3.1.1.7 Metadata Property Mappings


Crawled properties are automatically extracted from crawled content. Users can perform queries over managed properties. Use this page to create and modify managed properties and map crawled properties to managed properties. Changes to properties will take effect after the next full crawl.

Aivea Proprietary Information

3.3.1.1.7.1 New Managed Property


Use this page to view and change the settings of this property. Name and type Type a name for this property, and select the type of information you want to store in this property. Property name needs to be unique for each property. Description should be detailed in providing a understanding of the function of the property. Also identifying the type of information is being provided in the property itself. General default is Text for most properties. You may need to contact a additional source of information if you are not sure of the property type. Content using this property This section displays the number of items found with this property. This will be grayed out during initial configuration of the property. This will be populated after the property goes live. Mappings to crawled properties A list of crawled properties mapped to this managed property is shown. To use a crawled property in the search system, map it to a managed property. A managed property can get a value from a crawled property based on the order specified using the Move Up and Move Down buttons or from all the crawled properties mapped.

Aivea Proprietary Information

Use in scopes Indicates whether this property will be available for use in defining search scopes. This will be property specific, however the recommendation is to include the field if you believe it will be a property used in the Advanced Search feature of SharePoint Search.

Aivea Proprietary Information

3.3.1.1.8 Metadata Property Mappings


Use this page to create server name mappings to override how SharePoint Portal Server displays search results or how users access content after you crawl some documents

3.3.1.1.9 Search-based Alerts


Use this page to activate or deactivate Search-based alerts. Search-based alerts must be activated to enable users to subscribe to and receive them. It is recommended that this remain active. They are Active by default. NOTE: If Search-based alerts are deactivated during catalog reset, they should be reactivated when the crawl is completed. Activating them before a crawl is complete may result in excessive alerts being sent to subscribers.

3.3.1.1.10 Search Result Removal


URLs To Remove Type the URLs you want to remove from search results. These URLs will be removed from search results immediately. This is recommended to be used if a source or URL is included that should be invisible to the search results. Example: http://.gov/finance/executivepay.doc Crawl rules will be created to exclude the specified URLs from future crawls. To undo this action, delete the crawl rule and start a full crawl of the content source with which this URL was crawled.

3.3.1.1.11 Reset Crawled Content


Resetting the crawled content will erase the content index. After a reset, search results will not be available until crawls have been run. This is recommended if you have a corrupt Index, or a significant change has been applied to Search Settings that is forcing the re-index of all content sources. It is recommended that you deactivate search alerts during the reset so as to prevent alerts subscribers from receiving unwanted e-mail.

Aivea Proprietary Information

3.3.1.2 Scopes
This section is utilized in the configuration of Scopes for your Search for SharePoint. It is broken into two functional areas; View and Create Scopes, and Scope reports.

3.3.1.2.1 View/ Create Scopes


Use this page to view and manage search scopes. The order in which the search scopes appear in this list is the order in which they will appear in the search scope list next to the Search box.

3.3.1.2.1.1 Create Scope


Title and Description Type a unique title and description for your scope. The title is displayed in the search dropdown, search results pages, advanced search, and elsewhere. Target Results Page Specify a specific search results page to send users to for results when they search in this scope, or choose to use the default. It is recommended that the use of the default page be applied to all scopes, unless the intent is to direct to a specific Search Results page due to sensitivity of the content or the intent is to promote a specific resource.

Aivea Proprietary Information

3.3.1.2.2 Update Scopes/Updating


Use this feature to force a manual update of Scopes. This is recommended to be used if significant additions or changes have been made to Scope configurations.

3.3.1.3 Authoritative Pages


This section is utilized in the configuration and specification of Authoritative Pages in Search for SharePoint. It is broken into two functional areas; Search settings, and Search usage reports.

Aivea Proprietary Information

3.3.1.3.1 Specify a new Authoritative Pages


Use this page to specify authoritative Web pages. Search uses these lists to enhance the overall ranking of results. Authoritative Web Pages Authoritative pages are those that link to the most relevant information. Recommended this be used when trying to promote HR, Finance, or specific important file locations within search results. Search uses this list to calculate the rank of every page in the index. There might be many authoritative Web pages in your environment. Type the most valuable in the topmost text box. You also have the option of specifying second and third-level authorities in the lower text boxes. Enter one full URL per line. Example: http://intranet/site-directory.html. Non-authoritative Sites You can specify that all content from certain sites be ranked lower than that of all other sites. Use this in the intentional demotion of non-critical or crucial search results. Common usage is to focus on Archive locations or File Shares that are nonessential. Type the URLs of those sites here, one per line. URLs typed in this section are treated as prefix matches. Example: entering http://archive/ will demote the rank of all URLs that begin with http://archive/. Refresh Now? Ranking re-calculation will start as soon as you click OK. If unchecked, ranking calculations will occur later according to a predetermined schedule. This is commonly unchecked and performed with the general schedule updates, and index process.

3.3.2 Search usage reports


Use Search usage reports to review key data on usage and reporting focused on Search. This information should be utilized to make your Searching more effective. These reports can be exported out in both Excel, and Adobe PDF format. Search Reports are broken into two categories. Search Queries Search Results

Aivea Proprietary Information

3.3.2.1 Search Queries


Search Queries focus on query results, and have five general reports that can be generated. Queries Over Previous 30 Days Queries Over Previous 12 Months Top Query Origin Site Collections Over Previous 30 Days Queries Per Scope Over Previous 30 Days Top Queries Over Previous 30 Days

Aivea Proprietary Information

3.3.2.2 Search Results


Search Results focus on results, and have five general reports that can be generated. Reports are displayed only for the previous 30 days, so it is recommended to set a manual date in the Search Administrators calendar to perform a save out of all significant reports. Search Results Top Destination Pages Queries with Zero Results Most Clicked Best Bets Queries with Zero Best Bets Queries with Low Clickthrough

Aivea Proprietary Information

NOTE: No data is available for some reports as Usage analysis might have been enabled only recently, or there might have been insufficient usage to result in any values for the report.

3.4 Excel Services Settings


This section covers the configuration of your Excel Services.

3.4.1 Edit Excel Services Settings


This section is utilized in the configuration of Excel Services. It is critical that Excel Services is enabled in the Server Services to utilize this functionality. It is recommended that Excel Services be utilized only in mission critical areas, or reporting as it takes significant server resources to support this function. This shared service enables you to load, calculate, and display Excel workbooks on Office SharePoint Server 2007. Using Excel Services, you can easily reuse and share Excel workbooks on Office SharePoint Server 2007 portals and dashboards. Example: Financial analysts, business planners, or engineers can create content in Excel and share it with others by using an Office SharePoint Server 2007 portal and dashboardwithout writing custom code. NOTE: You can control which data is displayed, and you can maintain a single version of your Excel workbook. Security Excel Services authentication, communication and web service settings. File Access Method It is recommended the usage of Process account for access. This uses the Web application credentials to access the file. Connection Encryption It is recommended to set to Not required as this will not be necessary as the data is not being presented to an outside source.

Aivea Proprietary Information

Load Balancing Load balancing of Excel Services sessions across Excel Calculation Services processes. It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated. Session Management Behavior of Excel Calculation Services sessions. It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated. Memory Utilization Allocation of memory on Excel Calculation Services. It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated.

Workbook Cache Settings related to caching workbook files on disk and in memory.

It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated.

External Data Handling external data connections in Excel Calculation Services. It is not recommended to assign a Unattended Service Account to your Excel Services. We recommend the usage of configured Data Connections, and Data Connection Libraries.

Aivea Proprietary Information

3.4.2 Excel Services Trusted File Locations


This is a list of Excel workbook file locations that you consider trustworthy. Excel Services denies requests to open files that are not stored in one of the trusted locations.

3.4.2.1 Adding Trusted File Location


Utilize this option to add trusted file locations to allow Excel Services to access these files as a trustworthy location. Location A Windows SharePoint Services location, network file share, or Web folder from which a server running Excel Services is permitted to access workbooks. Location Type: There is three location types: Windows SharePoint Services (Sharepoint Site Location) UNC (full UNC Path) HTTP (web site and location) Trust Children: It is recommended to limit trust. Trust is recommended if folder structures are being utilized within the location. Description: It is recommended that this optional field be populated with a description at all times to assist with the identification and purpose of the trusted location. Session Management Behavior of Excel Calculation Services sessions using workbooks from this location. It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated.

Aivea Proprietary Information

Workbook Properties Behavior of workbooks from this location in Excel Calculation Services sessions. It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated Calculation Behavior Calculation modes in Excel Calculation Services for workbooks from this location. It is recommended that you do not adjust this setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated External Data Handling external data connections in Excel Calculation Services for workbooks from this location. This option is only adjusted if utilizing External Data locations on this trusted location. Allow External Data: It is recommended that this option be selected to Trusted data connection libraries only. Warn on Refresh: It is recommended that you have this notification warning enabled, as a notification advising of accessing a external data source. Stop When Refresh on Open Fails: It is recommended that this be enabled to advise that the refresh will not be available on this data. It is recommended that you do not adjust External Data Cache Lifetime setting during the initial configuration. This is premature optimization, and could be counterproductive or cause issues. Revisit this option if needed after performance has been validated. User-Defined Functions Calling user-defined functions in Excel Calculation Services for workbooks from this location. It is recommended that this option not be selected by default, a validation of the data itself be performed to

Aivea Proprietary Information

ensure that any User-Defined functions will not cause harm, or perform an action that could be detrimental to the SharePoint servers.

3.4.3 Excel Services Trusted Data Connection Libraries


This is a list of data connection library locations that you consider trustworthy. Location A data connection library from which workbooks opened in Excel Services are permitted to access data connection description files. It is critical that this is a validated full address, and the detailed description explaining the type and purpose of the connection. It is recommended that all external connections be configured here using the Trusted Data Connections Library. This allows for the proper management and updating of any connection at a later time.

3.4.4 Excel Services Trusted Data Providers


This is the list of data providers that can be used for external data sources in Excel workbooks on this server. Provider An external data provider that workbooks opened in Excel Services are permitted to use. A unique but easily identifiable ID, and description should be provided for each provider. Examples: SQLOLEDB OLE DB Microsoft SQL Server OLEDB Driver SQLOLEDB.1 OLE DB Microsoft SQL Server OLEDB Driver (MDAC SQL Server 2000) SQL Server ODBC Microsoft SQL Server ODBC Driver (MDAC) SQL Server ODBC DSN Microsoft SQL Server ODBC DSN Driver (MDAC)

Aivea Proprietary Information

Examples of completed providers:

3.4.5 Excel Services User-Defined Functions


This is the list of user-defined function assemblies that are registered with Excel Services. Each assembly can be enabled for loading and calling by Excel Services, or disabled. Assembly details Settings for a .NET assembly that contains User-Defined Functions. Examples: SampleCompany.SampleApplication.SampleUdf C:\UDFs\SampleUdf.dll \\MyNetworkServer\UDFs\SampleUdf.dll It is recommended that you use the File Path to identify assembly locations. Enabling Assembly option is used to de-active an assembly without removing it from the list, this is the recommended process when performing maintenance or simply deactivating an older assembly that could be utilized at a later time.

Aivea Proprietary Information

3.5 Audiences
Use this page to manage and compile audiences. Audiences allow the ability to target content to users based on their job or task, as defined by their membership in a Windows security group, distribution list, organizational reporting structure, or the public properties in their user profiles. Users in an audience will see audience-specific content on the site that is not available to other users.

3.5.1 Create Audience


Use this option to create your defined audiences that your users will then utilize from there sites. These audiences will be defined based on many facets: Windows security group, distribution list, and organizational reporting structure are examples. Properties Type a unique and identifiable name, Example: General Counsel, Procurement, Big Hill Team A detailed description for this audience, should assist the users to determine if the audience if correct for their needs.

Aivea Proprietary Information

Specify whether you want users to be included in the audience that satisfy all the rules of this audience or any of the rules of this audience.

3.5.1.1 Add Audience Rule


Operand Based on the method of selecting either the user or property to base the rule on Operator will dynamically change based on this selection. It is recommended that you map out your rules prior to creating the audience, as they should be fully vetted. Select User to create a rule based on a Windows security group, distribution list, or organizational hierarchy. The Operator will change to either Member Of, or Reports Under. Make your determination. It is recommended to use the Member Of as your default option.

Select Property and select a property name to create a rule based on a user profile property The Operator will change dynamically based on your selection. There is no default, as it will be dependent on the Property requested.

Value Specify a single value to compare. This value will be dynamic based on the Operand and Operator.

Aivea Proprietary Information

3.5.2 View Audiences


Use this page to view audience properties, add and edit audiences, and view audience membership.

This area allows the review, filtering, creation, edit, and deleting of audiences.

3.5.2.1 View Audience Properties


Use this option to view and edit specific audiences.

Aivea Proprietary Information

3.5.3 Start Compilation


Use this page to specify a schedule for audience compilation. Schedule Specify when and how often to compile audiences. It is recommended that compilations are scheduled to update regularly. As this is not a server intensive process, daily updates are recommended.

3.6 Office SharePoint Usage Reporting


3.6.1 Usage Reporting
Usage Reporting functionality must be enabled to provide reporting for items such as Search and Usage Reports. This is broken into two categories: Advanced usage analysis processing. Search query logging.

It is key to be aware the Usage Reporting creates log files that supporting the reporting methods. These logs can be significant in size and as such space availability for them should be considered before usage. Processing Settings Advanced usage analysis processing allows content owners of site collections and sites to understand how their site is being used, and provides information to help them improve the effectiveness of their site. When advanced usage analysis processing is enabled a daily schedule will process usage logs and provide the results to reports available from the site settings page of every site. WARNING: Detailed usage analysis processing requires usage logging to be enabled, but Windows SharePoint Services usage logging is disabled for this farm. Configuration of the Usage Analysis Processing is covered in section 1.3.2 of this document.

Aivea Proprietary Information

Central Administration > Operations > Usage Analysis Processing

Search Query Logging When you enable search query logging, records of queries will be stored in the Shared Services Provider database. You can view search query data in usage reports available from the top-level site in a site collection or from the Shared Services Administration page. See section 3.3.2 of this document for more on Search Reporting.

3.7 Business Data Catalog


This section is used to configure and manage your SharePoint Business Data Catalogs.

3.7.1 Import application definition


This section is utilized in the configuration and reporting of your Search for SharePoint. It is broken into two functional areas; Search settings, and Search usage reports. Application Definition An application definition describes a database or web service. It includes connection settings, authentication mode, definitions of available entities, and other information. After you upload an application definition to the Business Data Catalog, you can use its entities in lists, web parts, search, user profiles and custom applications. It is recommended that any Application definition file be fully tested in a sandbox prior to being applied to your SharePoint environment. It is critical that the relation is created on the database side, prior to import so that the relationship can be effectively used. In addition it is important to understand that only one Application definition can be inplace per database, therefore it is critical to have all tables, attributes, etc. outlined fully. Updating of the Application definition requires the removal of the existing definition and then importing of the new definition file. File Type Choose the type of application definition file to import, it will either be a Model or Resource. This will be dependant on the type of definition you are supplying. Resources to import Choose resources to import

Aivea Proprietary Information

ExampleBDC XML file:

Aivea Proprietary Information

On a successful import you will be directed to the Application Information. This page allows review of the Application attributes, and further configuration of the Application. Manage Permissions Export Application Definition Delete Application Along with identifying the Entities affiliated to the Application.

3.7.2 View applications


Use this to review any Application Definition that has been imported into the system. It also allows the access to review the Application Information.

3.7.3 View Entities


Use this to review all Entities that have been imported into the system. The ability to View the Entity and Manage Permissions at an Entity level is optional at this level.

Aivea Proprietary Information

3.7.3.1 Entity Information


From the Entity Information window, you once again have actions that can be performed in order to customize or configure the Entity.

Options include the Management of Permissions, Performing or Adding Actions, adjusting Relationships, and reviewing Filters. It is recommended that any changes to the Entity be fully documented and tested prior to addition or changing of settings.

Aivea Proprietary Information

3.7.3.2 Actions to Add or Edit Entity


Options for changing the Actions or Adding Actions to an Entity.

3.7.4 Business Data Catalog permissions


Use this option to manage permissions for all Business Data Catalogs. There is four general actions that can be performed from this menu: Add Users/Groups Remove Selected Users Modify Permissions of Selected Users Copy all permissions to descendants

3.7.5 Add Users/Groups


Choose Users You can enter person names, group names, or email addresses.

Aivea Proprietary Information

Multiple users or groups can be added at one time, separate them with semi-colons. Choose Permissions Choose permissions to assign to these users/groups. There are four types of rights, it is critical that permissions are applied as needed and should be done by groups as a best practice. Edit Execute Select in Clients Set Permissions

NOTE: If you add a user that already exists, that user's rights will be overwritten.

3.7.6 Copy all permissions to descendants


This option should not be selected as a default option, make the specific selection of which permissions you would like to effect, then make the choice to copy permissions. This will force inheritance to descendants. You will be warned that this effect will replace permissions of descendants, selection beyond this are not reversible, except through manual correction to each entry.

3.8 Edit Profile page template


This option allows the customization of the Profile Template Page. The name of the template page used to create business data profiles is _BusinessDataProfileTemplate.aspx. Administrators can modify the template page, either directly within the browser or by using Microsoft Office SharePoint Designer 2007, to customize the default look and feel of profile pages. You get different results depending on whether you customer a profile page template before or after you import the application definition. Here are the two scenarios for customizing the profile page template: Business data profile pages are essentially Web Part pages, with unique URLs, that display details about a business data item defined in the BDC. Business data profiles may, for example, display a product name along with any associated data about that product such as a description or list price. Business data profiles are created automatically for each entity or business item using the Business Data Item Builder Web Part. This Web Part, used only for business data profiles, builds a business data item from identifiers in the URL and sends it to connected Web Parts. NOTE: Default actions for entities can be defined by your administrator in the application definition file. In this case, when the application definition file is imported, the process of automatically creating default profile pages for these entities is skipped.

Aivea Proprietary Information

3.8.1 Customize _BusinessDataProfileTemplate.aspx before importing the application definition


When the BDC administrator imports an application definition, a profile page is created for each entity that is imported. These profile pages are copied from _BusinessDataProfileTemplate.aspx. For example, if the application definition contains entities called Product, Customer, and SalesOrder, profile pages are created that are called Product.aspx, Customer.aspx, and SalesOrder.aspx. This means that if you want to make changes to _BusinessDataProfileTemplate.aspx that apply to all of the profile pages for all of the entities, you should makes these changes before the application definition is imported (or updated and reimported).

3.8.2 Customize _BusinessDataProfileTemplate.aspx after importing the application definition


Profile pages are created automatically for each entity when the BDC administrator imports an application definition. For example, if the application definition contains entities called Product, Customer, and SalesOrder, profile pages are created that are called Product.aspx, Customer.aspx, and SalesOrder.aspx. You can customize any of these profile pages, such as Product.aspx, and those changes will appear on all of the profile pages for products. (Note that if a file already exists with that name when the application definition is imported, a number is appended to the file name and incremented until the file name is unique for example, Customer.aspx, Customer1.aspx, Customer 2.aspx, etc.)

Aivea Proprietary Information