So Tech-Ed was last week. Unfortunately I had quite a few issues keeping my laptop charged. It seems that American wall sockets are quite temperamental. Fried a few adapters along the way. This has basically meant that it has taken till now to publish this post.
Anyway just have a few summaries and points of interest for some of my favourite sessions over the week:
UNC320 - Transitioning Lotus Notes Applications to the Microsoft Collaboration Platform
Presented By: Erik Ashby
This session was mainly about the tools and techniques available for migrating Lotus Notes applications to SharePoint. A tool called the Microsoft Transporter Suite for Lotus Domino has been developed to analyse and perform the migrations. The interesting thing for me about this tool was that it had been built almost entirely with PowerShell. The GUI that is provided has been built on top of the PowerShell app. Erik explained that MS utilities have historically been built with the GUI side in mind first, and the command line utility comes later. This can mean that the command line util is not fully featured, or has differences in its operation - and it takes extra time to develop. With the transporter the command util provides the more advanced features and the GUI most of the features for less-technical people to use. Erik suggested that going forward, many MS utilities would use this PowerShell developed approach. Which I think is great being a huge fan of PowerShell.
The util itself provides two main types of operations - get commands and move commands.
The get commands provide a powerful method of analysing the types of applications, number of applications and level of customisation of existing Lotus applications.
The move commands provide a means to perform actual migrations of the Lotus applications. The migrations are not necesarily going to be to SharePoint - however it was the focus of Eriks session. It can also migrate users to AD and mail to exhange.
Links:
MS Blog about the tools and solutions used in moving to a Microsoft collaboration platform
SVR320 - Using Windows Rights Management Services to Protect Content in a Microsoft Office SharePoint Server 2007 Farm
Presented By: Michael Noel
This great session was all about incorparating Windows Rights Management Services (RMS) with SharePoint. This allows Information Rights Management (IRM) of documents at a document library level. More specifically it allows the following document operations to be locked down:
- View
- Edit
- Copy + Paste
- Print
Of course a determined information thief will be able to get past this (screenshots or photographs), but it creates a good deterrent . It definately does help with unintentional document leakage - eg a document gets emailed to the wrong person. In order for users to be able to view RMS enabled documents they will need to install the RMS client.
Some things that I found interesting about RMS + SharePoint integration:
- Supports Office 2003/2007
- Encyption Based on X.509 certificates (like SSL)
- Microsoft always acts as the Root Authority for the RMS certificate
- RMS requires user CALs (but this may be part of Windows Server?)
- If Save is enabled, and print disabled you still can't just save as a new document and print.
- Windows Server 2008 will have an improved version of RMS
In order to make effective use of RMS you really need to build an RMS server. Michael made it quite clear that it was a bad idea to install the RMS components on one of your WFE - although it is possible. The reason for this is that the RMS component installs its own mini version of WSS for admin management. Some things to keep in mind when configuring RMS for SharePoint:
- The RMS service account should be its own seperate domain account (follow the least privilege principal)
- Each client needs the RMS client application (client included with Vista)
- Very important to have a backup strategy for the RMS database
- Even more important to have a backup of the certifcate private key (for when things turn to custard)
Links:
How to deploy RMS with MOSS
RMS service download (SP 2)
RMS client download (SP 2)
OFC328 - Search in Microsoft Office SharePoint Server 2007: Deploying, Managing, and Configuring
Presented By: Luca Bandinelli
This was a very infromative session about the administerial side of search. A lot of it was to do with different search topologies and was reasonably standard. There are a few things about search that I did not realise:
Having more than one index server
This is only something you would be concerned about for a very large SharePoint deployment. The rule of thumb here is when your getting close to indexing 50 million documents. This is a supported topology, however none of the out-of-the-box webparts are designed to search through more than one index server. The message from Luca was that it is possible, and will sometimes be neccesary - you just need to know the implications and plan ahead.
64-Bit processors for search
The general theme was that 64-Bit processor enabled servers are faster - not just for WFE/Query/DB servers but also the index server. The main caveat to having your index server on 64-Bit is any iFilters that you may be using. These all need to be 64-Bit too. Adobe haven't yet released a 64-Bit version of their PDF iFilter however Foxit Software have released one. Other iFilters need to be taken on a case by case basis.
Custom security trimmers
I wasn't aware that custom security trimmers even existed before this session so this was very interesting. Basically you can define your own security trimming. This is done quite easily by implementing the ISecurityTrimmer interface. The MOSS query process is really a bit of a black box - custom trimming will always run after the standard query process. Which means the results will first be trimmed by the standard security, then the remaining results will be further trimmed by your own custom trimmer.
This is quite important for the Business Data Catalog (BDC) as it there is no security trimming by default. The BDC only provides Application/Entity security. So if access is given to a BDC application or entitiy all results will be returned for that application/entity. There is even a BDC custom trimmer available. To attach a custom security trimmer to a content source you have to create a crawl rule and then run the stsadm command registersecuritytrimmer.
One thing to keep in mind is that there is a performance hit when using a custom trimmer. If checking thousands of results it could take a long time. The trimmer should implement a check for the number of results and throw a PluggableAccessCheckException exception to stop the search and inform the user to refine their query.
OFC324 - Microsoft Office SharePoint Designer 2007: It's for Developers Too
Presented By: Dustin Miller
This was easily my fave session from Tech-Ed. If your getting the session DVDs or just missed that session you should definately have a look at the recording. Dustin is a very entertaining speaker and kept everyone very interested. The focus was on using the DVWP in a variety of ways. I thought I had a pretty good idea of what I could do with that webpart but he really opened my eyes. Really interesting demos, showed some cool ways of doing conditional formatting that I really hadnt considered.
Also didnt realise that there was a version of SharePoint Designer called Expression Web. Turns out it only has a subset of the features of SPD so you may as well stick with SPD.
There were also a bunch of other great sessions that I went to from the likes of Andrew Connell and Mike Ammerlan.
Won't be back in NZ for another week and a half so blog posts are unlikely in that time.