Beruflich Dokumente
Kultur Dokumente
written by
David Walker
© Copyright Quest® Software, Inc. 2008. All rights reserved.
WARRANTY
TRADEMARKS
All trademarks and registered trademarks used in this guide are property of their
respective owners.
World Headquarters
5 Polaris Way
Aliso Viejo, CA 92656
www.quest.com
e-mail: info@quest.com
Please refer to our Web site for regional and international office information.
Updated—April 3, 2008
WPD-TheMoreYouKnow-111208-AG
CONTENTS
INTRODUCTION ..........................................................................................1
THE EXPANDING ROLE OF THE SQL DATABASE ADMINISTRATOR (DBA) .......................... 1
FROM SQL DBA TO SHAREPOINT ADMINISTRATOR .................................................. 1
SharePoint is Growing.............................................................................. 1
Why Should the SQL DBA Become a SharePoint Administrator? ..................... 2
SHAREPOINT OVERVIEW ............................................................................3
INTRODUCTION ............................................................................................. 3
THE SEVEN CORE POINTS OF SHAREPOINT ............................................................ 4
Platform Services .................................................................................... 5
Collaboration .......................................................................................... 5
Portals................................................................................................... 6
Enterprise Search.................................................................................... 6
Enterprise Content Management (ECM) and Web Content Management (WCM) 6
Business Forms and Business Process Management (BPM) ............................ 7
Business Intelligence ............................................................................... 7
BECOMING A SHAREPOINT ADMINISTRATOR: WHAT YOU NEED
TO KNOW ....................................................................................................8
SIMILARITIES IN SHAREPOINT AND SQL SERVER ADMINISTRATION ............................... 8
DETERMINING THE BASE ARCHITECTURE FOR A SHAREPOINT DEPLOYMENT ....................... 8
Single Server Architecture ........................................................................ 9
Small Farm ............................................................................................ 9
Medium Farm ....................................................................................... 10
Large Farm .......................................................................................... 11
BEST PRACTICES ......................................................................................... 13
CONCLUSION ............................................................................................ 14
ABOUT THE AUTHOR ................................................................................. 15
ABOUT QUEST SOFTWARE, INC. ................................................................ 16
CONTACTING QUEST SOFTWARE ....................................................................... 16
CONTACTING QUEST SUPPORT ......................................................................... 16
i
White Paper
INTRODUCTION
For many Microsoft SQL Server professionals “dependency creep” has already taken
place. If you haven't experienced it yet, consider yourself lucky, but don't be
complacent and think that it won’t happen to you. More than any other IT
specialists, as a DBA you need to be prepared for what your companies and clients
have begun requiring of you. You need to be always looking forward and preparing
for the next wave of technologies and requirements for our profession.
While your responsibilities center around the database family of products and
include such technologies as OLTP, data warehousing, reporting services,
specialized database engines, and different platforms, you are beginning to have
responsibilities in various application suites, such as SharePoint. Typically, this push
begins with management recognizing the need for, say, a SharePoint administrator,
and determining that the proficient DBA/SQL Server professional is the most logical
person to handle these new responsibilities. We will discuss how this is to your
advantage and how you can proactively seize this new opportunity
SharePoint is Growing
During the Q&A session at the end of his keynote address at the Convergence
conference on March 15, 2007, Microsoft CEO Steve Ballmer stated that
“SharePoint is the definitive OS or platform for the middle tier.” And in fact,
multiple sources have declared SharePoint to be “Microsoft’s fastest selling product
of all time.”
All of Microsoft's products, especially the Enterprise Server product line, are heavily
investing in SharePoint as the means to deliver information easily and quickly. It
has quickly become the new "digital dashboard." SharePoint has easily become the
central repository for knowledge management and document repository. With the
additional features of versioning and workflow, it has made plain old network file
storage very antiquated quickly.
1
SQL Server and SharePoint
It is easy to see how all of Microsoft's products will begin to utilize the features
SharePoint has to offer. Microsoft SQL Server Reporting Services is the first and
"lowest hanging fruit" for us, the SQL Server professionals. But it is only the beginning.
SharePoint administration has the same base requirements as that of the SQL Server
DBA. Performance optimization, backup, restore, and recovery are fundamental to
both SQL Server and SharePoint. Just like any other SQL Server implementation, in
times of high traffic load or availability, the usage of SQL Server mirroring and
clustering becomes necessary. We will continue to dig deeper into other areas where
our experience as SQL Server DBAs and professionals make this a smooth and optimal
transition, but first let’s look at the details of SharePoint itself.
2
White Paper
SHAREPOINT OVERVIEW
Introduction
The most recent version of SharePoint actually consists of two different versions:
Windows SharePoint Services (WSS), which is a free add-on for Windows Server
2003 and newer, and Microsoft Office SharePoint Server (MOSS), which is the
enterprise edition built on top of WSS. MOSS includes more features and greater
functionality than WSS. The graphic below shows the SharePoint technology stack
and how the various layers are built on top of each other, from Windows Server
2003 all the way up to Microsoft Office SharePoint Server Enterprise Edition 2007:
Platform Services X X X
Collaboration X X X
Portals X X
Enterprise Search X X
3
SQL Server and SharePoint
Enterprise Content X X
Management (ECM)
Business Intelligence X
Every discussion about SharePoint begins with the familiar seven point wheel or pie
chart showing the seven core points of SharePoint, shown below. I will discuss
these core points in more detail in the following order:
1. Platform Services
2. Collaboration and Social Networking
3. Portals
4. Enterprise Search
5. Enterprise Content Management (ECM) and
Web Content Management (WCM)
6. Business Forms and Business Process Management (BPM)
7. Business Intelligence
4
White Paper
Platform Services
Platform Services provide the foundation for SharePoint. Like the services of the
Microsoft SQL Server product line (Analysis Services, Reporting Services, etc.),
Platform Services consists of multiple capabilities. The Microsoft Office SharePoint
Server makes the entire feature areas described above function as one integrated
and holistic application.
• Security Trimming ensures that you see only the content and links to
content that you have permission to see, even in search results, ranging
from individual content items to entire sites. It utilizes groups and policies,
along with a wide array of authentication providers, including Active
Directory, Kerberos, NTLM, basic, LDAP, ASP.NET Forms, and web single-
sign on.
• Search extends across all areas of MOSS and other enterprise applications
when they are configured to take advantage of the Business Data
Catalog feature. These services include the server-side applications for
Microsoft Excel and InfoPath, as well as site-specific and site-wide recycle
bins that aid in content recovery.
• Storage capabilities allows for a complete document management system
with easy storage of practically any document type with version control,
approval workflows, metadata, search, administration, quotas, and
retention policies.
• Site Model provides a consistent user interface, automated navigation,
and a template-based infrastructure for customizations, site formatting,
and deployment.
• Server Topology Management provides a highly flexible and scalable
distributed architecture that enables you to isolate and configure various
services on specific servers and easily deploy applications across multiple
web and database servers.
• Workspaces Management allows for easy collaboration across
documents, projects, and more. It even provides a simple environment
that allows multiple users to work on the same document until it is ready
to be published.
Collaboration
MOSS provides out-of-the box functionality for a wide range of collaboration
features: announcements, events, issue tracking, task lists, calendars, blogs and
RSS feeds, wikis, discussion boards, document, slide, and picture libraries,
contacts, surveys, e-mail and Outlook integration, and offline documents.
5
SQL Server and SharePoint
Portals
Wikipedia defines a portal as “a framework to provide a single point to a variety of
information and tools,” while an Enterprise portal is described as “a framework for
integrating information, people, and processes across organizational boundaries.”
With its long list of built-in features and functionality and its ability to tightly
integrate with Microsoft Office, MOSS can easily be the single entry area for all
information and content, along with easy integration with other third-party and
custom applications.
MOSS also optionally allows all you to have your own private site. This allows for
depth personalization and audience targeting. You can easily share information with
others, making that data accessible anywhere internet service is available.
Enterprise Search
MOSS not only searches all content in the SharePoint site; it can also be configured
to search other web sites, files on a file share, any database content, and any mail
on an Exchange or Lotus server.
Search can be easily filtered, and it can also make suggestions for misspelled words.
Web Content Management enables you to enter and edit content (sites, text,
images, etc.) without writing any code. Master Pages and Page Layouts are used to
customize how the web site looks. Site columns, content types, and workflows can
all be shared for reusability.
6
White Paper
MOSS includes InfoPath Services, so you can view and edit forms, simple or complex,
without having to have the InfoPath application installed on your own machines. With
the appropriate permissions levels, you can even create your own forms, thanks to a
Form Library specifically designed to store InfoPath forms inside of SharePoint . The
United States Marine Corps has implemented SharePoint to improve the administration
of their tasks and processes, all without the help of a single developer (see
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleI
d=9024819&source=rss_topic16).
As this article mentions, the Federal Aviation Administration (FAA) has saved over $7
million, with $3 million in travel costs alone, after their deployment of SharePoint,
which started with 50 users and has grown to 27,000 users and a 600 GB site.
Business Intelligence
Business intelligence applications and reports have become a high priority for many
organizations. MOSS supports business intelligence through built-in web site
templates for connecting to external data sources and applications (such as SQL
Analysis Services and SQL Server Reporting Services) for reports and data. The
Business Data Catalog (BDC) is one of the most interesting features of MOSS. It
provides the functionality to link to data stores, whether they are third-party or
custom applications, including search results and direct linking to their individual
applications as well. The data is not duplicated on the MOSS server but results are
still real time.
MOSS includes Microsoft Excel Services, which allows you to view spreadsheets via
html without requiring Excel on their local machines, providing extra security for
formulas. Moss also supports key performance indicators, so MOSS can provide a
central location for real-time reports, spreadsheets, and KPIs with their built-in
dashboard template.
7
SQL Server and SharePoint
First and foremost, SQL DBA expertise can be beneficial in simply determining the
base architecture for a SharePoint deployment. Fundamentally, this choice is based
on the actual needs of the company, end user, and client, but two simple questions
can help with the decision:
Architecture choices include single server, small farm, medium farm, and large farm,
as explained below.
8
White Paper
You can access the server by simply adding your Windows account to the server. As
a built-in feature of WSS 3.0, the capability for doing this automates regular
backups, but a specific backup schedule requires a scheduled task and the
stsadm.exe command-line tool.
Small Farm
Small farms include components scaled to two tiers, a WFE and a database server.
This topology is good for organizations that keep data in SQL Server for scalability
and centralized management.
One of the disadvantages of a small farm is lack of redundancy: there is only one
WFE server, so if the database or WFE server goes down, the data becomes
unavailable. You also have to wait during server patches, maintenance, or reboots.
9
SQL Server and SharePoint
Small farms are comparatively cheap to set up and maintain. However, if you have
to expand them, more resources should be available. This topology is ideal for
multiple teams or departments who have outgrown a single server.
Medium Farm
Medium farms include components scaled to three tiers: a WFE, a dedicated
database server as a back end, and a dedicated search server for indexing (because
the amount of data being indexed would overload the WFE server).
Maintaining the SQL Servers requires more resources and more hardware than a
small farm, along with a dedicated database administrator who has the knowledge
and experience to set up this sophisticated and fault-tolerant structure.
This topology is ideal for medium to large organizations where users require
storage space, a search mechanism, and extranet deployments.
10
White Paper
Large Farm
Large farms include components scaled to three tiers with multiple dedicated
application and service servers. A large farm has a failover at the front end with
multiple web servers that have load balancing.
A large farm has more than one search server to crawl through data, and multiple
SQL clusters for storing data. Large farms require more resources, including people,
money, and hardware. But they have a higher fault tolerance than smaller farms,
which is critical to some organizations. This topology is ideal for large organizations
that require higher database performance, enhanced storage space, and availability
of data at all times.
11
SQL Server and SharePoint
Large farms do present same concerns regarding perimeter security. First, the
perimeter network should have its own domain. The domain controller and other
domain infrastructure computers, such as DNS and DHCP, must be able to
communicate with one another and should be in the same domain as the WSS 3.0
servers—both WFE and database.
The perimeter domain should have a one-way trust with the corporate domain to
ensure that corporate accounts can be used for WSS 3.0 authentication but not the
other way around.
If SharePoint sites need access to internal corporate resources, they should use the
perimeter network domain accounts. But, like any other corporate intranet security
account, large farms are at a greater risk of attack from an intruder.
12
White Paper
Best Practices
Your focus should be on the ways to secure WSS 3.0 servers rather than on
configuring SharePoint group or user accounts. The following are security-related
best practices for SharePoint.
Much like SQL Server, SharePoint uses a typical port configuration; to expose
SharePoint outside a firewall would mean to expose it on the router, firewall and/or
ISA server. Since SharePoint is a web application, it uses the typical ports: 80 for
HTTP, 443 for HTTPS (HTTP + Secure Socket Layering), and 25 for SMTP. Of
course, security can be increased by changing the default port numbering. If an ISA
server is used, remember to reverse the proxy settings configuration so that the
host header can still be communicated to the SharePoint server, since this is used
to resolve the actual application requested on the web front end.
As with SQL Server, the time to expand the architecture, hardware, or farm is
determined by the usage utilization. The number of web front end servers greatly
depends on the usage pattern and number of users. Are the users simply
performing read transactions, or do they need read/write transactions?
You should place Web site files and folders on a dedicated disk volume. The default
path for the same is [systemroot]\Inetpub\WWWroot. You can move the files and
folders to a separate volume to restrict access to system operations.
You should create separate accounts for each Web application—IIS application
pool identity.
You should configure IIS server logging to store logs on a non-system
striped/mirrored volume for increased performance. IIS logs can include
information such as who has visited a site and what each visitor viewed. This
information can be used to assess content popularity, identify information
bottlenecks, or to help investigate attacks. Logs such as W3C Extended Log File
format, ASCII, or ODBC are stored in a SQL database.
You should secure well-known accounts by renaming the administrator and guest
accounts at the domain and server levels. Also, ensure that you use long,
complex passwords.
As with any server, you should also disable unnecessary services such as FTP,
SMTP, and NNTP.
You should use group policies to enforce security. Then you should use the Security
Configuration Wizard to create a group policy. Place WFE servers together in their
own domain organizational unit (OU) and apply this policy.
You should deploy and maintain antivirus and antispyware software within the
organization. You also need to keep computers updated with updates and hot fixes
from Microsoft.
You need to restrict anonymous access. If anonymous access is needed, add deny
access control entries to the access control list (ACL) of key programs and folders
for the anonymous access accounts
13
SQL Server and SharePoint
CONCLUSION
Your experience as a SQL Server professional provides you with the most sought-
after and highly valued skills required of a SharePoint administrator. Don't be
scared. Embrace these new Microsoft technologies because "The More You Know,
the Better off You Are."
14
White Paper
15
SQL Server and SharePoint
Please refer to our Web site for regional and international office information.
Quest Support is available to customers who have a trial version of a Quest product
or who have purchased a commercial version and have a valid maintenance
contract. Quest Support provides around the clock coverage with SupportLink, our
web self-service. Visit SupportLink at http://support.quest.com
View the Global Support Guide for a detailed explanation of support programs,
online services, contact information, and policy and procedures. The guide is
available at: http://support.quest.com/pdfs/Global Support Guide.pdf
16