Skip to content

Day2 – Dev

Any out of the box application of sharepoint – can be used by end user and
configures the sharepoint web application.

How does the end user work with sharepoint application?

Administrators user uses Central Admin interfaces – they use a command line tool
called stsadm .Both these can be extended.

Developing in sharepoint means new stuff appearing in UI/services.
: “Creating extension or Creating Services ”
Create own templates, list templates, site templates, web parts,
event handlers,workflows,controls, entire pages
UI _ in sharepoint is : Sharepoint web application and accessing the new services from this UI.

Additional Features: Single administration: user interface :Auto availability on multiple web farms.
Eg: Discussion list: simplistic but has the above features. pick up third party or customize.

Planning a Sharepoint Installation

Who are these applications going to run as? (Permissions of this user).
Permissions of:
1. Central Admin needs to write to the configuration database.
2. Timer Service

So: service account of central admin.
Service account is user account for running service. No password change.

LocalSystem earlier was used but more powerful than admin.
NetworkService,LocalService. These accounts cant go beyond that machine,
cannot connect to another machine.

Local a/c : User created in the sam of machine, for standalone installation.
So,use a domain account for setting up a service: (Active directory), real life.

Need to create central admin service account. Permissions:
Should be able to read and write to the configuration database.
Should be able to create database + write to file System directory,
+ make entries in IIS Metabase + give permissions on the directories and db that he creates.

Share point setup will give these permissions auto if we do it correctly.

SQL Server gives many services:
:Multiple DB Engine services may be running.Name of service = name of server.
Other services also exist. like reporting,analysis.
Windows Authentication: If windows user.
Mixed mode,different set of users inside the sql server.

Select Security -> Logins -> Server Roles dbcreator and securityRoles.
One does not need to do this otherwise generally.

Like Administrator:

Basic installation – is problematic in sharepoint:
Basic would copy another copy of SQL Server Express edition
It will install central admin and run that as process service
It will forecibly take over any web site that runs at port 80.

So dont choose stand alone in server type.
Connect to server farm: Config DB (Sharepoint ConfigDB) needs to be created.
If recovering then click Yes else first time No.

Who will central admin and timer service run as.These settings are farm wide.
At this point it is the administrator that is creating the configuration db and will
make SPAdminService as the owner. It will also create some group and make our users a member of these groups.

Group WSS_ADMIN_WPG: membership is allowed to connect to central admin.
Design Flaw: Even service account is member of that group.
They have also made service account a member of restricted.

Admin_WPG : People not service a/c
WSS_WPG : They can connect to central admin and completely adminsiter group.
Add normal users to this grp if you ever want them to do it.
Dont do it through this users and groups but do it through Config Admin screen so that it updates
it in Config DB and timer service synchs across all.

Are the members of these group not part of IIS? Not necessary.
wss folder in wwwroot folder of IIS however IIS_WPG group does not have the rights over it.
So IIS cannot see it.

WSS_WPG: Other web applications run as the WSS_WPG user.


Services on Server.
Sharepoint services web application.

(Express edition of SQL Server : then services search in Moss would not be visible)
SQL Server + Full text search service allows MOSS Windows Sharepoint services search to exist
Crawl, index and response to queries. [ + security trimmings ].

Who does search service run as? Runs as SPsearchservice account?
More complex. this is implemented using simple windows service.
How does it connect to content db? SPcontentaccess Account. This account has all read
permissions to all applications in all in the farm.
User cannot login as contentAcc a/c.

How should spsearchservice should hv a/c on db to create information related to db name.

Office: Crawls the content

Office Sharepoint Server Search: Does all 3 pieces (Crawling, index, response – got sepearte modules for each)
More complex. this is implemented using windows service + web service.
+ Partially implemented as a shared service.

Shared services: install on one location : these are separate web applications.
SSP : Shared service provider is where they run. and used by all existing web app’s.

For each service : use a separate service account for each service.
Conventions to be followed for crawling public web sites.

No Robots.
Robots.txt : what you are allowed to crawl.
As part of your request,this is my email id incase you dont’ want me crawl you,

Bigsearch stores Indexes in files. (12.0/Data/Office Server/ Applications)
Backup these indexes in these files.

Web Front End: Server where web app is running,
Dedicate one machine only for crawling.

Service Accounts: Central Admin: stsadm: to change the account for running central admin.

Two kinds of logging
Event logging: Any specific event occurs.
Trace Logging: Is more mundane. (where log files are created, how many are mantained,
archival is up to us,
location: Microsoft Shared\Web server extensions\12\LOGS)

Create application and then create site collection in those applications.
Create app = create IIS Web site = Create a content DB + making entries in IIS metabase.

Web sites: not already configured+ having 2.0

I am creating a new IIS web site. so existing web site configurations are lost and
one should keep back up of old web.config file.

Allow Anonymous: Can keep this as an optional concept in the application
(May or may not be used),

Load balanced URL: Names are very important in sharepoint. Not IP Addresses.
In Sharepoint: and are 2 applications but give same content,
that is they are connected to same content database.

Extending the application: Give a new name , alias for the same content DB,
Alternative access mapping. Here you can also give difft security policy for intranet and extranet for same content.

Restart IIS : For new app pool or putting new application in the pool.
If app pool already existed and sp app already in it – then no need to restart.

Restart manually: since Restart automatically would restart on all IIS on all WFE’s.
restart manual is safe since other wfe iis maybe in use.

Virual Directories: which are not in the same location but look like as though physicall subdir
look with globes. Gear with web.config : images with independent application.

SQLDataSource controls are not allowed by sharepoint.
User Controls asax control : normally controls are classes in dll.
Path over here: _controltemplates and its path.

Assembly: dll /exe : has a 3 part naming convention

Define managed paths: Rmoeve the root default / path: and then our own pages
can be accessed and also web.config needs to be updated in my test web app to combine
my web pages and sharepoints pages.

Three levels of administration:
Core Central Admin administrator
Site collection administrator
Site Administrator

Site Collection: Root site’s information is asked.
Template: Collaboration and meetings alone in WSS – other tabes because of Moss.

Site Collection
Welcome User Dock uses the user control – asax file.
Delegate Controls – could be small or large search or custom search over there.

Top Nav Bar: Across sites in site collection.
Left Nav: Quick launch bar, within this site or below this site.
Access the search,

SPRequestHandler gets it and passes context after checking security.
Multiple mappings of virtual directory of _layout with each web application
DB Connection auto available for _layout for specific COntent DB.

Vermeer: Frontpage Server Extensions. Sold an application of FrontPage.
vermeer techy info?. vti

Sharepoint used FrontPage Server Extensions as WSS and internally FPSE was 6.0.
WSS 2.0 = FPSE 6.0

_VTI_BIN = is actually web server extensions \ 12\IASPI
These are web services that allows us to do things.

M/S.Sharepoint.dll: Everything controls/handlers are in this class.

Policy and Permissions
Both are existing. Who can do and on what?
On what can be four things: Site, List, Folders and Items.

Permissions can be given at these four levels: By default item inherits the folder perfmissions
and folder inherits the list permission, Site gets permission? from SiteRoot?.
Lower level has higher level’s permissions. Lower level can overriden as well.

No such thing as a share point user. Profiles contain information about users.
Users are supplied to sharepoint by an external party ->(ASP.NET)
In the default scenario ASP.NET -> sub contracts to Operating System.

Sharepoint users and windows users.
A possible scenario is forms authentication: CAS etg:

Principal: Supplies users. Users and Groups.
Permissions in sharepoint can be given to windows users and groups.
However sharepoint recommends to give permission to its Groups!! (not user as it doesnt have any of its own)
Each site collection has its own unique set of groups.

Make windows users and groups can be made member of sharepoint groups.
Permissions can be given to sharepoint groups.

Permission Level : Can do what: Combination of Permissions. (eg: Role_)
And give that permission level for a site list folder – this is how permissions given in sharepoint.

List permission at Site given so that user can get all permissions for list.
ManageLists or Create Sites or Add/Edit Page : Grants access to Create Page.

Site Settings Page: Permissions – for even of those actions then that only.
Only see those actions that you have permissions for…
Sharepoint development: CRITICAL to know permission levels.
Does that user have so & so permission?.

Sharepoint Designer = Frontpage Extension Protocol + SOAP, WebDAV (modified Http to talk to sharepont server)
Use remote interfaces permission is needed.

Client integration features only allow to change front-end. Use office to talk to sharepont
Export to spreadsheet will not work without it.

Associated groups are shown on left.Setup groups to change associated groups.
Use same group to give different permission at difft site levels.

Site collection administrators can remove themselves from owners list and nothing wrong happens!
Visitors can see members list
Members cant see visitor list : Read only

List is of siteurl/lists/name of list.
Views & FORMS are created per list.
3 forms are called:
NewForm.aspx add new item to list
DispForm.aspx display single from list
EditForm.aspx used to edit item to a list.

Additionally it has one or more views.Can add more views.
More forms require development.

For non library list the convetion: /siteURL/Lists/ListName/Form.aspx
Library : /siteURL/ListName/Form/FormaName.aspx

Permission on the list: View items,
Open items,
View application pages are forms and views.

To be able to see the default view of a given list: need to have 3 above.
Delete item has delete version permission

If no view then can do through add,edit,delete through web service
IF yu have no OPEN then cannot do anything!!.

ECB = Edit control block = ECB choose View item from there.
First time creating link library given no spaces in name as it creates url from that.
Later rename the link lib.

Item level permissions in :Advanced settings.
Item lelve perm avail in non lib list.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: