This document provides information about a SharePoint Saturday event in Ottawa on December 3rd, 2016. The event agenda includes topics on installing, configuring, and operating a SharePoint farm, both small and large. It also discusses SQL Server, IIS, and Windows Server configurations. Presenters will provide overviews of their experience with Microsoft technologies and SharePoint solutions. Attendees can learn about tools and resources for automating SharePoint deployment and management.

1. WELCOME
SHAREPOINT SATURDAY OTTAWA
December 3rd, 2016

2. SharePoint
On-Premises
Nirvana
TIPS AND TRICKS FOR INSTALLING, CONFIGURING,
AND OPERATING A SHAREPOINT FARM: LARGE OR SMALL

3. SPS Ottawa is made possible by our Sponsors!
Platinum
Gold
Silver
Bronze

4. Summerhays Grill
5:30 pm
1971 Baseline Road (corner of Woodroffe)
Please drink responsibly . We will be happy to call a cab for you

5. Agenda: SharePoint Nirvana
SharePoint
◦ Prepare
◦ Install
◦ Configure
◦ Operate
◦ Tune
SQL
IIS
Windows Server

6. Who Am I: John Calvert?
SharePoint / .NET solution and technical architect
Over 18 years experience developing business solutions for private
industry & government
Recent clients include StatCan, HoC, Justice Canada, NRC, NSERC,
DFAIT, CFPSA, MCC, OSFI
Specialize in Microsoft technologies
Speaker at user groups and conferences

7. Who Am I: Brian-Paul Carline?
Senior Infrastructure and SharePoint Administrator

8. CloudShare: What We Do
Specialized turnkey solutions for
specialized cloud-based IT lab applications:
Sales Enablement Dev & TestTraining

9. Ease of Use ExtensiveTemplate Library Licensing Included
Spin up a fully- configured and
customized environment in
minutes. A web browser is all you
need!
Individual SharePointVMs or pre-
configured, multi-server SharePoint
farms – we have what you need
Our SharePoint templates have
licensing built-in.One less expense.
One less thing to worry about.
Quick Environment Cloning Sharing & Collaboration Resource Management
Copy your whole environment with
a single click – even its current
memory state. Return to a clean
image in minutes.
Invite your colleagues to collaborate
on your environment – across the
office or across the world
Fully configurable policies –
including activity sensing and auto-
suspend – to save your resources
and money
CloudShare allows SharePoint professionals to build single server or multi-server SharePoint farms in minutes, at
a fraction of the time and expense of traditional setup.
o No need for expensive on premise infrastructure. No IT experience required.
CloudShare’sSharePointSolution

10. CloudShare: About Us
 Over 500 customers in 100+ countries
 Patented cloud computing technology developed with over 200
man-years of top R&D talent
 Privately held with HQ in San Francisco and R&D in Tel Aviv
With CloudShare, we have scaled the business without having
to give another thought to the platform we’re running on.
– Kevin Streater, Director of Global Training –

11. Wait: Go Cloud or Hosted!
Office 365 / SharePoint Online:
◦ Optimized topology and config
◦ Highly available, geo-replicated, and scalable
◦ Always patched / always current & cloud-only features
◦ No need for separate Office Online Server (OOS) farm
◦ Highly secure, latest encryption and configuration, BYO encryption keys
◦ Expert behind-the-scenes support team
Requires 3rd party backup & restore / DR solution
◦Multiple Office 365 services will make this complicated

12. Initial Planning
Workloads: Intranet/Internet WCM, Collaboration, Search, BI, etc?
Third-party components: Office Store vs farm solutions
Small vs large farm
Load balancing
High availability
Disaster recovery
Security
Operations

13. Small Farm
Topology
Topology is determined by:
• Budget
• Availability reqs
• Disaster recovery reqs
• Operations capacity
Requires Feature Pack 1
(Shared Roles)
Ignores Office Web Apps
Farm

14. Medium/Large
Farm Topology
Topology is determined by:
• Budget
• Feature reqs
• Availability reqs
• Disaster recovery reqs
• Operations capacity
Requires Feature Pack 1
(Shared Roles)
Ignores Office Web Apps
Farm

15. Search Topology
Topology is determined by:
• Budget
• Feature reqs
• Availability reqs
• Disaster recovery reqs
• Operations capacity

16. Farm Topology:
Workloads
Topology is determined by:
• Feature reqs
• Availability reqs
• Disaster recovery reqs

17. Prepare
Pre-reqs: AutoSPSourceBuilder
Farm and service accounts:
◦ Catrinescu model
◦ SharePoint 2013 Service Account Creator
◦ Place in custom dedicated AD OU
Separate drives for indexing, logs, and data
◦ SharePoint
◦ SQL
SP16 requires a separate install of SQL Server
◦ Can be same on server for small farm or Dev/Test
DNS, Virtual IPs

18. AutoSPSourceBuilder

19. SharePoint
Admin and
Service Accounts
Catrinescu Medium
Security Model

20. Active Directory
Use a dedicated OU
Makes it easy to find
and manage SharePoint
users, groups and
machines

21. Windows Server
Separate drive(s) for
indexing, logs, and data
• Avoid inadvertently
filling the OS drive
• Both SharePoint and
SQL Server
RAID 10
• Better write
performance and
data integrity

22. Install
Use AutoSPInstaller and AutoSPInstaller Online!
SP16 Feature Pack 1
◦ MinRole for small farms: Shared roles; Requires only 2 servers nodes not 4!
◦ Auditing of changes made in Central Admin
◦ Simply the Nov/2016 Public Update; AutoSPInstaller handles it
SP16 Distributed Cache service is a memory hog; 40% of total RAM
Multiple servers in farm?
◦ Windows sysprep and/or two-phase AutoSPInstaller

23. AutoSPInstaller
Online
Prepares an XML config
file to define the
detailed config of
SharePoint farm
including topology, and
service / web apps
Supports host-named
site collection
Wizard-like hierarchy of
options with extensive
help comments and
guidance

24. MinRole Shared
Roles
AutoSPInstaller Online

25. MinRole Shared
Roles
PSConfig

26. Multi-Server Farm with AutoSPInstaller

27. System
Preparation
Tool: Sysprep

28. Configure I
Host-named site collections
Claims authentication mode (default in CA; not in PowerShell)
Fully qualified domain names (FQDN)
Portal Reader / User service accounts
Health Analyzer rules
Set default quota templates on all web applications

29. Host-Named Site
Collections
Single web app can host
all your unique host
name sites

30. Super Reader /
Super User
Service accounts
Content caching for
publishing sites

31. Configure II
Disable Certificate Revocation List
Wake-up script first thing once per day
Use Alternate Access Mappings (AAM); work for HNSC too!
Avoid extending your web apps, except for different authentication protocols

32. AAM for HNSC

33. Large Farm Config
Multiple HNSC web app containers on port 80
◦ HNSC Group TEST
◦ HNSC Group QA
◦ Separate app pools for security
Simple
◦ One IP per web app
Less simple
◦ Single IP for all web apps
◦ Manual IIS bindings for each HNSC

34. Operate I
Use named personal AD accounts and groups
Avoid built-in Administrator account and generic / shared AD
accounts
Use web app User Policy to grant global permissions eg for admin /
bulk operations

35. Operate II
Don’t RDP to server / Use remote tools from workstation
◦ Central Admin via browser
◦ Remote PowerShell
◦ Remote IIS Manager (requires specific features enabled on remote server and
local install)
Learn and use PowerShell
Add-SPShellAdmin + AD groups = ?

36. Operate III
Patching has changed in SP16 – Everything is a “Public Update”
Auditing of changes in Central Admin (Feature Pack 1)
Use SharePoint-specific SQL database roles when appropriate
Customizations
◦ Encourage Apps / Add-Ins and client-side API integration
◦ SharePoint Framework (SPFx) is new pure web-dev approach, but not yet RTM
◦ Discourage farm solutions and code-based sandbox solutions

37. Use SharePoint-
specific
database roles
Add-SPShellAdmin
should take care of this
But if ever you need to
assign manually

38. SQL I
SharePoint (SQL) DBA is not the same as regular SQL DBA!
Read Edwin Sarmiento’s blog… All of it!
NTFS allocation unit size 64K, same for RAID stripe size
Default collation order: Latin1_General_CI_AS_KS_WS (KB2008668)
Use client alias not instance name

39. SQL Server
NTFS Allocation unit
size: 64KB
Default collation order:
Latin1_General_CI_AS_
KS_WS
Client Alias

40. SQL II
Physically separate MDF and LDF files
Don’t shrink databases
Backup compression

41. IIS
Use fully qualified domain names, portal.softwarecraft.ca
Redirect non-FQDN to FQDN
TLS 1.2 / SSL
Redirect HTTP to HTTPS;
Cross origin iFrame is a mess
◦ HTTP Module / Content-Security-Policy / X-Frame-Options

42. Cross-origin
iFrame
SharePoint injects X-
FRAME-OPTIONS:
SAMEORIGIN
Webpart used to turn
this off
Not flexible or modern,
eg Content-Security-
Policy

43. Windows Server
Performance Options > Adjust for best performance
Power Options: High performance
Page file: 1.5 times RAM
Minimal / No desktop
Turn off deprecated protocols and cipher suites

44. Windows Server
“Maximize”
performance

45. Tools, part I
Notepad++
ULS Viewer
Sysinternals Suite
PowerShell ISE / PowerGUI / Visual Studio PowerShell Extension
Remote Desktop Connection Manager v2.7 or BP’s favourite tool
SharePoint Manager 2013

46. Tools, part II
Farm solutions:
◦ Lapointe SharePoint PowerShell cmdlets
◦ Catrinescu Host-Named Site Collection Creator
◦ Havivi SharePoint Property Bag Settings
Specialized:
◦ Claims to Windows NT Token Tester (C2WTS)

47. Lapointe
PowerShell
cmdlets
And more than shown,
eg Export-SPTerms,
Import-SPTerms, etc

48. Host-Named Site
Collection
Creator tool
Does not handle
alternate access
mappings for HNSC
Use PowerShell cmdlet
Set-SPSiteUrl for that

49. Property Bag
Settings
Only string data type
Open source, improve it
yourself!

50. Claims to
Windows NT
Token Tester
Verify that the Claims to
Windows Token Service
(C2WTS) is working
correctly

51. Summary
Core config and common work loads
Did not discuss advanced workloads, eg BI, eDiscovery
Automate, simplify, and standardize your farm config and operations with
community tools

52. Other Links
Vlad Catrinescu Pluralsight courses on SharePoint 2016 architecture and deployment
Gokan Ozcifci presentations on SharePoint architecture and performance tuning
Edwin Sarmiento blogging on SQL architecture and high availability for SharePoint
Serge Luca presentation on SharePoint high availability and disaster recovery
Stefan Goßner blog on patching and operations

53. Contact Us
John Calvert, Chief Architect, Software Craft, Inc.
john at softwarecraft dot ca
softwarecraft dot ca
at softwarecraft99
Brian-Paul Carline
bpcarline at outlook dot com

54. CloudShare: Our Technology
• Virtual environments that capture everything in the modern IT
workspace:
• Software, servers, memory, and storage state
• Networking, appliances, and on-premise tools
• Complex networking support that allows networks to work on-cloud
exactly as they do on-prem
• Environment access technologies designed to eliminate IT complexity:
• Full environment clones with no performance degradation
• Live sensing at user and network level
• Firewall-friendly access in-browser/using all protocols
• Robust RESTful API covering all application capabilities
• Hypervisor and hardware agnostic