SharePoint 2010 - Tips and Tricks of the Trade - Avoiding Administrative Blunders

680 views

Published on

Federal SharePoint Users Group
FEDSPUG
1 November 2012

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
680
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • The trimauditlog command was introduced in the Infrastructure Update
  • SharePoint 2010 - Tips and Tricks of the Trade - Avoiding Administrative Blunders

    1. 1. Avoiding Administrator Blunders Scott Hoag and Dan Usher#FEDSPUG #Blunders
    2. 2. who am I?#FEDSPUG #Blunders
    3. 3. who’s that other guy? Dan Usher usher#FEDSPUG #Blunders
    4. 4. #FEDSPUG #Blunders
    5. 5. about you#FEDSPUG #Blunders
    6. 6. rules of the road#FEDSPUG #Blunders
    7. 7. #FEDSPUG #Blunders
    8. 8. creating orphans#FEDSPUG #Blunders
    9. 9. permissions management Permissions… Permissions! Permissions! Permissions! Permissions!#FEDSPUG #Blunders
    10. 10. publish#FEDSPUG #Blunders
    11. 11. the recycle bin#FEDSPUG #Blunders Manage the Recycle Bin of a site
    12. 12. testing workflows as a deity > stsadm –o setproperty –pn declarativeworkflowautostartonemailenabled –pv true#FEDSPUG #Blunders declarativeworkflowautostartonemailenabled (Property
    13. 13. deleting the wrong item#FEDSPUG #Blunders
    14. 14. #FEDSPUG #Blunders
    15. 15. tune your analytics Dataset Characteristics Value SharePoint components 30k Unique users 117k Unique queries 68k Unique assets 500k Reporting DB data size? 511TB per years 73TB per 7day 200GB for year#FEDSPUG #Blunders Capacity requirements for the Web Analytics Shared Service in SharePoint
    16. 16. permissive file handling > $webApp = Get-SPWebApplication("http://intranet.contoso.com") > $webApp.AllowedInlineDownloadMimeTypes.Add("application/pdf") > $webApp.Update()#FEDSPUG #Blunders
    17. 17. running in circles KB896861#FEDSPUG #Blunders DisableLoopbackCheck & SharePoint: What every admin and developer should
    18. 18. pausing IIS#FEDSPUG #Blunders
    19. 19. lost passphrases > $passphrase = ConvertTo-SecureString -asPlainText -Force > Set-SPPassPhrase -PassPhrase $passphrase -Confirm TechNet CodePlex#FEDSPUG #Blunders
    20. 20. certificate revocation list <psuedocode> if (!server.HasInternetConnectivity()) { server.DisableCRLCheck(); } </psuedocode> SOFTWAREMicrosoftWindowsCurrentVersionWinTrustTrust ProvidersSoftware Publishing#FEDSPUG #Blunders Certificate Revocation List Check and SharePoint 2010 without an Internet
    21. 21. #FEDSPUG #Blunders
    22. 22. not enough service accounts#FEDSPUG #Blunders
    23. 23. primary service accounts Account Purpose Requirements SQL Server Runs SQL Server • Domain user account • No rights in SharePoint Setup Account Installs the bits and performs initial • Domain user account configuration • Member of Local Admins on each server in the farm • securityadmin and dbcreator on SQL instance Farm Account Used for configuring and managing • Domain account the farm and runs primary services • Additional rights are automatically (e.g. SPTimerV4) granted as part of installation (both server and SQL)#FEDSPUG #Blunders
    24. 24. other service accounts Account Purpose Requirements MySites Application Worker process identity for MySites • Domain user account Pool • Managed account Content Application Worker process identity for Content • Domain user account Pool web applications • Managed account Services Worker process identity for Service • Domain account Application Pool Application Pools • Managed account Search Service Process identity for SharePoint • Domain account Process Foundation (Help) search service • Managed account and SharePoint Search service Search Service Used to crawl content specified in • Domain account Default Content content sources Access User Profile Import Account used to import (and • Domain account Account optionally export) user data from an • Replicate Directory Changes in AD identity store#FEDSPUG #Blunders
    25. 25. still more service accounts Account Purpose Requirements Object Cache Processes items in the object cache • Domain user account Super User of a web application • Managed account • Full Control User Policy on target web application(s) Object Cache Processes items in the object cache • Domain user account Super Reader of a web application • Managed account • Full Read User Policy on target web application(s)#FEDSPUG #Blunders
    26. 26. running the farm configuration wizard#FEDSPUG #Blunders
    27. 27. #FEDSPUG #Blunders
    28. 28. sandboxed solutions… HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTRPC HKEY_USERSAccountSIDSOFTWAREMicrosoftWindowsCurrentVersionWinTrustTrust ProvidersSoftwarePublishing#FEDSPUG #Blunders
    29. 29. managing managed paths#FEDSPUG #Blunders
    30. 30. trim your (audit) logs > stsadm -o trimauditlog –date 20120502 –databasename SP2010_Content_FEDSPUG#FEDSPUG #Blunders
    31. 31. #FEDSPUG #Blunders
    32. 32. questions#FEDSPUG #Blunders
    33. 33. find us @ciphertxt @usher dan@spdan.com scott.hoag@appliedis.com http://www.spdan.com http://www.psconfig.com#FEDSPUG #Blunders

    ×