2

Microsoft Office SharePoint Server 2007: Administrative Architecture, Deployment, and Operations FundamentalsShane Young, MVP Todd Klindt, MVPPresident ConsultantSharePoint911 Solanite, Consulting

Session Code:OFC362

3

Who Am I?

Shane YoungOwner of SharePoint911.comMicrosoft Office SharePoint Server MVPConsultant, Trainer, Writer, & Speaker

shane@sharepoint911.comBlog

http://msmvps.com/shaneSharePoint Consulting

http://www.sharepoint911.comSharePoint Training

http://www.tedpattison.net

WSS MVP since 2006Speaker, writer, consultant, AquariusPersonal Blogwww.toddklindt.com/blogCompany web sitewww.solanite.comE-mailtodd@solanite.com

President of the Shane Young Fan Club on Facebook

Who is this Todd guy?

5

Agenda

Farm topologiesInstall roadblocksAccounts and permissions

6

Topologies

SharePoint scales from a single server install all the way to very large farms of serversUses assignment of roles to span multiple servers

7

Keep in mind

Servers have rolesWebQuery, Index, CalculationDB Server

Farms have relationshipsAuthoring PublishingDev, Test, ProductionSSP

8

SharePoint Containment

9

Web Front End Role

Called WFEProvides the web interfaces for the users1 to 8 servers with this role per farmVery little disk storage usedScaling seems to stop at 5 for collab

10

Index Role

Crawls and indexes the content1 Index per Server1 Index per SSPIndex Files = 5% - 12% of crawled content

1% - 5% typical if only crawling SharePointDatabase Storage = 4 x Index Files 50 Million item limit per

11

Query Role

Server that responds to user Search requestPhysical storage = 2.8 x IndexNo hard limit on number of serversScale stops at 7

12

Excel Calculation Role

In MOSS Enterprise farm this server does handles calculating Excel WorkbooksAlso called Application ServerRendering components live on WFEsCalculation engine moved to own serverNo limit to number of serversSizing very complex

13

Topologies

Spread the roles out across as many servers as you need and have at it.No restrictions

14

Single Server Farm

15

Small Farm

16

“Medium Farm”

Considered Minimum High Availability Topology

17

A Possible Large Farm

32 bit vs. 64 bit

Both supported and availableFarm - Same role, same architectureThis is the last 32bit versionUse 64 bit if needed to support > 4GB of RAMSome 3rd parties do not support 64bit

19

Assess

Determine organization-specific data, enter into tool

Recommend

Inputs analyzed, best-fit topology Recommended

Simulate

Run Simulations-”What If” analysis

Report

Report is Generated in Excel/Visio format (summary or detail)

SharePoint Capacity Planning ToolSolution Concept

microsoft.com/technet/SolutionAccelerators

20

Don’t choose Basic!

Unless you want to use SQL Express and Local System Account

21

Server Type•Complete – Used 99.9% of the time. Installs all components and gives you complete configuration flexibility. •Web Front End – Only installs web components of MOSS. Doesn’t give you the option of later hosting other roles. No Flexibility = bad.•Stand-alone – Exact same as previous slide choosing basic. Refer to that slide if you are tempted to use.

22

Install Accounts

First choice – 1 account for everything or account isolation (multi account)

Account isolation has lots of challengesSecond Choice – NTLM or Kerberos

23

Accounts you will need (MOSS)

Setup User Account * – Used for running install and to admin serverServer Farm Account * – Central Admin App Pool Account, Timer Service AccountSSP App Pool Account SSP Service Account – All SSP services and jobsMOSS Search Account – Used by search service. Also become default content access account for search. You can change from the SSP level

* Account needed for WSS

24

More accounts (MOSS)

WSS Search Service Account * – Used by the help system crawler WSS Search Content Account * – Used to access the data by the help system crawlerApplication Pool Identities * – The account used to access the content databases for the web app. Also account for w3wp.exe

* Account needed for WSS

25

NTLM vs. Kerberos

Kerberos is generally preferredNo double hop problemMore secureLess authentication traffic

DownsideRequires extra work to setupDomain needs to be in order (Server time off by > 5 minutes and auth fails)

26

SetSPN.exe

Used to define Service Principal Names (SPN)An SPN is a multi valued attribute stored in AD for users.Services just know how to use them to request a ticketExample SPN = HTTP/server.domain.com

27

Account Setup Before Install

Single account install – Make account local admin on all boxesSecure multi account Install

Setup Account – Domain User, Local admin on all servers you install MOSS on, SQL Server login with SecurityAdmin and dbcreator roles. All other accounts – Domain User. Setup/config will automatically grant necessary rights.

28

Q & A

www.microsoft.com/teched Tech·Talks Tech·Ed BloggersLive Simulcasts Virtual Labs

http://microsoft.com/technet

Evaluation licenses, pre-released products, and MORE!

Resources for IT Professionals

Complete anevaluation onCommNet andenter to win!

1 Year Subscription!

31

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED

OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.