Professional Documents
Culture Documents
Presented by:
Microsoft ®
SharePoint 2003
UNLEASHED
Second Edition
Colin Spence
Michael Noel
Every effort has been made to make this book as complete and as accu- Interior Designer
rate as possible, but no warranty or fitness is implied. The information Gary Adair
provided is on an “as is” basis. The author and the publisher shall have
neither liability nor responsibility to any person or entity with respect to Cover Designer
any loss or damages arising from the information contained in this book. Aren Howell
Page Layout
Bulk Sales Nonie Ratcliff
Sams Publishing offers excellent discounts on this book when ordered in
quantity for bulk purchases or special sales. For more information,
please contact
International Sales
international@pearsoned.com
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 89
• Engaging in a Successful
Planning and Designing Design and Implementation
Process
the SharePoint • Software Design Decisions
Experience with the SharePoint 2003 product line over Users a Server Can Support
the last several years has shown conclusively that planning • Providing Secure Access to
and design efforts as well as a well-structured implementa- SharePoint 2003 Sites
tion process are required for successful implementations.
Figure 4.1 shows a sample methodology that, if followed, greatly enhances the success of
the SharePoint 2003 implementation project.
Discovery Design
Testing
Implementation
• Project sponsor
• Project manager
• Technical lead
• Key stakeholders
• Departmental managers
• Solutions architect
Depending on the scope of the project and the skill sets and experience levels of the team
members with SharePoint 2003, it may be prudent to bring in outside assistance. Chances
are the individuals involved already have hefty workloads and cannot dedicate their time
to the SharePoint 2003 project. Bringing in an outside firm or “new blood” can be advan-
tageous on a number of levels. The new talent will have experience with other companies
that have gone through similar implementations and will have experience with different
types of organizations and the challenges they encountered.
At the early stages of the SharePoint 2003 project, these individuals are dedicated to the
discovery process, are not constantly distracted by their day-to-day IT management or
support responsibilities, and are less likely to be affected by political situations or power
struggles within the company.
TIP
Look for firms and individuals with recent experience designing and implementing SharePoint
4
2003 solutions for companies the same size or larger to ensure that they are familiar with the
latest version of SharePoint 2003 and related products, such as antivirus, backup, management,
and customization tools and utilities. Working with consulting firms or contractors who have
experience with companies in similar lines of business (such as retail, manufacturing, banking, or
nonprofit) is also a bonus.
Key stakeholders and resources from within the company should stay involved with the
project, from discovery through design and testing. During the discovery process they
bring their years of experience with the technology ecosystem to the table and add
perspective to the information gathered. As the project moves forward, these individuals
can be involved in the many decisions that need to be made and learn about the key
features and capabilities of SharePoint 2003 so that they can support the end solution.
Ideally the following information should be available before starting the design and plan-
ning sessions:
• Server inventory information including which applications live on which server and
where the data resides
• Desktop and laptop inventory information, including operating systems in use and
productivity software such as Microsoft Office products
• A list of business goals and expectations for the SharePoint 2003 project
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 92
Additional tasks that should take place and information that should be clarified during
the discovery and design processes are as follows:
• Clarify who uses what types of data (what file types are used besides the standard
word processing and spreadsheet files, such as .pdf, .ppt, or .vsd files).
• Clarify how users access data (do they actually use the VPN, the intranet, or other
vertical market applications that may be in place).
• Better understand areas of growth in the organization to better plan the SharePoint
2003 infrastructure.
• Build enthusiasm for the project by sharing information on the capabilities of
SharePoint 2003 and through a display of the competence of the team created to
drive the project.
Documents created during the discovery process will prove helpful later in the process.
Having a good record of the information gathered on the hardware and software in use,
the business processes affected, and the meeting minutes can be invaluable later in the
process. When it comes time to actually create SharePoint 2003 sites for the different
groups and departments in the enterprise, these notes on their requests and expectations
are helpful. The following is a summary list of the documents that should be created
during the discovery phase:
• The design document (how the hardware and software will be configured)
4
which will affect the goals for the project.
When defining the project goal, try to include a wider range of discussion topics to
ensure that the discussion is thorough:
• High-level business goals that SharePoint 2003 will help the company meet (such as
better products being developed, delivery of services that better meet the clients’
needs)
• Document management goals that the SharePoint 2003 sites will need to meet (such
as moving existing data from NT file servers to SharePoint 2003 document libraries)
• Collaboration goals that SharePoint 2003 will help the organization achieve (such as
enhancing teamwork through the use of discussion boards and meeting workspaces)
• Budget constraints broken down by what is available for hardware, software, and
labor services
• Timeline for the project broken down into the phases—for example, pilot testing
and then a phased implementation that includes training
• Division of labor for the project phases, focusing on which internal resources will be
used and whether external resources will be needed
• Training and support goals (for example, a “train the trainer” type of implementa-
tion where the departmental administrators receive training during the implementa-
tion and then are responsible for training their users)
The following sections approach standard design decisions confronted by most organiza-
tions during the design process.
• Windows SharePoint Services provides the core document management and collabo-
ration functionality and is a free add-on feature pack to Windows Server 2003.
Windows SharePoint Services allows the creation of websites and site collections
that include document libraries, lists, document workspaces, meeting workspaces,
discussion boards, surveys, and Web Part pages, and supports the use of alerts and
templates.
• Windows SharePoint Services requires only the purchase of Windows Server 2003
Client Access Licenses (CAL), whereas SharePoint Portal Server 2003 requires the
addition of SharePoint Client Access Licenses.
• Windows SharePoint Services can use Microsoft SQL Server 2000 Desktop Engine
(Windows) (WMSDE) databases or SQL Server 2000 databases, whereas SharePoint
Portal Server 2003 uses Microsoft SQL Server 2000 Desktop Engine (MSDE) or SQL
Server 2000 databases. SQL Server 2000 requires the purchase of server software and
Client Access Licenses.
Essentially, Windows SharePoint Services is a great place to start for an organization that
sees the benefits the SharePoint 2003 technology can bring in the areas of document
management and collaboration but needs to prove the concept internally before allocat-
ing the budget needed for SharePoint Portal Server 2003.
SharePoint Portal Server 2003 requires the purchase of the SharePoint Portal Server 2003
software as well as Client Access Licenses and so will be more expensive.
SharePoint 2003, and is well suited to a SharePoint 2003 solution that supports existing
network users. In Active Directory Account Creation mode, accounts are automatically
created in the Active Directory organizational unit (OU) specified. This makes it a better
choice for organizations that will allow many external nonemployees to access the
SharePoint 2003 environment because the administrative staff won’t need to manually
create many new accounts in the domain. For example, an Internet service provider would
choose this configuration, or a nonprofit organization that wants its members to have
access to SharePoint 2003 sites to share and access information.
NOTE
When external users access a Windows SharePoint Services or SharePoint Portal Server 2003 site,
the organization responsible for the configuration needs to make sure that licensing require-
ments are being met. Microsoft offers a SharePoint Portal Server 2003 External Connector
License, which enables an unlimited number of nonemployees to access SharePoint Portal
4
Server 2003.
The choice needs to be made prior to the installation of the Windows SharePoint Services
software. To run Windows SharePoint Services in Active Directory Account Creation
mode, the SharePoint 2003 servers must be members of a Microsoft Windows 2000 or
Microsoft Windows Server 2003 domain.
NOTE
Active Directory Account Creation mode is not supported when you install Windows SharePoint
Services on a domain controller.
Administering an Active Directory Account Creation mode SharePoint 2003 server has
some limitations and requires the use of command-line tools for the following:
For all but the most complex implementations, Windows Server 2003 Standard Edition
should suffice because web farms can be created to split the different functions between
multiple servers. Windows Server 2003 Enterprise does support more processors and
greater amounts of RAM and clustering, so may be needed in some configurations.
Windows Server 2003, Web Edition, is designed for deploying web pages, websites, web
applications, and web services. Windows Server 2003, Web Edition, can be used to install
web server software (for example, IIS) and web availability management software (for
example, Microsoft Application Center), but installations of non-web serving applications
are prohibited.
In addition, the Web Edition cannot host the database in Windows SharePoint Services or
SharePoint Portal Server 2003 installations, so the remotesql=yes parameter must be used
during installation. The Web Edition does make sense to use as a front-end web server in
a SharePoint 2003 server farm, and this can help control the costs of the Windows Server
2003 licenses required for a larger implementation.
4
NOTE
SharePoint Portal Server 2003 is supported only on servers that are members of a Microsoft
Windows NT 4.0, Windows 2000, or Windows Server 2003 domain.
You must install and operate SharePoint Portal Server 2003 in a domain environment. Installing
and operating SharePoint Portal Server 2003 in a workgroup environment is not supported.
TABLE 4.2 Windows Small Business Server 2003 Versions Feature Comparison
Product Standard Premium
Windows Server 2003 ● ●
Windows SharePoint Services ● ●
Microsoft Exchange Server 2003 and Outlook 2003 ● ●
Microsoft Shared Fax Service ● ●
Microsoft SQL Server 2000 ●
Microsoft Internet and Security Acceleration (ISA) Server 2004 ●
Microsoft Office FrontPage 2003 ●
There are some limitations with the versions of the products included in the bundles,
including
• One domain—You can have only one domain on a Small Business Server network.
In addition, this domain must be the root of the forest.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 98
In addition, the server applications that come with the product must be installed on the
same physical machine, if they are installed at all. The only exception is that FrontPage
2003 may be installed on a single client computer in the Windows Small Business Server
2003 network.
The products are offered at competitive price points and may be well suited for an organi-
zation seeking to experiment with Windows SharePoint Services and SQL Server 2000,
and ISA Server 2004. Having a FrontPage 2003 license is also handy when customizing the
Windows SharePoint Services environment.
NOTE
Windows SharePoint Services and SharePoint Portal Server 2003 do not work with previous
versions of SQL Server, such as SQL 7.0.
The decision between which version of the SharePoint products to install depends on
several issues:
• Is the SharePoint 2003 installation for testing or production purposes? If it is just for
testing purposes MSDE or WMSDE may be a viable choice because there is no addi-
tional cost for their use.
• Will the SharePoint 2003 databases grow beyond 2GB and need to support more
than 10 active and complex websites? If so, SQL Server 2000 is the recommended
product.
• Does the organization already own SQL Server 2000 Client Access Licenses? If so,
the overall cost of SQL 2000 will be reduced.
• Will the database grow beyond 2GB? Oddly enough, Windows SharePoint Services
and WMSDE do not have the 2GB size limitation of SharePoint Portal Server 2003
and MSDE.
The Windows SharePoint Services Administration Guide recommends using SQL Server
rather than WMSDE if more than 10 “active and large” websites will be used.
NOTE
When SharePoint Portal Server 2003 is installed on a domain controller, the MSDE database
option is not supported.
4
With SQL Server 2000, Microsoft offers three different licensing models. The first is a
processor-based licensing model where the number of clients or user connections may
vary or not be tracked. This licensing allows for unlimited client connections, and one
license needs to be purchased per processor in the server. This option can be a better
investment for larger organizations, or for organizations supporting remote users who are
not employees of the company.
Two other licensing options are also available: Server plus device CALs, and server plus
user CALs. The server plus device CALs options is designed for scenarios in which there
are multiple users per device (for example, kiosks or environments where there are a
limited number of PCs), whereas the server plus user CALs option is designed for scenar-
ios in which there are multiple devices per user (for example, a desktop, laptop, and
home PC for one user).
For larger organizations that may be clustering SQL 2000 servers, the licensing is affected
by the decision to use active/active or active/passive clustering. For active/active cluster-
ing, all processors in all servers need to be licensed, whereas in active/passive clusters,
only the active processors/servers need to be licensed (assuming that the passive servers
don’t have more processors than the active servers when the per-processor licensing
method is being used). So the organization needs to weigh the costs of different options
to make sure that the most cost-effective licensing method is used.
Both the Standard and Enterprise Editions of SQL Server provide native support for XML
by using SQLXML v.3.0, which also includes extensions to the .NET Framework. Several
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 100
other SQL Server 2000 enhancements render it an excellent database for SharePoint 2003
data, including
The primary differences between the Enterprise and Standard Editions involve scalability
and availability:
• SQL Server 2000 Enterprise (64-bit) Edition works with Windows Server 2003
Enterprise Edition or Windows Server 2003 Datacenter Edition and scales up to 64
processors and up to 512GB of RAM.
• SQL Server 2000 Enterprise Edition works with Windows Server 2003 Standard,
Enterprise, or Datacenter Editions and supports up to 32 processors and up to 64GB
of RAM.
• SQL Server 2000 Standard Edition works with Windows Server 2003 Standard,
Enterprise, or Datacenter Editions and supports up to 4 processors and up to 2GB
of RAM.
SQL Server 2000 Enterprise Edition provides some features that the Standard Edition does
not, including distributed partitioned views, parallel index creation, parallel scan, parallel
Database Consistency Checker (DBCC), and log shipping. SQL Server 2000 Enterprise
Edition also supports failover clustering, whereas SQL Server 2000 Standard Edition does
not. These more advanced capabilities may be required by organizations with multiple
large SQL Server 2000 databases and with more advanced redundancy and fault tolerance
needs.
MSDE is designed to be a limited, database-only version of SQL Server but is “free” in that
a server license does not need to be purchased, and CALs aren’t needed for access to the
data stored in the database. MSDE supports a maximum of five concurrent users before
performance slows, supports a maximum of two processors, does not provide any admin-
istrative tools, and limits the database size to 2GB.
However, the version of MSDE that ships with Windows SharePoint Services is referred to
as WMSDE, and it does not have the five-user limitation, nor is it limited to a 2GB data-
base size.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 101
Fortunately, the choice of database is not final; the MSDE or WMSDE database can be
upgraded later to SQL 2000 in one of two ways:
• Migrate the content databases to a server farm running SQL Server and Windows
SharePoint Services.
If you are installing SharePoint Portal Server on a domain controller, you must install
without the database engine. When installing on a domain controller, the option to
install with the database engine is not available.
4
cate for the SharePoint 2003 servers. This is both an art and a science and requires an
understanding of the immediate and future needs of the company: How much data will
be managed and how it will be accessed, who will support the environment, and what
redundancy and service levels are expected by the user community. Understanding the
budget before spending a lot of time crafting the ideal configuration can be a good idea.
Designing the ideal load-balanced web farm with clustered SQL 2000 servers may be a
waste of time if the budget can only afford a single server.
Some key questions to answer before the specifics are addressed include
• Is there an existing budget that the SharePoint 2003 hardware must fit within? The
answer is almost always yes, and the number should be clarified early in the plan-
ning process.
• Will there be a proof of concept, development, testing, or other type of lab in addi-
tion to the production SharePoint 2003 configuration? Many organizations require
that a testing lab be kept in place for the development of new applications and for
testing NOS patches and upgrades. So, in some cases, two or more complete
SharePoint 2003 infrastructures need to be budgeted for.
• How much existing data will be moved to the SharePoint 2003 implementation
within the first six months?
• How many users will access the SharePoint 2003 sites within the first six months?
The site may be rolled out to a small pilot group at first, but then be opened up to
thousands of users, so it’s important to know the number of users who need to be
supported.
• What level of growth of both users and data will the SharePoint 2003 solution need
to support? If the organization experiences dramatic growth or acquires other
companies, the SharePoint 2003 solution may need to be crafted to handle dramatic
growth of data and the number of users who will access it.
• How will the users access the SharePoint 2003 sites? Will all the traffic be over the
LAN, WAN, Internet, VPNs, via Thin Client, and so on?
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 102
TIP
If possible, budget for a development Windows SharePoint Services or SharePoint Portal Server
2003 server. This provides a safe place to experiment with different configurations, templates,
Web Parts, and third-party add-ons. The production portal or site collections can be restored to
the development server as needed for a “poor man’s” fault tolerant solution as well.
The basic hardware recommendations from Microsoft for Windows SharePoint Services or
SharePoint Portal Server 2003 are as follows:
• 512MB of RAM
• 550–575MB of available hard disk drive space. Windows SharePoint Services and
SharePoint Portal Server 2003 require the NTFS file system.
Of course, this recommendation does not meet the needs of most environments for
production implementations. The following recommendations reflect the hardware
configurations used for different levels of implementations: from prototype and testing to
medium-sized server farms.
The section “Calculating the Number of Users a Server Can Support” later in this chapter
discusses the number of users that different configurations can support based on level
of usage.
A single server configuration typically uses Windows Server 2003 Standard and Windows
SharePoint Services with WMSDE or SharePoint Portal Server 2003 with MSDE. In a proof
of concept or prototype configuration, the server should offer enough processing power
and RAM to provide the level of performance the end users consider acceptable in a
production environment.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 103
The recommendation for a single server configuration for testing purposes is as follows:
• Two 36GB 10RPM hard drives (RAID1 mirrored drives for the NOS and SharePoint
2003 software) two 73GB, 10K RPM hard drives and RAID controller (RAID1
mirrored drives for the database); (Drive capacities vary based on server model and
business requirements.)
• Two 100MBPS or Gigabit network cards (as supported by the infrastructure in place)
4
• Virus protection software
The recommendation for a single server configuration for production purposes follows:
• Two 36GB 10K RPM hard drives (RAID1 mirrored for the NOS and SharePoint 2003
software) and three 73GB, 10K RPM hard drives and RAID controller (RAID5 drive
array for the database); (Drive capacities vary based on server model and business
requirements.)
• Two 100MBPS or Gigabit network cards (as supported by the infrastructure in place)
If the server is being used for testing purposes only, a single processor, 1GB of RAM, and a
four-drive configuration will generally suffice. If the budget is available, consider upgrad-
ing the system by adding an additional processor, more RAM, and more drives, and use
RAID5 for the database rather than RAID1 for more fault tolerance.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 104
CAUTION
Existing test machines can certainly be used for testing SharePoint 2003 sites, for smaller organi-
zations and tight budgets. Due to the relatively low cost of a new machine, however, it is
recommended to purchase a new system for performance and reliability purposes. Using a two-,
three-, or four-year old server system with a slow processor; slower or insufficient RAM; and
slower, smaller hard drives can detract from the success of the testing process by providing
slower performance to the testing community. Older systems are more prone to hard drive fail-
ures, power supply failures, and controller failures, which tend to happen at inopportune times,
such as in the middle of a key demonstration.
SharePoint Portal Server 2003 server farms are more flexible, due to SharePoint Portal
Server 2003’s more complex design. With SharePoint Portal Server 2003, the web compo-
nent, index component, search component, job server, and database functionalities can
be distributed for much more complex configurations. This provides the design team with
more flexibility when designing the implementation and ability to grow the farm based
on requirements.
In a server farm environment, the front-end web servers contain only the files and
settings required to route requests from clients to the appropriate sites in the database.
All site content and all configuration data are shared on all front-end web servers in a
server farm. To get the best performance and to facilitate recovery in the event of hard-
ware failure, Windows SharePoint Services or SharePoint Portal Server 2003 should be
configured identically on all the front-end web servers in the server farm.
This configuration assumes that a higher level of performance is required by the user
community, that the budget will cover the additional hardware and software required,
and that the server farm may grow in the future.
• Single or dual Intel Xeon 3.0 GHz with 1MB cache processors
• Two 36GB, 10K RPM hard drives (RAID1 mirror pair); (Drive capacities vary based
on server model and business requirements.)
4
The database server would be similar, but with more hard drive expansion capability and
a RAID controller, with room for two more hard drives.
The following is the recommended configuration for a SQL Server 2000 database server:
• Two 36GB 10K RPM hard drives (RAID1 mirrored for the NOS) and three 73GB, 10K
RPM hard drives and RAID controller (RAID5 drive array for the database); (Drive
capacities vary based on server model and business requirements.)
• Two 100MBPS or Gigabit network cards
A medium server farm is considered to have two dedicated front-end web servers, one
index and job server, one or more SQL 2000 servers, and can include one or more
Windows SharePoint Services farms.
A server farm is considered large when the search and indexing functions are broken out
to dedicated servers, with a recommended maximum of four index servers and four search
servers.
• Round-robin DNS can be used as well: One server IP address is handed out and is
then moved to the end of the list. When the next request arrives, the next server IP
address is handed out and then it moves to the end of the list.
• Hardware load balancing, such as the Cisco Content Server Switch product line,
which requires the purchase of hardware devices but provides a higher level of
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 107
performance and scalability and additional features for the optimization of perfor-
mance and management tools.
4
SharePoint 2003 design. Geographically diverse organizations may require a separate
portal at each location and allow searching between the different portals. Or these organi-
zations may simply create one central location, upgrade their WAN connections and
Internet connections, and maintain a single SharePoint 2003 configuration at the
company headquarters or data center.
Multiple portals can be implemented for a number of additional reasons. Many compa-
nies choose to create multiple portals for security reasons. Even though SharePoint 2003
technologies offer advanced security features, it may be a good business decision to create
separate portals with different management resources, different users, audiences, search
and index scopes, and structures for different divisions, or components of the company.
This minimizes the chance that human error might accidentally give access to classified
information.
Having separate portals can make sense from a fault tolerance standpoint because a portal
structure can be backed up and restored using the standard SharePoint Portal Server 2003
Backup and Restore utility. When databases get beyond a certain size, the amount of time
it takes to restore a portal site may exceed the Service Level Agreements (SLAs) offered to
the user community, so multiple portals each with its own set of databases may be
required. Security is a major concern to many organizations, and separating data from
different departments or divisions by providing separate databases may be a requirement.
This can also be accomplished by configuring a virtual server to connect to different
content databases.
Organizations may decide to create one or more portals for internal users, and one or
more portals for customers or external partners to use. This design can enhance the level
of security by locating the “exposed” portal(s) in a DMZ (demilitarized zone). If Account
Creation mode is used, a dedicated portal must be set up for this purpose.
A point to clarify is that each portal requires its own virtual server in IIS but does not
necessarily require its own dedicated server system. In addition, each server farm can
support up to 15 portal sites, if it is not part of a shared services environment. If the
server farm provides or uses shared services, up to 64 portal sites can be configured by
default, or up to 100 portal sites with registry changes.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 108
• User profiles—When user profiles are shared, the parent portal site shares the infor-
mation from the profile database with the child server farm(s).
• Audiences—The parent portal site manages audiences for the child server farm(s).
• Search—The parent portal site provides search services to the child server farm(s).
• Alerts—Help users track changes to content that affect their everyday work. Users
can choose to be alerted to changes in search queries, areas, files, and folders.
• Single sign-on service—An authentication process that permits a user to enter one
name and password to access multiple applications.
When a server farm is configured to provide shared services, all other portal sites on that
server farm become child portal sites. The parent server farm and the child server farm
must be running the same version of SharePoint Portal Server in the same language, and
the parent server farm and child server farm must belong to the same domain or trusted
domain. In addition, the parent and child server farms cannot have a firewall between
them, so both need to be on the intranet, on the extranet, or in a DMZ.
CAUTION
After you configure the server farm to provide or use shared services, you cannot undo the oper-
ation. Some services and scheduled tasks in the child server farm need to be turned off before
you configure the server farm to use shared services. These services and tasks include the
Microsoft SharePoint Portal Server Search service (SharePointPSSearch), search schedules, profile
import, and the audience compilation schedule.
Internet Information Services (IIS) limits the number of websites (referred to as virtual
servers in SharePoint parlance) running on one server to 64. To create more than 64
websites on a front-end web server in a server farm that provides or uses shared services,
the registry needs to be modified, which can be a risky process and is not recommended.
This process is outlined in the SharePoint Portal Server 2003 Administrator’s Guide.
For small, medium, and large server farm deployments, the component for backward-
compatible document libraries and SQL Server 2000 cannot be installed on the same
computer.
4
The Windows SharePoint Services 2.0 Administrator’s Guide provides a definition of
different levels of user activity and also provides information on the number of users who
can be supported by different web servers and database server combinations.
Per the Windows SharePoint Services 2.0 Administrator’s Guide, a general rule of thumb
can be used:
• One transaction per second maps to 1,000 users. This rule of thumb is derived by
applying the following model for user behavior:
• 100 seconds per request per user (36 requests per hour per user)
• One transaction/second
The user model for Windows SharePoint Services has two variables:
• Concurrency—The maximum percentage of the total user base who will be using
the system simultaneously. The Windows SharePoint Services models all use 10%
concurrency.
• Request rate—The number of requests per hour an active user generates on average.
Windows SharePoint Services uses four models for user behavior:
• Light—Twenty requests per hour. An active user generates a request every 180
seconds. Each response per second of throughput supports 180 simultaneous users
and 1,800 total users.
• Typical—Thirty-six requests per hour. An active user generates a request every 100
seconds. Each response per second of throughput supports 100 simultaneous users
and 1,000 total users.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 110
With these assumptions, Table 4.4 lists the number of users who can theoretically be
supported by different server configurations. It is important to note that the data
provided was generated by using automated load-generation tools, not actual users.
Figure 4.2 shows a graph of the transactions per second as they relate to the number of
web servers and database servers. Information was not provided in the Windows
SharePoint Services 2.0 Administration Guide for the number of transactions per second
for the eight web servers by two database-servers configurations.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 111
500
450
400
Transactions Per Second
350
300
250
200
150
100
4
50
0
Single 1 by 1 2 by 1 3 by 1 4 by 1 6 by 1 8 by 1 8 by 2
Server
Server Farm Configuration (Web Servers by Database Servers)
Mix
Read
From Figure 4.2, it is clear that adding more than four web servers does not produce
significant improvement. Adding a second database server dramatically improves the
number of read transactions. Data was not provided for the results of a mixed read and
write test of two databases.
• Web servers—Compaq DL360s with two 1GHz Pentium 3 processors and 1GB of
memory, running a prerelease version of Microsoft Windows Server 2003, Enterprise
Edition, build 3718
• Database Servers—Compaq DL380s with two 1GHz Pentium 3 processors and 2GB
of memory, running Microsoft SQL Server 2000 SP2 and a prerelease version of
Windows Server 2003, Enterprise Edition, build 3718
A simplistic interpretation of this data suggests that a single system running Windows
SharePoint Services with two slower processors and 1GB of memory can handle 10,200
extremely heavy users to 61,200 typical users performing read and write transactions.
These numbers should be taken with a grain of salt, and testing should be performed on
the specific SharePoint 2003 configuration in the organization’s lab environment to
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 112
determine whether the level of performance is acceptable to the user community. The
automated tools used in this test probably didn’t complain, whereas the user community
certainly will. From a business standpoint, it makes sense to invest in more than a single
server to support tens of thousands of users because if the single server crashes, there will
be an overwhelming number of distressed users.
Note also that other variables will affect the performance of the SharePoint 2003 server or
server farm including other traffic on the network, virus protection software, security soft-
ware and encryption technologies in use, and type of load balancing solution in use.
On the other hand, an organization with only 50 employees who use SharePoint Portal
Server 2003 extensively not only for internal uses but also to collaborate with external
clients and partners may suffer dire consequences if SharePoint is not available for more
than a few minutes. Business could suffer, deadlines could be missed, and there could be
financial consequences, or the reputation of the company could be hurt. In this case, a
medium or even large server farm could be justified.
Due to the number of variables involved, most clients approach the server farm design
challenge from the business angle and use a strategy of “growth as needed,” which justi-
fies adding additional servers based on the levels of use and business impact of the
SharePoint server farm.
TIP
A number of testing tools are on the market, including Mercury LoadRunner or Microsoft’s
Application Center Test (ACT) tool, which can be used during the prototype testing phase or to
periodically test the performance of the SharePoint environment. These tools are designed to use
minimal hardware resources to emulate hundreds or thousands of concurrent users to put appli-
cations through the rigors of real-life user loads. Microsoft’s ACT tool is specifically designed to
stress test web servers and analyze performance and scalability problems with web applications,
including Active Server Pages (ASP) and the components they use. Application Center Test
supports several different authentication schemes and the SSL protocol, making it ideal for
testing personalized and secure sites.
TABLE 4.5 Capacity and Scaling Limits for Windows SharePoint Services
Object Scope Limit Comment
Site collection Database 50,000 Total throughput degrades as the number of
site collections increases.
Websites Website 2,000 The interface for enumerating subsites of a
given website does not perform well beyond
2,000 subsites.
Websites Site collection 250,000 You can create a large total number of websites
by nesting the subsites. For example, 100 sites,
each with subsites, is 100,000 websites.
Documents Folder 2,000 The interfaces for enumerating documents in a
folder do not perform well beyond 1,000
entries.
Documents Library 2 million You can create large document libraries by
4
nesting folders.
Security Website 2,000 The size of the access control list is limited to
principals a few thousand security principals; in other
words, users and groups in the website.
Users Website 2 million You can add millions of people to your website
by using Microsoft Windows security groups to
manage security instead of using individual
users.
Items List 2,000 The interface for enumerating list items does
not perform well beyond a few thousand
items.
Web Parts Page 100 Pages with more than 100 Web Parts are slow
to render.
Web Part Page 10,000 Pages with more than a few thousand user
personalization personalizations are slow to render.
Lists Website 2,000 The interface for enumerating lists and libraries
in a website does not perform well beyond a
few thousand entries.
Document size File 50MB The file save performance degrades as the file
size grows. The upper limit is about 50MB. This
limit is enforced by the system, but the limit
can be changed by the administrator.
secure, while being available to the internal and external users who require access to it.
Performance must be kept in mind as well; excessive security features may result in unac-
ceptably difficult access to site collections and the data contained in them.
• Isolating SharePoint data with separate SharePoint lists and libraries—The most
basic level of security, this relies on SharePoint 2003 list-level security to protect
data in a list from unauthorized access.
• Isolating SharePoint with separate host headers and virtual servers—Host headers
assigned in Internet Information Services (IIS) allow for multiple domain names to
correspond to different site collections or virtual servers in SharePoint. This allows
for an increased level of security between the sites because users cannot see the data
from the other site collections.
Securing the server or servers used in the SharePoint 2003 implementation is also critical
to ensure the protection of the data. A number of areas need to be discussed and consid-
ered to ensure that the configuration is protected:
• Server security needs to also be hardened to protect the server from hackers and
viruses.
• File access to SharePoint 2003 servers can also be audited to keep a record of
attempts to access files on the SharePoint 2003 server(s).
• SQL Server 2000 can use SQL Windows authentication or SQL Server Mixed Mode
authentication. However, Windows authentication is far more enhanced with regard
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 115
to security because it leverages security features and functionality built into Active
Directory.
• Virtual Private Networks (VPNs) can be used to secure access to SharePoint 2003
environments because data is secured and encrypted to prevent unauthorized access
to the traffic.
By reviewing the different options available to the organization in the design process, the
design of the Windows SharePoint Services or SharePoint Portal Server 2003 environment
will be able to provide a configuration that meets the organization’s needs and provides
the right combination of protection, manageability, and availability.
4
Internet Information Services (IIS) and uses the authentication method specified for a
virtual server in IIS to control authentication for all top-level websites and subsites of that
virtual server. The different methods of authentication should be reviewed, and the orga-
nization should decide which method or methods best meet its requirements.
Windows SharePoint Services works with the following authentication methods in IIS:
By default, a number of standard file extensions are blocked, including any file extensions
treated as executable files by Windows Explorer. The design process should discuss what
additional file types should be blocked. The list of blocked file types can be changed in
the future as needed, but it is helpful to have a well-thought-out plan in advance.
Anonymous access needs to be granted in IIS for a particular virtual server and can
then be enabled or disabled for a site on that virtual server by using HTML Adminis-
tration pages. IIS creates the anonymous account for web services, typically named
IUSR_computername, and when IIS receives an anonymous request, it uses this account.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 117
4
back).
Chapter 19, “Backing up and Restoring SharePoint,” “provides more information on the
different alternatives, which are
• Using the built-in SharePoint Portal Server Backup and Restore utility, accessible
from the Start menu.
Site collections can also be backed up and restored by using FrontPage 2003, but this is
not considered to be an enterprise backup solution.
• What will the service level agreement be with the user community when the new
SharePoint 2003 environment is rolled out?
• Is the existing backup hardware and software capable of handling SQL 2000 data-
bases and the amount of data that will be stored in these databases?
• Does the organization have experience with the different types of backups possible
with SQL Server 2000 databases and the pros and cons of each?
Virus Protection
A critical component in any technology environment is virus protection because any
penetration of a virus can severely impact the network’s performance. SharePoint 2003
requires the installation of compatible virus protection products and can then be config-
ured to check files for viruses when a user adds a document to a document library or list,
or when a user views a document in a document library or list. If a virus is found, the
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 118
scanner attempts to clean the file, or if the file cannot be cleaned, blocks the file from
being added or viewed.
Summary
Planning and designing the SharePoint 2003 infrastructure requires a thorough under-
standing of the current network environment as well as the document management and
collaboration processes and tools currently in use. After this information is collected, the
hardware configuration can be sketched out, and the high-level Windows SharePoint
Services site collection or SharePoint Portal Server 2003 portal environment can be
mapped out. The hardware decisions may well change in more complex portal environ-
ments as the stakeholders and decision makers work through the different design and
security issues outlined in this chapter. After the different areas presented in this chapter
have been discussed and decisions have been made and agreed to by the design team, a
design document can be created that can be used as a guide to move into the testing
process.
Best Practices
• Make sure to take the time to clarify the goals for the SharePoint project. Make sure
to discuss the time frame and different phases that will take place, the budget for
the different phases, and the technology and business goals of the project. Don’t
forget to write these goals down to avoid scope creep during the project.
• Consider whether Windows SharePoint Services will provide the features needed for
document management and collaboration. In some cases, Windows SharePoint
Services offers a sufficient feature-set for smaller organizations, for proof of concept
testing purposes, and in situations where the budget is severely constrained. A single
Windows SharePoint Services server can get an organization started on the path
toward better document management and collaboration.
• SharePoint Portal Server 2003 includes Windows SharePoint Services and provides
all of Windows SharePoint Services’ functionality. In addition, SharePoint Portal
Server 2003 adds more features including automatic categorization, audiences, topic
areas, news, personal sites, shared services, indexing and searching across other plat-
forms and file shares, single sign-on, site directory, user profiles, and BizTalk integra-
tion that make it a more flexible and powerful platform. Due to these additional
features, additional design and testing time should be allocated.
07_0672328038_CH04.qxd 8/8/05 11:50 AM Page 119
• Use Windows Server 2003 Standard Edition in most situations for SharePoint 2003
servers. The Enterprise edition needs to be used if more than 4GB of RAM is to be
installed in a server, or if more than four processors need to be supported, or to use
Microsoft Clustering Services.
• Windows Server 2003 Web Edition can be used on front-end servers in server farm
implementations.
• Use SQL Server for production implementations instead of WMSDE or MSDE if more
than 10 “active and large” websites will be used and if more than 2GB of data will
be supported. SQL Server 2000 is designed for optimized performance, scalability,
and manageability.
• Include a prototype testing phase where the SharePoint 2003 configuration is fine-
tuned and tested, as well as a pilot implementation in the implementation phase.
This provides sufficient time to ensure that the proposed configuration meets the
4
needs and expectations of the user community.
• Use the design process to determine whether a single server or server farm configu-
ration is needed, and whether a single portal site is needed, or whether multiple
portal sites are needed. Due to the many different possible server farm configura-
tions, considerable time and testing may be needed to determine the configuration
that best meets the needs of the organization.
• Make sure to consider the level of security required for site access and whether SSL
will be used to further secure information transmitted from browsers to the
SharePoint 2003 servers.
• Make sure that the design process considers how backups will be performed, as well
as virus protection.