I was asked recently if the BDC search results (when indexed by the search) can be controlled by an access list. The answer is that yes, the Security trimmer is the SharePoint feature to accomplish this. In fact any search result can be trimmed, so if you wanted to index some website that used custom permissions (i.e. a content access account that has full rights to a website) but you didn’t want to show that information to say public users of your site, this same security trimmer functionally can be used. The important things to note are: - The security trimmer is attached to a crawl rule
- The security trimmer is a class that implements the ISecurityTrimmer interface, the registration process defines the full assembly name, as such it must be loaded into the GAC.
- After the security trimmer is registered, you will need to recreate the content source and perform a full crawl
- Performance might be an issue, since every search result will be access checked, if your looking for insight on how to approach this refer to this MSDN article
At Tech-Ed Barcelona, the new SharePoint related features of Visual Studio 2010 were presented in the keynote: Taken from Paul Andrew’s Blog Server Explorer for SharePoint viewing Lists and other artefacts in SharePoint directly inside of Visual Studio Windows SharePoint Services Project (WSP file) Import to create a new solution Added a new web part project item and showed the Visual web part designer which loads a user control as a web part for SharePoint Showed adding an event receiver for SharePoint and using the wizard to choose the event receiver and to just create a source file with that event receiver. Added an ASPX workflow initiation form to a workflow project and showed how this workflow initiation form has designer capability Showed the packaging explorer and the packaging editor which lets you structure the SharePoint features and WSP file that is created I’ve highlighted the features that I think are exciting, it’s good to see that more tooling support is coming.
I was having a bit of a play around with CRM 4 and build an application definition file that provides the entities: Account, Contact and Product. So you can use the BDC web parts to display the contacts in the account like: 
You can download the Application Definition File here.
Last night I started having a bit of a play with the Azure blob storage system. The first thing to do is install the SDK and get the development storage and development fabric setup. The SDK gives you the ability to go File –> New –> Cloud Project, I selected the web role for my demo (the other options include a stand alone worker, or combined web and worker roles). From here I included the StorageClient project from the Azure SDK samples, this has a bunch of wrapper classes that are helpful. Then I added some appSettings entries that contain URL’s for the development tools: 1: <appSettings> 2: <add key = "AccountName" value="devstoreaccount1"/> 3: <add key = "AccountSharedKey" value="Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="/> 4: <add key="BlobStorageEndpoint" value="http://127.0.0.1:10000/"/> 5: <add key="QueueStorageEndpoint" value="http://127.0.0.1:10001"/> 6: <add key="TableStorageEndpoint" value="http://127.0.0.1:10002"/> 7: </appSettings>
The only thing that I was interested in was putting stuff into the blob storage, so I put together a simple asp.net page that contained an upload file control and a button.
I wired up the button event with the following code:
1: protected void btnTest_Click(object sender, EventArgs e) 2: { 3: StorageAccountInfo blobAccount = StorageAccountInfo.GetDefaultBlobStorageAccountFromConfiguration(); 4: 5: BlobStorage blobStorage = BlobStorage.Create(blobAccount); 6: blobStorage.RetryPolicy = RetryPolicies.RetryN(1, TimeSpan.FromMilliseconds(100)); 7: 8: BlobContainer container = blobStorage.GetBlobContainer(Guid.NewGuid().ToString()); 9: 10: NameValueCollection containerMetadata = new NameValueCollection(); 11: containerMetadata.Add("Name", "TestContainer"); 12: container.CreateContainer(containerMetadata, ContainerAccessControl.Public); 13: 14: string blobName = Path.GetFileName(testFile.PostedFile.FileName); 15: BlobProperties properties = new BlobProperties(blobName); 16: container.CreateBlob(properties, new BlobContents(testFile.PostedFile.InputStream), true); 17: }
To prove that the uploaded file was inserted into the blob, I used the CloudDrive project that is also provided by the Azure SDK, this project provides some PowerShell magic to allow you to mount the blob storage as a drive (the drive is blob:) so in the command window I could do the following:
This just lists all the containers that have been created and then the blob’s that live inside those containers.
Now the interesting part is that we can use the browser to also view our blob:
The MSDN pages give us the details, but basically you browse to http://127.0.0.1/devstoreaccount/<container>/<blobname>
Of course you’ll only be able to browse like this unauthenticated if your container is publically viewable, these attributes were set above with the ContainerAccessControl.Public parameter on the CreateContainer method call.
If your about to go onto a new client’s site to install MOSS or WSS, these are some of the things that need to be considered:
- Base windows install – Hopefully this step will be done for you, as well as any clustering setup either via a load balancer or via NLB.
- Network Access to Servers – Will we have machines that are on the same network as the servers, I’ve been given machines in a test lab that was impossible to use without the VMWare infrastructure client, needless to say that environment didn’t last very long.
- Admin Rights – We need accounts with admin rights to actually install SharePoint
- Active Directory Setup – It’s always a good idea to understand how the organisation is using AD.
- Service Accounts – Make sure the IT department understand the importance of service accounts, hopefully have them pre-created before you get onsite.
- DNS – While you put the request in for the service accounts, double check that your DNS entries are all setup. Have a think about all the zones you intend to use (i.e. are you using web application policy to give admin users god like rights on the admin.portal site?)
- Database – Make sure your setup account has permissions to create databases, you’ll be surprised at how often the DBA’s forget this task.
Remember always to select the complete install, never the web front end only option, you always want the option to change the servers configuration (i.e. start the search server).
Paul Jenkins recently ran a competition around Live Mesh, I subscribed to his live mesh competition folder which is all he needed for entry, pretty hard hey … I just got an email that I won a copy of Vista Ultimate … how cool. Thanks Paul!
There are a number of options that you can use when you define your connection settings in your BDC ADF file: The authentication methods are: RevertToSelf Simply uses the application pool account (reverts back to this account) to access the database. 1: <Properties> 2: <Property Name="AuthenticationMode" Type="System.String">RevertToSelf</Property> 3: <Property Name="DatabaseAccessProvider" Type="System.String">SqlServer</Property> 4: <Property Name="RdbConnection Data Source" Type="System.String">servername</Property> 5: <Property Name="RdbConnection Initial Catalog" Type="System.String">databasename</Property> 6: <Property Name="RdbConnection Integrated Security" Type="System.String">SSPI</Property> 7: <Property Name="RdbConnection Pooling" Type="System.String">false</Property> 8: </Properties>
PassThrough
Passes the credentials of the calling user, this will only work on a single server install or on a farm if Kerberos is enabled.
1: <Properties> 2: <Property Name="AuthenticationMode" Type="System.String">PassThrough</Property> 3: <Property Name="DatabaseAccessProvider" Type="System.String">SqlServer</Property> 4: <Property Name="RdbConnection Data Source" Type="System.String">servername</Property> 5: <Property Name="RdbConnection Initial Catalog" Type="System.String">databasename</Property> 6: <Property Name="RdbConnection Integrated Security" Type="System.String">SSPI</Property> 7: <Property Name="RdbConnection Pooling" Type="System.String">false</Property> 8: </Properties>
SQL Authentication
It is still possible to use SQL Server Authentication, the following example uses the RdbConnection properties for this:
1: <Properties> 2: <Property Name="AuthenticationMode" Type="Microsoft.Office.Server.ApplicationRegistry.SystemSpecific.Db.DbAuthenticationMode"> 3: RevertToSelf</Property> 4: <Property Name="DatabaseAccessProvider" Type="Microsoft.Office.Server.ApplicationRegistry.SystemSpecific.Db.DbAccessProvider"> 5: SqlServer</Property> 6: <Property Name="RdbConnection Data Source" Type="System.String">servername</Property> 7: <Property Name="RdbConnection Initial Catalog" Type="System.String">databasename</Property> 8: <Property Name="RdbConnection Integrated Security" Type="System.String">false</Property> 9: <Property Name="RdbConnection User ID" Type="System.String">username</Property> 10: <Property Name="RdbConnection Password" Type="System.String">password</Property> 11: </Properties> 12:
Single Sign On
If your using SSO, this is also supported:
1: <Properties> 2: <Property Name="AuthenticationMode" Type="System.String">RdbCredentials</Property> 3: <Property Name="DatabaseAccessProvider" Type="System.String">SqlServer</Property> 4: <Property Name="RdbConnection Data Source" Type="System.String">servername</Property> 5: <Property Name="RdbConnection Initial Catalog" Type="System.String">databasename</Property> 6: <Property Name="RdbConnection Integrated Security" Type="System.String">false</Property> 7: <Property Name="RdbConnection Pooling" Type="System.String">true</Property> 8: <Property Name="SsoApplicationId" Type="System.String">SSO Application you created</Property> 9: <Property Name="SsoProviderImplementation" Type="System.String">Microsoft.SharePoint.Portal.SingleSignon.SpsSsoProvider,
Microsoft.SharePoint.Portal.SingleSignon, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c</Property> 10: </Properties>
The MSDN documentation can be found here.
Last night I sat down to watch some more PDC sessions, this time it was Anders Hejlsberg presenting The Future of C#. Anders did a great job presenting, the highlights for me were: - The general roadmap to v4 – Anders set the expectations around the v4.0 language (also see Eric Lippert’s blog)
- dynamic keyword – Makes COM interop easier, Nikhil has a nice post on what this will mean for JSON.
- optional and named parameters – Again designed to make COM interop easier, no more missing parameters.
- compiler as a service – This was by far and away the most interesting part, he showed off the dynamic compilation features of the complier in 4.0v next, coupled with a great demo showing a REPL (Read-Eval-Print Loop) program that accepts c# code.
I also watched the keynote presentation from Don Box and Chris Anderson where they showed off some of the Azure platform. As with all Don and Chris demo’s it was really entertaining. The key takeaway was that the Azure platform is based around web standards and that all the tools we currently have will work with Azure. Of course that’s not to say that we don’t need some abstraction from some new libraries (isn’t every problem in computer science solved by another layer of abstraction).
In both MOSS and Search Server it is possible to configure an xml file that controls expansion and replacement words, so in effect this is a thesaurus file that you can customise with words that may be specific to your organisation. The classic example given is one which expands the technology acronyms (computer types sure do like them!): 1: <XML ID="Microsoft Search Thesaurus"> 2: <thesaurus xmlns="x-schema:tsSchema.xml"> 3: <diacritics_sensitive>0</diacritics_sensitive> 4: <expansion> 5: <sub>Internet Explorer</sub> 6: <sub>IE</sub> 7: <sub>IE5</sub> 8: </expansion> 9: <replacement> 10: <pat>NT5</pat> 11: <pat>W2K</pat> 12: <sub>Windows 2000</sub> 13: </replacement> 14: </thesaurus>
To find the location of this file you first need to look in the registry under: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office Server\12.0\Search\Global\Gathering Manager] Key: DefaultApplicationsPath
Once you have found the file you can simply add expansion and replacement elements with the children nodes as needed.
Don’t forget to do this to all the servers in your farm. Also you will need to restart the search service for these changes to take effect.
The following table (from the enterprise search blog) lists the elements and what they do:
| Term |
Meaning |
| thesaurus |
marks beginning (and end) of thesaurus |
| diacritics_sensitive |
Diacritics are marks, such as accents that are added to letters that change their pronunciation. For example, the acute accent over and e gives you: é.
0 – ignore diacritics
1 – respect diacritics |
| expansion |
A list of alternative forms each marked by <sub> by the sub keyword |
| sub |
One of several alternatives in an expansion |
| replacement |
Several patterns will be replaced with a substitution |
| pat |
A pattern to be replaced |
| sub |
Item to be substituted |
I’ve only scratched the surface here, for a full overview of this topic, check out the enterprise search blog
Don’t forget that SQL Server full text search (FTS) has the same capabilities in terms of a thesaurus file that supports expansion and replacement words. If your looking for information on SQL Server 2005 or 2008 you should refer to this post.
The other feature that both products support is the notion of noise words, these are words that when used add no value to the search like ‘been’, ‘before’, ‘being’, ‘both’ etc. This KB describes the process to add or remove words from this list, but simply it is modifying the contents of a file which lives in: Data\Ftdata\SharePointPortalServer\Config, it’s a simple format where each word is on it’s own line (no xml).
Have fun customising the search experience.
From an MSDN article, I’ve found this concise procedure to setup an indexing server: Enable or disable the index server role or query server role -
In Central Administration, on the Operations tab, in the Topology and Services section, click Services on server. -
On the Services on Server page: -
If the server name that appears is not the server that you want to configure, click the arrow next to the server name, click Change Server, and then click the server for which you want to enable or disable the index server role or query server role. -
In the Start services in the table below section, in the Status column for Office SharePoint Server Search, if the status is Stopped, in the Action column click Start. -
Click Office SharePoint Server Search. -
On the Configure Office SharePoint Server Search Service Settings page, in the Query and Indexing section, enable server roles for the server as appropriate for your configuration: -
To enable the index server role on the computer, select Use this server for indexing content. -
To enable the query server role on the computer, select Use this server for serving search queries. -
To save changes and return to the Services on Server page, click OK.
Just a heads up that I’m presenting a topic at the Brisbane SharePoint Users Group (Day Session) on Wednesday November 12th. at Microsoft Brisbane (Level 9 waterfront place). My topic is: Profile Import process with the BDC How to configure the BDC to combine external data from a SQL Server database with the imported Active Directory accounts. This will include setting up the user's profile page to include this custom data and adding custom metadata property mappings to expose these properties via the people search.
Well the biggest week in the calendar of the Microsoft Developer is over, so much stuff to now digest. I had to laugh last night, I’d just spent a couple of hours watching some of the sessions online and then I got an email from Apple telling me that I could purchase some sessions from WWDC08. The online coverage is fantastic it’s almost better than being there, almost. Ignoring the cloud computing announcements which won’t really impact us for the next 12 months or so (PDC09 has already been announced) and the windows 7 client stuff (again, we’ll wait for a public beta) the really cool stuff is the developer related material. I watched Jeff King’s session on Visual Studio 2010 web developer features last night, the key highlights: - HTML SnipIts – The ability to have the snipit functionality inside the HTML editor, MS have focused on the HTML authoring experience and adding this functionality certainly aides in this. My brief description doesn’t do this feature justice, take a look at Jeff’s demo.
- Triple click to delete content – just fits with the better authoring experience mentioned above.
- Javascript Intellisense – Better intellisense performance, the whole engine is more resilient
- Deployment – Jeff introduced the MSDeploy tool, it has the ability to change config files (and do other tasks) specific to the environment that you are targeting, this whole process looks interesting, although I’m sure the VSTS guys have some ideas that will probably apply to me more so.
I also watched the Olso demo with Don Box (he’s always a must watch, even if he was doing a cooking show, you’d still have to watch) - The M language looks interesting, Don points out that Oslo is three components, the language, a tool and a repository. Don also mentions that developers have an unhealthy love for text editors and they changed the product from a Visio type tool to a text based one, I agree that he made the right choice.
I had to watch Scott Hanselman’s presentation on Baby Smash, one of those compulsory viewing things: - Charts – Native chart support coming in .NET version 4
- Touch (aka surface), Silverlight and WPF are starting to really converge, your skillset is easily transfered across all of these technologies.
- The Managed Extensibility Framework (MEF) is something to keep an eye on, visual studio 2010 is going to be making use of it. It’s a framework for adding extensibility to your applications.
- The whole .NET is crazy cool, it’s all there and is super easy to use.
Web Futures wasn’t as interesting, mostly cause I have my head in this space anyway, the things that did interest me were: - The ability to have custom ID’s in webforms (might make webforms a little less icky)
- Fixing up of viewstate, so you can turn it off at a page level, but turn on specific controls (plus they are fixing up some controls that don’t work properly with viewstate off)
- Cache provider model, will be able to plugin tools like Velocity.
Entity Framework, I watched Tim Mallalieu talk on this. If you’ve been following the Entity Framework you might have seen the vote of no confidence that was put out by the Alt.NET community. Anyway it was good to see the team take this feedback onboard. - POCO (Plain Old CLR Objects) can now be wired up to entities, you need to watch the demo to get the point of this.
- An interesting point that Tim made was that the next version of SQL Server was going to make use of the Entity Framework for Reporting Services, this is really cool.
So much cool stuff going on. There is so much content to watch, I was watching this in comfort on my lounge via my Media Center PC, the SilverLight experience is awesome, better than any Saturday night movie.
|