Chapter 6 – Managing Sharepoint 2010 – Using Central Administration

MS Sharepoint 2010 – Administrator’s Companion (Page 243)

****** By default, the Central Admin is only available and enabled on the first Sharepoint 2010 server in yoour farm. You can enable the web page on additional servers if you wish. Each Central Admin site has its own Web Application and its own application pool.

The Resources Web part on the home page of Central Admin – data source is /List/Resources/, so to edit or delete links, browse to that list and perform operations to the list.

If Sharepoint detects a problem, on the Central Admin home page, it displays a Sharepoint Health Analyzer information bar, which points to the Health Analyzer

Post-installation central administration jobs:
1. Configure Central Admin Application Pool to use a unique domain account.
2. Configure service applications
3. Add servers to farms
4. Configure out-going email servers.
5. Configuring incoming email server.
6. Add antivirus protection.

Memory overhead of an application pool is 30-50MB + any memory for the application running in the application pool process space. Multiple processes can be associated with a single application pool.


Create A new web application —

Claimed-based authentication is based on WIF (Windows Identification Foundation), enable authentication across and non-Window and Windows-based systems by supporting delegation of User ID between applications.

Two authentication providers available:
(1) Kerberos – more secure, but needs SPN (service principal name) for domain account.
(2) NTLM

Required SQL Permission for a Web Application account: (1) Database Creator (dbcreator) and Security Administrator (SecurityAdmin)

Two choices for selecting a security account that will be used by the application pool: (1) predefined (built-in system accounts; local and network service) and (2) configurable (managed account; preferred).

Database failover in creating new Web Application: New in SharePoint 2010. A mirror copy of the database – provides fault tolerance and useful in disaster recovery. Provide a read-only environment for running reports.

Search server – select which server will index this web application’s database.

Extending a web application (new to me!!!) —

After creating a web app, you can extend it which allows you to expose the same content hosted in your initial web app to a different group of users using a different URL or authentication method. Allows you to provide five different entry points to the same content using a different URL or authentication methods.

P.265 – For each Web Application, there are 6 categories under the General Settings that you can configure:

General Settings – default time zone, default quota template, person name actions and presence settings, Alerts, RSS settings, blog API settings, browser file handling, web page security validation, send user name and password by email, master page settings for Application _Layout pages, recycle bin, max. upload file size.

Resource throttling – List view threshold, object model override, list view threshold for auditors and administrators, list view lookup threshold, list unique permissions threshold, backward-compatible event handlers, HTTP request monitoring and throttling, change log.

Workflow Settings – Enable (1) internal user with no access to the site and (2) external users to participate the workflow process?

Outgoing emails – SMTP server (outgoing), from address, reply-to address etc.

Mobile Account – SMS service and user name/password

SharePoint designer settings – enable Designer to manages sites with Designer, allow Admin to detach pages from master page, also Admin to customize master pages and layout pages, allow Admin to see URL structure of their web site.

Manage web application’s features – to activate or deactivate any of the default web application feature that have been installed. (this is not service aplpication, don’t get confused)

Managed Path – two types of managed path – wildcard and explicit.
Explicit – allow only one single site collection with a specific name space. Such as /ProjectA
Wildcard – Use a wildcard to create a category of site collections that include the namespace in the URL and then all site collections names after it. Such as /Projects/ProjectA.

Service Connections – This is the service application associations
with this web application.

To customize the association, select [Custom] from the dropdown. All boxes will be cleared.

Authentication providers – for each zone, what authentication provider is used? (e.g., in Default zone, use Windows authentication) Default – NTLM (Windows)

Available authentications:
(1) Windows (2) Forms – SQL Membership/Role Provider (3) Web Single Sign-on – ADFS – active directory federation services (4) Anonymous Access (5) NTLM or Kerberos

Self-Service Site creation – enable users with “Create Self-Service site” permission to create self-service site collections.

Blocked File types – a list of file types that are blocked. Use Microsoft Forefront
to detect invalid files hidden in a Zip file.

User Permissions – has all kinds of permission related to site and list.

Web Part Security – allow users to create connections between web part? To use online Web Part Gallery?

Policy —

5 zone types in SharePoint 2010 – default, Intranet, Internet, Extranet and Custom

The Policy section defines the policies for each zone – remember that Web Applications can be “Extended” to different zones and thus have different polices in different zones.

4 default permission level (1) Full Control (2) Full read (3) Deny Write (4) Deny All

Anonymous policy –

(1) None – no policy; default;
(2) Deny Write – cannot write content; even site admin grant access to user;
(3) Deny All – no access to contents; event granted so.

Permission Policy —

Define the detail permissions behind the 4 default permission levels – Full Control, Full Read, Deny Write and Deny All. You can create a new permission level.

Configuring Alternative Access Mappings —
Help Sharepoint decide how to map a incoming request URL to the correct URL.

Application Management — Site Collection Operations —

Create Site Collections – provide title, description, web site address, site template, administrator and secondary one, quota.

Confirm site use and deletion – if enabled, Sharepoint will email to all site collection owners of the specific web application and ask for a confirmation that they are still using their site. (before automatic deleteion, the admin will get 4 email notifications). If all enabled, an email will be sent every 90 days; if no rpely, and after 4 contact attempts, the site collection is gone.

Specificy Quota templates – specify the quota (size limit) for each template, and the “sandbox” point system (default 300 points, send email at 200 points)

Configuring quota and locks – (sort of like editing the quota template and access policy for a specific site collection)

Select a lock status, and then select a “quota template” for this site collection.

Service Applications —

**** definitions — A service application is a functional service of data or processing that, after it is configured, can be consumed by web applications. All service applications are defined at the farm level, and some of the services can be consumed by other web applications from other farms. You can create another instance of the service application to server other web applications.

Click the Connect button to connect to a remote Service Application (on another Farm) need to specify the address of the farm;s discovery service, or the full URL of the service application.

Who can manage your service applications – Must define trusted farms (so they can use your service application), and also get the published URL.

Permission button define who can [INVOKE] the service application.

Configure service application associations —

Difference between Manage and Properties of Service Application:

Properties: Database settings and Application Pool information
Manage: Manage the properties related to the selected Service Application.

Publishing a Service Application: Configure a service application os it can be consumed by a web application from another farm.

Manage Service on Server : to turn/off service application on servers in the farm.

Database —

Manage Content database – by default, each Web Application is associated with one content database; but each web application is capable of having multiple databases associated with it.

Default content database can host up to 15,000
site collection, with warning to admin at 9,000.

If a web application has 2 content database, and you create a new site collection, then the one with the most availability will receive the new site collection, by default.

Configure Data Retrieval Service – Enable connections to Sharepoint 20201 (via SOAP/XML, OLEDB etc.).

System Settings —

Servers – Manage service application on each server in the farm.

Email and Text Messages (SMS) —

Configuring Out-going and in-coming email server and configurations.

In-coming email configuration, generally speaking —
(1) Install SMTP server using IIS
(2) In AD, create and OU (organization unit) in which the distribution groups or contacts will be created.
(3) In Central Admin, System, Configure Incoming Email settings, and specify the OU just created in AD.

Farm Management —

Configure Alternate Access Mappings (AAM) —
Manage Farm Features – Features can be deployed to different layers – farm, we app, site collection or site level.

Two elements involved in deploying a solution: adding the solution to the solution store and then deploying the solution from the solution store:
(1) Add solution to the solution store, with
STSADM –o addsolution -filename filename or
Add-SPSolution C:\solutionname.wsp

(2) Deploy the solution from the solution store: using the GUI (select solution and click Deploy) or command:
STSADM –o deployment –name solution name
Install-SPSolution –Identity solutionname.wsp –WebApplication URLofWebApplication

Cross-Firewall Access Zone – similar to AAM, but for Mobile Users

Monitoring —
Health Analyzer —
Review rule definitions – definitions are created automatically when the system detects a new service that has defined rules associated with it. Click a rule and you can see the rule definition; click Edit Item you can edit the rule.

Timer Jobs – timer jobs are created when service applications, web applications, and other Sharepoint components are created.

Review Job Definitions – Title, Web Application and Schedule.

Reporting – It’s about logging and reporting.

View Admin Report —
Configure Diagnostic Logging – configure the amount of diagnostic logging that will be captured using the ULS (Unified Logging Service). You can change the type of events to log, severity, log size, log file location etc.

What is event log flood protection? Allow ULS to identity repeating logging activities
for the same vent and suppress the event to prevent the log from filling up with the same alert.

Configure Usage and Health Data Collection – to enable usage data collection (by default on), which event to log;

Health Data – WSS_Logging, by default it contains the following information from all servers in the farm: ULS, Event Logs, Select Performance Monitor Counters, Blocking SQL queries.

View Health Report – slowest page report, top active users report etc.

Developer Dashboard – by default, disabled. To enable it in STSADM:
stsadm –o getproperty –pn developer-dashboard
stsadm –o setproperty –pn developer-dashboard –pv ondemand

Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: