SUMMIT SharePoint Weblog: 4/1/10

Apr 28, 2010

SharePoint Extranet Website using Form Based Authentication (FBA) via SQL Database User Store

Develop Content Management, Business Process Management, etc application onto the SharePoint Site, and the site by default is available via intranet using Active Directory user authentication.

We can go ahead and expose the application on intranet site to the external word i.e. extranet or anonymous user via provisiong a extranet site on top of the existing intranet site. The extranet site can leverage authentication using Form Based Authetication (FBA) mechanism via SQL database as the user store.

Implementation Steps:

1. Double click C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe and follow the wizard. By default, ASPNET_RegSQL.exe will be using the ‘aspnetdb’ database for storing user data.

2. Use Asp .Net WebSite Administration Tool to access the aspnetdb created in above step.

Under the website menu, select the option for ASP.NET Configuration.

3. Modify/Replace connection string and membership provider in the web.config (replace connection string and System.web) by value shown below

<connectionStrings>
<add name="SP_FBA_DB_SQL_CONN_STRING" connectionString="server=2003Server\SQLEXPRESS; database=BP_FBA_DB; Integrated Security=SSPI;" providerName="System.Data.SqlClient" />
</connectionStrings>

<system.web>
<membership defaultProvider="SP_FBA_DB_AspNetSqlMembershipProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""
/>
</providers>
</membership>

<roleManager enabled="true" defaultProvider="SP_FBA_DB_AspNetSqlRoleProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" applicationName="/" />
</providers>
</roleManager>

4. Create user FBA_Admin in fba database and users (optional), using the step 2

5. Go to Central Admin in SharePoint

6. Create New Web Application for Intranet

7. Create Site collection using publishing portal template

8. Extend created web application and change zone to extranet

9. Change Web.config for Central Admin, and both web apps created Please Note Central Admin config uses

<system.web>
<membership defaultProvider="SP_FBA_DB_AspNetSqlMembershipProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""
/>
</providers>
</membership>

10. Go to Central Administration > Application Management > Authentication Providers Change Extranet to:

11. Go to Central Administration > Application Management > Site Collection Owners

Add FBA_Admin as secondary site collection administrator

12. Test Sites, by login to intranet and extranet sites

13. Last but not the Least

Manage FBA Users via WebParts on your Extranet Site

References:

SharePoint Development or Coding Practices to avoid slow performance (i.e. performance degradation)

Few pointers on SharePoint Development or Coding: Best Practices

Http Modules and Http Handlers

Know the difference between Http Module and Http Handler before using it
HTTP module is always called as part of the page processing pipeline, a poorly designed or faulty module can have a detrimental effect on performance or perceived stability of the environment. Thoroughly test each module for performance before deploying it.
Use Custom Http Handlers To Improve Performance in ASP.NET (rarely used)

Dispose Objects properly and carefully

Marking unused objects, so that they can be garbage collected

Ghosting vs Un-Ghosting

All the Pages in the SharePoint are stored in the SQL database but some SharePoint pages lying in the layouts folders on the server are accessed as is. These pages have null as an entry in the sharepoint database. i.e. Ghosted Pages are not stored in the SQL database, they reside on the SharePoint Server folders. The Ghosted pages become unghosted when we modify them (like using SharePoint Designer).
Do not unghost the ghosted pages, as this will contribute in degrading the performance.

Custom Stored Procedures preferred compared to SQL Queries

Measure performance using SQL Profiler
Keep transact SQL smaller, as these create locks.

Create Views

When we need to pull data from multiple tables and have complex multiple joins. It's preferred to create the views and write queries on top of it, instead of writing and calling complex queries on demand.

SharePoint List Views

Use proper Index in the SP List Views, i.e. column used in the filter of the views

Web Applications in the Farm (2-2-1)

Do not have more then 5-7 web applications in the medium size farm
Each web application should have it's own application pool

NTLM vs Kerbores authentication

Kerberos caches information about the client after authentication. This means that it can perform better than NTLM particularly in large farm

SSL (http vs https)

SSL mostlty degrades the performance

Server Round Trips

Code to avoid server round trips

Views Size

Views size should not be more then 2000 items.

Large Lists

Working with large lists

SharePoint Updates

Install all the patch, cumulative updates

coming more soon ...

Apr 21, 2010

SharePoint Performance Tuning

To improve SharePoint Performance, as a site or collection or farm administrator you can:

Enable Output and Page Caching from Site Admin Page.

Pre requiste: Enable the Office SharePoint Server Publishing feature from Site Features

Turn on Http compression and Content Expiration at IIS Level (Browser Caching and content compression)
Turn on Blob Caching on all WFE Servers, In web.config (look for blobcache and make it true)

< BlobCache location="C:\blobcache" path="\.(gif¦jpg¦png¦css¦js)$ " maxSize="10" enabled="true" />

Use Warmup script
Use SharePoint Dispose Check utility for memory leak
Can use Ant profiler for memory issues or to find out memory bottlenecks.
Hardware in the farm

32 bit vs 64 bit, what is the server memory metrics. Use 64 bit if the memory consumption is more then 50% and you have hit the 4 GB limit on the 32 bit operating system.

Load test via Visual Studio Team Suite or link
Collect server metrics using perfmon
Look for the Network Contention (most common),

network in the farm (NIC card, etc)
network bandwidth between the farm and client

Best Development and Coding Practices to avoid slow performance (i.e. performance degradation)

Custom Code (Object Model)
SharePoint Farm (Architecture / Hardware / Software)

Use SQL Profiler to determine if database is the bottleneck

Apr 19, 2010

SharePoint Slow Performance and Warmup script (Object Model or WebRequest)

SharePoint Sites are slow, duh!

Well, we need to resolve the bottleneck ...

If sharepoint site is slow always? follow the link

OR

If the sharepoint site is slow only during the wee hours or certain time of a day?

Do the following:

* Recylce appliction pool on Web Front End Servers at different time of the day and just before peak hours.

* Object Model vs Web Request, what to use in the warmup script?

      - Object Model can be used when you don't know your highly accessed page and the new sites are created or deleted frequently i.e. configurtion files does require frequent changes. warmup script link

      - Web Request does not enumerate sites automatically in the farm and you need to add the url's of highly accessed page explicity. In other words, if you create new site; add the url manually to the configuration file. warmup script link

* From the warmup script access frequently accessed page, so that it's cached after application pool recycle.

UPDATE: customized pages are parsed (by IIS) using no-compile mode, so accessing the unghosted pages won't help much
                  highly accessed pages should be deployed as ghosted pages onto the sharepoint if performance matters
* Check IIS configuration, it might be recycling the application pool automtically based on the size of worker process

Related Topic:
                              SharePoint Workflow and Warmup Scripts

Apr 12, 2010

What to do when Ouput Caching, Page Caching does not improve performance (SharePoint)?

What to do when Ouput Caching, Page Caching does not improve performance (SharePoint)?

Points to ponder:

how the site was created
when you enabled the publishing infrastructrue
when the site or page was created before or after enabling publishing infrastructrue

Have an existing Site based on a template other then Publishing Template and you want to enable Ouput Caching and Page Caching .

Even if you go ahead and enable the Output caching at the site/site collection level after enabling publishing infrastructure etc. The Caching will not work for the existing pages.

Check If Output Caching is working or not?

Enable debug cache information in the cache profile, a comment will be left at the end of the HTML markup of the web page indicating if output caching is enabled.

This option is really for debugging purposes, and it is not required to enable output caching.
It tells you what profile the page is using to cache the content, and the timestamp of the cached version of the page.

You should be able to see the (IE > view Source > at the bottom)



at the bottom of the page for the site you created under site collection using the Publishing template "Publishing Site" or Pages created after enabling Publishing Infrastructure.
So, even if i go ahead and enable the Output caching at the site/site collection level after enabling publishing infrastructure etc. The Caching will not work for the existing pages and they won't have something like "" at the bottom. Although, this will work for newly added pages after enabling Publishing Infrastructure.

Apr 10, 2010

SharePoint Analytics or SharePoint Usage Reporting or Google Analytics SharePoint

world full of options ... what to choose ..

SharePoint Usage Reporting provides:

Requests and queries in the last day and the last 30 days.
Average number of requests per day over the last 30 days.
A chart of requests per day over the last 30 days.
A list of top users over the last 30 days.

the list goes on and on ...

SharePoint Usage Reporting, yes it's not complete web analytics but out of box it does provide features which are comparable to web analytics.

To turn on SharePoint Usage Reporting:

1) Turn on usage analysis processing in Central Admin under operations

2) Turn on usage reporting in Share Service Provider

3) Enable Publishing infrastructure at site collection level

http://celerity12.blogspot.com/2010/03/sharepoint-outputpage-caching.html

Then goto SiteAction > Site Settings and click Site Collection usage.

And don't forget to checkout " Use reports to measure site performance and usage using SharePoint Designer 2007".

SharePoint Server Updates or Versions ( i.e. Service Packs, Hot Fix, Patch, Cummulative update) all at one place

SharePoint Updates

Came across with scenario, when we have bunch of update requested by different teams, some requiring hot fix for infopath, some one for SSP and so on. The best solution is to keep the SharePoint Server Farm updated with all the cumulative updates, this can be or should be tracked at the below link

SharePoint 2007 Updates link

SharePoint 2010 Updates link

Keywords: SharePoint SP2

Apr 8, 2010

Hide View All Site Content on SharePoint Site

At times we need to hide certain things on the master page based on the user profile.

You might be finding blogs where people are coding or making these components invisible or commenting or deleting to hide them, Instead the method mentioned below is the correct way of doing the following:

hide View all site content
hide bread crumbs
hide My Links
hide My Site
hide help
hide left navigation

Highlighted below in the screen shot (logged in as site administrator):

Instead, simply open the master page using SharePoint Designer and using the split view
as shown below in the screenshot highlight the desired component to hide, in the example below i am using "My Site"

Now, lets add few lines to hide "My Site"

<Sharepoint:SPSecurityTrimmedControl runat="server" Permissions="ManageSubwebs">

<SharePoint:DelegateControl ControlId="GlobalSiteLink1" Scope="Farm" runat="server"/></td>

</Sharepoint:SPSecurityTrimmedControl>

as shown below:

Now login as the Site Administrator and some other account like site members.
Notice the difference, the My Site is gone.

Logged in with site member account

Code only when necessary!

keywords: SPSecurityTrimmedControl

Apr 5, 2010

SharePoint Performance (IIS Http Compression and content expiration)

SharePoint Performance improvement by using IIS Http Compression and content expiration

Sites will be simply faster

Implemented http compression and content expiration, on IIS hosting the SharePoint sites and the page load time decreased to 3 seconds from around 6+ seconds.

To Improve SharePoint Site performance, one of the tweak you need to do is Http Compression at IIS Level

Benefits:

Effective bandwidth utilization, Conserve traffic and server resources
Faster transmission between Client/Server
Compress Static files, Compress Application response files (dynamic compression)

Performance Metrics

Before and after Implementing Http Compression on the Server Farm, following baseline metrics needs to be collected:

* CPU Usage under certain load or at certain times during the business hours
* Memory Usage under certain load or at certain times during the business hours
* Server Response time (Http Watch/ fiddler can be used)
- This will help in making a decision, whether we can apply the dynamic compression or not.

Enabling HTTP compression,

1. In IIS Manager, double-click the local computer, right-click the Web Sites folder, and then click Properties.

2. Click the Service tab, and in the HTTP compression section, select the Compress application files check box to enable compression for dynamic files.

3. Select the Compress static files and Compress application files check box to enable compression for static/dynamic files.

4. In the Temporary directory box, click Browse to locate a directory. The directory must be on the local drive of an NTFS–formatted partition.

5. Under Maximum temporary directory size, click a folder size option.

6. Click Apply, and then click OK.

Static file is compressed, and it is cached in this temporary directory until it expires, or the content changes.

By default following files are compressed for Static compression: .txt, .htm, and .html

Dynamic files are compressed at runtime, means on demand when they are accessed by the end user. This means each time the file is being accessed the server CPU is under load.

By default following files are compressed for Dynamic compression: .exe, .dll, and .asp

Implementing compression (editing the Metabase.xml)

- Including certain file types

Static File Types > xml, rdf, css, js

Dynamic File Types > aspx, xsn, asmx, cgi

- level of compression

set to “9” should be changed to find the appropriate value based on the environment CPU utilization

On the WFE server look for Metabase.xml, located in the following directory: c:\windows\system32\inetsrv

Open the file and look for the following tags and replace it with the one given below:

<IIsCompressionScheme Location ="/LM/W3SVC/Filters/Compression/deflate"

HcCompressionDll="%windir%\system32\inetsrv\gzip.dll"

HcCreateFlags="0"

HcDoDynamicCompression="TRUE"

HcDoOnDemandCompression="TRUE"

HcDoStaticCompression="TRUE"

HcDynamicCompressionLevel="9"

HcFileExtensions="htm

html

xml

css

txt

rdf

js"

HcOnDemandCompLevel="9"

HcPriority="1"

HcScriptFileExtensions="asp

cgi

exe

dll

aspx

asmx

xsn"

>

</IIsCompressionScheme>

<IIsCompressionScheme Location ="/LM/W3SVC/Filters/Compression/gzip"

HcCompressionDll="%windir%\system32\inetsrv\gzip.dll"

HcCreateFlags="1"

HcDoDynamicCompression="TRUE"

HcDoOnDemandCompression="TRUE"

HcDoStaticCompression="TRUE"

HcDynamicCompressionLevel="9"

HcFileExtensions="htm

html

xml

css

txt

rdf

js"

HcOnDemandCompLevel="9"

HcPriority="1"

HcScriptFileExtensions="asp

cgi

exe

dll

aspx

asmx

xsn"

>

</IIsCompressionScheme>

<IIsCompressionSchemes Location ="/LM/W3SVC/Filters/Compression/Parameters"

HcCacheControlHeader="max-age=86400"

HcCompressionBufferSize="8192"

HcCompressionDirectory="%windir%\IIS Temporary Compressed Files"

HcDoDiskSpaceLimiting="FALSE"

HcDoDynamicCompression="TRUE"

HcDoOnDemandCompression="TRUE"

HcDoStaticCompression="TRUE"

HcExpiresHeader="Wed, 01 Jan 1997 12:00:00 GMT"

HcFilesDeletedPerDiskFree="256"

HcIoBufferSize="8192"

HcMaxDiskSpaceUsage="99614720"

HcMaxQueueLength="1000"

HcMinFileSizeForComp="1"

HcNoCompressionForHttp10="FALSE"

HcNoCompressionForProxies="FALSE"

HcNoCompressionForRange="FALSE"

HcSendCacheHeaders="FALSE"

>

</IIsCompressionSchemes>

* Ignore br tag

NOTE:

-- Cannot edit or save the IIS metabase.xml file
To edit the IIS metabase file without stopping IIS, you must enable Edit-While-Running.

Procedure:

- To enable metabase edit-while-running using IIS Manager

- In IIS Manager, right-click the local computer, and then click Properties.

- Select the Enable Direct Metabase Edit check box.

Instead of editing “metabase.xml”, we could use the following command but it doesn’t seem to work quite well.

cscript.exe adsutil.vbs …

Enabling Content Expiration for Client (Browser) Caching

In the IIS Manager, right click on the website and goto properties as shown below

One you have the settings as shown above, i.e.

- Enable content expiration checked mark

- Expire after should be set to around 30 days or based on application

- Under Custom Http Headers should have the following via edit

- An example of a Cache-Control server-response header is

o Cache-Control: max-age=3600

o Cache-Control: max-age=3600, must-revalidate

The must-revalidate attribute speeds up the caching process by rendering the repeated download of entire pages or objects unnecessary. If the data's freshness is unknown, the browser can contact the server to determine whether an update has occurred. If no changes to the object have occurred, the browser uses the cached copy.

§ Time is in seconds

Restart the IIS before testing the performance for your sites and comparing the baseline metrics.

NOTE You should consider testing the impact of compression levels and monitor the CPU utilization and potential impact to your Web servers. Generally, a compression level between 7 and 9 provides optimum performance

Testing:

Open the site using IE and enable the recording in the httpWatch, you should see something like following when navigating to home page (default.aspx):

Also look at the content in the next screen shot below:

Validate content expiration for pages other than some like default.aspx as shown below:

NOTE: At last but not the least, The above procedure needs to be implemented on all Web Front End (WFE) servers in the SharePoint Farm

For other performance tips follow SharePoint Performance Tuning

Apr 4, 2010

Office 2007 Ribbon

User Interface: Content Area Utilization (Office 2007 / Browser / ...)

In Office 2007 to get more content area make the ribbon hide when not in use, by right clicking on the top menu bar and choose "Minimize the Ribbon"

People who really use Office 2007, seems to realize that it has much better User Interface then previous Office versions.

Most of the web sites are standard for resolution 1024 x 784, to make sure all the viewers can browse them with the optimum content area utilization on the screen. As the screen sizes are increasing and some people tend to use higher resolution, we do have some area left, on the left and right inside the browser as the blank vertical rectangle.

Why not utilize the screen area by the floating toolbars or application? Maybe Windows Sidebar, ...

The Office 2007 story of Ribbon link

Apr 1, 2010

Add aspx page to SharePoint WebPart

When developing webparts in sharepoint we are limited in various ways, unleash the complete power of asp .net / visual studio by creating asp .net user controls and wrapping it in a webpart.

Objective: Encapsulate asp .net user control (.ascx) in a webpart, with complete wsp deployment.

WebPart The above visual studio solution will work as a template to quickly create the asp .net user control and wrap it inside a webpart.

Steps Use the template (source code link at the bottom of this blog post) and create asp .net user control webpart for SharePoint.

1) Open Visual Studio

2) Create Asp .Net Web App Project

Click Here to download the Visual Studio 2005 Web Application Project Preview (RC1) link,

3) Delete Default.aspx

4) Create a folder/file structure similar to

5) Copy files as shown below

6) Strong sign the key under properties

7) Change the namespace in all the .cs and ascx files in the project and also modify the properties of the solution as shown below

8) Copy the contents of the following file from the downloaded project template to the project you are creating

Files are:
CreateSolutionPackage.cmd
JQueryWebPartDemo.ddf
Manifest.xml
Elements.xml
Feature.xml
Main.cs
JQueryWebPartDemo.dwp
WebUserControl.ascx
WebUserControl.ascx.cs

Change the namespace, solution id (new guid), public key token (in further steps down), feature id (new guid) in all the above files

Names are kept similar to make sure; the replacement is easy across the files

9) Build the project and go to the bin folder

10) Use "Visual Studio Command Prompt" (Start >> Microsoft Visual Studio 2010 >> Visual Studio Tools >> Visual Studio Command Prompt (2010))

11) OR In case you aren't using the VS Command prompt, you can locate sn.exe at %ProgramFiles%\Microsoft SDKs\Windows\v7.0A\bin\sn.exe

12) sn -T "C:\Documents and Settings\seimossadmin\Desktop\sp.test.wp\sp.test.wp\bin\sp.test.wp.dll"

and update the public key token in all files as required

9) Web Part file, the highlighted portion is public key token of the dll

10) The part in red box should be modified (similar to web.config safecontrol entry)

11) Change all guid’s like solution, feature

12) Under Properties> Build

17) Build the Project

18) Go to the folder where you have setup.exe in the project folder

19) Change the setup.config.exe for correct wsp name and solution id.

20) Run CreateSolutionPackage.cmd

21) Run Setup.exe and install.

22) Make sure wsp timestamp is the latest

You Tube Link:

1) Implementation Doc

2) VS 2005 Doc

Download the user control webart source code or example link,

Happy Coding ...

App pool recycle or IISReset and Running Warmup Script

IIS Application Pool Recycle: Is Warmup script accessing home page only enough?

IIS App pool generally gets recycled once a day, to make sure the end user access to site in terms of performance doesn't drastically degrades, we need to have caching as well as warmup script setup correctly.

FACT:
Warmup script should hit the most frequently accessed pages of the sites instead of just accessing the site collection or home page.

REASON:
So that after the app pool recycle / iisreset the cache is created again and subsequent access of the site pages are retrived from the cache as applicable, instead of building the cache and slowing down the pages access further after the iis reset / app pool recycle.