Configure Form Based Authentication in SharePoint Server 2010.

Form Based Authentication is used by all of companies who have deployed SharePoint site over the internet or they have the SharePoint sites published. Form Based Authentication is a feature provided by ASP.NET 2.0. As the name tells that it gives you a form for authentication when you try to access the SharePoint site (similar to a pop-up box that you get when you access the SharePoint site using the Windows authentication).In SharePoint the authentication happens in the IIS and the authorization happens in SharePoint depending on the permission given to ths user.The Form Based Authentication is widely used when the people accessing your site are not the part of your Active Directory (AD) or basically not the part of your domain and at the same time you have a requirement telling that you would like these people (who are not the part of AD), when they try to access the site they would be authenticated. The only way possible is by storing the user credentials in a repository ( other than AD ) and telling SharePoint to use that repository as the authentication provider. In MOSS 2007 we could store the user credentials in AD , ADAM (Active Directory Application Mode) and in SQL Server. For SharePoint to use the Form Based Authentication (FBA) we have to do some amount of custom coding. So if you are familiar with the configuration of FBA in MOSS 2007 this post should not be very difficult to follow. Next I would discuss the steps that took to achieve the FBA in SharePoint Server 2010 using SQL Server to store the users.

• To start configuration form based authentication create a new web application and choose the Authentication as Claim Based Authentication. 
• Choose the new IIS Site and mention suitable port number or mention the host header. If the host header is specified then remember to add  A-record in the DNS.
• In the security configuration section choose NO for allow anonymous access and for the use of SSL.
• In the Claims authentication types tick the "Enable Windows Authentication" and under that choose NTLM in the Integrated windows Authentication.
• Next check the "Enable Form Based Authentication" and under that mention the name for ASP.NET membership provider name and the ASP.NET role manager name. I gave sqlmember and sqlrole respectively.
•  Leave the other options to the default and Click OK and create the new web application.
• Also create a site collection using a suitable template.

Now we need to create a database in SQL Server in which we would be storing the users credentials. For that you need to go to C:\windows\Microsoft.Net\Framework\v2.0.50727 and there look for a exe called aspnet_regsql. Double click on the exe and a wizard will pop up. Click next on the first and second screen of the wizard. In the third screen enter the SQL Server name and leave the database name to default.Click next and then you would have created a database that you talk to a ASP.NET Application.The created database name would be aspnetdb. Now we need to create the users in the SQL Server. You can either write a application or code that helps you do this or use a tool (like I do) and create the users easily. The tool that I use is called Membership Seeder . This tool is available at http://www.codeplex.com/ . You will find many other similar tools in this web site. Any tools used from codeplex site in production is not supported by Microsoft. This tool is basically used to create dummy users in the aspnetdb. I will not cover how to use the tool as the instructions are given in the site where you download this tool. By the way this tool is FREE. Once the users are created then we need to deal with the coding aspect of the configuration.We need to make chances in three web.config file and they are:

1. The newly created Web Application.
2. The Central Administration Web Application.
3. The Security Token Service Application.

So lets start of with the central administration web.config file, which can be found in C:\inetpub\wwwroot\wss\VirtualDirectory and here double click on the folde with an usual number. In my case the folder name was 23018. All other virtual directory except central administration virtual directory would have the servername and the port number or the host header name and the port number. After opening the CA folder, create a new folder and take the copy of the web.config file and save it inside the new folder. This step is very important as you are taking the backup of the web.config file which is the most important file for the web application. Once you have backup copy of it then open the web.config, which is a XML file. It is preferable to open in Visual Studio as it easy to edit in it. If you dont have VS then it can be opened in notepad as well. Inside this webconfig file search for the "system.web" tag .Once you find it you need to add the CODE1 above the tag "system.web" and CODE2 below the tag "system.web".

CODE1

CODE2
One you have done the above, save the file and close it. So the CA web.config file is done. Next lets go to the STS (Security Token Service ) service application web.config file. The easy way to get to the STS web.config file is open IIS Manager. Expand the sites section and then expand the SharePoint Web Services section. There you would find the SecurityTokenServiceApplication, click on it and open the content view (content view option is avalable in the middle section at the bottom of the IIS Manager). Next click on explore option from the Actions Sections (the rightmost section). Or just follow this path : C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken. This will lead you to the web.config file of the STS service application. Again do not forget to take the backup of this file before making any chances to it. Then open the web.config file. In the STS web.config file you will not find the tag "system.web". Hence we need to opening the closing tages of the "system.web". (Refer the snapshot) .So we need to add the CODE1 above the "system.web" and the CODE 2 just below "system.web". So the entire set of code would look like the following:

I pasted the entire above code under the closure of the tag "system.net" in the STS web.config file. Now the last place where we need to do the coding is the web.config file of the newly created web application. But making modification in this web.config file is slightly different as we would already have the tags for and . Hence we need to be a bit more careful here. So open the virtual directory of the newly created web.config file by navigating to C:\inetpub\wwwroot\wss\Virtual Directory\ .Once opened take the backup of the web.config file by creating a new folder and pasting a copy of the web.config file in it. Open the web.config file and search for the membership tag defined. You will see that we already have the membership and the rolemanager  providers in the web.config file. We just need to add our membership and roleprovider entries. In the below snapshot I have highlighted the code snipnet that you need to add in the web.config of the newly created web application. Also notice that the rolemanager provider and then the membership provider.

We also need to add the CODE1 as well. Remember that you add above the and this SHOULD be above the and provider that you just added. The best way is to find the first occurance of the "system.web" in the web.config and add the CODE1 just above it.

Once the above things are done then the hardest part is finished. Now we need to the CA site,click on the Manager web application, choose the newly created web application and then click on User Policy. You would get a pop-up box. Click on Add Users and then choose the zone ( in our case it is the default zone) and then add users. These users are the one that you created using the Membership Seeder tool are are available in SQL Server aspnetdb database. If the user name gets resolved then the code is working fine. Next type the URL of the newly created web application and you would get a new form where in the drop down you would have two options. 1. Windows Authentication and 2.Form based Authetication. Choose Form Based Authentication and you would be given another form to add the username and the password. Put the username of the user present in the aspnetdb and the associated password. Then you would be able to login in and hence you have successfull configured form based authentication.

Hurry!!!..Finally Done!!....

Content Type Publishing in SharePoint Server 2010

This particular post has to do with the improvements in the concept of Content Types in SharePoint Server 2010.

So before going into the improvements of content types, lets first discuss what are content types and the limitations of it in MOSS 2007. Content Types are used when you would like a document library to give you the option to create an excel sheet, a word document , a powerpoint presentation etc when you click on the new option. Content types enable you to store multiple different types of content in the same document library or list. For example : You have created a single document library for your sales and marketing team .The sales team have their own word template and the marketing team have their own word document but you want them to use the same document library and both the team should get the option of creating their own document depending on the template suitable for their needs. For more information on content types, please refer the following two links:

• Introduction to content types
• MSDN - Introduction to content types

(In this post I will not discuss how do you create the content types and explain the scenario's with regards to MOSS 2007)

Now lets talk about the limitation. In MOSS 2007 the content types were limited to the site collection level. That means, if we create the content type and would like to use it in another site collection it was not possible out of the box. We would have to do extensive customization to achieve it. But in SharePoint Server 2010 there limitation has been addressed and now we can publish the content types in one site collection and use them in another site collection. So now lets directly go ahead and see how we can do the publishing of the content types:

• Create a site collection. For example I created a site collection called http://roshan-pc which is running on port 80.
• Next we need to enable one of the site collection feature called the "Content Type Syndication Hub".
• Once enabled you need to go to the CA (Central Administration ) site and click on manage service application which is under the Application Management section.
• In SharePoint Server 2010, the content types are part of the Managed Metadata Service.Hence click on the managed metadata service in the service application page. Remember not to click on the name "Managed Metadata Service " as its a hyper link and it will take you to the Term Store Management page. Just click beside the name and then click on the properties tab present in the same page ( in the ribbon).
• Once you clicked, you would get the pop up box.Scroll down to the end and there would be asked for the site collection URL which would be the content type hub. I typed http://roshan-pc and also it is recommended that you choose the option that tells "Report syndication import errors from Site Collections using this service application."
• Then you will be directed back to the Service application page and now you need to select the Managed Metadata Service Proxy/Connection which is just the metadata service. Again do not click on the name. Click on the proxy and click on properties (available in the same page in the ribbon).
• You would be given a pop-up box where you need to check mark the third option which tells "Consumes content types from the Content Type Gallery at http://roshan-pc " (in my scenario).
• Then the publishing of the content type has to be done by going back to the site collection http://roshan-pc and there create a content type. I created a new content type called PRODUCT with the site columns as Product Name and Product ID.
• Once done with you get to see an option in the same content type page called " Manage publishing for this content type" (Under settings the last option)

• Click on that and you would be prompted to publish the content type. Click OK.
• Next create another site collection which can consume the published content type (In my case I created a site collection called http://roshan-pc:81/ 
• Next need to start two timerjobs which are responsible for the publishing of the content types for which you need to go to the CA site and click on Monitoring.
• There you will find a link for Review Job defination.Click it.
• Now you need to start two timerjobs. First one called "Content Tyep Hub", just click on this timerjob and Click Run Now.
• Next you need to choose the second timer job called " Content Type Subscriber". Notice that if you have created two web application that you will two timerjob of the same type. Choose the one where you would be consuming the published content type. That is http://roshan-pc:81
• Now go to http://roshan-pc:81/ and then to the site content type you will find the content type present there that was published fron the site collection http://roshan-pc/

One very important point to remember here is that if you use two different which are in two different web application then those two web application should be associated with the same Managed Metadata Service.

More on content types in the same post very soon.....

Installing SharePoint Server 2010 on Windows 7

I am back with another post.

This post is regarding the steps that you need to consider if you want to install SharePoint Server 2010 on Windows 7. Yes, SharePoint can now be installed on windows 7 and on windows vista as well. This provision is given for developers only who can test and build application or tools on top of SharePoint Server 2010. SharePoint Server 2010 running on any client OS is not supported in production.
The product team came up with this idea because with MOSS 2007 we got not install the product any client O.S and the developer who did not need a server OS for their developement, had to install Windows server 2003 or Windows Server 2008 and then work with MOSS 2007.

So now lets see how we can install Windows 7:

• First decide the OS on which you would like to install SharePoint Server 2010. This blog is for installing SharePoint Server 2010 on windows 7 (64 bit).
• Put the media and open the setup file location.
• Open the location  "C:\SharePointFiles\files\Setup\config.xml".
• Add the following xml code : "Setting Id="AllowWindowsClientInstall" Value="True"  (at a look at the snapshot)
• After adding the xml will look like the following. The snapshot is related to SharePoint Server 2010 and not SharePoint Foundation 2010 (the new name for WSS 4.0). The above code is case sensitive and hence maintain the same case.

•  Next step is the longest and the most important one. While you are installing SharePoint Server 2010 you will not be able to run the Pre-Requisite Installer as it will only run on Windows Server 2008 with SP2 and Windows Server 2008 R2. So you need to download and install all the prequiste manually. To make it easy to find all the pre-requiuste at a single place please follow this link .  You will find all the pre-requistes here.
• Once the pre-requistes are done then you need to make your IIS ready on Windows 7. For that we have given a script that you can find in this location . Or the way I did was to enable the IIS first from command line and send enable the features manually. Below is the screen shot of the features that I enabled manually.

• Once this is done click on the setup.exe which you find in "C:\SharePointFiles\Setup.exe".
• You can choose Standalone or Advanced Option ( to choose complete) depending on how much resources you can give for SharePoint. I choosed Standalone for two reasons. 1. I did not have a full-blow SQL Server 2. My laptop on which I am installing has only 4GB RAM.
• Its left to you on what you want to choose.
• Once done with the first phase of installation, then you need to install the SQL Server 2008 KB 970315 x64 . Its the Cummalative Update 2 for SQL Server 2008 SP1.
• Then complete the configuration wizard and yes you are done.

Enjoy Sharing on Windows 7.

Visio Web Access

Visio Web Access is another new web part in SharePoint Server 2010. As the name is similar to Excel Web Access, it also has the same functionality as Excel Web Acess but with respect to Visio. If the pervious statement is confusing it will be clear by the end of the post.

Visio is used in most of the companies when it comes to network design or if they want to have a pictorial representation of the infrastructure. For Example: If the company manager wants to know who the servers in his company are connected to one-another and would also like to know the where the firewalls are placed, where do they have Ethernet switches etc. visio is the tool used to give him the answer. Most of the work in visio (as far as I know) is done connecting the items in the visio page. It also gives us real time information.Say we have created a visio diagram for tells us details or SharePoint environment and say our Database server is down then we can configure the visio diagram to show us a RED color on the Database server.

Now lets see where and how can we use Visio in SharePoint. If visio file can be put into a SharePoint Site as a web part and if that visio shows us the status of all the servers of the company then wouldnt ot be great. The Network Administartor would easily come to know which server has the problem or which server is misbehaving and get it fixed. So keeping this in mind we developed the visio web access web part which helps us to put the web part anywhere in the SharePoint site and then have the visio present in that web part.

Now lets discuss that steps to achieve the visio web access:

• In Visio 2010 (Beta) create a network diagram ( a simple one)
• Next it is very important to save it as vwi file.
• Upload it into one of the document library.
• Next go to a page, click on edit page, click new web part and choose visio web access.
• Once the web part is added, then will click on modify edit web part. In the Diagram URL put the URL of the vwi (visio) file.
• Click Apply and OK.

If you have done all the above steps you should be done with the visio in the web part. You will also see that there is a zoom-in and zoom-out option.

Enjoy it!! :)

Conceptual Understanding of SharePoint Server 2010 Search Architecture - Part 1

Enterprise search is one of the key selling points of MOSS 2007 but at the same time this feature had its own problems.Before we go into the New Search Architecture of SharePoint Server 2010 lets just talk little bit of MOSS 2007 Search so that understanding of the SharePoint 2010 search becomes easy.

The MOSS 2007 Search architecture mainly consists of two main components: Query Server and the Index Server. The index server was the one which would take the content source(s) as its input and would generate content index. This content index would be stored in the index and also will be propogated to the query servers. This propogation is real-time which means that as soon as the index is created for an item, a copy of the index would be sent to the query server also.The role of the query server would be to get the request from the end user, hit a query to the local content index that it has and give back the user with the right set of results.In SQL Server there would one important database related to the search known as SSP_Search_DB which had all the information except index itself because the index would get stored in the file system and not the database.Also I would like to highlight that the keyword and bestbets that you configure from the site collection administration section (in site actions -> site settings, within a site collection) is stored in SSP_database and not the content database.Talking about the problem that this architecture had was the single point of failure of the Index server. We just could not find a easy solution (or rather no solution ) to provide redundancy to the index server. No easy failure over mechanism for the index server.

Now lets jump into the Search in SharePoint Server 2010. So when we started designing the search for Sharepoint 2010 we realized that index was one role/engine that did most of the job of the search and also searching infomation in a large index is also difficult ( it would not give split second search results to the end user). So the answer for both the questions were break the index into smaller and distribute them.This would give us redundancy,if we want to, and also searching in smaller chunks of data is much faster than searhing in a large file.So before proceding further I would like to make some terms clear which may be new and also confusing :).

•  In SharePoint Server 2010 we call the index server as the CRAWL server or crawler .Crawl Server primary role is same as index servers' role i.e., to index the data and create/prepare the index. So going forward I would be addressing the index role/engine/server as crawl(ing) server.
• The huge index file that was generated in index server in MOSS 2007 is broken down into smaller chunks and are known as INDEX PARTITION.
• Query Component and Crawl component are two more new terms.I will be explaining about these terms later in the post but from the term names you can guess that query component has to do something with quering the index partition and the crawl component is used to crawl (used to index).

In SharePoint Server 2010 when you create/configure the search service application, in SQL Server 3 databases get created. They are:

• Administration database.
• Crawl database.
• Property database. 

Administration database is more like the SSP_Admin database. The crawl and property database are again something new in SharePoint Server 2010.

• Crawl database : It would have all the information except the index itself in the database like crawl log, crawl properties etc..
• Property database: Property database would hold the properties associated with the data that is being crawled. Such as the rating information,tags,notes etc.. Basically the metadata associated with the content.

So lets start from basic and simple example.
Once you have created the search service application, click on the search service and you will be see the below screen

Crawl component and the query component can be put on two different servers/machines.

The crawl component is the one that would crawl the content source(s). and create the index partition.Once the index partition is created,the crawl component will send the created index partition to the query component or the query server.When the request comes from the end user the query component would look into its index partition and send back the result. Its important to note that the crawl component will NOT store index with it. As soon as the crawl component prepares the index partition it sends to the query component or the query server.Only the query server hold the index parition with them. At the same time we can multiple crawl components to crawl multiple content sources. Also every crawl component should be associated with one crawl database because the crawl component would write into that database the details about the crawl.We can also have multiple query components.

So before proceeding further, let me show what are the components that you can create in Search:


 As you see that we can create multiple crawl component, multiple crawl database, multiple Index partition and query component and also multiple property database.

Now lets discuss when and how can be make use of multiple query components.Lets take an example: Say we have a large content source and we have a crawl component crawling the content source.At the same time we also have 2 query components.So here when the crawl component crwals the content, it creates the index partition and also it sends the index partition to both the query component. Its a real time propogation.When the Web Front End gets the user request, it sends the request to both the query component and the results are displayed. (for better understanding on how web front end interacts with query, refer my previous blog here )

More on Search every soon....