One of the first tasks in a server farm is to configure each server in the farm with appropriate services. This task is performed with the “Services on server” option under the “Topology and Services” section in the Operations page. SharePoint 2007 has five different roles that can be used to configure a server within the farm. Selecting a role enables the different services to perform that role’s activities. Some of these services require further configuration. SharePoint Server 2007 provides a services indicator that displays the status of the service. Figure 23-2 depicts the different roles available to a given SharePoint server.

In order to enable alerts and notifications, Office SharePoint server requires an outgoing email server. To configure an outgoing email server, select the Outgoing Email Settings option under the topology and services section of the operations page.

Figure 23-2. SharePoint Services on server

SharePoint 2007 contains a new feature that allows email messages to be stored directly in SharePoint lists. To make this feature work correctly, there are several components that need to be configured. If SMTP service is running on one of the farm servers, SharePoint configures the settings for incoming email automatically. Using the Operations → “Incoming email” settings, the server should be configured to accept incoming emails. The Advanced option can be used to explicitly specify the options, in case SMTP service is not running on the server. The directory management service in SharePoint 2007 can be used to integrate the list’s email settings with the organization’s active directory. When enabled, the directory management service creates an account for the list in the active directory, thereby allowing users to search for email-enabled SharePoint lists using the address book. The SPTimer service polls the mail drop folder and routes the emails to the appropriate lists. Figure 23-3 depicts the email configuration settings under the topology and services section in the operations page.

Once the email settings have been configured, the SharePoint list needs to be mail-enabled to accept incoming emails. The list settings page provides an option for configuring incoming emails for the list. This option is available only if the server has been configured to accept incoming emails. To set the list to receive emails, set the “Allow this document library to receive emails” option to Yes and provide an email address that users will use to send emails to this list. The configuration page also provides options for saving attachments, saving the original email files (.eml), saving meeting invitations, and specifying security (i.e., who can send emails to this list). Figure 23-4 depicts this page.

Figure 23-3. Configuring Incoming Email Settings

Figure 23-4. List incoming email settings page

The Operations → Antivirus option under the Security Configuration section allows administrators to apply antivirus settings, such as scanning documents on upload and download. Antivirus software is not included in Office SharePoint Server 2007, and so antivirus software specially built to support SharePoint must be installed on all front end web servers. For example, Microsoft provides Fore Front Security for SharePoint, a separate antivirus software specially designed to integrate tightly with SharePoint Server 2007. More information can be found at http://www.microsoft.com/forefront/serversecurity/sharepoint/download.mspx.

The Operations → Blocked File Types option under the Security Configuration section allows administrators to configure which file types need to be blocked from being uploaded into a SharePoint library. The list of blocked file types is maintained on a per–web application basis. To add new file types to the list, scroll to the bottom of the list and add each file type in a separate line.

SharePoint 2007 introduces a new policy-based system to manage documents. The idea is to create a policy based on certain features—such as barcodes, auditing, and labeling—and then associate a content type or library to a policy, thereby forcing the documents to follow the guidelines defined in the policy. The Operations → Information Management Policy Configuration page under the Security Configuration section allows the administrator to manage the features that could be used in a policy.

Office SharePoint Server 2007 comes with four different policy features:

There are three steps to implementing an information management policy:

Information management policies are created at a site collection level. To create one, navigate to the Site Settings page of a site and choose the Site Collection Policies link under Site Collection Administration. Once a policy is created, it can be associated with a library or a list by navigating to the settings option of the library or list and then selecting the Information Management Policy Settings link under “Permissions and Management.” Click New to create a new policy. Figure 23-5 shows a policy creation page.

The Operations → Information Management Policy Usage Reports option under the “Logging and Reporting” section in the operations page can be used to configure reporting on a site’s information management policies. The reports are configured on a per–web application basis and can be scheduled. Figure 23-6 shows the Information Policy Usage Reports configuration page.

The Operations → "Usage analysis processing” option allows the administrator to configure the SharePoint usage reporting service. Once configured, the service provides different categories of reports, such as summary, users, destination pages, search results and queries, and requests. This service allows administrators and users to monitor and query site usage statistics such as:

In order to configure the usage analysis reporting service, three different components need to be configured:

Figure 23-5. Information management policy creation page

Figure 23-6. Information Management Policy Usage Reports configuration

Figure 23-7. Office SharePoint Server 2007 Usage Reporting Configuration

Once configured and processed, the Site Settings → Site collection usage reports option can be used to view the reports. Figure 23-8 depicts the reporting page.

Figure 23-8. Usage analysis reporting page

Using the Operations → Alternate access mappings option under the Global Configuration section, an administrator can configure multiple URLs for a given web application. Each web application can be configured with different URLs for the default, intranet, Internet, custom, and extranet public zones. To configure public URLs, choose the Edit Public URLs option from the Alternate Access Mapping page, and then select the web application to configure. Figure 23-9 depicts the Alternate Access Mapping page.

Figure 23-9. Alternate access mapping

Office SharePoint 2007 provides different options and utilities for performing backup and restore. A backup and restore strategy should be planned, taking into consideration the different options, the strategy’s pros and cons, and other environment settings. A new feature in SharePoint 2007 is a two-phase Recycle Bin, which users and administrators can use to restore deleted content from the Recycle Bin.

This section focuses on the different backup and restore options available in SharePoint 2007. To perform a successful backup and restore, Office SharePoint Server 2007 requires that the SQL server account have read and write privileges on the backup folders.

The Central Administration → Operations page provides a GUI-based mechanism to perform backup and restores at a web application or farm level. One drawback in using this interface is that the backup operation cannot be scheduled. To perform a scheduled backup operation, a command-line utility called STSADM (located in the “12 hive,” which is <install location>Program FilesCommon FilesMicrosoft SharedWeb Server Extensions12in) can be used in a script, which can then be scheduled. In addition these two options (Central Administration and STSADM), third-party utilities also can be used to perform the backup and restore.

Backup and restore can be performed at different levels:

While performing backup and restores it is important to remember that custom Web Parts, custom component files, and settings are not backed up. To perform a successful restore, these components should be explicitly installed and configured.

As mentioned before, the Operations → “Perform a backup” option under the "Backup and Restore” section of Office SharePoint Server 2007 allows administrators to back up web applications, web application content databases, shared services content databases, and the configuration database. The page allows the administrator to choose either a specific web application or the entire farm for backup. To perform a backup of a web application, select the web application from the list presented; SharePoint 2007 automatically selects its content databases. In the next page, choose whether the backup performed should be full or differential, and provide a location for the backup file. Figure 23-10 shows step 1 of the backup operation.

Figure 23-10. Backup step 1, selecting a component to back up

This procedure creates a set of files in the backup folder specified. To restore the portal from this backup, use the Operations → “Restore from backup” option. Specify the location of the backup file in step 1, and then step 2 will display the components available for restoration. Figure 23-11 displays this page.

Step 3 will display the available content database(s) for the web application to be restored. Step 4 provides the information to specify whether the restore should use the settings when the backup was performed (this will overwrite the web application) or restore the backup with a new configuration. Choosing the later requires a new web application name, URL, physical file location, and content database names. Figure 23-12 shows this page.

The Operations page also has sections for configuring the upgrade and migration of sites from WSS 2.0 and MCMS sites. Another available section is for configuring content deployment settings, which are required for publishing portals and sites.

Figure 23-11. Step 2, select a component to restore

Figure 23-12. Specify component restore settings

In addition to these sections, there are certain other options that have not been discussed in this chapter, such as configuring single sign-on settings, diagnostic logging, and solution management, all of which are optional configuration elements. Information rights management, although not a required configuration, can be useful in protecting content. The following section briefly discusses this option.

Microsoft Office SharePoint Server 2007 supports Information Rights Management (IRM) at a list or library level. IRM allows administrators to limit the actions that authorized users can perform on specific document types. It can be used to prevent unauthorized users from copying, modifying, and printing the documents’ content. IRM uses a file format–specific protector to manage the rights for files within a SharePoint list or library. IRM requires the following additional software:

To configure the server with IRM, use the Operations → Information Rights Management option under the Security Configuration section. Once the server is configured, the List/library settings → Information Rights Management link under the “Permissions and Management” section can be used to apply specific security settings. For the Information Rights Management link to appear, IRM must be first configured at the server level.

The Application → “Create or extend web application” option under the SharePoint Web Application Management section is used to create and configure web applications. A web application by itself is essentially an empty container and needs to be provisioned with site collections or with a shared services provider.

To create a web application, use the “Application management” → “Create or extend web application” option. This page has options for creating a new IIS web site or using an existing one, creating a new application pool for the web site or using an existing one, options for a security provider for the web application, and specifying the database server and the content database name. It is a good practice to isolate each web application into its own application pools. To create a web application, follow these steps:

Figure 23-13 displays the new web application page.

Web applications can also be created and mapped to other web applications. The extended web application exposes the content of the mapped web application. This way, a different authentication mechanism can be used for internal users and people from other domains or the Internet. To extend a web application, select “Create or extend a new web application” → “Extend a web application.” Choose the web application to be mapped in the “Web application” section, and choose the application pool and security configuration as before. Since the extended web application exposes the content of the mapped web application, it does not have a content database of its own. Figure 23-14 depicts the page for extending a web application.

A web application hosting site collections needs to be associated to a SSP; therefore, SSP should be created prior to creating other web applications. A Shared Services Provider (SSP) provides services such as My Site, audiences, Office SharePoint usage reporting, search, Excel services, and the business data catalog. A web application hosting site collections is associated with one SSP, whereas a given SSP can serve multiple such web applications. To host the SSP, a web application is required. One special requirement for a web application hosting the SSP is that network services cannot be used as the application pool identity. SSP also requires another web application to host the MySite.

Figure 23-13. Creating a new web application

Figure 23-14. Extend a web application page

To create a shared services provider, choose Shared Services Administration → New SSP from the Central Administration page. Follow these steps to create a new SSP:

Figure 23-15 depicts the New Shared Services Provider page.

Figure 23-15. Changing SSP association

As mentioned before, each web application that hosts site collections requires an SSP. Each SSP can host multiple web applications. The association between the web application and the SSP can be changed using the Shared Services Administration → Change Association page. If there are multiple SSPs configured, you can choose the SSP in the drop-down list, choose the web application(s) that need to be associated with the SSP, and then click OK. Figure 23-16 depicts the change association page.

The Application Management → Define Managed Paths option under the SharePoint Web Application Management section is used to define a managed path on a per web application basis. A managed path defines any custom paths in the URL that could be used by the site collections in the web application. A managed path can be either included (wildcard inclusion) or excluded (explicit exclusion). Wildcard inclusion is useful to create custom paths for site collections. Explicit exclusion could be used for custom web site applications under the SharePoint web application; in this case, the web application path is managed by SharePoint, but the custom web site path is not. To add a managed path, follow these steps:

Figure 23-17 shows the managed path page.

Figure 23-17. Managed path page

Application Management → Web Application General Settings page can used to perform general web application settings such as setting the time zone for the web application, enabling or disabling RSS feeds and alerts, setting space quotas for site collections, defining the maximum upload size, and entering the Recycle Bin settings. To configure the general web application settings, choose “Web application general settings” from the “Application Management” page, and choose the specific web application for which to configure the settings. Figure 23-18 depicts the Web Application General Settings page.

To create a site collection using the Application Management → Create Site Collection page, follow these steps:

Figure 23-19 depicts the site collection creation page.

Figure 23-19. Site collection creation page

Quota templates are used to define space limitations for site collections. They are defined at the server level and are applied while creating a site collection, using the web application general settings or using the site collection quotas and locks option under the SharePoint Site Management section. To create a new quota template, follow these steps:

Figure 23-20 depicts the quota template creation page.

Authentication providers for web applications can be configured using the Application Management → Authentication Providers option under the application security section. This option can be used to configure or change the authentication type, enable/disable anonymous access, and change the IIS authentication settings to use NTLM or the Kerberos authentication protocol. Figure 23-21 shows the configuration of the authentication provider for the web application.

Figure 23-20. Quota template creation page

Figure 23-21. Configure authentication provider for web application

Using the Application Management → Workflow Settings page, configure the workflow settings, such as notifications for internal and external users and allowing user-defined workflow options for a given web application. Figure 23-22 shows the Workflow Settings page.

Figure 23-22. Workflow Settings page

The application management page includes other options for configuring web applications and for site collection management. Besides these administration options, the application management page also includes configuration settings for the InfoPath Forms services, external service connection, and search service.