Chapter 1: What’s New in SharePoint 2010

What’s In This Chapter?

• New installation and upgrade features
• Changes to Central Administration
• The impact of the Ribbon

It’s been said before, but these are exciting times. We don’t yet have the flying cars we were promised years ago, but we have SharePoint 2010. Seems like a fair trade. When flying cars do come around, I’m sure they’ll be complicated to use at first. SharePoint 2010 is the same; it’s a little complicated under the hood. Consider this book your mechanic’s guide. The next several hundred pages will cover the deep technical details that SharePoint administrators will need to get SharePoint 2010 up and running and purring like a kitten.

This chapter serves as a jumping-off point. It covers some of the bigger changes that SharePoint 2010 has to offer. It’s a teaser to really get you excited about SharePoint 2010, from the administrator’s point of view. Once your appetite is whetted, you can read up on these topics in more detail in later chapters, which provide the nitty-gritty details of SharePoint 2010’s functionality. There’s a lot to get excited about, so we’d better dig in.

Installation

Of course, before you can see any of the great new things that SharePoint 2010 can do, you have to install it. This section covers what’s new in the SharePoint 2010 installation process.

System Requirements

Before you can install SharePoint 2010, make sure you meet all of the system requirements. The minimum requirements for installing SharePoint 2010 are a 64-bit operating system running either Windows Server 2008 with SP2 or later or Window Server 2008 R2. The OS will need at least .NET 3.5 with SP1 installed as well. On the database back end, SharePoint 2010 requires SQL Server 2005 with SP2 or later or SQL Server 2008. SQL must be 64-bit also.

There is no 32-bit version of SharePoint 2010, not even for demonstration environments. It’s all 64-bit now. Fortunately, any hardware on which you would install SharePoint 2010 these days is 64-bit capable. The 32-bit environment is comfortable, like an old pair of shoes, but now is a great time to move to 64-bit if you haven’t already. In addition to being necessary to run SharePoint 2010, it also brings a lot of benefits like better CPU utilization and support for RAM over 4GB. Once you start using SharePoint 2010, you’ll see why that last point is very important. 4GB is the bare minimum of RAM necessary to make SharePoint 2010 bearable to use, and 6GB is a better starting point.

Installation Options

After the hardware and software is squared away it’s time to start installing some SharePoint bits. The installer has gotten a facelift and boasts a number of improvements. The process is kicked off with the friendly splash screen shown in Figure 1-1.

Along with installing the SharePoint 2010 software, the splash screen has links to other activities. The first group of links is documentation to help prepare for the install. This includes guidance on hardware requirements as well as install and upgrade guides. You might be tempted to skip them, since you already have this book. However, these links are dynamic, so they will always have the latest information. We’re flattered you bought the book, but you should read those guides anyway.

The second section of links installs both the SharePoint 2010 bits themselves and any software prerequisites your system needs. The prerequisite installer is a really great tool and a welcome addition to the install process. It will not only download the current version of any software SharePoint 2010 relies on, but also install and correctly configure IIS and other components on your server. It supports both an unattended mode and installing the prerequisites for a local location, removing the need to get them from the Internet.

The second link in this section starts the setup for SharePoint 2010. The install process itself isn’t very different from the SharePoint 2007 install process we all know and love. It supports the standard guided GUI install as well as the same scripted install options that SharePoint 2007 did. You can script the installation of the bits by passing the setup process a Config.xml file with all your settings. You can then script the configuration of SharePoint 2010 with PowerShell.

While installing SharePoint 2010 is very similar to installing SharePoint 2007, there are a couple of new twists. First, the install requires a farm passphrase. Just like it sounds, this passphrase is needed to add or remove a server from a farm. This passphrase is then used as the basis for encryption between farm members. SharePoint 2007 used the install account for some of this functionality, but problems arose if the user who installed SharePoint wasn’t available later. The passphrase addresses that issue.

In addition, the installer now checks for a couple of Group Policy Objects (GPOs) before it installs. For example, there is a GPO that can be used to block SharePoint installations. This enables a company to control the proliferation of SharePoint farms in its environment. The installer checks this GPO to verify that it’s OK to install. If it is, then the install checks for the presence of another GPO that assigns SharePoint servers to a specific Organization Unit (OU). This enables a common set of settings for all of your SharePoint 2010 servers, and makes it easy for administrators to keep track of all the SharePoint farms in their environment. Chapter 4 covers installation in greater depth.

Upgrade and Patching Options

Not everyone will be new to SharePoint. Many people have poured a lot of sweat and blood into SharePoint 2007 farms. These farms are the backbones of their organizations. In order for SharePoint 2010 to make it into these organizations, the upgrade path will have to be clear and without a lot of roadblocks. Fortunately, Microsoft also invested a lot into the upgrade experience. They’re understandably proud of SharePoint 2010 and have gone to great lengths to ensure that everyone can install it.

The first glimpse we had of the SharePoint 2010 experience showed up in SP2 for SharePoint 2007. SP2 included a new STSADM operation, preupgradecheck. This operation interrogated your SharePoint 2007 databases and alerted you to any potential roadblocks on your upgrade to SharePoint 2010. It reports on the following key components of your farm:

• Servers and amount of content
• Search configuration
• Features
• Solutions
• Site definitions
• Alternate access mappings
• Language packs

It will also alert you to the following potential issues:

• Large lists
• Orphaned data
• Views and content types that use CAML
• Databases with modified schemas

The results of the upgrade check are saved to an XML file and an easy to read .HTM file. The check is read-only, and it can be run multiple times as you clean up issues it discovers.

Not to be outdone, SharePoint 2010 offers the same functionality, at least at the content database level. The PowerShell cmdlet Test-SPContentDatabase will interrogate both SharePoint 2007 and SharePoint 2010 content databases and determine whether they can be upgraded and added to a SharePoint 2010 farm. Like its older brother preupgradecheck, Test-SPContentDatabase does not make any changes to your databases, so you can run it without fear on your production environments.

Upgrade Methods

There are two upgrade methods for upgrading from SharePoint 2007 to SharePoint 2010: in-place and database attach. The in-place upgrade is just what it sounds like; it upgrades your SharePoint 2007 to SharePoint 2010 on your existing hardware. With the second option, you can attach backups of SharePoint 2007 content databases to a SharePoint 2010 web application and they will be upgraded automatically.

It may seem like the upgrade options are limited, but the true power lies in the details. Many downtime mitigation techniques are available that enable use of either of the two upgrade methods with limited downtime for end users.

The first downtime mitigation feature, support for read-only content databases, made its premiere in SharePoint 2007 SP2. This feature allows read-only copies of SharePoint 2007 content databases to be rendered while the actual databases are being upgraded. SharePoint will recognize that the database is read-only and will remove all UI elements that allow users to add or edit content. SharePoint 2010 also supports upgrading multiple databases simultaneously. This reduces upgrade time as long as the hardware, mainly the SQL servers, can handle the I/O needed to do the upgrades.

If that isn’t enough to keep the users happy, there is a second option. SharePoint 2010 supports redirecting traffic to an existing SharePoint 2007 farm during upgrade. This enables users to continue to use the same URL, but they are given a client-side 302 redirect until the content is available on SharePoint 2010.

Another feature that will make users happy is Visual Upgrade. Visual Upgrade allows sites upgraded to SharePoint 2010 to use the SharePoint 2007 master page and CSS. By default, upgraded sites will maintain the familiar SharePoint 2007 look and feel. A site administrator can view the site with the SharePoint 2010 interface before finalizing its upgrade. This enables time both for training and for fixing any pages that will not upgrade gracefully.

As if that weren’t enough, the logging experience is also better. Each individual upgrade event generates its own log file, which makes it easy to keep track of what happened. There is also an error-only log. This greatly reduces the amount of work it takes to determine what went wrong, in the unlikely event of an upgrade failure.

Patching

You can’t talk about upgrading without also considering patching, which is like a mini upgrade. Not to be outdone by the improvements to the upgrade process, the patching process has gotten some love in SharePoint 2010 as well. To give the SharePoint administrator some flexibility in applying patches, the patches can be laid down during business hours, but the corresponding database upgrades can be put off until a time when the downtime is less obtrusive. SharePoint 2010 is also more tolerant of rolling out patches to the members of a farm. While you won’t want to leave your SharePoint out of sync for days on end, things will run better in the long run if you leave them that way for a few hours to apply the patches.

How will you know if your SharePoint servers need patching, or your databases updating? Another new addition to SharePoint 2010, Health Rules, will alert you to these situations. Finally, the patching team has taken steps to reduce the number of reboots needed when patches are installed. If at all possible, processes will be stopped to allow files to be updated. While we are unlikely to reach a point when SharePoint doesn’t need to be patched, at least the process isn’t very painful. To find out more about upgrading and patching SharePoint 2010, turn to Chapter 5 where it is covered in stunning detail.

Central Administration

All these administrative improvements to SharePoint 2010 would be worthless if you couldn’t find the knobs and levers needed to make them work. Therefore, a lot of attention was also given to Central Administration. Much like the improvements made to the IIS 7 Manager, Central Administration is now more flat and wide, instead of deep. As you can see in Figure 1-2, instead of having two tabs across the top like it did in SharePoint 2007, Central Administration now has links to the most common tasks on the front page, and eight links on the left if you need to find tasks that aren’t exposed on the front page. This provides two immediate benefits; it makes things easier to find and it results in fewer mouse clicks to accomplish tasks.

To make this design workable, Central Administration has also embraced the Office Ribbon. Once you drill down to the object you want to work on, the Ribbon shows up on the top of the page with all the options for that object. Figure 1-3 shows the Ribbon in action.

This enables SharePoint to pack more administrative punch into each page in Central Administration. As mentioned earlier, this makes links easier to find and requires fewer clicks to find the tasks you want to accomplish. Another benefit is that you spend less time clicking from page to page to accomplish tasks.

On the front page of Central Administration is a heading for each of the eight main areas of administration, mirroring the areas in the left navigation pane. Under each of these headings are some of the common links inside each one. For instance, under the Backup and Restore heading is a link to perform a site collection backup (refer to Figure 1-2). If the task you’re looking for isn’t on the front page, click the heading, either on the front page or on the left navigation pane, to see all of the options. Clicking Backup and Restore takes you to a page that shows all of the backup and recovery options provided with SharePoint 2010 out of the box. The other sections behave the same way. The front page of Central Administration provides the general topics, while the full complement of specific options are available when you click the heading link.

Service Applications

Another exciting addition to SharePoint is Service Applications. If you have used MOSS 2007, then you may be familiar with its Shared Service Provider (SSP) architecture. The SSP was a central service that shared common resources with one or many web applications. This enabled SharePoint to do one crawl, for instance, but provide the search functionality to all the web applications in the farm without duplicating effort. The SharePoint 2007 SSP was an all-or-nothing affair. Your web app could only be associated with a single SSP, consuming all SSP services; and it was difficult, if not impossible, to delegate authority over different parts of the SSP.

Service Applications represent the evolution of the SSP. The SSP model had some pretty common pain points, which the change to Service Applications addresses. In SharePoint 2010, all the Service Applications are separate. Examples of Service Applications include Search, Profile Import, Business Data Catalog and Managed Metadata. This means they can be turned on and off as needed, enabling you to pick and choose only the ones you are actually using. This saves resources and reduces the attack vector. Service Applications can also be given their own permissions. This enables you to give one user the capability to manage Search without that user being able to do anything with the Managed Metadata Service.

Central Administration is security trimmed, so Service Application administrators will only see the Service Applications to which they have access. As an added bonus, Service Applications are available in all versions of the product. Windows SharePoint Services 3.0 did not have SSPs. They were only in the Search Server and MOSS SKUs of SharePoint 2007. In SharePoint 2010, all versions of the product benefit from Service Applications, though different versions will have different Service Applications available.

Chapter 7 covers Service Applications thoroughly. Jump on over there to see which Service Applications come with SharePoint 2010 and how to configure and manage them.

Windows Identity Foundation and Claims

It’s a complicated world we live in. We all have to access many different websites, and in most cases each one requires a different username and password. What’s worse is there is no way for them to know about each other and keep your information synchronized. If only there was a way to use one identity over many resources, or a way for many authentication sources to be used in one SharePoint farm. Good news; now there is.

SharePoint 2010 supports claims-based authentication, which is a powerful and flexible authentication model. Claims-based authentication works with a variety of identity systems, such as Active Directory, LDAP directories, and even LiveID. The glue that holds this all together is a product set known as Windows Identity Foundation, which enables users to have identities in different repositories and use them simultaneously to access different resources in SharePoint.

Each user gets a token from each repository that contains claims about that user. This is a step beyond just proving identity, or authentication, as we’re accustomed to with SharePoint 2007. A user’s token can also contain claims about the user. Think of it as user metadata. This might be the user’s manager, birthday, location, and so on. One of the advantages of using claims is its support for federation. That means if the appropriate trusts are put into place, companies can trust each other’s authentication providers and use their own credentials to log into another’s SharePoint farm.

Sound complicated? Well, it is. Fortunately, we devote an entire chapter, Chapter 9, to explaining claims-based authentication and how to use it with SharePoint 2010.

Health and Monitoring

Installing SharePoint 2010 or upgrading your current SharePoint 2007 farm to SharePoint 2010 is only half the battle. Keeping it running is the tough part. SharePoint 2010 includes a lot of functionality, which means a lot of moving parts. Like any good machine, someone has to keep an eye on all these parts to ensure that they’re working; and when they’re not working, be able to figure out why. SharePoint 2010 introduces several ways for administrators to keep an eye on how SharePoint is running, as well as ways for SharePoint to proactively keep an eye on itself, and in some cases fix itself if something is wrong.

Health and Monitoring has been given so much focus in SharePoint 2010 that it has its own heading in Central Administration. The left navigation pane in Central Administration has a Monitoring link that exposes all the new options available (see Figure 1-4).

Health Analyzer

The first option under the Monitoring heading is the Health Analyzer. This amazing piece of software is one way that SharePoint monitors itself. Out of the box, SharePoint Server comes with 52 definitions of behaviors that it knows can go wrong with a SharePoint server, like the C drive running out of space. Each of these 52 situations is written into a rule, and periodically SharePoint reviews these rules to determine whether SharePoint is in trouble. If any rules are triggered, an administrator can be alerted, and in some cases, such as heavily fragmented database indexes, SharePoint can just take care of the problem itself. Click the “Review problems and solutions” link to see what problems SharePoint has found with itself if you haven’t been alerted. The rule set is extensible, so new rules may appear in service packs or patches, and independent software vendors are able to write rules as well.

Timer Jobs

The capability for monitoring Timer Jobs was weak in SharePoint 2007 but it has also been substantially upgraded in SharePoint 2010, and you now have more granular control over the Timer Jobs. By clicking a definition, you can alter its schedule or disable it completely. You also now have the capability to run a Timer Job as a one-off when needed, without interrupting or changing the existing schedule. This is invaluable when it comes to troubleshooting. A new Timer Job Status page gives you real-time status information about running Timer Jobs. This page lets you see at a quick glance which Timer Jobs will be running next, which Timer Jobs are currently running, and the Timer Job history. If you want to drill down to any of areas, each has its own dedicated page as well.

Reporting

The final tab in the Monitoring section is Reporting. From this tab you can look back and see what SharePoint has been up to. A variety of reports are available here; there’s something for everybody. It’s your one-stop shop for SharePoint reporting. The first link is for Administrative reports. For example, a folder for Search reports enables you to see search metrics such as how long queries take, how long crawls take, and so on. This enables you to see potential problems with your environment before your end users start complaining about them. Another great aspect of the administrative reports is that they are extensible. They are stored in a document library, so you can upload reports of your own.

Another piece on the reporting page is the configuration for SharePoint’s diagnostic logging. Here you can set diagnostic levels and the location and number of log files that are created. You can also enable a new feature called Event Flood Protection, which keeps your log files from being flooded with rapidly occurring errors, instead dropping them after a few instances and then periodically writing events to the log to let you know the error is still occurring. This option makes the log files much easier to read and saves space as well.

Another set of reports you can use to keep an eye on your farm are the health reports. These reports surface the slowest pages in a web app, or on a server. Again, this enables you to be proactive by finding the problem pages in your farm before your end users get around to letting you know about them. Speaking of end users, those same health reports can tell you who your most active users are as well. If you want the full array of usage reports for your web app, those are there too, under Web Analytics Reports. These reports show you daily hits, referrers, and other metrics about your web app. These are similar to the usage reports at the site collection level in SharePoint 2007.

This is just the tip of the monitoring iceberg. If you want to read about SharePoint 2010 monitoring in stunning Technicolor, turn to Chapter 15.

Managing SharePoint 2010 with Windows PowerShell

As we’ve shown already, SharePoint 2010 has a tremendous number of administrative additions, including both new functionality and improvements on ways to do old things. One example of the latter is the transition to Windows PowerShell as the command-line administrative environment. We had it pretty good with STSADM in SharePoint 2007, but Windows PowerShell takes it up to a whole new level. Our old friend STSADM is still included with the product, but it’s deprecated. It’s time to say your good-byes and get friendly with its replacement. Windows PowerShell not only enables you to do everything that STSADM did, but it provides a much better environment for scripting and looping through objects. No longer are administrators limited to the operations included with STSADM. No longer are you at the mercy of developers to write code to access the SharePoint object model. Windows PowerShell allows mere administrators to get access to SharePoint objects, if you choose, and to do things that were never possible before. For instance, if you want to see the last time the security was changed on a site collection, you can use a Windows PowerShell script like this:

In SharePoint 2007 you had to write code to get that information. That example might not be very exciting, but once you read Chapter 10 and see what Windows PowerShell can do with SharePoint 2010, you’ll be a believer.

Managed Accounts

One of the dichotomies faced by SharePoint 2007 administrators was service accounts and passwords. On the one hand, administrators wanted to increase security by having multiple service accounts, and regularly changing those accounts’ passwords. On the other hand, the process to change service account passwords was complicated and very prone to error, which could cause downtime. What was a SharePoint 2007 admin to do?

Those days are over. In SharePoint 2010 that pain has all been removed by the magic of managed accounts. Much like managed paths, managed accounts are accounts those for which we’ve told SharePoint, “These are all yours, you take care of them.” Once we give SharePoint that flexibility, it can change the passwords as needed, and keep itself updated as it does so. It will even respect any GPO-based password restrictions and change account passwords accordingly. You still have the option to manage an account manually if you need to change the password and log in as a specific user. This is all managed in Central Administration or through Windows PowerShell.

Does this all sound too good to be true? Well, it’s not. You can find out more about it in Chapter 8.

Recovering from Disaster

We don’t mean to alarm anybody, but there are barbarians at the gate. Every day there are forces trying to take down your much beloved SharePoint farms. These forces could be in the form of malicious users, bad software, brown-outs, floods, locusts, or even failing hard drives. Any of these can take down your SharePoint farm or result in lost data. Trust me, your end users aren’t very understanding of either situation.

Fortunately, SharePoint 2010 comes with some great disaster recovery options out of the box. These options range from content recovery options like the two-stage recycle bin, to disaster recovery options like database mirroring and farm-level backups. Backup and recovery is an important enough concept that it has been given its own heading in Central Administration.

To address most common backup needs, the backup options have been divided into two levels, Farm and Granular, which is at the site collection or site level. Figure 1-5 shows all the different options.

Chapter 12 is dedicated to backups and disaster recovery techniques. Hopefully you’ll never need to use any of them, but like a Boy Scout, you should always Be Prepared.

The New and Improved User Experience

Figure 1-2 gave you a glimpse of the SharePoint 2010 user interface. You saw that Central Administration has the Ribbon that was first introduced in the Office 2007 clients. The Ribbon (also referred to as the “fluent UI”) not only made it into Central Administration, it also exists on all SharePoint content sites as well. All the advantages the Ribbon provides in Central Administration also exist in the content web apps. Even web pages have the Ribbon to make editing them easier. Figure 1-6 shows a wiki home page with the Ribbon.

The Ribbon offers access to the most common tasks for the object selected. In Figure 1-6 that object is a page, so all the tasks associated with pages are available in the Ribbon. The page can be edited or checked out, and the permissions can be altered. The Ribbon is just part of what gives SharePoint 2010a better user experience, also called the UX. The UX offers other improvements too, such as inline editing, more consistent theming and branding, and improved multilingual support. Some of these changes are significant, and will result in some growing pains for users. Chapter 2 covers all the improvements to the UX, as well as techniques to make the transition easy for your users.

Summary

SharePoint 2010 brings a lot to the table for SharePoint administrators. This chapter provides some of the highlights of the product, and gives you a taste of what the subsequent chapters cover. This book contains all the SharePoint 2010 information administrators need to know. The product is big, so get comfortable; there’s a lot of exciting material still to come.