2.6. Core Services
Core services are
services that are needed for SharePoint 2010 to function. The following
sections provide additional detail about each of these services.
2.6.1. Storage
In SharePoint 2010, storage as a core service primarily involves the storage of information, with a secondary focus on the storage of the data that constitutes that information within the storage providers. Although information may be stored in various back-end systems, such as Microsoft SQL Server or Remote BLOB Storage (RBS),
consider how the information is arranged within the application and
made available for users. How is a document stored within the system?
Where does it go? How is it tracked over time and made useful? How is it
backed up and protected from loss? The main aspects of storage as a
core service within SharePoint 2010 are
Repository
Metadata
Versioning
Backup
2.6.1.1. Repository
SharePoint
2010 presents an information architecture (IA) that allows for the
storage of information at various levels. Two primary services provide
for the storage of content within SharePoint 2010.
Administration service
Content service
The administration service is the service under which SharePoint Central Administration runs. The information stored by this service is mostly configuration information; however, other information such as
diagnostic logging and health monitoring information are also stored by
this service. Administrators access this service through SharePoint
Central Administration and Stsadm.exe. The management of both the farm
configuration database and the admin content database are performed primarily through this service.
The content service is the
service under which user content is stored. When a new site collection,
site, list, library, list item, or document is created, it is stored
using the content service. The information within the content service is
stored in a series of content databases. These databases are the
primary storage
unit for all content repositories in SharePoint 2010. The content
service can run as one or many application pools.
When implementing a
SharePoint site, the site collection administrators and content owners
can decide how to best arrange the repositories for information storage
within the site. They can create a structure of sites, libraries, and
folders for storing information within the system. After this structure
of repositories is in place, list items and documents can be stored.
When a user stores a document into the system, it is processed by the
storage service provider and placed in the content database. In the case
of RBS, the binary data may go to a file system, but with or without
RBS, the item information, its metadata, and all associated system
details are stored in the content database.
2.6.1.2. Metadata
Think of metadata as
information about information. Metadata allows users to store additional
information about an item stored within the system. This information
could be used to classify data or simply add helpful details about the
item. The careful application of metadata within a well-considered
information architecture can result in increased information value that
is generated because the item being stored is not very self-descriptive.
Metadata allows users to describe the item in more detail, which
greatly affects the value of the information value and the ability to
search it.
In SharePoint 2010, the
concept of metadata has been significantly expanded through the addition
of the Managed Metadata Service and the associated field types. The
Managed Metadata Service allows enterprise metadata structures to be defined
and consumed from within multiple site collections. This means that
metadata can be managed both inside and outside the site collection
boundary, something not possible in prior versions.
2.6.1.3. Versioning
Versioning lets users track
the storage history of an item or document. When enabled, versioning
stores an additional referenced item in the storage system with every
save operation. These items are linked together and presented as a
single item to users. When users view the version history of an item or
document, they can see what changes have occurred over time, when the
changes were made, and who made them. A user can also revert a document
to a prior version.
When used in conjunction
with document check-in and check-out, versioning provides a robust way
for multiple users to collaborate on a single document while preserving
changes and avoiding save conflicts. Versioning can be configured to
save only major versions, or it can be set to save both major and minor
versions. When only major versions are stored, each saved copy of a
document is available to all users with reader rights. When both major
and minor versions are used, each save results in either a minor version
or a major (published) version, depending on the selection option
chosen at the time of the save.
While a document is in a minor version state (not published as
a major version), it is considered a draft item; consequently, it can
be viewed only by users with draft items visibility. When it is checked
out, the document can be edited only by the user who checked it out.
This ensures that no other user can make changes to the document while
it is being edited by the user who checked it out.
Improvements included with Microsoft
Word 2010 provide new capabilities to accommodate multiple users
working together on a document simultaneously. Lists in SharePoint 2010
include new features that make it easier for list administrators to manage documents that are checked out to other users.
2.6.1.4. Backup
The information stored
within SharePoint 2010 is stored in various places and brought together
by the application for presentation to the user. SharePoint 2010
includes a robust set of options for backing up, restoring, and
protecting this information from accidental deletion. SharePoint 2010
provides three primary facilities for keeping your information safe from
loss.
Farm backup
Granular backup
Recycle Bin
Farm backup provides a way for
you to simply back up everything in the farm. This includes the farm
configuration database, content databases, indexes, and configured Web
applications. This provides an easy, integrated way to protect all of
the information in the farm. Figure 2
shows a partial view of the components you can select when configuring a
farm backup. You can schedule and monitor backup jobs, and you also can
choose the number of process threads to use while performing backup and restore operations, as well specify a network file share for backup storage.
Granular
backup is new in SharePoint 2010, and it allows you to back up and
restore information all the way down to the list level. You select a
specific site collection to back up and have that backup saved to a
network location. You can also export a site or list for import at a
later time or in a different place. You can restore a site from
unattached content databases, and you can monitor the progress of granular backup jobs and operations.
The Recycle Bin was
introduced in SharePoint Server 2007 because users often delete
information from lists and libraries only to realize later that they
needed the information after all. The SharePoint Recycle Bin has two
stages: The site level Recycle Bin is available to users of the site,
and the site collection Recycle Bin is available only to site collection
administrators. When users delete content from a list or library, the
content is retained in the site level Recycle Bin for a number of
days—the amount of time it is held is defined by the farm administrator.
If a user decides he deleted the information by accident, he can
restore that information by selecting it from the site Recycle Bin to
restore it. Both lists and items can be restored from the site level
Recycle Bin.
After the specified number of
days for retention in the site level Recycle Bin pass, or if that
content is deleted from the site level Recycle Bin by the user, the
content is then stored in the site collection level Recycle Bin. The
site collection level Recycle Bin is available only to site collection
administrators, and it is limited to a percent of the live site quota
for second-stage deleted items, as specified by the farm administrator.
The two Recycle Bins provide a level of protection from accidental
deletion of information by end users and thereby reduce the number of
administrative backups that need to be performed for this purpose.
2.6.2. Security
Security
services within SharePoint 2010 are multifaceted and full featured.
These security services are explained in the following sections.
2.6.2.1. Rights and Roles
Information access within
SharePoint 2010 sites and lists is permitted through the application of
rights and roles on either individual users or groups. To gain access to
information within the system, an individual user or group must be
added to a specific resource, such as a site, list, library, list item,
or document. When adding the user or group, the administrator must
select either individual rights for assignment or a role.
Rights
refer to individual permissions such as adding new content, viewing
content, and removing or deleting content. Each of these operations
would be associated with a specific right or permission within the
system.
Roles, or
permissions levels, provide an array of specified rights that have been
grouped together as a level. When granting permissions to a resource
within the system, users can be added to an existing group or granted
permissions directly through a permission level.
Additionally, groups may be
associated with one or more permissions levels, thereby granting their
members permissions to perform specific activities within the system.
Groups, rights, and roles (permissions levels) provide a very granular
way to control who can access specific resources and what they can do
with those resources.
The application of security either can be inherited from the parent object/resource (this is called security inheritance) or defined
individually for a specific object/resource. SharePoint 2010 includes
new features that make it easier for site or list administrators to
monitor and manage information within a container (site or list) that is
individually secured.
2.6.2.2. Rights Trimming
Rights trimming is based on
the concept that users should only be able to see information they have
access to. Because information access at the site collection level and
below is only granted and never denied, rights trimming ensures that
users are not able to see information for which they have not been
granted access. This reduces or eliminates the occurrence of access
denied errors and protects information from being disclosed simply by
making the existence of such information known or by allowing
unauthorized users to view its associated metadata.
2.6.2.3. Pluggable Authentication
With a pluggable
authentication architecture, you can grant access to information within
SharePoint 2010 through any authentication service. Whereas the default
authentication provider for SharePoint 2010 is Windows Authentication, pluggable
authentication allows you to use other single sign-on (SSO) providers
that are already implemented within your organization as well as
forms-based authentication or even your own custom provider.
2.6.2.4. Claims-Based Authentication
Claims-based authentication is centered on the concept that applications can be identity aware. Claims-based authentication supports existing identity infrastructures such as Active Directory, Lightweight Directory Access Protocol (LDAP), Structured Query Language (SQL), Federation Gateways, or WebSSO. Claims-based
authentication enables automatic, secure identity delegations in
addition to providing a consistent API to develop SharePoint solutions.
Claims-based authentication takes pluggable authentication to the next
level—it allows individual claims about user attribute information to be
validated and compared when providing access to specific information.
It also extends authentication mechanisms to other systems and to Office
client applications.
2.6.3. Management
SharePoint 2010 provides a
variety of avenues for managing the system’s configuration options and
settings. The administration service is the primary gateway for
interacting with the configuration database. Collectively, the management
services in SharePoint 2010 provide ubiquitous access to settings and
configuration using either the administrative user interface or Windows
PowerShell 2.0. In the following sections, you will learn about the
various elements of the management service in detail, including
2.6.3.1. Administrative User Experience
The administrative
user experience in SharePoint 2010 has been significantly simplified in
comparison to prior versions. The idea behind these changes is that
systems administrators need access to more settings with less clutter.
SharePoint Central Administration provides access to many of the
settings and configuration areas need to set up and maintain the farm
and Web applications. Table 2
lists the areas available within SharePoint Central Administration and
includes a summary of the settings available within each.
Table 2. SharePoint Central Administration Areas
| AREA | EXPLANATION |
|---|
| Application Management | Manage Web applications, content databases, service applications, and site collections |
| System Settings | Manage servers, services, farm features, alternate access mappings, and e-mail and text messaging options. |
| Monitoring | Review health problems and solutions, check timer job status, and view Web analytics reports. |
| Backup and Restore | Perform a farm backup, a site collection backup, or manage and monitor backup jobs. |
| Security | Manage the farm administrators group, service accounts, Web application policy, and information management policy. |
| Upgrade and Migration | Convert
farm license type, enable enterprise features, enable features on
existing sites, and check product, patch, upgrade, and database status. |
| General Application Settings | Manage
external service connections, InfoPath form services, site directory,
SharePoint Designer settings, search, and content deployment. |
| Configuration Wizards | Access configuration wizards such as the Farm Configuration Wizard. |
2.6.3.2. Delegation
Delegated
administrators are provided with contribute permissions to SharePoint
Central Administration. The concept behind delegated administrators is
that specific individuals will have access to a streamlined,
trimmed-down version of Central Administration.
2.6.3.3. Provisioning
SharePoint 2010 includes the
ability to provision new site collections, sites, lists, and pages
automatically based on predefined templates. This allows for the
consistent creation of new elements within the system. The definition of
each underlying element is stored either on the file system, within the
content database, or a combination of the two. For example, the base
document library template is included on the system disk as part of the
“14 hive,” whereas a user-created
library template will be based on that underlying definition but will
be stored in the site templates gallery. When a new library is created
based on the end user template, the underlying file system–based
definition is created, and the overlay of the settings and content
stored within the end user template is applied.
Although new site collections
can be created using the SharePoint Central Administration website,
SharePoint 2010 also allows users to self-provision new site
collections.
2.6.3.4. Monitoring
SharePoint 2010 includes new monitoring capabilities for reviewing problems and solutions. A health
analyzer feature lets you set defined rules that can be checked at
specified intervals; you can even select to have problems repaired
automatically. Additionally, monitoring provides the ability to manage
and maintain time service jobs and definitions. Web analytics provide
usage information for sites and content. Information management
policy usage reports include details on the application of policy, and
audit reports provide information on user access to information.
Finally, diagnostic
logging gives administrators the ability to collect information about
warnings and errors that have occurred during process execution.
2.6.3.5. Multi-Tenancy
SharePoint 2010 includes
new capabilities for providing hosting services and delegated
administrative access for customers. These features are expressed in the
form of multi-tenancy
within SharePoint 2010. Multi-tenancy is centered on the concept of the
subscriber—the customer or tenant who owns or manages the site
collections in the tenancy. Multi-tenancy also allows for data
partitioned service applications to be associated with a subscriber.
This lets multiple tenants share a single instance of a service
application while keeping their data separate and secure.
Tenant administrators can
manage the service application as though they were the only tenant using
it, while other tenants do the same. Feature packs provide a way to
group a set of features together and assign them to a subscriber. This
ensures that the subscriber can use only those features that have been
assigned. Feature packs also allow you to create different packaged
offerings that can be made available to subscribers.
2.6.3.6. Windows PowerShell
SharePoint 2010 includes
the new SharePoint 2010 Management Shell, an enhanced Windows PowerShell
prompt with access to more than 500 cmdlets that you can use to manage
almost every aspect of your SharePoint 2010 implementation. By making
the administrative interfaces available through Windows PowerShell,
SharePoint 2010 becomes easier to implement and maintain through the use
of scripts, a favorite tool among administrators.
2.6.4. Topology
The topology
services provide administrators with the ability to manage SharePoint
2010 server farms, servers, and the overall physical deployment. There
are many ways to arrange the service architecture and underlying
hardware infrastructure to accomplish your implementation design goals.
The topology
services provide you with the flexibility to configure and reconfigure
your servers and services without disturbing the underlying logical
software architecture. SharePoint Central Administration includes
settings pages that allow administrators to view and manage the list of
servers that are members of the farm, as well as determine which
services are running on each server. Although all of the services are
installed on each Web application server, only the appropriate services
you need to fulfill a given server’s role in the defined topology should
be running.
Topology services allow for
the seamless upgrade of software components on servers in the farm and
also let you scale up or out as needed though the adjustment of server
services or the addition of new servers to the farm. You can also
configure multiple servers in each role to provide redundancy and fault
tolerance, thereby allowing you to take individual servers offline for
maintenance while minimizing the effect on users.
2.6.5. Site Model
The site
model provided by SharePoint 2010 ensures the consistent provisioning
of sites, lists, and pages in a clear way that can be leveraged by
developers and administrators alike. The site
model includes the container hierarchy of site collection, sites, and
lists, as well as rendering, templates, navigation, and the presentation
of page elements.
The container hierarchy within
the site model provides a consistent structure for the creation and
presentation of content. The top-level container in the site model is
the site collection. Think of the site collection as a boundary for
configuration and security management. Within the site collection
boundary is an associated collection of sites (or Webs). These Webs are
arranged in a hierarchy, and the top of the structure is the top-level
site (TLS). Within each Web is a collection of lists. These lists are
arranges as siblings, with the Web as the parent of each list. Within
each list there is a hidden folder called the root folder.
Users can create many folders in a traditional folder hierarchy within
each list. Each folder can store multiple items. These items are
siblings, and the parent of each item is the folder in which it is
stored. Understanding this containment hierarchy gives developers and
designers a clear picture they can use to make design and implementation
decisions.
Templates provide a way for
site administrators to save sites and lists for later use. The
implementation of templates within SharePoint 2010 has changed slightly,
compared to prior versions of the product. The .STP files have been
replaced with .WSP files in the form of user solutions. Site and list
templates can be used to create new sites and/or lists based on the
template. Templates can include content, but item level security is not
maintained, so you don’t want to include content in a template if you
have private content stored within the site.
Navigation is largely
provided through ASP.NET 3.5, but it leverages the site model described
previously in that it provides the left navigation, the quick launch,
the top navigation, and the breadcrumb navigation.
2.6.6. APIs
SharePoint 2010
provides a standard application programming interface (API) to go along
with its site model, service architecture, and provider framework. This
API allows developers to create new list types, site definitions, and
Web Parts that can be leveraged in the system as though they were native
objects.
2.6.6.1. Fields and Forms
The entry of metadata
information is made easier through forms and fields that are rendered
for each list within the system. For example, when users upload new
documents, they are presented with a form for the entry of information
relating to each document. These forms are customizable within
SharePoint Designer, or within Visual Studio in the case of a custom
list definition. Each form consists of a series of fields (or field
types). These fields provide the individual entry capability needed to
capture information entered into the form. In addition to modifying
the forms, developers can create their own custom field types that
include special functionality or validation to ensure that the
appropriate information is captured in the appropriate way.
2.6.6.2. Web Services
SharePoint 2010 includes a set
of Web services that you can use to interact with the farm, sites, or
lists. In the most common scenario, you would use these Web services
within the context of a site to provide access to list data and the
manipulation of site settings. These Web services can be found under the
_vti_bin directory of a site. For a complete list of Web services
available, consult the SharePoint Server SDK.
2.6.6.3. Client Object Model
A new feature in SharePoint 2010 is the client
object model, which provides developers with a way to consume services
from the server side while programming on the client site. This allows
you to interact with list data dynamically using client site
technologies such as JavaScript, AJAX, or Windows form applications that
are running remotely. Operations are batched and sent to the client
object model service when it is time for processing.
2.6.6.4. Features and Solutions
SharePoint 2010 includes
a deployment framework that provides for the consistent deployment of
capabilities across multiple Web front-end (WFE) servers. This
deployment framework is made up of two primary elements: features and
solutions.
SharePoint features are
definitions files that describe implementable functionality, which can
be instantiated at various levels within the system. Features exist as
XML files within the file system of each WFE. For example, if a
developer creates a new list definition and wants to make it available
for creation within a site, that list definition can be delivered
through a feature. When it is installed and deployed, the new feature
appears within the Manage Site Features Settings page in the Site
Settings area. This allows the site administrator to enable or disable
this new functionality within her site.
So, how
do these files get deployed to the file system of each WFE? Solution
(.WSP) files provide a deployment framework for new files and features
that need to be deployed to the content applications to make them
available for use within the system. Solutions are stored within the
farm solution store and deployed to content applications. After they are
deployed, all of the included files are then copied to each WFE server
and are appropriately registered. A solution file can include
assemblies, resource files, images, pages, and a variety of well-defined
XML files that are used for the creation of new objects within the
system, such as sites and lists.
