June 2006 - Posts

• Installation Steps and Pre-requisite: SharePoint Portal Server 2007 Beta 2

  SharePoint Portal Server 2007 installation is not straight forward and there are steps that need to follow to do the proper installation and configuration. There is a list of pre-requisite that should be considered before installing SharePoint Portal Server 2007. Yesterday, I installed and configured SharePoint Portal Server 2007 Beta 2 on Virtual PC, It all goes fine without any much difficulty. I am summarizing each step, so you guys can follow it and I am open to receive any comment or suggestion, if you point out any changes in the installation guide or any suggestion or any problem that you face according to your scenario. The following steps are especially written for Single Box installation, but it should work with small server farm scenario as well. Pre-Installation Guide There are several things that you should install and configure prior to SharePoint Portal Server 2007. Windows Server 2003 with Service Pack with all latest windows update IIS 6.0 with ASP.NET Component Enabled Disk Partition should be NTFS (SPS installation does not support FAT partition) Install SQL Server 2000 SP4 or SQL Server 2005 (Typical Installation) Create a domain account that you will use to logged in and installed SharePoint Portal Server 2007 Beta 2 Add domain account as local administrator on Virtual Machine Use the same account for application pool identity, SharePoint Administrator, Index Crawler Account etc Assign domain user to DB creator, sysadmin and security admin rights on SQL Server Join Virtual Machine to a domain controller. Install Windows Workflow Foundation You can download it from: http://www.microsoft.com/downloads/details.aspx?FamilyId=A2151993-991D-4F58-A707-5883FF4C1DC2&displaylang=en   SharePoint Portal Server 2007 Installation Steps You are now ready for SharePoint Portal Server 2007 beta 2 installations. Follow the following steps: Insert SharePoint Portal Server 2007 Beta 2 CD (if you have ISO Image, then make CD First) First step, it will ask you to enter CD Key and license agreement In the next screen choose Advanced as it Basic installation will install MSDE version of SQL Server On next screen, installation program will give warning that it will stop services mostly related to IIS, click Yes to proceed. Next screen, you will be asked to create farm configuration, select No, I want to create new server farm Next screen, provide database server name and database account details (DOMAIN\USERNAME) Leave database name as default. Click "Next" Next screen you will see the summary screen, click Next to start the installation. Installation step can take around 30 to 45 minutes to install SharePoint Portal Server depending on the VM configuration and RAM In the end, you will get a screen, click Finish to end installation. Common Issues: Install error: This product requires ASP.net web server extensions to be enabled in Internet Information Services (IIS). Enable this setting and re-run setup.             Resolution: Run  aspnet_regiis -i  on command prompt     I do hope these steps are correct in the best of my knowledge, please give you comments and feed back on this article. Best of luck Adnan       Posted Jun 03 2006, 04:14 PM by Unclaimed Blog with 1 comment(s)

• Security Consideration for Custom Web Part Development

  Web Parts can be deployed in two different places: Deploy a Web Part library DLL inside a virtual server's \bin directory. Deploy a Web Part library DLL in the Global Assembly Cache (GAC). A Web Part library DLL in the GAC can be loaded into any virtual server on the hosting Web server machine.   The fact that Web Part Pages are stored inside the SharePoint content database poses a security risk. In order to overcome security threat, WSS protects itself by processing Web Part Pages in safe mode. The Web Part architecture only loads Web Parts and ASP.NET controls that have been explicitly configured as a safe control. We can configure Web Parts and ASP.NET controls using the <SafeControls> section of the hosting virtual server's web.config file that look like this.   <!– In web.config of hosting virtual server --> <configuration>   <SharePoint>     <SafeControls>       <SafeControl Assembly="MyWebParts"                    Namespace="MyWebParts"                    TypeName="*"                    Safe="True" />    </SafeControls>   </SharePoint> </configuration>      The security layer provided by the Web Part architecture goes beyond requiring that Web Parts and ASP.NET controls are configured as safe controls. A Web Part library DLL running inside the \bin directory is further restricted in what actions it can perform by the <trust> element defined within the web.config file that look like this.   <configuration>   </system.web>     <!-- set trust level to (1) WSS_Minimal (2) WSS_Medium or (3) Full -->     <trust level="WSS_Minimal" originUrl="" />   </system.web> </configuration>     The <trust> element contains the level attribute. The value of the level attribute configures Code Access Security (CAS) permissions that restrict Web Part library DLLs from performing potentially dangerous actions such as connecting to a SQL Server database and accessing the local file system. The <trust> element's level attribute is set to WSS_Minimal by default. These three trust level can be categorized as below: WSS_Minimal (by default) A setting with WSS_Minimal trust severely restricts Web Part libraries. WSS_Medium A setting of WSS_Medium trust usually allows for testing and debugging Web Part without security-related problems. Full A setting with Full trust completely disables all CAS-related security restrictions   Note: Keep in mind that a <trust> element's level attribute setting in a web.config file only affects Web Part library DLLs running within the \bin directory. It does not affect Web Part library DLLs that have been installed in the GAC. Web Part library DLLs in the GAC are considered to be fully trusted and always run without any CAS restrictions.   Best Practices for Custom Web Part Deployment Use WSS_Medium trust level to enforce security on Web Part Library DLLs. Only deploy those Web Part Library DLLs to GAC that are coming from fully trusted source.   Posted Jun 01 2006, 11:48 AM by Unclaimed Blog with no comments