User Management in SharePoint with different options and architecture is a very complex subject, and thus it will be worthwhile for us to discuss and understand the out-of-the-box SharePoint user management, security and architecture. The chart in Figure 1 represents the logical SharePoint technology architecture. SharePoint is in its third major release and is comprised of Windows SharePoint Services (WSS) version 3.0 and Microsoft Office SharePoint Server (MOSS). WSS v3 is a free add-on to the Windows 2003 Server, running on top of SQL Server, Windows 2003 Server and ASP.NET 2.0. MOSS is available in various editions (Standard vs. Enterprise) and options (Excel Services, Content Management, etc.), and runs on top of WSS.
Since MOSS is built on Windows SharePoint Services (WSS), they share similar architecture and foundations. MOSS provides more application level features and services. It also has different and more extensive User Profile management than WSS. The important point about this architecture is that SharePoint relies on many user management and security principles from the Network Operating system, Microsoft Internet Information Services (IIS) and ASP.Net foundation. In the rest of this section we will take a look at:
WSS is the core platform for SharePoint services. WSS is a logical three-tier that contains a Front End Web Server, a Search and Index server and a Database Server
Another important architectural difference from WSS is the Search database is created for each Shared Services Provider (SSP) database in the farm. The SSP Search database contains search related information such as crawl properties, document properties and propagation properties.
From the user management perspective, MOSS also has several additional services that differentiate it from WSS: Audience, User Profiles database, and Single-Sign-On (SSO). The SSP database contains important data such as the Business Data Catalogue, Site Usage data, BI information and several tables for user management:
Another important topic that you need to understand related to SharePoint user management is the hierarchy, or scope of the SharePoint architecture. The security and user permissions are applied based on the scope. SharePoint uses the following hierarchy
Since MOSS is built on Windows SharePoint Services (WSS), they share similar architecture and foundations. MOSS provides more application level features and services. It also has different and more extensive User Profile management than WSS. The important point about this architecture is that SharePoint relies on many user management and security principles from the Network Operating system, Microsoft Internet Information Services (IIS) and ASP.Net foundation. In the rest of this section we will take a look at:
- WSS and MOSS architecture
- SharePoint Security (Authentication and Authorization)
- SharePoint User Profiles in MOSS and WSS
WSS is the core platform for SharePoint services. WSS is a logical three-tier that contains a Front End Web Server, a Search and Index server and a Database Server
WSS is essentially a web-based ASP.NET application that extends an IIS web site processing HTML requests through a set of ASP.NET (.aspx) pages, .Net application programming interface (API), and XML web services. It processes and executes the business logic using a combination of .Net and SharePoint objects assemblies. The data is stored in the backend SQL database. SharePoint presents the information to end users in the standard HTML format compatible with most web browsers. An IIS web site that has been extended with WSS is called a Web Application (virtual server in previous WSS versions). SharePoint Web Applications use an HttpModule and an HttpHandler to re-route incoming traffic to the SharePoint business logic, thus enabling the SharePoint Web Application to coexist with other IIS web applications. Note that this architecture also allows SharePoint and other web applications to share the same user security infrastructure, mainly Windows Server and ASP.NET.
The Search and Index server is an executable (MSSearch.exe) that is installed as web services in Windows Server. Its primary job is to index the content of the database to enable searching on SharePoint lists, documents, and files. Note that MOSS uses entirely different search architecture than WSS.
WSS uses Microsoft SQL Server to store both the configuration and the content in the databases. When WSS is installed it creates a configuration database that stores the metadata, physical configuration and information about every web application that has been extended, as well as all the servers and their roles in the farm. WSS also create an Admin database that stores the content of the Central Administrator tool. In addition, for every extended virtual server, WSS creates a Content Database that stores the actual site content. Note that WSS stores the user information in its content database.
WSS is also designed to be scalable. In a large or medium server farm, you can assign a multiple cluster database backend and install load balanced architecture for the front end web server as shown in Figure 3. Note that there is only a single Configuration database for all SharePoint servers in the farm.
MOSS Architecture
Although MOSS runs on top of the WSS platform, MOSS provides a number of extended applications and features, such as: Advanced content management and publishing sites, the ability to search the contents of external databases, and more site templates and workspaces
Instead of running the Search and Index on the same box as WSS, MOSS uses another application server called Shared Services. This is a collection of application servers (a set of services) that can be configured on one server and shared across many different MOSS portal sites and WSS sites. The services on these servers include enterprise level applications such as Search, Index, User Profile, Content Management, My Sites, Business Data Catalogue, Form Services, Excel Services, Job Scheduling and Usage Reporting.
- User Profile information that is imported from a directory service such as Active Directory.
- Audiences and organizational hierarchies.
- Security information.
SharePoint Hierarchy
1. Farm: This is the highest available level, and refers to all SharePoint installations within a server farm. It can contain multiple servers, but each farm has a single configuration database.
2. Web Application: A Web Application is the container for all sites on a particular server, on a specified IP address and port. Web applications map to one IIS web site, which also map to exactly one SSP. This is what was called Virtual Server in SPv2. As previously mentioned, this is an IIS site that is extended to work with SharePoint.
3. Site Collection: A site collection is a top level site where all sites within a particular web application are grouped. Each site collection can share the same content database, or have its own content database (see the link in the reference external link at the end of this article).
4. Web: Refers to an individual site within a site collection. This is the lowest available level.
No comments:
Post a Comment