sharepoint 2016 for everyone & all in one 2016 for everyone...sharepoint 2016 for everyone &...
Post on 22-May-2020
19 Views
Preview:
TRANSCRIPT
SharePoint2016ForEveryone&AllInOne
Part–I
This book has been written to make readers understand aspractical as it could be and how itwould help business toincrease the productivity. Whenever new technology jumpsintomarket, it requiresmore time to recognize it’s features(though it may not be applicable for specific readers likeMVPs). I hope with the help of this book, people will beawareofitwellinadvancedathighlevel
SwatiPradipBannoreJain
2/27/2016
HelloSharePoint2016!!
HelloReaders,Ihopeyouwillenjoyandlearnwhilereadingthisbook.Thisbookisthecompilationofmyownfindingswith reference to knowledge shared at different conferences& summary ofMSDN&TechNetblogseries/articlesetc .ThisbookiswrittenconsideringthelargeraudienceincludingITusers,Businessusers,Architects,Developersandputtingthisknowledgeinsimplewords.Togetintoadvancedetails,referencesareprovidedcorrespondingtosubtitle.Sothisdefinitelygoingtosaveyourtimetogetacquaintedtonewtechnologyovershorterperiodoftime.Youcanalsostartthediscussions&getmoreclarificationshere.Everythingisshortandcrispbuttriggerstheinsightinyou,whichhelpsyoutogetintomoredepth.SharePoint2016iscloudorientedversion,tailoredtodifferentcustomerrequirement,soletusunderstandaboutthehybridarchitecture.SharePoint Cloud (online) and on-premise integration becomes an essential factor to considerwhenrequirementsdemandsextensiveavailabilityofallthefeaturesinshortdurationoftime.InSharePoint2016ispreconfiguredforhybridenvironmentwithnoorlessadministrativeefforts.AndglobalsearchispoweredbyOfficegraphandDelve.Iwould like to introducemyself as consistent blogger, technology enthusiastwith 9+ years ofindustryexperience.Mytwitterhandleis@jaiswati,TechnologyBlog:http://swatipoint.blogspot.com,Blogaboutmyownthoughts:http://allizzwellbyswatiji.blogspot.in/FaceBookCommunityPage: https://www.facebook.com/SharePointQ/
TableofContents
SharePoint2016VSPre-SharePoint2016
ImprovedFileTransfer
UIImprovements
ImprovedListThreshold
LargelistcolumnindexmanagementTimerJob
EnableAutoIndexingforSharePointListorLibrary
OutgoingEmailSettings
SecureSocketsLayer(SSL)withSMTPConnectionEncryption
SecureSocketsLayer(SSL)withNoSMTPConnectionEncryption
ImprovedSearchIndex
Authentication
OperationsandTelemetry
Somemorenewfeatures
SharePoint2016FeaturesLists&WebTemplates
SoftwareandHardwarerequirements
Prerequisites
Databaseservers
Upgrade&Migration
SharePoint2016installation
TroubleshootingwiththeSharePoint2016installation
SharePoint2016ServerRole
Serverroles
RoleConversion
ServicesintheFarm
SharePoint2016HybridSearch
CloudSearchServiceApplication
PrerequisitesforusingOffice365hybridsearch
IndexesinCloudSearchServiceApplication
FederatedSearchVsCloudHybridSearch
WhytochooseCloudHybridSearch?
CloudHybridSearchLimitations:
WhatisCloudIndex?What’sitsroleinCloudSSA?
CreatingCloudServiceApplication
CreateCloudSSA.ps1
OnBoard-HybridSearch.ps1
HowsecurityworksforHybridSearchResults(SecurityTrimmingofSearchResults)?
SearchIndexinginSP2016
E-discoveryforSearchingSensitivedata
SharePoint2016ServiceApplications
DeprecatedServiceApplications
UserProfileSynchronizationServiceApplication
ExcelServiceApplication
UserProfileServiceApplication
ActiveDirectoryImport
MicrosoftIdentityManager2016
ProfileRedirection
ProjectServerServiceApplication
CreatingProjectServerApplication
CreateProjectServerSiteCollection
AccessServiceApp
What’snewinSharePoint2016Sites
ComplianceCenterforDataLossPrevention(DLP)
WhatisDLP?
HowDLPWorks?
DocumentDeletionPolicies
InPlaceHoldPolicyCenter
AboutinPlaceholdPolicyCenter
CreatingInPlaceHoldPolicies
FastSiteCollectionCreation(SCCF)
EnabletheFastSiteCollectionCreationforaWebTemplate
CreateSiteMasterinparticularContentdatabases.
CreateSiteCollectionusingtheSiteMaster
SharePointHybrid
ConfiguringOneDriveforBusiness
SiteFolders
SearchingdocumentsinOneDrive
UsingHybridOneDriveforBusiness
Search(Hybridsearch)
Hybridsitesfeatures
Extranet(Partnerfacingextranetsites)
HybridPicker
Prerequisites
HybridScenariosconfigurationwithHybridPicker
HybridOptions
WhatareNextGenPortals?
NextGenPortals
NextGenPortalArchitecture
HubSiteCollection
ContentSiteCollection
Libraries
Office365VideoPortal
InfoPedia
DelveandOfficeGraph
OfficeGraph
DelveBuildingBlocks
OfficeGraphEndpoints
SharePoint2016VSPre-SharePoint2016KeyfocusareasinSharePoint2016areimproveduserexperiences,CloudInspiredInfrastructure&ComplianceReportingwhereimprovementsarebeingmade.SharePoint2016isthecloudversiontoachievehighlevelofreliability&performancewithServerroleoptimizationsZerodowntimepatchingstrategyImproveddistributedcachereliabilityTrafficmanagementwithintelligentroutingandserverhealthchecksForexample,ImprovedFilehandlingProtocol.
ImprovedFileTransferThistablehelpstounderstandtheimprovementinFileTransferinSharePoint2016.SharePointServerVersion
Mechanism Description
SharePoint2010 Cobaltprotocol Serverhastofetchthewholedocumentfromthedatabaseandmergetheexistingcontentwiththeuserchangesbeforesavingthewholedocumentbacktothecontentdatabase.
SharePoint2013 ShreddedStorage Thisallowsdocumentstobestoredinsmallpiecesinthecontentdatabase.Becausedocumentsarealready“shredded”inthedatabase,theserverdoesnothavetofetchthewholedocumenttomergetheoriginalcontentswiththechanges,whichreducestheserverprocessingoverhead.
SharePoint2016 BackgroundIntelligentTransferService(BITS)
Improvesuploadanddownloadspeedsandresiliency.
ThisisthesummaryofcomparisonsinSharePoint2016&earlierversions. SharePoint2016 SharePoint2013 SharePoint2010ContentDatabaseSize
ContentDatabaseSizingintoTBs
200GBingeneralusagescenario
200GBingeneralusagescenario
SiteCollectionsPerContentDatabase
100,000sitecollectionspercontentdatabase
2000recommended5000maximum
2000recommended5000maximum
ListThreshold IncreasedListThreshold>5000
5000items 5000items
MaxFileSize MaxFileSizeincreasesto10
Defaultmaximumfilesizeis250
Defaultmaximumsizeis250MB
GB&RemovedCharacterrestrictions
MBwhichcanincreaseupto2GB
whichcanincreaseupto2GB
IndexedItems 2xincreaseinSearchscaleto500millionitems
100millionpersearchserviceapplication.10millionperindexpartition
100millionpersearchserviceapplication10millionperindexpartition
UIImprovementsSharePoint2016UIissimilartoSharePointOnline(inOffice365),withfewadditionalchangesAuthoringCanvastocreatecontentforawebpageusingaSway-likeuserexperience.DurableLinkswhichallowsdocumentstobemovedwhilekeepingtheURLintact,becauseitisbasedonaresourceID.
ImprovedListThresholdTo increase theperformanceof large lists, new timer job is introduced.This timer jobcanbeassociatedwithparticularWebApp.Inparticularlistifthresholdisincreasedtomorethan2500listitems&autoindexingisenabledforthelistthenitcreatesautoindexbasedonListviewfiltercolumn.Itworksasshowninfollowingflowdiagram.
LargelistcolumnindexmanagementTimerJobThisPowerShellscripthelpstostartthistimerjob.$w=Get-WebApplication-Name“WebApplicationName”Get-SPTimerJob-WebApplication$w-Identityjob-list-automatic-index-managementStart-SPTimerJob-Identityjob-list-automatic-index-management
EnableAutoIndexingforSharePointListorLibraryAutoindexingcanbeenabledfromthelistsettingsorwithPowershellasbelow.
ThisisthescriptforenablingtheautomaticindexingwithPowerShell.$web=Get-SPWebhttp://webUrl$list=$web.Lists["ListName"]$list.EnableManagedIndexes=$false
$list.Update()$list.Fields|SelectTitle,Indexable
OutgoingEmailSettingsInCentralAdministration,WebApplicationOutgoingemail settings canbe configured,whereinSMTPportinformationcanbeupdated.
SharePointServer2016supportssendingemailtoSMTPserversthatuseSTARTTLSconnectionencryption.STARTTLSisanextensiontoplaintextcommunicationprotocols,whichoffersawaytoupgradeaplain text connection toanencrypted (TLSorSSL)connection insteadofusingaseparateportforencryptedcommunication.This Outgoing Email Settings supports sending mail to SMTP servers using STARTTLSconnectionencryption,thereforeSMTPcanusenon-defaultports.Itdoesnotsupportunencryptedconnections.The following list shows the SharePoint 2016 requirements that are needed to negotiateconnectionencryptionwithanSMTPserver:
1. STARTTLSmustbeenabledontheSMTPserver.2. TheSMTPservermustsupporttheTLS1.0,TSL1.1,orTLS1.2protocol.3. TheSMTPservermusthaveaservercertificateinstalled.4. The server certificatemust bevalid.Typically, thismeans that thenameof the server
certificatemustmatchthenameoftheSMTPserverprovidedtoSharePoint.TheservercertificatemustalsobeissuedbyacertificateauthoritythatistrustedbytheSharePointserver.
5. SharePointmustbeconfiguredtouseSMTPconnectionencryption.
SecureSocketsLayer(SSL)withSMTPConnectionEncryptionTo configure SharePoint to always use SMTP connection encryption, In SharePoint CentralAdministrationwebsiteandunder SystemSettings ,Configureoutgoinge-mail settingsandsettheUseSecureSocketsLayer(SSL)drop-downmenutoYes.ToconfigureSharePointtoalwaysuseSMTPconnectionencryptioninWindowsPowerShell,usetheSet-SPWebApplicationcmdletwithoutthe-DisableSMTPEncryptionparameter.
Forexample:$WebApp=Get-SPWebApplication-IncludeCentralAdministration|?{$_.IsAdministrationWebApplication-eq$true}Set-SPWebApplication-Identity$WebApp-SMTPServersmtp.internal.contoso.com-OutgoingEmailAddresssharepoint@domain.com-ReplyToEmailAddresssharepoint@domain.com
SecureSocketsLayer(SSL)withNoSMTPConnectionEncryptionToconfigureSharePointtoneveruseSMTPconnectionencryptioninSharePointCentralAdministration,browsetoSystemSettings>ConfigureoutgoingemailsettingsandsettheUseSecureSocketsLayer(SSL)drop-downmenutoNo.ToconfigureSharePointtoneveruseSMTPconnectionencryptioninWindowsPowerShell,usetheSet-SPWebApplicationcmdletwiththe-DisableSMTPEncryptionparameter.Forexample:$WebApp=Get-SPWebApplication-IncludeCentralAdministration|?{$_.IsAdministrationWebApplication-eq$true}Set-SPWebApplication-Identity$WebApp-SMTPServersmtp.internal.contoso.com-DisableSMTPEncryption-OutgoingEmailAddresssharepoint@domain.com-ReplyToEmailAddresssharepoint@domain.com
ImprovedSearchIndex-Searchindexsizeincreasedfrom250millionsupporteditemsperfarmto500millionitems.
AuthenticationInSharePoint2013,multipleauthenticationsprovidersaresupportedlikeFBA,windows,claims
In SharePoint 2016 authenticationmechanism is normalized onOAuth protocol&SAMLwithWSFEDtomakeitcloudreadyforseamlessintegration\interactionwithOffice365.Azureactivedirectoryprovidescloudbasedidentity.Butolderauthenticationmodelswillbestillsupported.ThisveryfirstMS_IgnitesessionishelpfultounderstandnewSharePoint2016features.
OperationsandTelemetryThis is for thefirst timeadvanceddataanalysis&reportingaswellas realusermonitoring ispossiblewiththisnewfeature.Thisfeatureprovidestheinformationabout
1. HTTP404messages(linkstoold/missingcontent)2. Speedinwhichpagesanddocumentsareloaded3. LatencystatisticsbetweenClient,WebServerandSQLServer4. Daily/weeklyactiveuserspersite5. Browsers/devices
AgraphicalinterfaceontheUsageandHealthDatabase,whichisalreadyavailableinSharePoint2013.Howeverthereisnouserinterface,makingitdifficulttogettherealinformationoutofthisdata.ThatnowseemstoberesolvedinSharePoint2016.
SomemorenewfeaturesMrBillBaer,hadintroducedthenewfeaturesinSharePoint2016.Havealookinhisblogpostshere
SharePoint2016FeaturesLists&WebTemplatesInSharePoint2016,newfeatures&WebTemplatesareintroduced.Clickbelowlinkstogetthelist.
1. ListofFeatures2. ListofWebTemplates
SoftwareandHardwarerequirementsBeforeactualinstallation,environmentshouldmeetsoftwareandhardwarerequirements,whichislistedhere.Inbrief,requirementsareasfollows
PrerequisitesWindowsManagementFramework3.0(ProvidessupportforWindowsPowerShell3.0)ApplicationServerRoleWebServer(IIS)RoleMicrosoft.NETFramework4.5.2Updateforthe.NETFramework4(KB2898850)MicrosoftSQLServer2012NativeClientMicrosoftIdentityExtensionsMicrosoftSyncFrameworkRuntimev1.0SP1(x64)WindowsServerAppFabric1.1(Providesinmemorydistributedcaching)WindowsIdentityFoundationv1.1Microsoft Information Protection and Control (Client Provides support for informationprotection)MicrosoftWCFDataServices(Enablesthecreation&consumptionofODataservices)
DatabaseserversIn built SQL databases are no more supported while installation, we need 64-bit edition ofMicrosoftSQLServer2014ServicePack1installsseparately.
Upgrade&MigrationUpgrade14.5modesitecollectionsto15modes,AttachSharePoint2013databasestoSharePoint2016sitecollections.
SharePoint2016installationVirtualmachine from azure.microsoft.com can be leveraged& follow the steps as directed inwizard.
Istronglyrecommendyougototroubleshootingsectiononce&readitcarefullybeforeyoustartwith the installation.Make sure that environment meets all provided pre-requisites in thislink.AlternativelythisisveryusefulpostbyNicktoinstallpre-requisitesMakesurethattheselectedpathmeetsthespacerequirementsinthesystem.NowthisversionisdesignedforMulti-Serverenvironment,theroleoftheparticularservermustbeplannedpriortoitsinstallation.SayforexampleiftheroleoftheparticularserveristheSearchServerthenthespacerequirementshastobeconsideredaccordingly.
WaitforthisinstallationtocompleteandthenruntheConfigurationWizard.FordetailedstepsoninstallationreadthisTechNetarticle.
When installation is done, it would show all the required roles are successfully installed asabove.
TroubleshootingwiththeSharePoint2016installationFollowing errors can be prevented beforehand by executing this PowerShell script beforerunningtheinstallationwizard.
Add-WindowsFeatureNET-HTTP-Activation,NET-Non-HTTP-Activ,NET-WCF-Pipe-Activation45,NET-WCF-HTTP-Activation45,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Asp-Net45,Web-Net-Ext,Web-Net-Ext45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Xps-Viewer-verbose
Totroubleshootanyinstallationrelatedissues
1)InWizardyoucanseewhichparticularcomponentisfailedoninstallation.
2)ClickonReviewthelogfilelink,inWizard.&searchfor‘Error’Hereisthelistofcommonerrors.
ThetoolwasunabletoinstallApplicationServerRole&IISserverRole.
Solution:InWin2014Server,find‘ServerManager’andaddaboveroles
MSIInstallererrorcode1603whileinstallingAppFabric1.1
Solution:Download&installAppFabricfromMDC
Cannot connect to databasemaster at SQL Server at {server name}. The databasemightnotexist,orthecurrentuserdoesnothavepermissiontoconnecttoit.
Solution:OpentheWindowsFirewallwithAdvancedServicesandaddaninboundruletoallowtrafficoverport1433.
Apart from this there couldbe someother errors thatyoumaycomeacross, so check thisblogpostandmakesurethatallintherequiredentitiesareinstalledproperlywithnoissues.
Alternativelyyoucaninstallpre-requisites,checkthisblogpost.
SharePoint2016ServerRoleServerrolesAsettingthatallowsyoutodefinetheroleofaSharePointserverandhelpyoumaintainthebestperformanceofthedesiredserverrole.Wehavedifferentrolesavailable:
Front-endApplicationDistributedCacheSearchCustomSingleServerFarmYouwillgetthefollowingscreenwhenyouruntheconfigurationwizardtoaddanewservertoanexistingfarmorwhenyoucreateanewfarm.InSharePointServer2013/2010,itwaspossibletoinstallandconfigureallrolesonaserverandanalyzehealthcouldscanit,Noweachserverwithitsownrole.
Wecaninstallmultiplerolesonasingleserver;however,thehealthanalyzerisnotdesignedforthat.
ASharePointServer2016farmisnow,ThisdoesnotshipFoundationwithversionanddoesnotgoalongwithSQLExpress.ThisinvolveslicenseslikeWindowsServerLicenses,SharePointServerLicenses,CALs,OfficeOnlineServer(akaOfficeWebApps)
RoleConversionUsingthenewMinRolefunctionalityinSharePointServer2016,SharePointfarm
administratorscandefinerolesforeachserverinaserverfarm.Theroleofaserverisspecifiedduring the creation of new battery orwhile adding the server to the existing farm. SharePointautomaticallyconfigurestheservicesoneachserverbasedonthespecifiedrole and firm performance is also optimized for it.In SharePoint Server 2016, under SystemSettingsanewtabwillappearas"ConvertServerRole”inthisFarm.Herewecanselecttheroleoftheparticularserver.
AlsoservercanbealwaysconvertedfromSingleServerfarmtoMultipleServerfarmwithRoleconversion.
ServicesintheFarmInCentralAdministration,UnderApplicationManagement,navigatetoManageServiceslink.Thispagewillshowservicesrunninginthefarm.FirstAutoProvisioncolumninformsyou(Yes)iftheserviceisstartedonthefarmornot(No),ontheserversconcernedinrelationtotheirroleMicrosoftno longer tellsyouwhichserver theservice isstartedbut if it isstarted in thefarm.EverythingisthereforebasedonmanagementRoles.
“Action“columncancontainthreetypesofactionbuttons:1. Manage Service Application (service associated with a service application, it is
activated/deployed)2. DisableAutoProvision(DisabletheserviceintheFarm,theinstancesarestoppedonall
servers)3. Enable Auto Provision (Enable service in the Farm, the instances are started on
appropriateserverswiththerolethathasbeenassigned)TheServicesrunningontheserverdefinestheroleoftheserver.Followingtableindicateswhatservicesarerunningforwhattypeofserverhavingspecificrole.
Servicesrunningontheserverwithspecificrole
ApplicationWFE SearchDistributedCache
SingleServer
Access2010DatabaseService
AccessServicesAppManagementServiceBusinessDataConnectivityServiceClaimstoWindowsTokenServiceDistributedCacheDocumentConversionsLauncherServiceDocumentConversionsLoadBalancerServiceLotusNotesConnectorMachineTranslationServiceManagedMetadataWebServiceMicrosoftSharePointFoundationSandboxedCodeServiceMicrosoftSharePointFoundation
SubscriptionSettingsServiceMicrosoftSharePointFoundationWorkflowTimerServiceMicrosoftSharePointInsightsPerformancePointServicePowerPointConversionServiceProjectServerApplicationServiceRequestManagementSearchQueryandSiteSettingsServiceSecureStoreServiceUserProfileServiceVisioGraphicsServiceWordAutomationServicesWorkManagementService
SharePoint2016HybridSearchEarlier,theOfficeGraphandDelvefunctionalitywasonlyavailableinOffice365.ButwiththehelpofHybridSetupthesefeaturescanbeleveragedforon-premiseserver.InSharePoint2016,youwillhaveaccesstoa"CloudSearchServiceApplication".Thisshouldfurtherenhancethesearchexperienceforenduserswitha"unified"index,orasingleindexforOn-PremisesandOnline.Theadvantageofthisisthatthereisthereforealsoranking,sortingandrefinementbetweenthesedifferentsourcesmaybeused.CloudSearchServiceApplicationsupportsOffice&DelveexeprienceOn-PremiseUnlike SharePoint 2013, some of the office features are deprecated and now if businessrequirements demands those feature,SharePoint 2016onpremiseversionhas to be configuredwithOffice365.Insuchcasedocumentsmayresideinon-premiseaswellasinOffice365.TofetchthesearchresultsfrombothrepositoriesCloudSearchServiceApplicationcanbeconfiguredasdescribedbelow.
CloudSearchServiceApplicationThisisthelogicalArchitectureofhybridsearchforcrawlinginCloudSSA
On-premcontent iscrawledbythecrawler in thecloudSSAandpushedtothesearchindexinO365. DirSync mechanism synchronizes Active Directory users to Azure Active Directory inOffice365.At high level when crawling starts, crawler downloads the contents in on-premise serviceapplication.Parses the contents and sends the encrypted contents to content processing component in thecloud.Youcanactually see theseactivities in fiddler toolwhencrawling is startedoncontentsource.
PrerequisitesforusingOffice365hybridsearchBelowlistedpre-requisitesneedstobeconsidered,whileconfiguringcloudSSA
HybridenvironmentwithOffice3651)Office365 subscription that includesSharePoint+ActivatedUserswithOn-PremSP serverinstallation.2)DirectorySynchronizationofADusersandgroupstosynchronizeusersandgroupsfromAzuretoOffice365
BasichybridsearchrequirementsTosetuptheHybridSearch,considerthesepre-requisites.1)SupportedcontentsourcesSharePointServer2007,2010or2013Fileshares,BCSconnectors*2)SharePointServerwithCloudSearchserviceapplication2013or2016
AdditionalrequirementsforsearchpreviewsReverseproxybacktoon-premisesWACserver
IndexesinCloudSearchServiceApplication
The hybrid cloud search feature is one of the highly anticipated new SharePoint 2016. Itsprinciple is simple, typically SharePoint, and any search engine, locally stores its index (theindex is the set of information that allows users to find documents easily in the documentarysystem).SharePoint2016andSharePoint2013withtheCUofAugust2015providetheabilitytostoretheindexinthecloudandallowthecloudandonpremisethefarmpopulatethisindex.
FederatedSearchVsCloudHybridSearch
HowFederatedSearchWorks?AlljusttohaveasinglesearchresultforthecloudandthefarmOnPremise.Todayitisalreadypossiblewiththefederationbutthereisahugedifferencewithwhathappensinthe
Cloud Hybrid Search.In SharePoint Server 2013 hybrid search using query federation wasintroduced.Searchresultscameasseparateresultssets.Thissolutionrequiredhostingallsearchcomponents on-premises.With the federated, there is no calculation ranking on the search andthereisachoiceofthesourceandtheresultthatappearsdependingonthechoice.
HowCloudHybridSearchWorks?Cloudhybridsearchoffersonlyoneindexandarankingcalculationandthereforesearchresultsaremorecoherent:Theindexwillbestoredinthecloud,anewparameterforthesearchapplicationservicewillbeavailable,andthisparameterisCloudIndex
andisavailableinSharePoint2013SP1CUwithAugust2015andinSharePoint2016.
CloudHybridSearchsupportsrelevancyanddeeprefinersacrosstheentireresultset,searchingfrom anywhere, even on-premises sites ,supportsOffice 365 enterprise search andDelve foryour on-premises content, supports preview and access the content when connected to yourcorporatenetwork.
WhytochooseCloudHybridSearch?1. Reducedon-premisesinfrastructurecostbyhostingmostsearchcomponentsinthecloud2. TheOffice365teamkeepssearchrunningandup-to-dateforyou,24/73. Bringstogetheron-premisesandcloudcollaborationlikeneverbeforewithDelve4. Smoothersearchexperience,evenduringmigration
CloudHybridSearchLimitations:PriorconfiguringCloudSSA,checkthelimitationsstatedinbelowtable.Searchfeature NoteCustomsecuritytrimming Thecustomsecurity trimming isn’t
supported.Removal of on-premises searchresults
To remove a search result, youremove the URL to the item. Thisrequires interaction with thecrawler, and SharePoint Onlinecan’t interact with the crawler inthecloudsearchfarm.
Customentityextraction SharePoint Online doesn’t supportcustomentityextraction.
Contentenrichmentwebservice The content enrichment webservicecall-out isnotavailable intheCloudSSA.
Thesaurus SharePoint Online doesn’t supportathesaurus.
Bestbets Best bets are a SharePoint Server2010 feature.You can achieve thesame result in SharePoint Onlinebyusingqueryrules.
Customsearchscopes Custom search scopes are aSharePoint Server 2010 feature.YoucanachievethesameresultinSharePoint Online by using resultsources.
Promotion/demotion of searchresults
Promotion/demotion of searchresultsisaSharePointServer2010feature.You can achieve the sameresult in SharePoint Online byusingresultsources.
WhatisCloudIndex?What’sitsroleinCloudSSA?A Cloud Search Service Application (SSA) cannot be created using the central admin SSAcreationuserinterface.ThereasonbeingthatthecloudSSArequiresapropertysettingthatisnotapplied by theUI based creation process.This property is calledCloudIndex andmust be setto true foracloudSSA.CloudIndex isa read-onlypropertyofanydeployedSSAandas suchcannotbesetpostcreation.BydefinitionthisalsoimpliesthatanexistingregularSSAcannotbeconvertedtoacloudSSA.ThepropertyvalueforaSSAcanbecheckedbyexecutingthisPowershellscript.(get-spenterprisesearchserviceapplication).cloudindex
CreatingCloudServiceApplicationTheCloud SSA should be created by executing a SSA creation PowerShell script and settingtheCloudIndexpropertytotrue.Later,whenweexecutetheon-boardingscript,anotherpropertycalledIsHybridissetto1fortheSSA.New-SPEnterpriseSearchServiceApplication-Name$SearchServiceAppName-ApplicationPool$appPool-DatabaseServer$DatabaseServerName-CloudIndex$trueFirst, it is necessary to subscribe to the Cloud Search Hybrid Preview Program throughMicrosoftConnecthttps://connect.microsoft.com/office/program8647After logging inwith yourMicrosoft account, you arrive on the page,where it is possible todownloadthepreviewdocumentation.Also,itiscurrentlypossibletodownloadtwoPowerShellscripts that you create a local Cloud Search Service Application, and SharePoint Farm can"connect"withanOffice365tenant.ThatwewillusetocreatethelinkbetweentheOn-PremisesandOnline.The followingare the (relatively simple), steps toperform thisPowerShell scripts.Microsoftthesestepswilllikelybeinalaterstageofprocessingina"ScenarioPicker"Wizard,tocallviathe GUI in Central Administration. But, for now, this is the only way to be able to test thefunctionality.
CreateCloudSSA.ps1ThisscripthastoberunonasingleSharePointserverinthefarm,fromaSharePoint2013/16ManagementShell,hasthefollowingparameters:
-SearchServerName|thenameoftheSharePointserver,whereinitiallytheSearchcomponentsarestarted.-SearchServiceAccount|TheServiceAccount,includingtheCloudSearchServiceApplicationwillrun.-SearchServiceAppName|thenameoftheCloudSearchServiceApplication-DatabaseServerName | The Database Server \ Instance, which the Service Applicationdatabasesarecreated.Thescriptthencarriesoutthefollowing:
1) Acheckon the existence of theSearchService account in theActiveDirectoryDomain.If theSearchServiceAccountandManagedAccountarenotyet registered inSharePoint,thisisdone(withaprompttoenterthepassword).2)ServiceApplicationProxyisassociatedwiththeCloudSearchServiceApplication.
Afterrunningthescript,yougetthefollowingoutput.
OnBoard-HybridSearch.ps1This script helps to connect On-Premise Cloud Search service application to Office 365environment.Thisscripthasthefollowingparameters:-SearchServerName | the root of the site collection on SharePoint Online tenant in the form"https://<tenant>.sharepoint.com".-HybridSSAId|theGUIDoftheCloudSearchServiceApplication.Thisparameterisoptional,theintentionistouseitwhenyouhavemultipleSearchServiceApplications,toprovidespecificforthelink.Ifyouomitthis,thescriptgrabsinfact,theexistingServiceApplication(assumingthatonlyone)toallowittobuildforhybriduse.Theexecutionhappensagain fromasingleSharePointserver in the farm,where theAzureADPowerShellmoduleisprovisioned(MicrosoftOnlineSignassistantmustbeinstalled.):Forthis,seehttps://msdn.microsoft.com/en-us/library/azure/jj151815.aspx#bkmk_installmodule.Afterthescriptisexecuted,executethefullcrawl.
Thisscriptdoesthefollowing:1)A check on the existence of theAzureADPowerShellmodule andMSSign in assistant.Anumberofregistrykeysarefilledwithgeneralinformation2)AzureControl Services (ACS) is added to the ServiceApplication farmwhich establishestrustwithOffice3653)SharePointOnlineApplicationPrincipalManagementServiceApplicationProxyisaddedtotheFarm4)Atrustisbuiltupbetweentheon-premisesfarm,andSharePointOnline(bymeansofanumberofSPNs,whichareexchanged)5)FillsinthedetailsofaGlobalAdminaccountinyourOffice365tenant
Afterrunningthescript,lookintheOn-PremisesCloudSearchServiceApplication,createanumberofContentSources,forexample,SharePointsites,Filesharecontent,orpublicwebsitestocrawl.
Crawlingtookthemalittlelongerthanusual,butatsomepointitwillbeready,andthecrawledcontent would be immediately visible within the Office 365 Search Center (accessible viastandardhttps://<tenant>.sharepoint.com/search).
Afterrunningthescript,yougetthefollowingoutput:
The IsExternalContentmanagedproperty is set to«1» for content that is crawledon-premises.Thepropertycanbeusedtorestrictaqueryforonline/on-premisesresults,asarefineror inaresultsource.
IfyoulogintoOffice365asthefederateduser,youwillbeabletoseethecrawlcontentsfromOn-Premiseresultsource.Getthedetaileddocumentation&PowerShellscriptsforConfiguringCloudSSA
1)MicrosoftConnect2) MSDNblog to explain this in further details byManasBiswas [MSFT]&NeilHodgkinson[MSFT]
Foranyotherqueries,postyourquestionshere.
HowsecurityworksforHybridSearchResults(SecurityTrimmingofSearchResults)?AsitemsareindexedinOffice365,theaccesscontrolentriesarelookedupintheclouddirectoryservice.UserSIDsaremappedtoPUIDsGroupSIDsaremappedtoObjectIDs«Everyone»and«Authenticatedusers»aremappedto«Everyoneexceptexternalusers»
Securityprincipalscanbemanagedon-premisesandsynchedtothecloudbyusingtheDirSynctool.Theobject in the cloud (AAD)directorynowmirrors theobject in theon-premises (AD)directory.Ifyougetadocumentinthesearchresultonline,it isbecauseyouhaveaccesstothedocumenton-premises.Youmustbesignedintoon-premisestoopen/accesstheactualdocument.If user belongs to particular groupwith specific access on documents but still cannot see theresults,itwouldbeduetoSIDvalueswhicharenotmappedtoAzureADonline.
SearchIndexinginSP2016When you create a Cloud Search Service Application the regular content plugin is disabledand Azure Plugin is initiated. The crawler picks up a document from SharePoint, parses it,extractsastructuredviewofthecontent,removesanyunnecessarymarkupandsubmitsbatchjobstoSharePointOnlinesearchengineforprocessingthedata.Thebatchjobsarecompressedandencrypted before submitting to service. Hence forth all processing and persistence of theextractedmetadataisdoneinSharePointOnlinesearchfarm,whichiswherethefinalindexsizewillcomeintopicture.Soyouwillnotbeabletodoa1:1mappingwithwhatyouseeinyourOn-premiseSPfarmsindex.ThisisthehelpfulpostaboutinitialthoughtsaboutCloudSSA.
E-discoveryforSearchingSensitivedataE-Discovery of content within SharePoint, Lync and Exchange is also available in hybriddeployments. The ability to search for content is therefore theoretically possible to search asingle eDiscovery assignment, the content inside all sources and gather into one report. ThistechniqueleaningagainontheCloudSearchServiceApplication.Topreventsensitiveinformationfrombeingshowninsearchresult,ithastoconfigurethroughe-discoverycase&queryine-discoverysearchcenter.
1.Createe-discoverySearchCenter.
2.Createe-discoveryCaseandsete-discoveryfilterwithspecificqueryforsensitivetype. KQL query helps to detect sensitive Information type by “Classification” asparameter&providesinstantstatistics.3.Once crawl is completed, documentsmatching ediscovery filter will be shown insearchresult.Userwithrequiredaccesscanviewthesedocumentsandthenexportittoonedriveforbusiness.
Regardingtheactualconfigurationofsensitiveinformationreadbelowblogposts.http://summit7systems.com/configuring-sharepoint-2016-sensitive-information/http://blogs.technet.com/b/wbaer/archive/2015/08/26/sensitive-information-types-in-sharepoint-server-2016-it-preview.aspx
SharePoint2016ServiceApplicationsSharePoint2016has samearchitecture for service applicationswhich is carried forward fromSharePoint2013exceptUserProfileserviceapplication&ProjectServerserviceapplications
ThesearetheserviceapplicationsavailableinSharePoint2016farmwhichissimilartoserviceapplicationsinSharePoint2013versions.(InadditiontoCloudSearchServiceApplicationasdescribedinabovesection).In SharePoint 2016, the Service Applications which are running on particular server isdeterminedbytheServerRoleanditcanbeinterconvertedthroughPowershellScriptorUI.
DeprecatedServiceApplicationsHereyouwillfindthelistof theallfeatures, thatwillnomoresupportedinSharePoint2016,includingServiceApplicationfeatures.
UserProfileSynchronizationServiceApplicationIn SharePoint 2013 (in earlier versions) used Forefront Identity Manager Client (FIM) tosynchronize between Active Directory and SharePoint. SharePoint Server 2016 Beta 2 usesMicrosoftIdentityManager2016toolforsynchronization.Thistabledepictstheexactdifferenceswithearlierversions.SharePoint2013ADSynchronization
SharePoint2016ADSynchronization
usesForefrontIdentityManagerclient(FIM)tosynchronizebetweenActiveDirectoryandSharePoint
NolongerusesFIMasthesynchronizationclient.ThedefaultprocessisActiveDirectoryImport.
PreviouslyinSharePoint2013,Microsoftsupportsseveraltypesallowingyoutoconnecttodifferentdirectoryservices,suchasIBMTivoli,NovelleDirectory.
ActiveDirectoryImportistheonlysynchronizationconnectiontypeavailable.MicrosoftIdentityManager2016canbeusedanexternalFIMservicetosynchronizationbetweendirectoryservicesandSharePoint.
ExcelServiceApplicationExcelServiceapplicationfunctionalitiesarenowmovedtoExcelOnline(ExcelWebApp)ThefollowingExcelServicesfunctionalityhasbeendeprecated:TrusteddataprovidersTrustedfilelocationsTrusteddataconnectionlibrariesUnattendedserviceaccountExcelServicesWindowsPowerShellcmdletsOpeningofExcelworkbooksfromSharePointCentralAdministrationsiteThe followingExcel Services functionality requiresExcelOnline inOfficeOnline ServerPreview:ViewingandeditingExcelworkbooksinabrowser(withorwithouttheDataModel)ExcelWebAccesswebpartforSharePointODCfilesupport(nolongerrequiresDataConnectionLibraries)ProgrammabilityfeaturessuchasJavaScriptOM,UserDefinedFunctionAssemblies,SOAPandRESTprotocolsupport.
InstallingOfficeWebAppInstallOfficeWebAppsServerandrelatedupdates,thislinkoninstallationsteps.CompletethesestepsonanyserversthatwillrunOfficeOnlineServer.
1)RunSetup.exe.
2)OntheReadtheMicrosoftSoftwareLicenseTermspage,selectIacceptthetermsofthisagreementandclickContinue.3)OntheChooseafilelocationpage,selectthefolderwhereyouwanttheOffice4) Online Server Preview files to be installed (for example, C:\ProgramFiles\Microsoft OfficeWebApps) and select Install now. If the folder you specifieddoesn’texist,Setupcreatesitforyou.
WhenSetupfinishesinstallingOfficeOnlineServerPreview,chooseClose.Ifyou'replanningtouseKerberosConstrainedDelegationwithExcelOnline,then,inServices,settheClaimstoWindowsTokenServicetostartautomaticallyonthisserver.AlsoseesecondNOTEhere:https://msdn.microsoft.com/en-us/library/ee517278.aspx.
ExcelServiceforExternalDataAccess:If you plan to use any features that utilize external data access,workingwithDataModels orSharePoint’sPowerPivotorPowerViewcapabilities,notethatExcelOnlinemustresideinthesameADdomainforestastheiruser-baseaswellasanyexternaldatasourcesyouplantoaccessusingWindows-basedauthentication”
ExcelOnlinewithKerberosAuthentication:IfyouplantouseKerberosConstrainedDelegationwithExcelOnline,besuretoaddeachOfficeOnlineServerinthefarmtotheActiveDirectoryDomainServicesdelegationlist.Formorereferencecheckhere.
UserProfileServiceApplicationIn User Profile Service Application, User profile synchronization can be done from ActiveDirectoryorbyenablingtheexternalIdentityManager.
ActiveDirectoryImportBy default, User Profiles can be imported from Active Directory. Create Active Directoryconnectionasdirectedinbelow.
Hereprovidethesynchronizationoption,asSharePointActiveDirectoryImport
&ProvidetheConnectionName,Type&ConnectionSettings.
MicrosoftIdentityManager2016Microsoft Identity Manager 2016 enables rich, bi-directional synchronization and commonidentityscenarios.MicrosoftIdentityManager2016simplifiestheidentitylifecyclemanagementwith automated workflows, business rules and easy integration with heterogeneous platformsacrossthedatacenterandcloudtoincludeSharePointServer2016.StepstoconfigureMIMcanbefoundhere
ProfileRedirectionProfileRedirection enables the extension of profiles toDelve aboutMe and additionalOffice365 experiences users within an organization. Profile redirection, in a hybrid Team Sitesconfiguration redirects cloud (hybrid) users to their profile in Office 365 powered by OfficeDelve ensuring hybrid users have a single place for their profile information. Get moreinformationhere.Below table depicts the difference inUser Profile ServiceApplicationwithearlierversions.SharePoint 2013 User ProfileServiceApplication
SharePoint 2016 User ProfileServiceApplication
Synchronizationdatabasewhichstoresconfiguration and stagingdata forusewhen profile data is beingsynchronized with directory servicessuchasActiveDirectory
UserProfileserviceapplicationtoberesponsible for bearing a set ofcomplicatedconfiguration structure insynchronization.
User Profile Service application inSharePoint 2016 offers more userpropertiesbydefault
Inthisversionwhenyoucreate,newUserProfileServiceApplication,
DatabaseNameforSyncDatabaseisdisabled&alldataisstoredinUserProfileDatabase.SocialDatabaseandSyncDatabaseareobsoleteinthisversion.
ProjectServerServiceApplicationUnlike SharePoint 2013 & earlier versions, separate installation is not required; it will beincludedinSharePoint2016Installable.
CreatingProjectServerApplicationHere is a little how to (how-to) to create a website using the template "Project Server" site.Indeed,ProjectServerhasbecomeaBusinessServiceattheCentralAdministration.Todothis,signinwithyour"AccountFarmAdministrator"andcreateyourapplicationservice.Make sure youhave created an application dedicated pool, a dedicated service account and auniquedatabase,forthesafetyofsegregation.
CreateProjectServerSiteCollectionPriortothecreationofProjectSitecollectioncreation,makesurethatProjectServerServiceisrunning&whileinstallingSharePoint,youhaveselectedmulti-serverrole,Ifnotconverttheroleofthemulti-server.ForthisstartPowerShell(SharePointManagementShell)withthefarmadministratorrightsanddefinethosefollowingvariables-whichwewilluseforthecreationofourwebsite.Incase;settheitemsasshownbelow:$Name="ProjectServerServiceApplication"$web=Get-SPWebApplication"http://<Web-AppUrl>/"$Sitecollection=web$$Template="#0pwa"$Owner="SharePoint\FarmAdmin"$DBName="<ProjectServerDBName>”"$DBServ="domain\<DBServerName>”Thenwewill create a specific content database toour collection site and then create the site.Thesesettings-andcmdletsdonotbeunknownasthiswasalsotrueinSharePoint2013.Runthefollowingcmdletsandparameterstocreatethedatabase:NewSPContentDatabase-Name$DBName-DatabaserServer$DBServ-WebApplicationWeb$
Thereafter-forthecreationofyoursitecollectionexecutethisscript:New-SPSite -url "http: // <siteurl> /" -OwnerAlias $ Owner -ContentDatabase $ DBName -template$Template-Description"PWAtestsite"-Name$TitleEnable-SPFeaturepwasite-url"http://<siteUrl>"
Andnow,afterenablingyoursiteisreadyforuse!
AccessServiceAppAccesswebappfeaturescomingtoSharePointon-premisecustomers.Withtheupcomingreleaseof SharePoint 2016, customers using SharePoint 2016 with Access Services within theirorganizationswillseeadditionalfeaturesandtakeadvantageofserviceimprovements.HereisalistofAccesswebappfeaturesinAccessServicescomingforSharePoint2016:
CascadingcontrolsDatasheetfilterimprovementsRelatedItemControlenhancementsImagestorageandperformanceimprovementsOfficeAdd-insintegrationwithAccesswebappsAdditionalpackagingandupgradefunctionalityforAccesswebapppackagesOnDeploymacroactionforupgradescenariosLocktablesfromeditingfunctionalityDownloadinExcelfeaturefordatasheetviews
What’snewinSharePoint2016SitesNew Site Templates like Compliance & in-place hold Policy templates are introduced inSharePoint 2016. Also provisioning performance is improved through Fast Site CollectionFeature.
ComplianceCenterforDataLossPrevention(DLP)Data loss prevention featurewas introducedOffice 365, but itwill be extended inSharePoint2016.Newsite templates are introduced inSharePoint2016.Tounderstand the functionalityofthesetemplatesweneedtounderstandthisfeatureandIt’sbackground.
WhatisDLP?WithimplementationofDLP,Organizationscanenabletheiremployeestoprotectsensitivedatafrombeingleakedoutsideoforganizationthroughdefinedpoliciesandenforcedatasecurity.
Broadly speaking it helps to identify,monitor, and protect sensitive data through deep contentanalysis.InSummary,Withthisnewcapability,youcan:1. Search for sensitive content across SharePoint Server 2016 , SharePoint Online, and
OneDriveforBusiness.2. Leverage 51 built-in sensitive information types (credit cards, passport numbers, Social
Securitynumbers,andmore).3. Identifyoffendingdocuments,exportareport,andadjustaccordingly.4. Information on configuring and using this feature is documented in SharePoint Online and
Office365.Formoreinformation,see:SearchforsensitivecontentinSharePointandOneDrivedocumentsUseDLPinSharePointOnlinetoidentifysensitivedatastoredonsitesOnDLP implementationPolicyTipscanbeseen inOutlook,OneDriveandSharePointOnline,DesktopExcel,PowerPointandWord.
PolicytipsinOWAfordevicesWithDLPpolicydefined,outlookitemwillbescannedforthesensitiveinformation.
If message contains the sensitive information, email sender will be notified about the policyviolation.Inabove,emailsenderisnotifiedaboutCreditcardnumberinformationinhisemail&thensenderwillbeabletocorrecttheemail&senditaccordingly.
PolicytipsinSharePointandOneDriveWithDLPpolicydefined,documentswillbescannedforthesensitiveinformation.
PolicytipsinOfficeclientsWith DLP policy defined, documents will be scanned for the sensitive information & PolicyinstructionwillbeshowninOfficeClients.
HowDLPWorks?
HowDLPworksinOffice365?Inoffice365,thesepoliciesaredefinedinComplianceCenter.Ithascentralcompliancepolicieswhichapplyacross theOffice365suite. It iscentralpoint foraccess toexistingExchangeandSharePointcompliancefeatures.Itcompilesonepolicydefinition,itisindependentofworkload,ithasonepolicylifecycle&onesetofsensitivetypedefinitions.
CreatingNewDLPPoliciesTocreatenewDLPPolicy,NavigatetoOffice365Administration,&selectDatalosspreventiontab, in thatselectNewDLPPolicyfromTemplatesuitable to requirementsoralsoDLPPolicycanbeimported.
Select thekindof informationthatyouwant toprotect&alsoyoucancreate thecustompolicyaccordingtorequirements.
Here,selecttheservicesforwhichDLPpoliciesneedstobeapplied.SharePointOnlinespecificsites.Onedriveforbusiness.
SearchforsensitivecontentacrossSharePointOnlineandOneDriveforBusinessFordetailedwalkthroughandinformationfollowingreferencewouldbehelpful.https://blogs.office.com/2014/08/27/search-sensitive-content-sharepoint-onedrive-documents/
DLPPolicyRulesThesearethesetofconditionsandresultingactionsthatdescribethepolicyobjective.Ithelpstotakeactiontoenforcepolicy.Rangeofactionsmodelthebusinessrequirementsforprotectionofsensitive information from audit, notification, override to block. Actions are normalized fordifferentworkloadexperiences.
DLPcontentdetectionflowinExchange
ItisintegratedintoExchangeTransportRule(ETR)engineinSMTPservice&runsincategorizerduringOnResolvedMessage.ItisintegratedasanewETRpredicateforchecking
thesensitiveinformation.Performstextextractionforbodyandattachmentsfollowedbyclassification.Itcanbecombinedwithanyexistingpredicatesandactions.
DLPprocessinginSharePointOncetheDLPpoliciesareinplace&crawlingisexecutedinSearchserviceapplication,itisinvokedbysearchcrawlerasnewcontentdiscoveredandchanged,Classificationresultsstoredinindex.Classificationoperatorcomponentcontinuespolicyevaluationandapplication.
HowDLPworksinSharePoint2016Above section, explains the background of this feature in office 365. In SharePoint 2016,toimplementDLP,followingpre-requisitesarerequiredasshowninbelowdiagram.
ComplianceCenterInCentralAdministration,createsitecollectionforComplianceCenter,byselectingthetemplateasbelow.
Createnewpolicyandselectthepolicytemplateaccordingtosecurityrequirementstosecurethedata.
To assign this policy to specific site collection, Navigate to DLP Policy Assignments forsitecollectionList.
Choose the sitecollection to assign the policies & under Managed Policies section assignsitecollectionwithrespectivepolicy.
E-discoveryCenterFor actual amendment of policies on documents, setup the Ediscovery center, in centraladministrationcreatethesitecollectionwitheDiscoverytemplate.
Navigatetothissitecollection,&createnewDLPqueries.
Select thepolicy templates (as selected inabovestepswhileconfiguringpolicy incompliancecenter sitecollection), also add ediscovery filter to add the site location where policies areassignedinabovesteps.Now upload the document which breaches the policy in this sitecollection (where policy isassignedandediscoverylocation&filtersareset).startthecrawlinginsearchcenter&restartthetimerjobsgivebelow.
Navigatetodocumentlibraryinthisparticularsitecollectionandcheckifpoliciesareapplied.ThisisthegenericoverviewofhowDLPworksinSharePoint2016.FormoredetailsonDLPquery,findthesereferences.http://blogs.technet.com/b/fromthefield/archive/2015/12/04/data-loss-prevention-dlp-in-sharepoint-2016-beta-2.aspx(ByBrendan)http://absolute-sharepoint.com/2015/12/configure-dlp-in-sharepoint-2016-step-by-step-tutorial.html(ByVLad)
DocumentDeletionPolicies
AboutDocumentDeletionPolicy
WiththehelpofDocumentdeletionpolicy,documentcanbedeletedaftercertainperiodoftimetoavoidunnecessarylegalrisk.Documentdeletionpoliciesarepowerful&flexible—forexample,Administratorcanallow site owners to choose from policies that are centrally created and managed. Also siteownerscanoptoutaltogetheriftheydecideapolicydoesnotapplytotheircontent.Using Specific Site collection Template, a single mandatory policy on all sites in a sitecollection, such as all OneDrive for Business sites, or even enforce a policy on all sitecollections.Thisprovidesadefaultpolicywithadefaultrulethatwillbeautomaticallyappliedwithoutanyactionrequiredbysiteowners.
CreatingDocumentDeletionPoliciesAdmincreatesandmanagesdocumentdeletionpoliciesbyusing theDocumentDeletionPolicyCenter,whichcanbefoundunderRetentionin theOffice365ComplianceCenter.Alternatively,Policy Center site collection can be created choosing Compliance Policy Center ontheEnterprisetab.EachtenantcanhaveonlyoneDocumentDeletionPolicyCenter,andit’llbecreatedautomaticallyifyoustartfromtheComplianceCenter.
After theDocumentdeletionPolicycenter iscreated,specify thedeletion rulebycreatingnewdeletionpolicy.Based on the requirements, options specified in below image can be provided to specify thedeletionpolicy.Here specify thedate fromwhendocumentdeletiondatewill be calculated&timeperiodafterwhichdocumentwillbedeleted.
Document Policy can be applied for OneDrive for Business Template or Site CollectionTemplate.
InPlaceHoldPolicyCenterAboutinPlaceholdPolicyCenterThissitemodelusedtomanagestrategiestokeepitemsinSharePointsitesforaspecifiedtimeperiod, based on the date of creation or modification of 'element. You can combine thesestrategieswiththoselinkedtotheremovalofdocumentsaccordingtotheirretentionpolicies.Ifmultiple policies apply, the document is saved for the longest period. This site template isemergingwithSharePoint2016.
CreatingInPlaceHoldPoliciesSelectIn-PlaceholdPolicyCentertemplatewhilecreatingthesitecollection.
In-PlaceHoldPolicyCentersitecollectionistheplacetomanagethepoliciescentrally.
Here,findmoredetailsaboutcreatingInPlaceholdpolicies.
FastSiteCollectionCreation(SCCF)FastSiteCollectionCreationisamechanismdesignedtoimproveprovisionperformanceofSiteCollections through performing a copy operation using SPSite.Copy Commad at the ContentDatabase level.This helps to create the replicaof theSourceSiteCollection (MasterSite) insame Content Database & then customize the new site collections by activating the customfeatures.Herearethestepstogo
EnabletheFastSiteCollectionCreationforaWebTemplateExecutefollowingPowerShellCommandtoenableFastSiteCollectionforawebtemplate.Enable-SPWebTemplateForSiteMaster-Template“STS#0″-CompatibilityLevel15ThiscommandenablesFastSiteCollectionCreationforTeamSiteTemplate.
CreateSiteMasterinparticularContentdatabases.ExecutefollowingcommandtocreateSiteMasterinparticularcontentDatabase.
New-SPSiteMaster-ContentDatabase$ExistingContentDB-Template“STS#0″
ThiscommandcreatesSiteMasterwhere$ExistingContentDB,variableofexistingContentdatabasewhereTeamsitewascreated.
CreateSiteCollectionusingtheSiteMasterExecutefollowingcommandtocreatesitecollectionusingthissitemaster.
New-SPSite http://<server>/sites/FastSiteNew -ContentDatabase $ExistingDB -CompatibilityLevel15-CreateFromSiteMaster-OwnerAlias“<domain>\<userid>”
Formoredetails,checkfollowingreferences.
http://www.learningsharepoint.com/2015/09/10/fast-site-creation-in-sharepoint-2016-a-deep-dive/
http://nikcharlebois.com/sharepoint-2016-fast-site-creation/
http://blogs.technet.com/b/wbaer/archive/2015/08/26/fast-site-collection-in-sharepoint-server-2016-it-preview.aspx
SharePointHybridSharePointHybridisaboutconnectingon-premisesandCloud,togetherandachievesbusinessvaluesthroughhybridpillars.
Ahybridsolutionhelpstogetstartedwiththecloudfunctionality.Ahybridenvironmentenablesenterpriseuserstobeconnectedtorequiredcontents&resourcesfromanywhere.Togetthemoreconfigurationdetailsabouthybridconfigurationinthisblogseries.http://blogs.msdn.com/b/spses/archive/2013/10/22/office-365-configure-hybrid-search-with-directory-synchronization.aspx
HybridOneDriveforBusinessHybridsitesfeatureshavetobeusedwithHybridOneDriveforBusiness(introducedinSharePointServer2013withServicePack1(SP1)):
UserscansyncfileswithOffice365andsharethemwithothers.UserscanaccesstheirfilesdirectlythroughOffice365fromanydevice.
ItistheadvancementofSharedandPersonalMySiteconcepts,&sharingandversioningexperienceissimplified.Itisprivatebydefaultwithsimplepermissionsmanagement.StoringbusinessfilesinOneDriveforBusinessmakesiteasyforuserstoshareandcollaborateondocuments.WithOffice365,on-premisesstoragecostscanbereducedbymovingyourusers'filestothecloud.UserscanberedirectedtoOneDriveforBusinessinOffice365whentheyclickOneDriveorSitesinthenavigationbar.ThisisknownasOneDriveforBusinesshybrid.OneDriveforBusinesscanbeconfiguredinOffice365orinSharePointServer2013.Youcanalsointegratebothenvironmentstocreateahybridexperience.
ConfiguringOneDriveforBusiness
PrerequisitesforconfigurationareasbelowThisTechEdsessionhelpstounderstandmoreonpre-requisitesforconfiguringanycloudscenario,toconfigureHybrid,youwillneedtosetupEnterpriseSearchServiceapplicationUserProfileServiceApplicationSubscriptionSettingsServiceApplicationAppManagementServiceApplicationReplacingtheSTScertificateoftheOn-PremisesSharePointServerandestablishaServer-to-ServertrustwithWindowsAzureACS.Office365SubscriptionTolearnhowtoconfigurehybridOneDriveforBusinesswithOffice365,findtheroadmaphere.Alsothisisusefulpost.
IntheCentralAdministration,onedriveandsitelinkscanbeconfiguredasbelow.
SiteFoldersAftertheOneDriveisconfigured,asdescribedabove,usersareabletonavigatetolibrariesforwhich they have access to with the help of Site Folders. Irrespective of the location of thedocumentinparticularsite,usercaneasilyaccessthedocumentssharedwiththem.
SearchingdocumentsinOneDriveAfter the OneDrive is configured, as described above, users can search the documents inOneDriveusingEnterpriseSearchServiceApplicationinOn-Premiseserver.
ConfiguringtheResultSourceforOneDriveInCentralAdministration,open theSearchServiceApplication&create theResultSource forOneDrive.A Result source can be created which points to Office 365 url (i.e https://tenant name-my.sharepoint.com)asRemoteserviceUrlparameter&MySitehosturlas(i.e.path:https://tenantname-my.sharepoint.com/personal)QueryTransformUrlparameter
ConfiguringtheResultSourceinSearchResultPageConfiguretheSearchResultWebpart,toconfigurethisResultSourceasdescribedabove.
ThisisthesummaryofmsdnblogseriesbyManas,postedhere
UsingHybridOneDriveforBusinessAttachmentswillbestoredinan“Attachments”folderintheuser’spersonallibraryin
SharePointOnline,knownasOneDriveforBusiness.Eachattachmentwillbesecuredtothoseontherecipientlistoftheoriginatingemail.
Search(Hybridsearch)Cloudhybridsearchisanewhybridsearchsolutionalternative.Withcloudhybridsearch:Crawled contents from on-premise server & Office 365 server are stored in search index inOffice 365.You can set up the crawler in SharePoint Server 2016 to crawl the same contentsourcesandusethesamesearchconnectorsinOfficeSharePointServer2007,SharePointServer2010,andSharePointServer2013.Office365SearchCentershowstheaggregatedsearchresultfromSharePointOnlineaswellasfromOn-Premisecontentsources.Formore informationabout cloudhybrid search, see thepublicMicrosoft cloudhybrid searchprogramonMicrosoftOfficeconnection.https://support.office.com/en-us/article/SharePoint-Hybrid-4c89a95a-a58c-4fc1-974a-389d4f195383With hybrid search, you can search for files and documents across SharePoint Server andSharePointOnline,givingyoueasyaccesstothefilesthatyouneed.ImplementingaSharePointhybrid infrastructure letsuserssearchfrombothsystemsandaccesscontent from each.Depending on howyou set up your system, you can have only on-premisesusers,onlyonlineusers,orbothbeabletosearchbothyourSharePointServeron-premisesandOffice365.Pleasefindmoredetailsabout theconfigurationdetails inSharePoint2016HybridSearchSectionofthisbook.
HybridsitesfeaturesThis allows users for seamless experience while using SharePoint On-Premise Server andSharePointOnlinesites:
UserscanfollowSharePointServerandSharePointOnlinesites,fromaggregatedlist.UsershaveasingleDelveprofileinOffice365,wherealloftheirprofileinformationisstored.
Formoreinformation,seePlanforhybridsitesfeatures.
Extranet(Partnerfacingextranetsites)SharePointOnlinesitesaretheExtranetSites.Anextranetisasitethatfacililatesexternaluserstohaveaccesstorelevantcontentandtocollaboratewiththem.UsingOffice365,Partnerfacingextranet sites can be created that let partners securely do business with your organization,withoutaccesstothecorporateon-premisesenvironmentoranyotherOffice365site.
CompareOffice365HybridExtranetwithatraditionalSharePointOn-premisesExtranetThiscomparisonprovidestheadvantagesofusingHybridExtranet.
Office 365 HybridExtranet
SharePoint "on-premises"Extranet
Firewallaccessrequired toexternalusers
No Yes
Complexnetwork andinfrastructureconfigurationrequired
No Yes
Securityhardening
Managed throughOffice 365Configurations
Manuallyconfigured by ITstaff
IT Laborintensive
No Yes
Ongoingmaintenanceneeded
Minimal Considerable
Additionalhardwareneeded
No Often
Managingexternal
Yes Locally managedonly
partner userslocallymanaged orcloudmanagedControllingsharingexperiencefor extranetsites
Part of Office 365sitesfunctionality
Often requirescustomsolutions/apps
ConfigurationofHybridExtranetHereyouwillfindthestepstoconfigureHybridExtranetovergreaterdetails.
HybridPickerUseHybridPickertoconfigurehybridfeaturesbetweenSharePointServer2016andSharePointOnline. Hybrid Picker is part of Office 365. You can find it in the SharePoint Tenant Adminconsole. You need to log on as a Global Administrator or a user assigned the SharePointAdministratorrole.TouseHybridPicker,youalsoneedtobeloggedintoaSharePointServer2016ITserverasaFarmAdministrator.
PrerequisitesInbelowtablefindthepre-requisitestoconfigureHybridPicker.
Conditions EnvironmentIncaseofSharePointServer2013farmshouldhaveSeptemberPUorlaterproperlyinstalled.
On-Premise
Open80and443portsinthefirewallforoutboundcommunications.
On-Premise
FarmAdministratoraccesstoCentralAdministration
On-Premise
GlobalAdministratorAccesstoOffice365
Office365
Accountbeingsynchronizedwithpropertiessuchasemail,SIP,emailaddress.UserssynchronizedwithOffice365usingAzureActiveDirectorySync(AADSync).
On-Premise
HybridScenariosconfigurationwithHybridPicker
HybridOneDriveforBusinessThisredirectsyourusers'OneDriveforBusinesstoOneDriveforBusinessinOffice365.Italsoinstallsaserver-to-server(OAuth/S2S)connectionbetweenSharePointServeron-premises.Findmoredetailsinthissectionofthebook.
HybridsitefeaturesThisoptionconfiguresaserver-to-server(OAuth/S2S)trustbetweenSharePointServer2016and
Office 365 & then configures hybrid sites features. Choosing the option configures hybridOneDriveforBusinessaswell.
FindstepbysteproadmapforconfigurationofHybridSitefeatureshere.Afterthisfeatureconfiguredusinghybridpicker,
Users having access (configured as the part of audience group) to Office 365environment,willberedirectedtoDelveUserProfile(i.e.Aboutmelink,undersettingsmenu,intoprightcornerintheribbon).ThiscanbeconfiguredaspartofOneDriveforbusinessconfigurationdescribedinthissection.Userswillbeabletoseetheaggregatedlistofhis/herfollowedsitesfromon-premise&Office-365environment(onclickofAppLauncher)
HybridOptionsThissnapshotdescribes thevariousoptionsavailablewithhybridconfigurationwithrespect tohybridextranet&hybridSearch.
WhatareNextGenPortals?Office 365 Video Portal, Infopedia & Delve are the out of the box NextGen Portals. TheseIntelligent,Social,Mobile,Ready-to-GoPortalsareenhancedbykeyOffice365capabilitieslikeOffice Graph, Office Add-Ins, OneDrive, Skype, Outlook, Yammer, SharePoint ContentManagement,AzureMedia&PaaSservice,ComplianceCenter.
TheseOffice365capabilitiescanbeleveragedinSharePoint2016On-Premiseserverwiththehelp of hybrid configuration.These capabilities includes experiences like Portals, Team Sites,Files,Search,Social,BIetc
NextGenPortalsPageRenderer&AuthoringcanvascomponentsarebuiltontopofSharePointContentStorage,this portalAPI can be accessed throughRESTAPIs.Custom portals can be created using theNextGenportaltemplate.BuildingblocksofNextGenPortalsareasshownbelow.
NextGenPortalArchitectureEachNextGenPortalconsistsofHubsitecollection&ContentSiteCollection (Channel).EachContentSitecollectioncanbecreatedinHubSiteCollection.
HubSiteCollectionHubsitecollectionissimilartoCommunityPortal(SearchCenterwhichshowsallcommunitiesinthefarm),ItdisplaysthedatahostedinContentSiteCollection/Channels.
HubSitecollectionsisunder<Office365domain>.sharepoint.com/portals/hubmanagedpath(PerTenant).Forexample,InVideoOffice365Hub,fromthiscentralsitecollection,differentvideochannelscanbecreated.
Security can bemanaged fromManaged Settings forHub Site collection /Channels.After youuploadthevideostochannel,youwillneedtowaitforthecrawlingtobecompleted.
ContentSiteCollectionWithrespecttoeachHubSiteCollection,Channels/ContentsiteCollectionsarecreatedunderthe/portals/managedpath.
LibrariesIneachContentSiteCollection,PortalDataisstoredinrespectivelibrariesindifferentformat.
Library FormatPages PagedataasJSONBloblistitemsImages ImageAssetsforpages
Videos VideoFiles(backedbyAzureMediaServices)
Office365VideoPortalOfficeusesVideoAzureMediaServicesfortranscoding(converting)videosinmultipleformatstobecompatiblewithmostdevices(devices).AzureMediaServicesonlyexistsinthecloud,socanbeaversion"hybrid"
Video hub portal inOffice 365, contains different channels,Video uploaded in this channel isstoredinAzureComponents&TimerJobmanagesinteractionbetweenSharePointOnline&Azure components. End user uploads video to SharePointOnline, SharePoint interactswithAzureServicemediaservicefortranscodingthevideoandstoringitinContentStorage.
AzureMediaservicealsoprovidesthumbnailsforreferencingtheparticularvideo.AzureMediaServicedeliversvideostreamingthroughAESsecuritytoContentDeliverynetwork&viewerscanviewsecuredcontents.FollowingfeaturesareresponsibleforVideoProcessinginSharePointOnlineWebApplicationFeature:VideoProcessingThisfeatureregistersvideoprocessingtimerjob.
WebApplicationFeature:CloudVideoThumbnailProvider.Thisfeatureprovidesfunctionstogeneratethumbnailsforvideos
InfoPediaThisistheKnowledgemanagementPortal,definitivehubforMicroSites,Boards&personalizedportalpoweredbyOfficegraph.
This landingpage shows the collectionofMicrosites (links toMicrosites enabledwithSocialFeatures).At high level InfoPedia is collection ofMicrosites, Boards, andArticles in definedhierarchy.FindmoreaboutInfoPedia&Micrositeshere.
DelveandOfficeGraphDelve is theknowledgemanagementportal incontextwithcurrent logged inuser & Officegraph is the graphical representation of related activities among related users and relatedinformation.
DelveusestheOfficeGraphtodeliverpersonalizedviewsofthepeopleandcontent.DelvenowletsyoudiscoverContenttypesfromacrossOffice365.TogetmoreinsightsonDelve&OfficeGraph,checkouttheseveryinformativepostswithmoredetails.http://www.dotnetmafia.com/blogs/dotnettipoftheday/archive/2014/09/08/a-quick-look-at-delve-in-office-365.aspxhttps://support.office.com/en-us/article/Office-Delve-for-Office-365-admins-54f87a42-15a4-44b4-9df0-d36287d9531b
ToactivateDelve,You’llneedtoturnontheFirstReleaseprograminyourOffice365ServiceSettings.You'llneedtoenableDelveontheSharePointSettingsaswell.
ChoosetheoptionAllowaccesstotheOfficeGraph(default).TenantadministratormayturnoffofficegraphandDelveforthewholetenancy.
InRibbon,navigatetoDelvelink.
AllowaccesstoOfficeGraph.
Alternatively,IndividualscanturnofftheDelvesettings.
OfficeGraphIt’san intelligent fabric thatappliesmachine learning tomatch theconnectionbetweenpeople,content and interactions all across Office 365.Office Graph consists of signals which showsactionsbetweenOffice365,Actors&Items.
Signalsaresecuritytrimmed&respectstheprivacyoftheendusers.SignalsarecategorizedasPublicsignal/PrivatesignalbasedonlevelofPrivacy.EachsignalconsistsofActorNode,Edges(toconnectActortoObject/Item)&ObjectorItem
Thistabledescribesdifferenttypesofedges(inSignals)withPrivate/PublicvisibilityEdge Description VisibilityPersonalFeedlFeed Theactor’spersonal feedasshownon their
HomeviewinDelve.Private
Modified Items that the actor hasmodified in the lastthreemonths
Public
OrgColleague Everyone who reports to the samemanagerastheactor.
Public
OrgDirect Theactor’sdirectreports. PublicOrgManager Thepersonwhomtheactorreportsto. PublicOrgSkipLevelManager Theactor’sskip-levelmanager. PublicWorkingWith People whom the actor communicates or
workswithPrivate
TrendingAround Items popular with people whom the actorworks or communicates with frequently.Aggregatedacrossseveralsignals
Public
Viewed Items viewed by the actor in the last threemonths.
Private
WorkingWithPublic
ApublicversionoftheWorkingWithedge. Public
DelveBuildingBlocksThistabledescribesthebuildingblocksofDelve&sequenceinwhichgraphqueryisexecuted.
Sequence Features Technique1 Graphsearch /_api/search/query2 Signals /_api/signalstore/signals3 Previewimages /_layouts/15/getpreview.ashx
OfficeGraphEndpointsCustomApps/SolutionscanbedevelopedusingtheAPIexposedbyGraphendpoints.Togettheendtoenddetailsaboutthisapi,getthroughConnect2015Videos.DelvecanbeextendedforcustomrequirementsusingGraphQueryLanguage(GQL),ExternalHybridContent,ExternalActivity.
top related