One of the things that customers appear to want, and will like about SharePoint is the ability to ‘brand’ or ‘skin’ it. For some reason, it’s something that people always get hung up on – what it looks like, not how it works – and I don’t expect we will have many projects that don’t have the question of branding/skinning/customisation. But what does this mean, how does it work, and what are the limitations? Continue reading “SharePoint Branding or "Pimp my SharePoint"”
Author: Andy Burns
Tame STSADM
Great tips on finding commands in STSADM and piping them. Very cool.
Threat Modelling at Microsoft – an example
Interesting – Larry Osterman explains how MS do threat analysis (in lots of parts). Found on Bruce Schneier’s Blog. Worth a read – certainly it’s made me think about the stuff I’ve written.
Spence Harbar's App Pool Recycling tool
Note to self: I keep needing/using this tool to avoid IISRESETs during SharePoint development. Much faster…
Feature Stapling by Ted Pattison
An instructive Post by Ted Pattison. I’ve got to confess, I’m still getting used to the breadth of things you can do with features. I could spend weeks looking into this…
Abject Failure and Complexity
I’ve been meaning to post this for ages – Marus Ranum on why information security is an abject failure. And he’s right – the problem is the complexity of todays interactions, both at a protocol and language level.
To me, the problem is one of failure of KISS (Keep It Simple, Stupid). Applications and protocols haven’t been, and we’ve had more tacking together of technologies, and expansion of complexity of everything.
I mean, consider what languages you needed to know 10 years ago, and now:
Then:
HTML 3.2, JavaScript maybe, Perl if you’re brave, SQL if you’re a hero.
Now (Microsoft Stack only):
HTML 3.4, 4 (various favours), XHTML, XML, XSL, XPATH, JavaScript (much more complex), ASP.NET 2.0, C# or VB, .NET frameworks 1.1, 2, 3 and 3.5 (soon), ADO, SQL, CSS, ‘AJAX’
That’s just the languages and base technologies – never mind getting into a higher level of software (e.g. SharePoint). Or non-MS technologies – Ruby, Rails, Python, Java in various forms…
It’s similar in protocols…
Then:
HTTP, HTTPS, FTP, SMTP / POP
Now:
HTTP, HTTPS, FTP, SMTP / POP, SOAP, Web Services (plus various extensions), IMAP, Various Peer-To-Peer protocols, Various Instant Messaging protocols
(Yes, those are fairly high level, and from different levels of the stack – but still, you’re expected to know about them.) (And yes, I suppose you’d need to know a bit about TCP/IP and IPSEC)
Does that sound simple? Does my granny skateboard?
(Well, no, but that would be so cool).
Security will be impossible with such a complex, varied stack of technologies, and developers simply won’t be able to specialise enough to know how to make secure enough applications. It alarms me how wrong people are getting password storage alone – I mean, this stuff has been known since the 70’s. If they can’t get that right, how will they manage with a such a deep and varied set of tools?
Georeplication in SharePoint
More for my benefit than anyone else, but there is blog post on Joris Poelman’s (JOPX) blog about georeplication in SharePoint. The crux of it is, SharePoint 2007 doesn’t really do it. But you could implement your own using the Content Migration APIs – which Stefan Gossner goes into in parts 1,2,3,4.
However, if you are considering a system using georeplication, please remember you must have enough bandwidth. If your network can’t handle the traffic needed over it already, before adding georeplication, then you are buggered. Georeplication might reduce cross site traffic, but you still need the bandwidth to actually do the replication. And you’ll have to be able to live with slow replication. And, as mentioned above (and by Joris), it is a significant development exercise.
I’m sure someone will do it though. And I’m confident that Microsoft will do it for a future version of SharePoint. It’s too powerful a feature to not have in an enterprise app.
Using a different Master Page on Application Pages
Previously I found (in ‘David’s Blog’) a way of using an HTTP Module in SharePoint to change the master page used by ‘application’ pages. I fiddled with it a bit and made it work properly.
Unfortunately, I’ve lost my code (HD crash) and David’s blog is defunct (I think it died when the SharePoint Blogs site died).
So, some links to similar relevant pages:
Deploying Enterprise Search at Microsoft
Interesting – Deploying and Supporting Enterprise Search – interesting. Gives you an idea of the hardware necessary for a big system, and the sort of on-going administration required.
SharePoint Workflow and when to use it…
When building SharePoint workflow solutions you need to be very careful in only using it for small, single document-centric processes, and you need to try to avoid the ‘pain points’. For processes that push the boundaries of what workflow can do, you should consider redesign of the solution to reduce the workflow element or alternative products.
In a collaboration and publishing system like SharePoint, some sort of support for standard business process is essential. SharePoint workflow supports that for simple processes, but it is not enterprise grade workflow (yet). Indeed, out of the box it doesn’t work (at least, not fully). I’ll explain some of the issues with SharePoint Workflow later, but first I want to describe what SharePoint workflow is. Continue reading “SharePoint Workflow and when to use it…”
Andy Burns' Blog 