Alexander Windel's Blog

Does integrating Silverlight or Popfly into a SharePoint solution add any value?

This is the kind of question I have been asked a couple of times recently.... And actually this question has 2 answers.

1. Popfly is a Silverlight-based web mashup platform and is targeted at Internet web sites -only-. This implies it's NOT really a suitable option for typical intranet deployments. In the case of SharePoint, you can instead use "Web Part Connections" in your intranet sites and effectively get similar functionality.
   
   
2. Silverlight (1.0 or 1.1) is a runtime environment for Rich Internet Applications. v1.1 will add support for applications written in any .NET language which should give it a significant edge over competing products. The Mono guys also work on a Linux version of Silverlight - aka "Moonlight". Well, would you want to use anything like this in an intranet? In a couple of scenarios the answer can actually be "Yes". I can think of 2 use cases...
   
   a) In certain industries: multimedia applications running on some of your intranet web sites
   
   b) More of a "killer app": building a simplified, user-friendly and highly intuitive GUI for the 5-10% (= not for a simple team site but rather for sth like a product accessories explorer app) of your most complex intranet applications which would otherwise prove difficult to navigate. Enhanced intranet usability can save a company real money (think improved productivity).
   
   Fortunately we will release a Silverlight dev kit for SharePoint v3 some time soon, have a close look at
   http://blogs.msdn.com/rbarker/archive/2007/11/02/been-slow-to-update-lately-my-apologies.aspx
   for more details.....

Added another search macro --- the search scope covering Microsoft Surface technology.... Will certainly keep this one updated!

Browse to http://search.live.com/macros/t/sf or add " macro:t.sf" in your live.com query.

Btw., you can view the list of all those search macros at http://gallery.live.com/Author.aspx?a=d488a303-0a92-49d9-aac3-be314bb8ee17

Did you know you can customize our search engine at www.live.com ?

There is this concept of so-called "search macros" which allows users to define some kind of very specific search scope: if you already have some kind of "link collection" for a certain topic, if you already know these Internet web sites contain the best data to answer the question you have, then why not submit a search query targeted at exactly those web sites (via a search macro)............... Find below some samples, and feel free to add your own at http://search.live.com/macros .

• Microsoft: Simply add " macro:t.msft" (without quotes) to your normal live.com search query! Or browse to http://search.live.com/macros/t/msft
• Oracle:     Add " macro:t.oracle" (without quotes) in www.live.com ! Alternatively browse to: http://search.live.com/macros/t/oracle
• IBM:         Add " macro:t.ibm" (without quotes) to your live.com search query or browse to http://search.live.com/macros/t/ibm
• SAP:        Add " macro:t.sap" (without quotes) to your normal live.com search query or browse to http://search.live.com/macros/t/sap
• Google:    Add " macro:t.google" (without quotes) to your normal live.com search query or browse to http://search.live.com/macros/t/google

By the way, (even) if you are a Google addict you will surely love the Google search macro. If you have ever wanted to find some information A B O U T Google you may have noticed it's hard to distinguish (in Google.com) between "usual" search results and data about this company called "Google". Both use the same domain name (not really a good idea from a -search- point of view), and Google's corporate information is distributed on a variety of different google.com URL's. Well, Live.com is here to help...

A tool that we've all been waiting for a looong time, has finally been released: the SharePoint v3 Best Practices Analyzer!

No matter whether you're in the planning phase of your Office SharePoint Server 2007 (or WSS v3) deployment or you already use SharePoint v3 in production, make sure you run it on your servers once in a while..... Here's the download link:

http://www.microsoft.com/downloads/details.aspx?familyid=cb944b27-9d6b-4a1f-b3e1-778efda07df8&displaylang=en 

Ever wondered what Microsoft Research works on in its many projects? Although one of the most prominent ones is "My Life Bits" (a lifetime store of "everything"), there's a lot of other (less prominent) projects which however may have more immediate benefits for users.... "SLAM" is one of them... This prototype software enables real-time communication, (optional) location awareness and photo-sharing for groups using mobile devices, and it even integrates with Virtual Earth... Browse to the web site of the Social Computing Group to learn more about other projects (like Wallop, just another cool idea...)

Have a look at the latest MOSS2007 Visio drawings for IT admins, this is really cool stuff:

SharePoint Database Administration

http://office.microsoft.com/search/redir.aspx?AssetID=AM101638931033&CTT=5&Origin=HA101639821033

SharePoint Application Security

http://office.microsoft.com/search/redir.aspx?AssetID=AM101638891033&CTT=5&Origin=HA101639821033

For those of you who don't have Visio....... http://www.microsoft.com/downloads/details.aspx?FamilyId=3FB3BD5C-FED1-46CF-BD53-DA23635AB2DF&displaylang=en

Just came across an interesting web site by a US company called "Fred Cohen & Associates". They designed a sophisticated security database with cross references between various attack/defense methods and related threat profiles...

http://all.net/CID/Attack/Attack.html

http://all.net/CID/Threat/Threat.html

Very valuable for understanding the BIG picture...

In the event of a business critical disaster the following steps are essential to make a formal Root Cause Analysis (RCA) succeed:

1. Start preparing for a Root Cause Analysis at the time of the disaster.
2. In case of a Microsoft CritSit ask the Microsoft Support Professionals that you would like to have a formal Root Cause Analysis performed later (after recovering from the disaster) as part of a new service request and have them compile a list of suitable data gathering tools to be run.
3. Make sure your IT business processes are aligned to your planned root cause analysis  – once the decision to perform an RCA has been made, all “cleaning” processes (eg. the number of days after which diagnostic logs are automatically deleted in SharePoint) have to be paused – this also includes the number of days after which SQL backups are deleted.
4. Allocate time and resources for the RCA as soon as you have recovered from the disaster. Don’t delay this task. The sooner the RCA is performed the more likely the exact root cause will be determined.

Sarbanes-Oxley section 404 is all about effective internal controls - and when it comes to documenting these, Anthony Tarantino's "Manager's Guide to Compliance" recommends the use of

• Electronic work and approval flows (sounds like Windows Workflow Foundation)
• Risk Management tools
• Event Management tools (workflow notifications / document sharing)
• Document & Records -Management- tools (Office SharePoint Server 2007)

But the paragraph I like is:

"Of these best practices, deploying a document management tool should be given the highest priority."

Well, then it continues like:

"Best practices would include the replacement of uncontrolled spreadsheets."

The author refers to a study by PriceWaterhouseCoopers in 2004 - making an argument for eliminating "uncontrolled" spreadsheets especially "in preparing and presenting financial findings". According to the author, the most painful issues leading to incorrect spreadsheets (and even fraud) are

• Poor spreadsheet security
• No version control
• Poor or nonexistent training

Security and version control for spreadsheets - only having ONE version of the truth - was actually a key goal when Excel Services (will ship with MOSS2007) features were designed......

Does your company have a privacy policy? Well, hopefully it has. So what happens when you receive customer data and you need to forward them to a colleague?

Do you send the files as e-mail attachments? If yes then most likely you either use a very broadly stated "privacy" statement or well, you know.... So how can you comply with your privacy policy? There's many ways, and one of them is uploading all customer data to a SharePoint document library first and then configuring document library permissions so only your colleagues who really need to work on those documents can actually read them. A more automated way in Office 2003 is called "Shared Attachments" - see http://office.microsoft.com/en-ca/assistance/HP010258451033.aspx ...

One of the Office 2007 products I'm most excited about is Groove. It's really team collaboration at its best. SharePoint users will love the Groove 12 SharePoint Files Tool (see: http://blogs.msdn.com/marco/archive/2005/11/10/491460.aspx ). And in general Groove's offline capabilities have VERY special importance for organizations in charge of emergency response plans... In the words of Craig Fugate, director of the Florida Division of Emergency Management:

"[...] if you lose the servers, you're toast. You can literally have somebody with a backhoe cut two fiber lines and lose [the server]. Having Groove on other PCs, it gives you a way of creating this virtual environment. You have to knock this place out, my home out, and the mobile command post out for me to lose connectivity and not be able to work. [...] The ability to work offline and then synch the system when you do get connected means you can actually send people into areas where there is no connectivity. So, in many ways Groove provides a very powerful tool for Continuity of Operations."

Read the whole case study here: http://www.groove.net/index.cfm?pagename=CaseStudy_Florida

Finally version 2 of the Microsoft Threat Analysis & Modeling (aka MS "TAM") tool is available on our download pages..... Some of the things it helps you design in terms of application risk management include:

- Data access control matrix
- Component access control matrix
- Subject-object matrix
- Data Flows
- Call Flows
- Trust Flows

Try it out..... http://www.microsoft.com/downloads/details.aspx?FamilyID=334ad466-8b53-4440-8ff0-6ac8142d9198&DisplayLang=en

A nice video is available at: http://www.microsoft.com/downloads/details.aspx?FamilyID=29a6d444-9954-41f3-9666-3688417b5e08

If you like our Patterns & Practices MSDN pages (http://msdn.microsoft.com/practices/) here's another utility you will love.... The "Guidance Explorer" is a tool to easily find relevant patterns & practices guidance for your .NET applications!

http://www.gotdotnet.com/codegallery/codegallery.aspx?id=bb9aecfe-56ba-4ca9-8127-44e551b90962

http://channel9.msdn.com/wiki/default.aspx/GuidanceLibrary.GuidanceExplorer

Now there's an easy way to assess some of the security policies and procedures in your organization: the Microsoft Security Assessment Tool  is complementary to utilities like the Baseline Security Analyzer and helps you get an understanding of the most severe security risks in your organization....

https://www.securityguidance.com

https://www.securityguidance.com/faq.htm

Although SharePoint Portal Server 2003 is primarily an intranet solution, you can use it for extranets, too. The SPS extranet white paper describes scenarios using ISA Server 2000/2004:

http://www.microsoft.com/downloads/details.aspx?FamilyID=4c5bf9dd-3efb-451d-b213-98ed039190bf&DisplayLang=en

How do you migrate SharePoint Portal Server user accounts after a domain change? First of all, make sure that either the post-SP1 hot fixes mentioned in the KB articles below or even better, Service Pack 2 for Windows SharePoint Services and SharePoint Portal Server 2003 have been installed. And then....

1) Run stsadm -o migrateuser -oldlogin DOMAIN\user -newlogin DOMAIN\user [-ignoresidhistory] for a user as described in http://support.microsoft.com/kb/896593/

2) Create an application that calls Microsoft.SharePoint.Portal.PortalAccountMigrationManager.MigrateAccount() as described in http://support.microsoft.com/kb/896161/

3) Repeat steps 1-2 for each user you wish to migrate

You could certainly take advantage of SPUserUtil, have a look at http://blogs.msdn.com/krichie/archive/2006/02/18/534752.aspx