Hi,
I have found this question to be trickier than expected, so I wanted to put together my favorites links.
Let's start with oficial published information:
Other scenarios as security trimming (search related) are not been considered.
Although those articles seem a good starting point, there may be ambiguous general guidance when a customer tries to implement it. Overall I will simplify with: use Active Directory Groups, take into account boundaries, do not target max limits and understand manageability vs business requirements.
These articles from Joel Oleson and Eli Robillard are great summaries .
Finally, it is very important to be able to manage this security configuration efficiently, and here the main recommendation is to complement SharePoint with third parties or published tools as:
Bye!
For the next SharePoint version, I will bet on ASP.NET Routing as a main technology adoption. Upgrading VirtualPathProvider implementation would benefit the platform in many ways, even the following adoption of ASP.NET MVC.
Today I remember my main wishlist: friendly urls.
http://server/blog/posts instead of http://server/blog/_layouts/listfeed.aspx?List=<GUID
http://server/services/docid/CUSTOM-1-1 instead of http://server/_layouts/DocIdRedir.aspx?ID=CUSTOM-1-1
It would be great to have friendly urls for services (example Document ID), or RSS Feeds or <put your requirements here>. Of course it should consider extended managed paths for keywords or services and the adoption of some existing de facto standards (microformats).
In this scenario I would recommend reading Windows Live Lessons learned in the adoption of ASP.NET MVC
moving to a RESTful world?
Today, remembering the steps and some solutions made to manage security policies or accounts, I realized that when you make the underlying platform better and smarter, the overall ecosystem moves forward.
Looping about how to Manage and Sync Secure Data
So, just do not forget to add in you "plan for security" managed accounts
Namaste
Just a comment about my pausecrawl powershell script. Although it seems clear the pausecrawl command pauses an active crawl for the content source; I get last week some questions about it.
On the other hand, the PauseBackgroundActivity pauses all content-related activity for a Shared Services Provider's search service.
local vs global.
adios!