Friday, January 23, 2015

Add Extranet Security with Registration Approval Workflows



Extranet Collaboration Manager for SharePoint 2013 (ExCM) allows you to create users in three ways:

1.      Manually

2.      Invitation Registration (via e-mail)

3.      Anonymous Registration (potential users visit the Extranet site and click “Sign Up”)

The most common of these is via invitation.  When using invitations, there is most likely an existing business relationship with the invitee and the general thinking is that “if you’re invited, you’re approved.”  However, there may be certain scenarios where you want to add an approval step for invited users as well.

In addition, there may be instances where you need to implement Anonymous Registrations for user creation.  For example, suppose you didn’t know ALL of the email addresses for potential site users.  By using Anonymous Registrations, a user can visit the site, fill out the registration from, and create a new account herself.  The downside to this is that since your SharePoint Extranet site is available worldwide to anyone with an Internet connection, there is a possibility of invalid or unnecessary account creation.


By turning on approval in ExCM, ALL registrations (both invitation and anonymous) are required to be manually reviewed by someone and either approved or rejected…thus adding another layer of security to your site.  However, this could become a very tedious task for approvers since they would have to manually check for new accounts periodically and determine their approval status.  By creating a basic workflow, you can email approvers when a new registration occurs and let them know it’s ready to be reviewed.
In 2013 you will first need to activate workflows. Go to Site Settings > Site Collection features and activate "Workflows"

 
Next, you need to enable content approval on the Registrations list. You do this by navigating to the Extranet Management menu under “Site Settings” and then Registration Settings > Registration Approval Settings > Registration Approval:



Now you’re ready to create your approval workflow.  Out of the box, SharePoint provides a very basic workflow specifically designed for approval.  To configure it, you need to navigate to Registration Approval Settings as before and select “Registration Workflow Settings.”  From here you need to select the  “Approval – SharePoint 2010” template, specify a name for your workflow, then click “Next:

 

On the following screen you need to select the approver(s) to notify, enable content approval, and optionally specify a due date for the task.  Once that’s done, click “Save:”

 


The last step is to set up a workflow initialization to start the workflow.  This is also done on the Registration Approval Settings page.  Note that you can set up unique initializations for both Anonymous and Invitation Registrations.  For this post, we’ll only set up a workflow for Anonymous:


On the next screen, you need to choose your newly-created workflow and optionally provide a requestor and/or condition.  Let's just use the defaults for now: 


You can now see your workflow listed: 


After registering a new user on the site anonymously, the following email is sent to the approver specified above: 


By clicking the circled hyperlink or the “Open This Task” button, you are taken to a screen where you can perform a number of tasks on the registration. For this post we are going to simply “Approve” it. Once you have approved the registration, the user receives an email confirmation telling them that their registration has been approved.
 

In summary, the approval feature offered by Extranet Collaboration Manager for SharePoint 2013 (ExCM) can offer an additional layer of security to your site by requiring registrations to be reviewed by a specified approver.  Creating a simple out-of-the box approval workflow can greatly streamline the approval process by notifying the approver when a new registration is ready to be reviewed.  This workflow can be utilized for both Anonymous and Invitation Registrations.
 
 

Wednesday, January 21, 2015

Who ya gonna blame?


Yesterday I wrote No Pain, No Gain to talk about the fact that its HARD to have good systems.  That's because systems are the combination of people, procedures and technologies, and no matter what the software platform, or whether on-premises or Cloud, it just takes a lot of hard work for both IT people and Business people to have good systems.  That's fundamentally the reason some businesses have good systems and some don't.

One thing I intended to mention in the article, but forgot, is to make the point that when something is hard and takes a lot of work to do well, some people (me included at times) will look to find someone (or some thing) to blame, rather than just buckling down and working hard to get a good outcome.

With that said, I think IT people, as a group, have been "thrown under the bus" a lot in the last few years.  I think it has come first as a result of some Business people being unable to accept the fact that good systems require hard work, and that means for them too, not just IT.  So, it is easiest to just blame IT.

Tuesday, January 20, 2015

No Pain, No Gain


I recently read this blog post on Sharegate's blog:

Move to Office 365:  Did SharePoint Become the Reason?

The very first line of the post says this:

"It's been a long and exhausting road with SharePoint"

It inspired me to leave this comment, which I realized I wanted to make into a blog post.  So, here it is:

For business people, "IT" has been a long and exhausting road for 30 years or more.  And, one of the rarely spoken truths is that one key reason is because it is "hard to create and maintain good systems".

Systems are the combination of people, procedures and technologies.  It is really hard for organizations to combine those three things and come up with something that is really good.

Friday, January 16, 2015

Display a Security Trimmed Listing of Sites Using SharePoint Search



kudzuDepending on where you live, and how frequently you travel by car, you might have come across vast areas taken over by kudzu.  I’m always amazed at the vast land area kudzu can quickly take over.  I’ll bet if you stared at it for a while, you could actually see it grow.

As SharePoint grows in your organization, so do the number of sites each of your users has access to.  So how do you go about showing a listing of sites the user has access to, especially if their sites are separate site collections or even web applications?

If you don’t provide something for the users, it might be easier for them to find a green crayon in a field of kudzu.  You need something to help users find their sites besides relying on them to have well organized bookmarks. 

Thursday, January 08, 2015

Configure Host Headers for SharePoint Web Applications




My friend and I were driving down the road the other day when he turns to me and tells me that there is this website with links to great extranet security products for SharePoint and even links to SharePoint Training. I had to check this out for myself! “What’s the site?” I ask. “Oh, its http://216.215.157.252” To which I reply “Cool, I’ll look that up as soon as I get home… if I remember it!”


There is a reason we have DNS: it is so we can make things easier to remember. There was no way I was going to be able to remember http://216.215.157.252 unless I put it into a song (is 86753O9 going through anyone else’s head right now?)

You see, despite what Juliet may tell you, names are important. Sure a rose by any other name would still be as sweet, but the florist still gives me strange looks when I ask for a dozen #F80000 roses. You do not go around treating people as if they are storm troopers and asking "TK-421, why aren't you at your post? TK-421, do you copy?", so why would you treat your SharePoint web apps like they are storm troopers?

Give your SharePoint web apps names by configuring Host Headers.
 


Monday, December 22, 2014

New White Paper Addresses Extranet Security Best Practices


In using SharePoint as an extranet platform, one of the first decisions that IT pros face is where to store the extranet user accounts. Which alternative makes the most sense?

This is the topic which our new white paper, The Case for Using Forms-Based Authentication (FBA) and the SQL Membership Provider for Implementing a SharePoint Extranet, addresses.

The paper can be downloaded from the PremierPoint Solutions website.

An extranet is like an intranet which can be accessed from anywhere on the Internet.

Because the extranet is accessible from the Internet, the need for iron-clad security is paramount. Just as important is the need for users to be able to access and use the extranet easily.

But can both of these seemingly opposing goals really be achieved?

According to the white paper, these ostensibly conflicting goals can be achieved by using FBA and the SQL Membership Provider in on-premises SharePoint.


Tuesday, December 16, 2014

Special Holiday Pricing on SharePoint Training



It's the most wonderful time of the year for SharePoint training!

PremierPoint Solutions is making it more affordable than ever before to get quality SharePoint training.

We have never, in the 10-year history of our company, made the kind of offer on SharePoint training that we are offering right now! $700 to $900 off the regular price of 3- and 4-day classes.

It’s our holiday gift to you.

Every December and January class is just $995.*


Register from now to December 31st, 2014, for any 3- or 4-day December 2014 or January 2015 training class, and pay just $995! That’s $700 to $900 off the regular price for these classes, thanks to our Special Holiday Pricing (SHP)!

You must use the Promo Code “MYGIFT” when you register online to get the special pricing.


Tuesday, November 18, 2014

How can I use InfoPath to get KPIs in my library?


This post is an extension of a previous post about creating and using Key Performance Indicators (KPIs) in a SharePoint library, based on a calculated column. The follow-up question is, “Can I use InfoPath to set KPIs in SharePoint?”
The answer is “Yes, but... it takes a little bit of work.”
The problem is that neither SharePoint nor InfoPath is set up to enable users to simply click a couple of buttons and make KPIs magically work. (Sometimes, a calculated column can be a better choice. Read about that solution here.)
We can work around this deficiency, though, by:
  1. creating a SharePoint column to display pictures
  2. finding or uploading KPIs we want to use
  3. creating an InfoPath field to store a link to our KPIs
  4. promoting the InfoPath field to the SharePoint column  
In this post, we will use SharePoint 2010 Enterprise and InfoPath 2010, but it should work the same way with SharePoint and InfoPath 2013. 

The Best Way To Get A Correlation ID Error Out of Your ULS Logs


One constant in the SharePoint world is that there are always multiple ways to do almost everything.  I can't recall the number of times I've heard someone in a meeting say "there's many ways we can skin that cat" when asked how to do something in SharePoint.  I'm not real well versed in cat skinning, but I get the point.

I work with clients and customers all over the world.  It's interesting to see all the different ways and free tools used to figure out what that pesky correlation ID that popped up is trying to tell us.  There are definitely a lot of ways to skin that particular cat.  The one I use unequivocally in every situation is merge-splogfile.  This is definitely not a brand new concept but it is new to most of the SharePoint professionals I speak with.  I'm not the first to blog about it but since it is still relatively unknown with those I speak with, and this blog has good viewership, I feel compelled to share.


Tuesday, November 04, 2014

New White Paper: Cost-effective, Enterprise-ready SharePoint Extranets




A SharePoint extranet gives an organization’s employees, partners, vendors, and clients access to the specific information they need, when they need it.

In fact, the same things that make SharePoint a great intranet platform also make it a great extranet platform. But there is a problem.

While SharePoint is built for collaboration and contains built-in collaboration tools, IT professionals who attempt to implement SharePoint as an extranet quickly find out there are many hurdles to overcome.

In SharePoint, Microsoft’s extranet platform does not provide an easy way to: 

      Deploy an extranet
      Secure an extranet
      Manage an extranet
      Empower users to solve simple login issues or perform simple administrative actions for themselves
      Facilitate simple user-friendly access

A new white paper, “Providing Enterprise-ready and Cost-effective Extranets with SharePoint,” examines the kinds of business problems a SharePoint extranet can help an organization overcome and explains a way to overcome extranet hurdles, making extranet management and use secure, easy, and affordable.