HOUR 4
Using the Administration Site

What You’ll Learn in This Hour

Ensuring access to the SPF 2010 site

Working with the Administration site

This hour is about working with a site that the installation of SPF 2010 has created for the use of Administrators. Before we start working with that Administration site, the following section discusses how to make sure you can access any site in the SPF 2010 system.

Ensuring Access to the SPF 2010 Site

So far we’ve accessed the site from a browser running in the server. (From now on, I’ll assume that you are running the server in a VM.) Then it was perfectly fine to access the site using http://SPF1 because the server knew what SPF1 was—it was its own server name.

The next step is to access the VM from the host machine of the VM software. That host machine—probably running Windows 7—is where our client software (Office 2010; SharePoint Designer 2010 and maybe other client programs) has been installed, so mostly we will access the site from there.

The problem is that the host machine doesn’t know what http://SPF1 means.

What happens if we try it anyway will vary depending on what search routine we have connected to the browser. If we have a search product (such as Bing or Google) connected, there will be a results page from that search product giving the results of an Internet Search for http://SPF1. If there isn’t and you are using Internet Explorer as your browser, you will see the page shown in Figure 4.1.

FIGURE 4.1 Internet Explorer cannot display the web page

We need an alternative to using http://SPF1, which is to use the TCP/IP address of the site rather than the server name. To use the TCP/IP address, follow these steps:

1. Open the command prompt and enter ipconfig/all. Figure 4.2 shows the output of this command.

FIGURE 4.2 The result of ipconfig /all

You have to find the correct section, but here the TCP/IP address we want is 192.168.244.130.

2. Note the TCP/IP address.

At this stage, trying http://192.168.244.130 from the host system gives you Figure 4.1 again, so you must get rid of the Windows Firewall in the server. At the moment, it is blocking our access from the host system.

3. Go to Start > Administrative Tools > Services and scroll to Windows Firewall (see Figure 4.3).

FIGURE 4.3 Finding Windows Firewall in Services

4. Double-click Windows Firewall. Set it to Disabled (see Figure 4.4).

FIGURE 4.4 Disabling Windows Firewall

5. Click Stop.

6. Click OK.

At this stage, if you try to access the site using http://192.168.244.130 from anywhere other than the server, it still won’t work. You must carry out Step 7 first.

7. Reboot the server.

After the reboot, you can access http://192.168.244.130 from the host system.

When this has been successfully done, the next step is to try to access the server from a different client machine. This can be anything with a browser, so in my case, I tested it with a MacBook running the Snow Leopard version of the Mac operating system and using Safari as the browser. (If that works, anything will!)

This final check is useful if you want to work with your site as if it were a real production server. Then you would naturally not want to restrict yourself to working with the host machine of the VM. You would want the server to be accessible from a number of different client systems, possibly running different operating systems and browsers. (In my case my test from the Mac didn’t work.)

In such cases, look at the Networking definitions of the VM system. Figure 4.5 shows the Networking settings that were required in VM Workstation 7.0.

FIGURE 4.5 Specifying the fully correct VM networking settings

Setting this to Bridged was the key final step. The previous setting of NAT (the default) was enough to let the VM connect to the Internet and to be visible from the host system but wasn’t enough to enable access from another machine in the same network.

Working with the Administration Site

The installation of SPF 2010 installed two sites:

Default site called Team Site (accessible with http://SPF1)

Administration site (accessible with http://SPF1:randomportnumber)

In this book’s test installation, the random port number is 41170; in your case it almost certainly won’t be. It will however always be a random number (here 41170) unless you specifically change it.

To see how to work with the Central Administration site, follow these steps:

1. Open the Administration Site with http://SPF1:yourrandomportnumber. Alternatively, on the server, you can also open it with Start > SharePoint 2010 Central Administration.

2. Complete the usual login. Figure 4.6 shows the standard Central Administration page.

FIGURE 4.6 SharePoint 2010 Central Administration

Figure 4.6 is a bit reminiscent of a modern operating system Control Panel as compared to the Classic View of the Control Panel that the MOSS 2007 Central Administration looked like.

So far, apart from the (to old hands) somewhat confusing look, there seems at first glance to be nothing particularly new there.

As you see in this brief look at some of the Administration options, Microsoft has done a good job of including the 2010 Central Administration functions that required manual activity (in some cases a lot of nonobvious manual activity) in the 2007 version.

Looking at Some Improvements Compared to Earlier Products

Specifying Where the Search Routine Should Search

The book I wrote on WSS 3.0 (Sams Teach Yourself SharePoint 2007: Using Windows Share-Point Services 3.0) included two actions that need to be done before going further: Alternate Access Mapping (AAM), which is discussed later in this hour, and specifying which server is running the SPF 2010 search routine, which no longer needs to be done.

Here we look at why we no longer need to specify a server for search. Then we look at where to restrict the use of SharePoint Designer 2010 (SPD 2010) and when to specify email parameters. And finally, we look in depth at how Alternate Access Mapping now looks.

If you want to get on with it, you can skip to the section “Configuring Alternate Access Methods.” I do, however, recommend that you don’t ignore the section on how to restrict the use of SPD 2010 as this could be a lifesaver.

At first sight, everything is the same:

1. From the Central Administration page (refer to Figure 4.6), click Manage Content Databases (2007 = “Content Databases”) in the Application Management section. This gives in the case of the single server SPF 2010 installation a screen listing a single database with the default name of WSS_Content.

2. Click that name to bring up the Manage Content Database Settings screen, part of which is visible in Figure 4.7.

FIGURE 4.7 A section of the Manage Content Database Settings page

As you can see in the Search Server part of Figure 4.7, the server name SPF1 is already entered in the entry box. In other words, the system—without any manual action—already knows where the content database is located that the search routine will search. In the 2007 version of SharePoint, this value (even though the content database could only be in the only server that we had) needed to be entered before any search results could be obtained (which was the source of many newsgroup questions).

Having the server name specified automatically is a typical example of how the 2010 version concentrates on tidying up the failings of the previous version.

Restricting the Use of SPD 2010 with the SPF 2010 Site

SharePoint Designer 2007 (SPD 2007) was a powerful tool for site customization, but in the wrong hands, it could lead to disastrous results. So it was often necessary to make manual adjustments to the SharePoint system so users could not use SPD 2007 with SharePoint 2007 sites.

In the 2010 products, there’s a single page accessed via Central Administration where you can specify exactly what can and cannot be done with SPD 2010. You can access this page by going to the General Application Settings page (see Figure 4.8) and clicking Configure SharePoint Designer Settings.

FIGURE 4.8 General Application Settings

As shown in Figure 4.9, not only can you now block users from doing anything with SPD 2010, you also have various options that restrict the rights of site administrators.

There are many more examples of how the Microsoft team has noted problems with the earlier versions of SharePoint and have tried to ensure that they do not occur with SPF 2010 by improving the way Central Administration works. The final example discusses how Microsoft improved incoming email.

FIGURE 4.9 Options for the use of SPD 2010 with SPF 2010 sites

A Useful Small Improvement in Email Specification

Specifying incoming email is simpler if an SMTP server is available, so rather than just assume that everyone knows this, the Microsoft team has added a simple pop-up screen when “incoming email” is selected that warns that Advanced settings need to be selected (which means manual work) if an SMTP server is not available (see Figure 4.10).

FIGURE 4.10 The SMTP service warning in the Incoming Email Settings page

Configuring Alternate Access Methods (AAM)

Most administrators need to configure the alternate access metholds (AAM) at an early stage.

The problem occurs when you access a SharePoint site using a different name than http://<servername> (in our case http://SPF1).

At first everything works fine, provided the name you give (perhaps http://sharepoint.mycompany.com) can be converted (using the company’s Dynamic Name Server [DNS] perhaps) to the TCP/IP address of the site; then the default page of the site will be accessed as if you were using http://SPF1. After all, that TCP/IP address is the address of http://SPF1, too.

But at some point, you need to access a page internal to the system only known by the address http://SPF1/PathWithinThe Server/default.aspx (for instance) and that page won’t be found by a browser looks for http://sharepoint.mycompany.com/ PathWithinTheServer/default.aspx or even by a browser that looks for http://<TCP/ IP address>/PathWithinThe Server/default.aspx.

To solve this problem, SPF 2010 includes AAM. To use this function, follow these steps:

1. In the Central Administration main page (refer to Figure 4.6), click the Configure Alternate Access Mappings in the System Settings section of the main part of the page (see Figure 4.11).

FIGURE 4.11 Alternate Access Mappings

As you can see, two sites (the default site and the Central Administration site) are listed. The following steps amend the default site. The procedure is the same for the Central Administration site if you want people to access it from outside the server.

2. Click Edit Public URLs.

Figure 4.12 shows the page you see after the Intranet and the Internet fields have been completed.

FIGURE 4.12 One Alternate Access Mapping Collection

Here, you can mix addresses such as http://sharepoint.mycompany.com with TCP/IP addresses such as http://192.168.1.2.

What you can’t see is that there is no particular reason—beyond good documentation—why the intranet address http://sharepoint.mycompany.com should be entered into the Intranet row.

If you have a single address to enter (apart from default) it can be entered into any of the four rows: Intranet, Internet, Custom, or Extranet. Default however is important because that is the address to which the other addresses will be converted.

Summary

This hour looked at the Central Administration site. It showed a few improvements made for this version of SharePoint and how and why to amend the Alternate Access Methods settings so that (in our case) full access to the site can also be available remotely using the address http://192.168.1.2. (Replace this with the TCP/IP address you have for your site.)

Q&A

Q. Are there any other functions of Central Administration that you particularly like?

A. Much of the Central Administration is a tribute to the desire of the Microsoft team to make actions that needed to be done in the earlier versions of Share-Point easier.

One simple thing that I like is the ability with one-click (provided you are on the right page!) to see exactly what SharePoint products have been installed and what their exact version numbers are.

You do this by selecting (again from the basic Central Administration page or Figure 4.6) Upgrade and Migration and then Check Product and Patch Installation Status. That gives a list that at this early stage looks like what is shown in Figure 4.13.

FIGURE 4.13 Patch status

Having this so easily available is useful when providing exact product information to people in forums (or from Microsoft Customer Support Services) trying to help with a problem.

Workshop

Quiz

1. Do you need to be on the server to access Central Administration?

2. Which alternate access box do you need to fill in if users will be accessing your site from an extranet?

Answers

1. No, you can access Central Administration remotely via the browser provided this possibility has not been shut down for security reasons. If it hasn’t you should specify suitable AAM settings for the Central Administration site and for the default site.

2. This trick question expects the “obvious” answer that you will need to write the address in the Extranet field, but any of the four fields can be used. Using the Extranet field, however, would be good practice (and would provide good built-in documentation).