Sitting in the Atlanta airport waiting for my flight home seems as good a time as any to summarize what I learned this week at Tech Ed 2011 in Atlanta. 

First, this is the second year in a row that I have used my iPad at Tech Ed for note taking.  Last year I used Apple’s Pages app to take notes, and that worked reasonably well.  During the keynote this year I searched for other options and came across iThoughts HD.  This is a mind mapping app similar to Freemind or XMind on the PC.  This app worked incredibly well for me taking notes, as often the presentations would bounce back and forth between topics and the ability to simply tap on the nodes within the mind map felt very natural and productive.  In addition, the app allows you to export in a number of formats, two of which being Freemind and Xmind, so I will be able to send my maps to the PC and edit them in one of those programs. 

While the iThoughts HD app was great, you could do the same thing on the PC using the previously mentioned Freemind or Xmind apps.  Where the iPad really shines however is the fact that you can go ALL DAY taking notes, browsing the web, tweeting, etc. without ever having to look for an electric outlet!  If you have been to Tech Ed, you no doubt understand how difficult it can be to find electric outlets to charge your laptop.  In a sea of 10,000 attendees, electric outlets are precious resources. 

Okay, enough about how great the iPad is, on to what I actually learned!

Virtualizing SharePoint

Virtualizing SharePoint was a good session, although it didn’t necessarily provide a bevy of new information, it at least validated things I believed to be true.  Couple of key points:

  1. SharePoint and virtualization go together like peanut butter and jelly.  If someone tries to tell you otherwise, smack them and their momma.  Yes, SharePoint is resource intensive, so no, don’t build your hyper-v cluster on 386SXs.  Use the latest server hardware technologies available, use the latest hypervisor offerings from Microsoft and VMware, use Windows Server 2008 R2 guests, and be happy.
  2. Certain SharePoint roles are absolute slam-dunks for virtualization, other roles require further consideration.  Web front ends, query, and app roles are all ideal candidates for virtualization.  What makes something an ideal candidate for virtualization?  Really it comes down to how resource intense the role is.  In a SharePoint farm, the aforementioned roles happen to be the lighter roles within the farm.  This leaves your index/crawl roles and your SQL roles up for debate.  Whether or not you choose to virtualize your SQL servers is greatly influenced by how large/active of a farm you have, and how important the benefits of virtualization are. 
  3. Fixed-size VHDs and direct-attached LUNs are very close in performance.  Do NOT use dynamically sizing VHDs.  You can think about it, but DON’T DO IT.  Where disk performance is of utmost importance, *hem hem* SQL server *hem hem*, send the LUN straight to the VM.  Where it is not as critical, like in a web front end or app server role, using a fixed-size VHD gives some flexibility in terms of moving the VHD around, and the performance impact is negligible.
  4. This doesn’t apply to just virtualization scenarios, but ALWAYS, ALWAYS, ALWAYS define a SQL alias and point SharePoint at the alias, otherwise you can not move your SQL instance housing the SharePoint config database.
  5. Okay, I don’t fully get this one just yet, so I need to do more research, but apparently allocating memory that causes the VM to cross NUMA boundaries is a V.ery T.hing.  In simple terms I understood what was being said, take the amount of RAM of the host machine and divide it by the number of cores, and that is your NUMA window size.  Then multiply that size by the number of CPUs assigned to the guest and do not exceed that, but as I understand it that is an oversimplification.  Crossing NUMA boundaries allegedly leads to a performance hit of 30% or more.
  6. For any disk intense guests make sure the RAID configuration for the VHD or the RAID configuration for the LUN is RAID 10.  This ensures the greatest write performance.
  7. Reverting to VM snapshots is NOT supported by Microsoft.
  8. Combine SQL Mirroring with HyperV/Vsphere clustering and you have a robust high availability solution.
  9. Do not put your SQL guest and your web front end on the same physical host.

Cross-Farm SharePoint Services

This session was really heavy on the PowerShell needed to implement cross-farm services, which I didn’t find to be tremendously useful.  The PowerShell was not up long enough for someone to transcribe it, and you are not going to commit it to memory in the short amount of time it is being displayed, so I would have preferred more discussion around the concepts and techniques being used instead of just showing code.  In any event, I did pickup a few things from this session:

  1. Cross-farm shared services are synonymous with federated services.
  2. Cross-farm shared services can be in different domains. 
  3. Writing PowerShell scripts to create/configure your farms makes for better disaster recovery documentation than “click here, click here” documentation.
  4. Cross-farm shared services are not compatible with Office 365.
  5. The load balancer that SharePoint has out-of-the-box for service applications does simple round robin load balancing, it does not perform health checks of the services.
  6. Regardless of the authentication type for the web application, behind the scenes SharePoint is using claims authentication.
  7. When troubleshooting issues with federated services, ensure that the consumer has permissions to the Topology Service.

Building IT Dashboards with Visio Services

Picked up a few tidbits here; I hadn’t previously seen any demos of Visio Services or had an opportunity to play with it myself, so just seeing it being used was interesting.  Here are the highlights:

  1. Visio Data Graphics allow you to overlay shapes with an icon based on a rule.  Think Excel Conditional Formatting rules.  Very cool.
  2. When you save your Visio Diagram, make sure to save as a “Web Drawing”
  3. Visio Services provides a “read-only” view of the diagram.
  4. Visio Services renders using a Silverlight web part, but can degrade to a raster form of the diagram if Silverlight is not available on the client.
  5. Visio Services can use the following data sources:  Excel Services, SQL, OLE DB, ODBC, Custom, SharePoint List.  It cannot use External Lists/BCS or Analysis Services.
  6. Visio Services is a component of the SharePoint Enterprise SKU.
  7. Visio 2010 Premium contains a SharePoint Workflow template.
  8. You can use web part connections to connect a Visio Diagram to an InfoPath Form web part as an example.  If you want to connect multiple data columns you need to use SharePoint Designer as the web interface only allows you to connect a single data field between the two web parts.
  9. Visio Web Services ships with an extensive JavaScript library.  It is preferable to use this library to connect web parts as opposed to using web part connections because web part connections cause post backs.
  10. When defining a workflow in SharePoint Designer, if you select “Show Workflow Visualization on Status Page” check box, SharePoint will render a Visio Services view of the workflow and overlay the status of each workflow action.

SharePoint and Silverlight

The SharePoint and Silverlig
ht session was very code heavy, which wasn’t incredibly valuable to me.  Not that I have anything against code, obviously I do not, but I wasn’t going to be committing to memory hundreds of lines of code over a 1.5 hour period.  Still, I was able to pick up on some key concepts which made the session worthwhile.  First, the session validated my belief that Silverlight would prove to be a great technology moving forward with SharePoint as SharePoint portals become more and more locked down.  In other words, instead of deploying customizations that are server side, many client requirements can be handled through JavaScript or Silverlight and not require either sandbox solutions or farm solutions.  Here are a couple of key points I heard:

  1. Search for and install the Silverlight SharePoint extensions for Visual Studio.  They make it simple to incorporate your Silverlight into a SharePoint page for development.
  2. Silverlight has a technology called HTML bridging which allows the Silverlight application to modify HTML within the hosting page.  This was demonstrated by defining a ‘div’ on a page and then clicking a shape in the Silverlight app which subsequently added text to the div.  Pretty cool.
  3. The DataServiceQuery class can/should be used to query SharePoint OData services.
  4. Silverlight is able to take advantage of the rich SharePoint 2010 client object model, including the LimitedWebPartManager class.
  5. There is an issue with older ASMX web services which causes them to be incompatible with Silverlight.  As a workaround, a endpoint behavior has been developed and open sourced that will adapt the data types from the legacy ASMX web service to the data types expected by Silverlight.

Writing SharePoint Service Applications

This was another session that was really deep on implementation code.  I’m sorry, but I lose interest pretty quick in a session like this; really the slide deck becomes more important than what the speaker is saying.  It was useful though to get a feeling for the complexity level of writing a SharePoint custom service application.  Simply put – it’s a very high complexity level!

  1. In most instances, write a web service, not a service application.
  2. Write a service application when you want a unified management interface through Central Administration, want to take advantage of SharePoint’s backup and recovery features, want to take advantage of SharePoint’s round-robin load balancing.
  3. Creating a service application involves implementing a minimum of 5 classes.  Best to just go here and read up on it.

NuGet in the Enterprise

I’ve seen NuGet popping up everywhere lately, and was very interested in this session to learn more about its applications in an enterprise environment.  If you are not familiar with NuGet, read up here  In a nutshell, NuGet facilitates incorporating dependencies into your projects.  If you know anything about Java, think Maven repo.  Where it is different however is that it is not involved in your build like Maven is, but it does make it simpler to incorporate dependencies into your project and to upgrade dependencies within your projects.

Okay, so how about the “Enterprise” part?  What is great about NuGet is that while it is perfectly viable for you to go out and install packages from the public NuGet gallery, in most enterprise development scenarios you will want to have more control over what packages are being incorporated into projects.  NuGet provides the ability to stand up an enterprise NuGet server, either as just a simple “head-less” server or a rich, Orchard-driven gallery.  With this you can provide the ability to browse the NuGet gallery through a rich web interface.

It is important to note that while there is a NuGet Visual Studio extension, NuGet works perfectly well on a clean build server, and Jetbrains is working to incorporate the ability to integrate NuGet into TeamCity.  This is great news as many organizations will want the ability to build dependency packages within TeamCity and then publish those packages to the enterprise NuGet server.  You can accomplish this today using the command-line in your build definitions, but making TeamCity NuGet aware will facilitate integration quite a bit.

NuGet = good.  I will definitely be adding setting up a NuGet server to my list of things to do at the office.

Claims Identity and SharePoint

I will freely admit that I had next to no knowledge of Claims-based Authentication coming into this session.  I knew it was a radio-button I could select when provisioning a web application, and I knew that I didn’t want to use it, instead I wanted classic authentication.  That should have been my first clue that I had some homework to do.  Career tip – If you are presented with two options, one saying “classic” and one saying something else, learn what that other option means or risk extinction!  Classic cars are cool, classic* in technology is un-cool. 

There was a great analogy shared during this session with regard to what “claims-based” authentication means.  The presenter, and I apologize I didn’t take notes on who the presenter was, but in any event, the presenter said that on his Facebook page his hometown is listed as Chicago.  Now, he actually lives outside of Chicago in a suburb.  The fact this his Facebook page says his hometown is Chicago does not give him the ability to vote in Chicago elections because the Chicago board of elections does not trust Facebook as a claims provider.  Instead, the board of elections trusts the motor vehicle administration, and his driver’s license has his actual home address. 

What this analogy means is essentially you can setup SharePoint to trust the claims of other providers, whether they be consumer identity providers like Google or Live, external partners, etc.  Very powerful stuff which could definitely impact the way that extranets are architected and implemented.

Couple of key bullets:

  1. Claims are SAML-based.  While Active Directory Federation Services are likely to be the most common claims identity providers, any identity provider issuing a SAML-based claim is compatible.
  2. Claims authentication is based on Windows Identity Foundation.
  3. Additional information about claims authentication in general is available here
  4. SharePoint 2010 allows multiple authentication methods to be defined for a single zone.
  5. Trusted identity token issuer is added through PowerShell (most claims authentication management is done through PowerShell)
  6. SelfSTS is a utility that makes it easy to develop/debug claims authentication.
  7. SharePoint does not use the operating systems certificate store.  Certificates that are loaded into SharePoint are actually stored in SQL so that they apply farm-wide.
  8. Claims authentication impacts the behavior of the people picker.  Essentially, SharePoint does not know who is on the other side of the fence providing claims.  So if you wanted to say “Johnny Appleseed” from “ABC Corp” can
    access a given site, you would say in the people picker, “Any claim coming in where the e-mail address is can access”.  You cannot validate that “” is the correct e-mail address.  It is possible that through setting up a user profile crawl of an external LDAP server you may be able to get around this.  Need to do some research on that.

Automating Business Processes Using SharePoint, InfoPath Forms Services, and Word Services

This will likely not come as a surprise to many, but in my experience people are really embracing SharePoint for business process automation.  This isn’t necessary one of the features that I see widely touted about SharePoint, but InfoPath Forms Services and SharePoint’s out of box workflow support just begs for business process automation.  Gone are the days of writing departmental ASP.NET web apps for anything and everything (sniff, sniff).  This session had some great best practices for automating business processes in SharePoint.

  1. As mentioned previously, this session also really pushed using sandbox solutions and the client-side object model.  With Silverlight and JQuery we can finally truly push presentation out to the browser and not have this mix-match of services and presentation on the server.  Several sessions all highly recommended sandbox solutions, and to target solutions for Office365 compatibility regardless of whether or not you are actually deploying to the cloud.  This will ensure the least painful (read costly) upgrades and maintenance.
  2. Follow application lifecycle management even for out-of-the-box SharePoint business process automation.  What does this mean?  It means defining your process before implementing it.  Implementing the process in a non-production environment before moving to production.  Considering versioning impact on the process.
  3. I wholeheartedly agree with this one – when using business connectivity services, never connect directly to a SQL database.  Implement a web service and connect BCS to the web service.  This gives you the ability to enforce any business rules that may be required if write is enabled through BCS, logging, abstraction of the data layer incase things move around, etc.  Preferably you already have a service layer in front of the SQL database and can simply connect to that, but if you do not, go ahead and write one!
  4. Never use “Revert to self” authentication for BCS.  Revert to self uses the application pool identity of the web application to authenticate to the backend service.  It is much more secure to use passthrough authentication (the callers identity passes through to the backend system) or use secure store service to map the user to a credential for the backend system.
  5. Stay away from external list lookup columns.  If you implement these the data gets cached and whatever data the user who created the lookup column had rights to gets presented to everyone.  In other words, if Joe creates the lookup column and he has access to all rows in the table, but Ben is supposed to only see half of the rows, Ben will end up seeing all rows in the lookup column.  One workaround for this is to use InfoPath forms and use a secondary data connection to populate a drop-down instead of using a lookup column type.
  6. I didn’t realize there is an OpenXML SDK that can be used to generate a class for writing Word documents (
  7. As with other customizations in SharePoint, workflows should first be done using out of the box features.  If out of the box features cannot meet the business requirements then reusable custom activities should be employed.  As an absolute last resort create a custom workflow in Visual Studio.

Cross Organization Collaboration Using SharePoint Claims Authentication

Whew, this post is running a lot longer than I was expecting!  Must ….  Keep …. Typing! 

Anyway, this session was pretty similar to the earlier session on setting up claims authentication, but there were a few tidbits I picked up that weren’t in the other session:

  1. Office 2010 applications fully support claims-based authentication.  Office 2007 applications have some “gotchas”.  What those “gotchas” are were not explained, so I’ll have to do some research on this.
  2. Claims authentication enables SharePoint to use “consumer” ids like Facebook, Google, Live, etc.  The best practice when using consumer ids is to create a local unique identifier for the account and map the identifier to the consumer id.  This provides some flexibility in terms of being able to switch the consumer ID that is used for an account without it changing the underlying profile.

SQL Server “Denali” Reporting Improvements

So, SQL Server “Denali” will be coming out soon as a CTP, and man oh man, after seeing the improvements being made to reporting services and its SharePoint integration, I cannot wait!  Here are some of the highlights I heard:

  1. Native SharePoint service application integration.  No more bubblegum and duct tape integration, reporting services will be a first class SharePoint service application.  Microsoft is indicating performance improvements of 30-60% over SQL Server 2008 R2 SharePoint integrated mode.  In addition, configuration will be managed through Central Administration and logging will be through ULS.
  2. Self-service alerting.  Users will be able to setup alerts based on data contained in reports.  Very cool stuff.
  3. Ability to export as Open XML file formats.  Still no PowerPoint support, but a step in the right direction.
  4. One of the coolest things I saw was “Project Crescent”.  Think Report Builder meets Silverlight.  The intention is to enable end users to create their own reports right in the SharePoint portal using a Silverlight client and SQL Server Analysis Services integration.  The demo was incredibly impressive, can’t wait to kick the tires when the CTP comes out.

Alright, this is the part of the program where I start to get lazy Smile.  I attended another 5 sessions, but each of the sessions did not really have enough for me to start a whole new section here.  So, here is what I propose.  I’m just going to bullet out the couple random things picked up from each session in one list.  It’s not all that much, so it should be fairly easy to follow.  Let’s give it a try, and see what happens, shall we?

  1. MVC 3 supports HTML5 markup.
  2. With MvcScaffolding you can add your validation rules to your POCO classes and the scaffolding will generate the appropriate DB and web validation.
  3. Entity Framework 4.1 supports code first!  Hooray!
  4. Web forms is getting into the scaffolding scene also.  WebFormsScaffolding.  Does anyone still care about web forms?  Please Microsoft, next rev of SharePoint kick web forms to the curb so we can all put web forms out to pasture and wash the stink from ourselves.
  5. IISExpress enables you to have a nice lightweight usermode IIS that supports SSL.
  6. You can do HTML5 in SharePoint!  Make sure to remove the “meta” tag that says IE-Compat-8.  Just get rid of it.
  7. Couple ways of loading jQuery into ShareP
    oint:  Script link, Sys.loadScripts, Custom Action ScriptLink.
  8. Wasn’t aware of the following JavaScript function: _spBodyOnLoadFunctionNames.push() allows you to put something into the body onLoad from a content editor web part.
  9. Couple other cool bits of JavaScript:  SP.UI.Notify and SP.UI.Status give you the ability to do the cool yellow notifications or red status alerts in SharePoint.  SP.UI.ModalDialog is used to pop up a modal (duh).
  10. Wasn’t aware of Randy Drisgill’s starter master page for 2010:

Holy cow, I actually do not have any more notes!  So that was basically my week at TechEd.  I also worked in the 70-667 (SharePoint 2010 Configuration) exam and some time in the Exhibit Hall talking to various SharePoint component vendors.  Lots and lots of follow-on research to do, can’t wait!