In the first part of this series on SharePoint 2010 infrastructure considerations for Amazon EC2, I introduced the AWS platform and took a closer look at storage, snapshots and provisioning. In the second post I moved on to networking and cloning. In this third post I will discuss administration, delegation and licensing.
Author: Tristan Watkins
SharePoint 2010 Infrastructure for Amazon EC2 Part II: Cloning and Networking
In my previous post I introduced some of the peculiarities of designing SharePoint 2010 environments for Amazon’s EC2, specifically focused on the AWS platform, storage, snapshots and provisioning. In this post I continue this exploration, moving on to cloning and networking considerations.
Continue reading “SharePoint 2010 Infrastructure for Amazon EC2 Part II: Cloning and Networking”
SharePoint 2010 Infrastructure for Amazon EC2 Part I: Storage and Provisioning
The Amazon Web Services (AWS) have been around for a while now but there’s been surprisingly little use or abuse in the SharePoint community, from what I’ve seen. A notable exception to this is Andrew Woodward’s novel and interesting approach to Exchange BPOS migration via Amazon EC2. But that doesn’t talk much about SharePoint on Amazon, so in these posts I’ll give an introduction to the design constraints that pertain to SharePoint 2010 development environments on EC2. Even if the Amazon Web Services aren’t appealing, a lot of the issues discussed here will apply to consumption of other Pay-As-You-Go infrastructure services, presumably including the forthcoming Windows Azure VM role AKA Hyper-V Cloud. In this first post I focus on the platform, storage, snapshots and provisioning.
Continue reading “SharePoint 2010 Infrastructure for Amazon EC2 Part I: Storage and Provisioning”
User Profile Service Connection and Slow First Page Load
I’m presently running some quite methodical SharePoint 2010 development environment performance tests, as we’re finding that the Dell XPS M1330 we’ve been using for the last few years doesn’t really cut it in some scenarios. This has been an on-going issue for some time where I work, but it’s only recently been prioritised at the top of my workload. That it is now my top priority should give some indication how important these issues are for any company that spends significant time customising SharePoint. I’ll be discussing this wider project in more detail once I’ve finished my testing in the next couple of weeks, but for now I wanted to share a provisional finding about connecting Web Applications to the User Profile Service Application.
Continue reading “User Profile Service Connection and Slow First Page Load”
Bit Rate Throttling Fix Released
A couple of weeks ago I posted information about a Fix For Bit Rate Throttling W3WP Crashes in SharePoint 2010. A few hours ago, Jack Freelander from IIS.NET announced that IIS Media Services 4.0 has been released, including this fix. This is just a quick post to update that the fix has passed Beta, in case anyone was waiting on the final release before diving in.
I still have yet to find the time to test this myself, but I’d be very keen to hear about your experiences – good or bad. Failing that, I hope to get back to this in the next couple of weeks.
Fix For Bit Rate Throttling W3WP Crashes
Over the Summer, we dove deep in to SharePoint 2010 for WCM when we re-launched our corporate website. As I mentioned the other day, I spent a decent amount of time looking at caching and some of the new supporting technologies, like Bit Rate Throttling, an IIS.NET extension to IIS 7.x – part of the IIS Media Services 3.0. package that also includes Smooth Streaming. Bit Rate Throttling is like when you watch a YouTube clip and it only buffers a short time in advance of what you’re watching, also known as Progressive Download. In Microsoft’s words, Bit Rate Throttling is…
“…an IIS 7.0 extension that meters the download speeds of media file types and data between a server and a client computer. The encoded bit rates of media file types such as Windows Media Video (WMV), MPEG-4 (MP4), and Adobe Flash Video, are automatically detected, and the rate at which those files are delivered to the client over HTTP are controlled according to the Bit Rate Throttling configuration.”
It basically saves you bandwidth by only transferring what you’ve watched plus a small, configurable buffer. Think about each user that starts watching a ten minute video but only watches one minute. In that time, they may have downloaded five minutes of content – quadrupling the bandwidth consumption unnecessarily. Bit Rate Throttling shares some user experience characteristics with Streaming Media, but it works on a normal web server over HTTP. It’s really quite a simple tool and I won’t devote space here to explaining it when the IIS.NET site already has some great content, including a brief introductory video. Definitely check it out.
So why am I writing about it?
ASP.NET Padding Oracle Fix and Risks
As most SharePoint, security and .NET professionals will know by now, a hotfix for the Padding Oracle vulnerability in ASP.NET was released out-of-band on Tuesday. A live TechNet Webcast with a Q&A was held with Dave Forstrom, Director, Response Communications and Dustin Childs, Senior Security Manager. I’ve put together these rough notes from that webcast, as I think this information needs to reach a wider audience.
This is intended to be a (very) rough guide to the webcast content, and I make no claims about the accuracy – I’ve purely attempted to repeat a small portion of what was discussed on the webcast – some of which was covered very quickly. If any of this is of particular interest, I suggest watching the webcast. I’m primarily interested in motivating people to apply the patch while repeating some of the considerations that should be… considered before doing so.
Save Behaviour in SkyDrive and Office Web Apps
Being the good SharePoint advocate that I am, I recently tried out the Office Web Apps in SkyDrive (Windows Live) for collaboration with my wife (primarily expenses spread sheets, etc). I’ve always found Google Docs to be lacking in many ways and I wanted to get more experience with the Office Web Apps since I typically use the full Office 2010 client at work. Despite a few annoyances, we were getting on reasonably well, especially since it’s free. I needed to crack a document open in the full version of Excel 2010 to format in anger once, but this is an acceptable compromise for a free, web-based document store.
Fast-forward to the other day and my wife decided to use the Office Web Apps to draft a document rather than using Microsoft Works or Open Office (the other options on her home laptop). Despite some slow responses periodically, all seemed to work well, or so she thought until she got in to work the next day and opened up a blank document.
Continue reading “Save Behaviour in SkyDrive and Office Web Apps”
BLOB Cache, HTTP 304 Results and F5/Refresh
A few months ago we launched a new website on SharePoint 2010. One of my main foci on the project was performance and caching is one of the most effective ways to achieve that for a WCM solution. We enabled Output, Object and BLOB caching, configured exclusions as necessary and were quite pleased with the results, especially since issues with BLOB Caching in 2007 have been resolved in 2010.
A few weeks later I was demonstrating these approaches when it was pointed out that we were getting lots of 304 responses. They occurred with each request for a previously-downloaded BLOB Cached asset (more detail added below). Basically, I overlooked the max-age attribute in the BLOB Cache web.config settings. By default, this attribute isn’t present in the web.config file and I simply missed it. Adding this attribute eliminated the 304 results and the caching configuration was complete. Or so we thought.
Edit to provide more detail on the 304 status and Max-Age
A 304 response is a File Not Modified status (not an error), in this case indicating that the browser is making (potentially) surplus checks for each previously-downloaded BLOB Cached file. The max-age attribute gives the file a lifetime in the client’s browser cache in order to reduce these update checks. To be clear, the BLOB Cache stores large objects on web servers to reduce database traffic, but those objects can be served with a max-age attribute that will determine the object’s lifetime in the client’s browser cache. A max-age value of “14400” means that browsers will cache the file for four hours before checking for an update. This means that updates to BLOB Cached content may become stale if this value is set too high. A common value would be “86400” (24 hours) but we were satisfied with the balance at four hours. In our case, making this update has not yielded a perceptible increase in performance with the current levels of traffic, but it’s the sort of thing you want to set appropriately in order to optimise things and to allow the environment to scale.
Continue reading “BLOB Cache, HTTP 304 Results and F5/Refresh”
User Profile Picture and Certificate Trusts
In my post yesterday on User Profile Picture Export Permissions I reviewed the requirements to export the SharePoint PictureURL profile property to the Active Directory thumbnailPhoto user attribute. Where I left off, I had identified a certificate error on our SSL-secured MySite’s wildcard certificate. You may recall that the User Profile synchronisation exported the mobile number property successfully. Given that this mobile number was updated by the end-users though the same MySite host as the User Profile picture, you may wonder why one exported successfully if there were certificate errors that interfered with the other.
Fundamentally, it’s irrelevant that this data was updated by these users in their MySites. The property could have been updated by an administrator in the User Profile Service Application. However, it appears that the User Profile export is not just exporting the URL as a string, it is actually copying the image on export; the User Profile Service Application is browsing to the SSL-secured site to pick up the image and writes it to the user’s thumbnailPhoto attribute. In this post I’ll review the evidence and explain the additional certificate trust configuration required to export an SSL-secured User Profile picture.
Continue reading “User Profile Picture and Certificate Trusts”