SharePoint 2007 administration part III: web application administration

This is the third post in a six-part series on SharePoint 2007 administrative commands. The first part was an overview and the second covered Farm administration. This part covers web application administration, which is carried out in SharePoint Central Administration. These administrative functions are carried out by farm administrators, but scoped at the application level rather than across the entire farm.

Application Creation/Extension

Set up a new site/application in IIS or configure a new zone for an existing application

Remove SharePoint from IIS Web Site/Delete Web Application

The opposite of above

Define Managed Paths

Add/Delete explicit paths. Define Wildcards.

New Site Collections can only be created at available unused explicitly defined paths, or beneath wildcards. If new Site Collection creation will require approval  by Central Administrators, explicit paths will need to be created for new Site Collections. If Site Collection creation is delegated, wildcards will need to be provided in order for Site Collection creators to have a location to create their new sites

General Settings

Default Time Zone

Select a default time zone

Default Quota template

Select a default storage quota template for new site collection creation. See part II of this series for more information on storage quota template creation. Note: storage templates can still be specified during Site Collection creation – this merely sets the default quota template

Person Name Smart Tag and Presence Settings

Enable: yes/no

Maximum Upload Size

Define the maximum upload size in megabytes, up to two gigabytes


Enable/disable alerts for the web application. Specify a maximum number of alerts per/user, if desired

RSS Settings

Enabled/disable RSS feeds for the web application

Blog API Settings

Turns On/Off the API, which allows blog posts from client tools, like Word 2007. Also configure acceptance of user name and password from the API

Web Page Security Validation

Turns validation on/off and sets validation expiration in minutes, or to, “never”. Note: this is not the same as the SSP “Session State”, which is used in some MOSS applications, and is reviewed in more detail in part II of this series

Send User Name and Password in E-Mail

Specifies whether to send users their user name and password by e-mail. This may be convenient, but may breach security policy

Backward-Compatible Event Handlers

Turns on/off backward-compatible event handlers, which will only be applicable to WSS 2/SPS 2003 event handlers in the transition period following an upgrade

Change Log

Specifies change log event retention in days

Recycle Bin

  • Turns the recycle bin on/off for all sites within a web application
  • Specifies first-stage deleted item retention in days
  • Specifies the second stage recycle bin at 1-500% of storage quota

Note: site collections are created with a storage quota template, which specifies maximum storage available, so site second stage recycle bin retention is controlled by a combination of the storage quota applied to the site collection and the percentage of live site storage allocated to the secondary recycle bin

Manage Content Databases

Add new content databases to an application. Take content databases on/off-line (which controls new site creation within the databases, rather than taking the database offline as one would do in SQL server). It is sometimes preferable to create new site collections in their own (or new) content databases. This on/off-line functionality can aid that process, although there are better ways to manage this from the command line

Web Application Features

Activate/Deactivate features scoped at the web application level. Features can also be scoped at the farm, site collection or site level

Blocked File Types

Manage blocked file extensions per application

Information Management Policy Usage Reports


  • Enable/Disable Information Management Policy Usage reporting for the web application
  • Schedule recurrence
  • Specify report location
  • Specify default or custom report template

Alternate Access Mappings

Assign up to five distinct zones, each consisting of one or more “internal URLs” per-Load Balanced, or “Public URL”. The public URL is the address which links on pages and in address bars are rendered in. Note: there can also be multiple host-named site collections created within the default zone (with STSADM only) and the default zone must be the most secure, as users who cannot be associated with a zone are automatically authenticated with Default zone policies

Application Security

Security for Web Part Pages

Allow/prevent users to create connections between web parts. Allow/prevent users to access the online web part gallery

Self-Service Site Management

Enable/Disable self-service site creation at the top-level web site. Specify requirement for secondary contact

User Permissions

Specifies which list, site and personal permission settings are available for selection within a web application. This is not an assignment of permissions to users or group, but management of the availability of permission settings to the web application

Web Application Policy

Assign Full Control, Full Read, Deny Write or Deny All permissions, per zone, to users or groups. This can be particularly useful if exposing read-only content to an extranet site, for instance

Authentication Providers

  • Specify Authentication providers
    • Basic Authentication
    • Integrated Windows Authentication (NTLM or Kerberos)
    • Forms Based Authentication (FBA)
      • LDAP
      • ADAM
      • SQL Membership Provider
      • Any other ASP.NET 2.0 Authentication Providers
      • Note: no FBA authentication providers are provided with WSS out of the box. These need to be sourced/written independently
    • Web Single Sign-On (SSO)
      • MOSS-only
  • Enable/Disable anonymous access (this setting allows site administrators to allow anonymous access, it does not automatically enable it where authorisation has already been configured). Disabling anonymous access removes this option
  • Enable/Disable client integration features (FBA does not support client integration features until WSS v3/MOSS 2007 SP2, so this setting can be used to prevent unexpected behaviour in earlier versions)

Workflow Settings

Enable/disable user-defined workflows. Manage Workflow task notifications for internal and external users

Site Use Confirmation and Deletion

Enable e-mail notifications to owners of disused site collections or set automatic deletion after a number of unanswered confirmations

Document Conversions


  • Enable document conversions for a web application
  • Specify a document conversion load balancer
  • Schedule conversion timer jobs
  • Manage availability to document libraries, time-out, retry and file size settings for installed converters, including the following by default:
    • InfoPath to Web Page
    • Word to Web Page
    • Word with Macros to Web Page
    • XML to Web Page

One thought on “SharePoint 2007 administration part III: web application administration”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.