SharePoint 2010 Records Center Greatly Improved

So far I am very impressed with the new Records Center site definition and architecture of SharePoint 2010.  Some of the new features include:

  • New and informative page for administering the Records Center (allows newbies to work with the record center easily)
  • Routing Rules based on submitted record properties (not just the content type anymore) – COOL
  • Routing to a different site (not just on the Records center site only anymore) – NICE
  • Routing Priority (allows for more complex routing scenarios)
  • Retention expiration can be based off of the typcial fields (ModifyDate, CreateDate) and a new one called "Declared Record" (when it was defined as a record)
  • On Expiration has the following actions:
    • Move to Recycle Bin
    • Permanently Delete
    • Transfer to Another Location
    • Start a workflow
    • Skip to Next Stage
    • delete Previous drafts
    • Delete all previous versions

At a farm level you can:

  • Configure Send To Connections by Web Application (versus Farm in 2007)
  • Allow multiple send to Connections
  • Three options on "Send" event (Copy, Move, Move and leave link)
  • On submission, the final "resting" place is returned for the item

Nice changes!

Async Web Parts in SharePoint 2007/2010

Some of you may have seen my tweet:  "#sp2010 web parts have a new "AJAX Options" in the tool pane, u can enable "Asyncronous refresh" for each web part. Be careful w this!"

Why?  It reminded me of a little known fact when creating async tasks server side with web parts.  You should watch out for the asnyc page loading of web parts because of this setting in the web.config file:

In SharePoint 2007, WebPartWorkItem has default setting of 7000ms.
In SharePoint 2010,  guess what!  The WebPartWorkItem section is GONE (even though a sectionhandler still exists)!  What the default is these days…who knows!?!  I'm guessing it is still 7000ms.

Anything registered with RegisterWorkItemCallback will be included in the timeout (can cause later web parts to error if a previous web part uses it all).  It is described in an article hidden waaaayyyy down in the bowels of MSDN:

Again, be careful with this when running async operation on the server – convert as much as you can to Client Object Model (AJAX)! 

Now, let me tell you, *most* web parts in SharePoint 2010 are being loaded via AJAX,  this means no more annoying full page refreshes of each web part on a page, we can refresh them separately from each other!  Sweet!


SharePoint 2010 BCS/BDC Schema changes

When migrating your BDC app def files, here are some changes I found so far, also I have attached the 2010 BDC Schema (please note this is beta version):

  • Root element must be:
    • <Model xmlns=""   Name="AdventureWorksSample">
  • A <LobSystems> element must wrap your <LobSystem>
  • Your Entities are now partitioned to namespaces (have to add the Namespace attribute) 
  • Your Entities are versioned now!  (have to add the Version attribute)
  • More strict second level validation rules attribute IsCollection must be "false"
    • SpecificFinder should only return one thing, not sure I like this or not
    • A SpecificFinder cannot have the "IDataRecord" Wrapper anymore, you must remove this extra level!
    • Forces the creations of a new singleton method with possibly the same parameters (breaking one of my dev rules [don't copy and paste]…hmmm)
    • You will have to move your default values to the correct methods (don't copy paste your method definitions unless you want to waste ALOT of time)
  • In relationship/association methods, you must specific the IdentifierEntityNamespace of the related entities
  • Association is no longer at the rear of the file, it is specified as a subElement of MethodInstance of Method of an Entity
    • Namespace attriubute must be on SourceEntity and DestinationEntity

If you really don't want to deal with this, send a tweet at Lighting Tools for an automated conversion tool called BDC Metaman!


ACS SharePoint 2010 Courseware Release Schedule/Beta Program

This is the email I just sent out to the Training world.  If you would like to participate in the beta courseware program, drop us an email!

Dear Training Colleagues,


ACS just returned from the SharePoint 2009 Conference in Las
Vegas!  The NDA’s are now lifted and SharePoint 2010 is coming fast! 
Are you going to be ready for it? 


Here is a set of things you can do to get prepared for one
of the hottest and most anticipated Microsoft releases in a very long time!


Upgrade one of your classrooms to run updated

o   All
64-bit machines

o   At
least 8GB of memory

o   You
will need at least 60-75Gb of free space for the multiple images (2-3 images
with diff drives)

o   You
will need to run Hyper-V (Server 2008+) or Sun Microsoft Systems (Virtual Box) to run the 64 bit host


We are aware of the gaps in the current MOC
courseware and have defined 3 courses that we will be refreshing.  Our
plan is not to compete against MOC at the same level, but simply supplement it
with materials that will be needed with the April release of SharePoint
2010.  These will be courses that you can start promoting to your

o   Please
note that these will not be loaded into the CWLibrary to begin but with time
will be available for you to gain MVR credits.


Become part of the ACS beta courseware program:

o   We
will give you access to the courseware before the product launches so you can
get your trainers up to speed. 

o   You
will be required to sign an NDA in order to gain access to our course outlines
(we should have these available end of this week) and the beta training
materials (available end of Jan 2010).

o   Partner
selection will be done this week to all interested parties.

o   You
will be allowed to run the course to a select few students before the April
release (Feb time frame, NOTE:  no other competing training providers
are offering this!).  Please note this will be based on the public Nov.
beta release of SharePoint 2010 and the revised RTM materials will be available
approximately April 2010).


We look forward to working together to generate revenue off
SharePoint 2010 next year!


As always, thanks!

Chris Givens

CEO, Architecting Connected Systems


SharePoint 2007/2010 Security

I'm CISSP, computer science dude.  I can hack your computer, steal your credit card numbers and social engineer you all day long.  So when I say SharePoint is not secure, I mean it.  Case in point:

  • PROOF #1 – Any DBA can dump the contents of your content database by default in 2007 AND 2010.   Reference this blog post:
  • PROOF #2 – Web Application policy can be setup to give "Full Control" to anyone the Central Administrator decides to (including him or herself)
  • PROOF #3 – Site Collection Admins are "God" when it comes to the data in the Site Collection
  • PROOF #4 – Development = Production odds are less than 5% (once you give the developers the database backup, that's it, they own the content)
  • PROOF #5 – Ignorance kills your SharePoint – Removing certain blocked file types can cause security holes.  Reference this blog post:
  • PROOF #6 – Blind public deployments of SharePoint to the internet (the _vti_bin problem).  Reference this blog post:

Are these bad things, technically no if you trust the people you have assigned to each role.  But keep in mind, social engineering is a powerful foe!

How does You/I/SharePoint 2007/2010 fix this?

  • FIX #1 – 2007/2010 – Implement IRM/DRM – this encrypts your files and locks them down no matter where they will go (covered in my 50149 operations course)
    • Search has to be setup to have read access across the IRM domain
  • FIX #2 – 2007/2010 – Implement custom actions or event receivers to encrypt the documents when they are "added", "checked in", decrypt on "check out"  (covered in my 50064 course)
    • Prevents SQL DBA's from PROOF #1
    • Problem is, you lose functionality (workflows are "Added", which means the files are encrypted – DOH!, search can't index your content)
  • FIX #3 – 2010 only – implement an encryption RBS (watch for this in my future courses)
    • Things are awesome,  content is encrypted in data store, Search is setup with Read permissions through SharePoint – LIFE IS GOOD, until someone (like me) social engineers your IW staff to give me what I want
  • FIX #4 – build some kind of scrub routine on your content database before you give it to your developers
    • Hard to do given the structure of the content database, but possible if everything is tagged with content types/meta data (easier to do in SP2010)
  • FIX #5 – Don't remove things from blocked file types unless you really know what you are doing!
  • FIX #6 – Don't blindly deploy your internet website using SharePoint, reduce your hacker footprint as much as possible!

In reality, there is no security in this world.  Sorry…am I fair to pick on SharePoint, no, no matter what platform you choose, same issues will exist!


Windows Azure MessageBus for consumption by SharePoint 2010?

I recently tweeted:

"Azure needs to
have a message bus for Social Computing Activity Streams with a common
auth (LiveId/OpenID) and BizTalk like plugs…#DREAMIN"

But I have no doubt that it is going to happen. It will be a massive MSMQ (message queue) in the cloud with BizTalk like adapters that will allow us to send our "Encrypted" messages with routing info (very similar to the current EDI platforms today), but rather than EDI, we are free to choose our format other than a routing message on the top of it!

This all sounds familiar though right?  I just mentioned EDI, a very condensed text/tab based format for sending data.  Problem with EDI, proprietary networks that have high entry costs and lets face it, UGLY.  Will it continue to live?  Yeah, for a few more years at least.  What will it give way to?  XML has taken it's fair share for the past 10 years, more likely…JSON formatted messages?  Definitely not XML, some of you may have seen my tweet "Web Services RIP (1999-2009)".  It was funny, and some people didn't like it too much, but unfortunately…its TRUE.

What else sounds familiar?  Oh, only the fact that it has been done elsewhere too, Mastercard, Visa, and American Express have the largest transaction systems in the world.  Trillions of dollars of transactions (and similar number of transaction counts) occuring everyday!  At a previous company we even tapped into the massive network of transactions (hence why I know how to get your credit card number) to pump messages into the systems.  We built memory based databases and built a massive message bus that accepted messages and routed them for processing by multiple subscribers, super cool stuff!  We even did object oriented database rather than the older relational forms (another long blog post).

What makes this time so different?  People.  Social Computing has opened the eyes of individuals to be able to "brag" through "ego" about what they are doing.  And it may not be all "ego", but pretty close.  So now we can see the concept of "Activity" streams being built around everything we do!  Every time we purchase something, start our car, make a phone call, all our every day events will be able to be pumped into the message queue in the sky for subscribers to be able to "plug" into and watch our every move!

Thanks to innovative applications like Facebook, they have paved the way for every new application to have a concept of "Activity" streams in ATOM format where these message are going to be bought and sold to the masses for behavior analysis! 

And so on to our best friend SharePoint 2010.  SharePoint 2010 has an "extensible" activity stream.  This stream will allow every application you touch, to "pump" messages into the stream queue for people to monitor!  Imagine if you will, every system you work with inside your company pumping status messages back about you.  Are you doing your job?  Your activity stream says you aren't!  Thinking what I am thinking at this point?  Lots of applications, both good and bad will come of this. 

From a user standpoint, activity stream data will be VERY sensitive.  From an "Application" standpoint, if we are to say that a user in SharePoint is an "Application", then activity streams create a whole new world of possibilities!

If companies simply stick to a user is a user for their streams, we may start to see government step in soon and limit the types of things that WILL start to happen with the technology.

Insightful eh? Enjoy!


Nice name fix in SharePoint 2010

You can now put pretty much anything in the name of a site, list and list item now.  It will HTML Encode your text instead of putting it straight into the database like in SharePoint 2007!  Way to go SharePoint Team!

You even have validation on the list items!  How cool!


This was the old problem:   MSDN



SharePoint 2010 Features (New and upgraded) – The good stuff!!!

As I promised, here are all my tweets ( on new stuff in SP2010:

Update (12/4/2009)

  • UserProfile join to BDC can only use "integer", use to be able to use "string"
  • XLViewer.aspx has lost some properties
    • RowsToDisplay, ColumnsToDisplay
  • Crawl Rules can "Follow regular expression syntax" or can "Match case"
  • Crawl Rules have more authentication options
    • Client certificate
    • Form credentials
    • Use Cookies
  • Host Distribution Rules – allows you to distribute crawl loads across multiple crawl databases (have to have more than one crawl database)
  • Crawler Impact Rules – allows you to stagger crawling for specific content sources
  • Federated Locations – has a set of preloaded locations (one points to Bing)
    • Multiple supported authentication models for federated search results
  • Scopes – No "Update Now" button, forced to wait for timer job to run (every 20 minutes)
  • Single Sign On APIs are now deprecated, you must implement new interface ISecureStoreProvider
    • NOTE: there is no provider in the beta, so SharePoint Designer and custom apps can not utilize the Secure Store as of yet
  • Lots of bugs in BCS/BDS so far, worth waiting till another beta build to test things
  • InfoPath has two pieces to it now
    • InfoPath Designer – menus and controls have moved, plan on spending some time to find things!  When in doubt, go to the "File" ribbon menu item
    • InfoPath Filler
  • When working with Custom Authentication, Visual Studio uses the Framework directory, SharePoint uses the Framework64 directory, this means changes should be applied to BOTH machine.config files!
  • TimerJobs can be assigned to various servers in the farm, this means we can have more than 10 web applications in our farm
  • Content Deployment has lost some features
    • Quick Deploy is gone
    • Validation of Site Definition for deployment path is more strict, it must now match not only the Site Definition, but the actuall configuration too  (STS#0 != STS#1)
    • Catch 22 loop occurs for stuff that worked back in 2007, recommend waiting till next beta comes out to test
  • Information Rights Management requires the new Active Directory Right Management Server.  The older Windows Rights Management server will not run with SharePoint 2010
  • The new BETA version of ForeFront 2010 security for sharepoint is out.  The older ForeFront will not work.  There are bugs in both SharePoint and Forefront that will keep you from being able to test them

Update (11/6/2009)

  • Sharepoint Designer 2010 generates Infopath instead of aspx forms for action tasks…that's awesome!!!
  • Sharepoint
    2010 "build dynamic string" action is now set to "displayonly" instead
    of "all", means it doesn't show up n workflow action list
  • Sharepoint designer 2010 Workflow – "Assign to do" action, has a "workflow lookup for a user" option…cool! – means you can now build runtime dynamically assigned todos

Update (11/5/2009)

  • Trace log file limiter (can limit based on GB size)
  • New Impersonation step in sharepoint designer workflows (will run as workflow creator)
  • New Workflow Source items for workflow usage:
    • Workflow Context
  • No backup/restore features with SharePoint Designer!  YES!
  • SharePoint Designer 2010 beta does not have the "Connect to another library" for data sources 🙁
  • Sharepoint Designer 2010 does not have the ability to do reports (files, shared content, problems, usage)
  • SharePoint Designer 2010 has the Visual Studio code snippet feature now!
  • SharePoint Designer 2010 has smart/locked editing to keep end users from screwing things up!
    • Editor and Advanced Editor mode

Update (11/4/2009)

  • There are ~2X as many classes and interfaces in 2010 object model versus the 2007 object model (and I thought it already had everything!)
  • SharePoint Designer 2010 allows users to create "custom actions" (call
    form, call url, workflow) on a list!  Now that is cool!
  • Ability to edit built in workflows with SharePoint Designer
  • Import and Export workflows from Visio

Update (11/3/2009)

  • New Site Definitions:
    • GroupBoard workspace (for tracking people and resources)
    • Vision Process workspace (for managing process documents in Visio – US and Metric based)
  • Site Collection Analytics includes Inventory reports for:
    • Storage Usage
    • Number of Sites
    • Number of Lists
    • Number of Libraries
    • and more…
  • Site Collection Custom search scope update time went from 60 secs to 4 days, wonder why?
  • Site Admins can create customized reports for site usage using Excel
  • Team Site Navigation links can now open in new browser window!
  • Team Site Navigation links can now be targeted at audiences!
  • New InfoPath webpart allows u 2 display InfoPath forms easily (must be published as content type and attached to library)
  • New Chart viewer web part allows you to point as lists and build a chart on a list column values…NICE!

Update (11/2/2009)

  • 5 Themes selectable for your sites
    • Users can customize a select few items with own colors
    • You can preview the theme before you apply it
  • Colleague Tracker can track on:

    • Birthdays and anniversaries

    • Profile property
    • Social Tagging
    • Note Board Posts
    • Authored Blog
    • Authored Document
    • Shared Pages
    • Out of Office Status
    • Membership changes

Update (10/30/2009)

  • You can click "Run Now" on all timer jobs…dangerous…liked it better the old way
  • Granular control of My Site Host (create it first, then setup My Sites in farm)
    • requires to to create the managed path "personal" (if that's the name you want anyway)
  • Site Def removes "Top Sites", possibly for social tagging features replacement
  • Instead of "My Site" its now "My SharePoint" – personal right? Has the following links:
    • My Tags and Notes
    • Tag or Note this Page
    • Add SharePoint Tagging to Browser
    • Recently Tagged Pages
    • Recently Noted Pages
  • New "Status" for your profile (similar to Twitter, Facebook, myspace)
  • My Site Alerts:
    • Notes on profile
    • Add of colleague
    • Suggested Colleague (I'm seeing facebook ex suggestion problem creep up here – don't have relationships with co-workers!)
  • My Site Profile Delegation
  • Profile properties are metadata based – AJAX autocomplete like features!
  • Sharepoint profile properties can be clicked to take you to FAST people search for matching profile properties
  • Same rules apply in 2010, a user must have a profile before you can add as a colleague and "follow"
  • Not only Users can have profiles, but you can create Organization profiles
    • Organization hierarchy's can be built
    • Organization can have a central team site
    • Organization can have members and leaders
    • At least one organization must be tied to a "manager"
    • New organization's can be categorized under other org's

Update (10/29/2009)

  • Item level Audience Targeting (but only with "Document" content types)
  • Document ID service assigns unqiue IDs based on a start string you specific at a site collection level (only with "Document" content types)
  • Content Rating at an item level (but doesn't process right away – timer job *sniff*)
  • Wiki site definition has moved to the "Publishing" tab and is called "Enterprise Wiki"
  • No more Internet vs. Intranet Publishing Site Definitions, only a single Publishing Site Definition
    • This is good, the def has removed Document Center, Reports, News and Sites sub sites from it (very bad practice in the previous site defs)
  • Site Definitions can have visibility features via the VisibilityFeatureDependency attribute (Site Def won't show up until you have a certain feature turned on)
  • Records Center site definition is redesigned, much more intuitive for beginners to figure out how to setup Records Routing and Holds!
  • Information Management Policies are enforced by Content Type on all lists by default
    • You can break this and revert to the old style of applying to all items in the list but new way is the right way!

Update (10/28/2009)

  • BDC schema changes were made, your app def files will need to be migrated:  Ref this post 
  • Not all lists get the new Ribbon (Picture Library, Survey)
  • Project Tasks can have predecessors (force completion of tasks before others finish)
  • Two new columns in a #sharepoint 2010 list (Item Child Column count and Folder Child Count), check em out!

Update (10/27/2009)

  • SharePoint 2010 Activity Stream is extensible (multiple applications can pump messages into stream)
  • Office on SharePoint server (2008 R2) still won't let you save back to document library (no WebDav)
  • 2nd level recycle bin seems to have problems 🙁
  • #sp2010 web parts have a new "AJAX Options" in the tool pane, u can enable "Asyncronous refresh" for each web part. Be careful w this!
  • SharePoint 2010 web part HTML is being loaded via AJAX,  this means no more annoying
    full page refreshes of each web part on a page, we can refresh them
    separately from each other!
  • The folder icon
    on side of a site is just waaayyy 2 cool, navigation from the current
    sub folders all the way up the site collection…dang!
  • Nice, #sharepoint 2010 explorer view won't let you drag into the root of the web! Love it!
  • Adding
    files via Explorer view will leave them checked out when required
    fields are present!  Users must check in and add the fields!

Update (10/26/2009)

  • Validation on Site/List/ListItem names – invalid characters are checked!
  • Access database to complete Site/List/ASPX pages via Access Services
  • You can modify the built in workflows using SharePoint Designer 2010
  • SPD Workflow can be tied to content types
  • SharePoint Designer can now use InfoPath forms for workflow forms (Init, Assoc, Task)
  • Visio diagrams can be linked to external data and refreshed on SharePoint Sites
  • "Hold" document in ANY library, not just Records Center
  • Document Sets allow execution of a single action against multiple documents (reduce repetitive work)
  • Social computing – Activity Streams
  • Visual Studio does token replace on Public Key Token Evidence in your files!
  • You can create your own services to host in SharePoint (although we aren't sure why you would want to do this!)
  • SP2010 adds new WebAdd and ListAdd event receivers
  • Async Remote PowerShell command interface is VERY cool
  • RBS allows you to implement real encryption in SharePoint!
  • Web services = OUT, REST/AJAX/JSON = IN (RIP Web Services 1999-2009)
  • You can have Basic Validation on List Columns (still no Regular Expression in SharePoint!)

While @SPConf (10/19/2009) – when NDA curtain dropped:

  • "Save site as template" now outputs a WSP which imports into VS 2010 as a new project!
  • Did u know when all svc r enabled, u will have 19 new databases in #sharepoint 2010? Yikes! Hire a great DBA!
  • New password expire notification n #sharepoint 2010 for svc accounts!
  • New #sharepoint organizationprofileservice.asmx can be used n ur own apps, not just the silverlight web part!
  • SSP goes away; rest based SVC. #SharePoint 2010 is 'cloud ready' This IS the future. All services impl as WCF – SOA baby!
  • You can convert ur taxonomy term store objects to json in #sharepoint w built n converters, default json max size is 5mb 
  • New WCF httphandler in #sharepoint 2010 #spc09 finally getting away from old web services
  • New Microsoft.SharePoint.Taxonomy.dll is great! Will help with a lot of advanced setups!
  • Reporting svcs is integrated into #sharepoint 2010, no add-in install, new MS charting controls r free and cool lookin : thank god!
  • U can recover content from old cdb backups using central admin!!!
  • U can now backup #sharepoint site collections, sites and lists from central admin…no stsadm/powershell!
  • SMS messaging can be setup for alerts, invites and notifications, gotta have service prov account
  • Content database timer jobs can be config to point to specific WFE servers to run…more web apps can be created now!
  • You can now setup a failover database server very easily for ur content databases in #sharepoint 2010
  • You can now pump log file data to a database server rather than just a "log" file…finally! 
  • New built in taxonomy features will make building ur information architecture so much easier in #sharepoint 2010!
  • You can now have multiple "send to" records center links in #sharepoint via central admin…YES!
  • New sandboxed applications will make sure bad apps don't take ur #sharepoint servers down! Bad developers! 😉

Updates (afternoon)

  • Workflows can be scoped to Site level, not just list level (and globally reused from designer)
  • Transacted deletes and other changes with lists (finally some level of transactions)!
  • Event handlers get post-synchronous events!
  • Client Object Model can batch commands to send to server (and supposedly from non-SP machines)
  • SharePoint Search will use phonetic and multi lingual comparisons to find your documents

More exciting stuff to come!


All the new SharePoint 2010 Designer Actions and Conditions

Here is a list of all the new actions in SharePoint 2010 / Designer 2010:

SharePoint Foundation:

  • Pause until date
  • Send Document to Repository
  • Add/remove/replace/inherit list item permissions
  • Find interval between dates
  • Extract substring from (end, index, index with length) string
  • Error Message
  • Persist on Close Activity
  • Set workflow status

SharePoint Server:

  • Assign item for feedback
  • Assign item for approval
  • Send Document Set to repository
  • Set conten approval set for document set
  • Capture a version of the document set
  • Lookup manager of user
  • Append Task
  • Reqeust a change
  • Delegate task
  • Escalate task
  • Forward task
  • Insert task
  • reassign task
  • rescind task
  • wait for item changed
  • wait for item deleted
  • declare record
  • undeclare record
  • delete previous versions