governance of content, permissions & apps in sharepoint 2013
DESCRIPTION
Overview of governance and security of apps in sharepoint 2013, On Premises Apps store and Catalog, apps configuration settings. Session will also include detailed code examples using SharePoint 2013 of how to customize Permission Levels, Audit Settings, Portal Settings, Custom Content Organizer File Submission, Custom Record Center Router, Custom Expiration Formula & Action, Custom Tagging using Information Management Policy & Site retention in SharePoint 2013 governed by policies.TRANSCRIPT
GOVERNANCE OF CONTENT, PERMISSIONS & APPS IN SHAREPOINT 2013
Kashish SukhijaSharePoint Development Lead
Sony Network Entertainment
www.sharepointsummit.org
2
Kashish Sukhija
• SharePoint Development Lead – Sony• Based in San Diego, California• Expertise: Enterprise Content Management, Collaboration Strategy,
Governance, Migrations, Development, Architecture.• Education
• Doctorate in Business Administration• Masters of Science Computer Science• Bachelors of Technology, Information Technology
• Blog - http://spdevstore.com/blogs/• Codeplex – spreports.codeplex.com/• Twitter - @spdevstore• LinkedIn – http://www.linkedin.com/profile/view?id=15715591/
www.sharepointsummit.org
Agenda
3
SharePoint Apps Model
Setup SharePoint Environment for Apps
Apps Authorization & Authentication
Customize Permission Levels, Audit Settings & Portal Settings
Information Management
Information Architecture
Information Management policies
Apps Content
Governance
www.sharepointsummit.org
4
SharePoint Apps Model
Setup SharePoint Environment for Apps
Apps Authorization & Authentication
Apps
Governance
www.sharepointsummit.org
5
Types of Apps
SharePoint-Hosted App
Cloud-Hosted
SharePoint Hosted
Provider Hosted
Auto Hosted
www.sharepointsummit.org
6
SharePoint-Hosted App
SharePoint-Hosted App
SharePoint Tenancy SharePoint Web Server
SharePoint AppSite Collection
Start Page
HTML5CSS
JavaScript
www.sharepointsummit.org
Cloud-Hosted App
7
Cloud-Hosted App
Browser
Cloud App Web Server
Remote Web
Start Page
Start Page
HTML5CSS
JavaScript
Server-sideCode
SharePoint Web Server
SharePoint App
App Launcher
App Launcher
Database
www.sharepointsummit.org
8
Extension AppApp PartFull Page App
User Interface
www.sharepointsummit.org
9
http://app-bdf2016ea7dacb.contosoapps.com/sites/DemoSite/DemoApp
App ID
AppPrefix
App Domain
Host Web URL
App Name
www.sharepointsummit.org
10
SharePoint Apps Model
Setup SharePoint Environment for Apps
Apps Authorization & Authentication
Apps
Governance
www.sharepointsummit.org
11
Site Subscription Settings ServiceApp Management Service
SharePoint App Services
• App Instance Metadata
• App Security Principals
• App Permissions
• App Licensing
• Tenancy Management
• Site Collection Mappings
www.sharepointsummit.org
12
Configuring SharePoint for Apps
Configuring DNS
Creating an app tenancy
Configuring app URLs
Configuring SSL
Configuring Redirect Web Application
www.sharepointsummit.org
13
Apps Distribution
Custom Deployment
Office Store
Corporate App Catalog
www.sharepointsummit.org
14
SharePoint Apps Model
Setup SharePoint Environment for Apps
Apps Authorization & Authentication
Apps
Governance
www.sharepointsummit.org
15
AppPrincipal
User Principal
www.sharepointsummit.org
16
Context Token
www.sharepointsummit.org
17
External App Authentication
Types of Authentication
Using S2S High-Trust
Internal App Authentication
Using OAuth
www.sharepointsummit.org
18
OAuth for cloud-hosted apps
www.sharepointsummit.org
19
On-Premises Farm
S2S Trust Architecture
X.509 CertificatePublic Key
SharePointWeb Server
SharePoint Web Server
TokenIssuer
X.509 CertificatePrivate Key
SharePoint Web Server
1
2
3 4
www.sharepointsummit.org
20
App Authorization Policies
App Only
User Only
App + User
Anonymous
An
on
ym
ou
sA
pp -
Only
App +
U
ser
Use
r-O
nly
21
Start Authentication
User CredentialsProvided?
Does access Token contains user identity?
User Authentication
Set up call contextWith user-only identity
App Authentication
Set up call contextWith identity app and user
Does call targeta App Web?
Does call carry an access token?
App Authentication
Set up call contextWith app-only identity
App Authentication
Set up call contextUsing anonymous access
End Authentication
Yes
Yes
No
YesYes
NoNo
No
www.sharepointsummit.org
22
App Permission Requests
Manage
Read-Only
Write
Full Control
www.sharepointsummit.org
23
App Permission Request Scopes
List
Site Collection
Sub Site
Tenancy
www.sharepointsummit.org
24
App Metadata
App domain of the app
Client ID of the app
Display Name of the app
www.sharepointsummit.org
25
AppManifest.xml
www.sharepointsummit.org
26
TokenHelper.cs
www.sharepointsummit.org
27
Customize Permission Levels, Audit Settings & Portal Settings
Information Management
Information Architecture
Information Management policies
Content
Governance
www.sharepointsummit.org
28
Enforcing Decisions
Portal Settings
Group Permissions
Audit Settings
Designer Settings
Search Settings
www.sharepointsummit.org
29
Customize Permission Levels, Audit Settings & Portal Settings
Information Management
Information Architecture
Information Management policies
Content
Governance
www.sharepointsummit.org
30
Information Management
Information management is the governance of information in an enterprise to maximize the information’s usability and manageability.
www.sharepointsummit.org
31
Customize Permission Levels, Audit Settings & Portal Settings
Information Management
Information Architecture
Information Management policies
Content
Governance
www.sharepointsummit.org
32
Information Architecture
Managed Metadata
Social Computing & Collaboration
Structure of the Site
Business Intelligence and Business Data
Search
www.sharepointsummit.org
33
Customize Permission Levels, Audit Settings & Portal Settings
Information Management
Information Architecture
Information Management policies
Content
Governance
www.sharepointsummit.org
34
Information Management Policies
Document Labels Policy
Expiration Policy
Auditing Policy
Document Bar Codes Policy
Site Retention Policy
www.sharepointsummit.org
35
Policy Architecture
www.sharepointsummit.org
36
Policy Feature
• A policy feature is an assembly or other piece of code that provides content management functionality to Microsoft SharePoint
• Install a valid Policy Feature Definition into the Policy Feature Definition List. You can do this by calling the Add method of the PolicyFeatureCollection class.
• Implement the IPolicyFeature interface
www.sharepointsummit.org
37
IPolicyFeature Interface
• Register()• UnRegister()• OnCustomDataChange()• OnGlobalCustomDataChange()• ProcessListItem()• ProcessListItemOnRemove()
www.sharepointsummit.org
Summary
38
SharePoint Apps Model
Setup SharePoint Environment for Apps
Apps Authorization & Authentication
Customize Permission Levels, Audit Settings & Portal Settings
Information Management
Information Architecture
Information Management policies
Apps Content
Governance
www.sharepointsummit.org
39
Resources
TechNetGovernance resource center
http://technet.microsoft.com/en-us/sharepoint/ff800826.aspxGovernance features
http://technet.microsoft.com/en-us/library/cc262287.aspxPlan for Software Boundaries
http://technet.microsoft.com/en-us/library/cc262787.aspx SharePoint Server 2010 Governance Model
http://go.microsoft.com/fwlink/?LinkId=200533SharePoint 2010 Governance Planning
http://go.microsoft.com/fwlink/?LinkId=197150Implementing Governance on SharePoint 2010
http://go.microsoft.com/fwlink/?LinkId=201195SharePoint Server 2010 Governance Resources
http://go.microsoft.com/fwlink/?LinkId=197150
Blog http://spdevstore.com/blogs
LinkedInhttp://www.linkedin.com/profile/view?id=15715591
Email – [email protected]
Questions & Answers
Thank you for your attention!This presentation will be available on the Vancouver
SharePoint Summit web site a few days after the event.
Please rate this session!Fill out the survey and get a chance to win a Surface