SQL Server and SharePoint

The More You Know the Better Off You Are

written by
David Walker
© Copyright Quest® Software, Inc. 2008. All rights reserved.

This guide contains proprietary information, which is protected by copyright. The

software described in this guide is furnished under a software license or
nondisclosure agreement. This software may be used or copied only in accordance
with the terms of the applicable agreement. No part of this guide may be
reproduced or transmitted in any form or by any means, electronic or mechanical,
including photocopying and recording for any purpose other than the purchaser's
personal use without the written permission of Quest Software, Inc.

WARRANTY

The information contained in this document is subject to change without notice.

Quest Software makes no warranty of any kind with respect to this information.
QUEST SOFTWARE SPECIFICALLY DISCLAIMS THE IMPLIED WARRANTY OF THE
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Quest Software
shall not be liable for any direct, indirect, incidental, consequential, or other
damage alleged in connection with the furnishing or use of this information.

TRADEMARKS

All trademarks and registered trademarks used in this guide are property of their
respective owners.

World Headquarters
5 Polaris Way
Aliso Viejo, CA 92656
www.quest.com
e-mail: info@quest.com

Please refer to our Web site for regional and international office information.

Updated—April 3, 2008

WPD-TheMoreYouKnow-111208-AG
CONTENTS
INTRODUCTION ..........................................................................................1
THE EXPANDING ROLE OF THE SQL DATABASE ADMINISTRATOR (DBA) .......................... 1
FROM SQL DBA TO SHAREPOINT ADMINISTRATOR .................................................. 1
SharePoint is Growing.............................................................................. 1
Why Should the SQL DBA Become a SharePoint Administrator? ..................... 2
SHAREPOINT OVERVIEW ............................................................................3
INTRODUCTION ............................................................................................. 3
THE SEVEN CORE POINTS OF SHAREPOINT ............................................................ 4
Platform Services .................................................................................... 5
Collaboration .......................................................................................... 5
Portals................................................................................................... 6
Enterprise Search.................................................................................... 6
Enterprise Content Management (ECM) and Web Content Management (WCM) 6
Business Forms and Business Process Management (BPM) ............................ 7
Business Intelligence ............................................................................... 7
BECOMING A SHAREPOINT ADMINISTRATOR: WHAT YOU NEED
TO KNOW ....................................................................................................8
SIMILARITIES IN SHAREPOINT AND SQL SERVER ADMINISTRATION ............................... 8
DETERMINING THE BASE ARCHITECTURE FOR A SHAREPOINT DEPLOYMENT ....................... 8
Single Server Architecture ........................................................................ 9
Small Farm ............................................................................................ 9
Medium Farm ....................................................................................... 10
Large Farm .......................................................................................... 11
BEST PRACTICES ......................................................................................... 13
CONCLUSION ............................................................................................ 14
ABOUT THE AUTHOR ................................................................................. 15
ABOUT QUEST SOFTWARE, INC. ................................................................ 16
CONTACTING QUEST SOFTWARE ....................................................................... 16
CONTACTING QUEST SUPPORT ......................................................................... 16

i
 White Paper

INTRODUCTION

The Expanding Role of the SQL Database

Administrator (DBA)

For many Microsoft SQL Server professionals “dependency creep” has already taken
place. If you haven't experienced it yet, consider yourself lucky, but don't be
complacent and think that it won’t happen to you. More than any other IT
specialists, as a DBA you need to be prepared for what your companies and clients
have begun requiring of you. You need to be always looking forward and preparing
for the next wave of technologies and requirements for our profession.

While your responsibilities center around the database family of products and
include such technologies as OLTP, data warehousing, reporting services,
specialized database engines, and different platforms, you are beginning to have
responsibilities in various application suites, such as SharePoint. Typically, this push
begins with management recognizing the need for, say, a SharePoint administrator,
and determining that the proficient DBA/SQL Server professional is the most logical
person to handle these new responsibilities. We will discuss how this is to your
advantage and how you can proactively seize this new opportunity

From SQL DBA to SharePoint Administrator

SharePoint is Growing
During the Q&A session at the end of his keynote address at the Convergence
conference on March 15, 2007, Microsoft CEO Steve Ballmer stated that
“SharePoint is the definitive OS or platform for the middle tier.” And in fact,
multiple sources have declared SharePoint to be “Microsoft’s fastest selling product
of all time.”

All of Microsoft's products, especially the Enterprise Server product line, are heavily
investing in SharePoint as the means to deliver information easily and quickly. It
has quickly become the new "digital dashboard." SharePoint has easily become the
central repository for knowledge management and document repository. With the
additional features of versioning and workflow, it has made plain old network file
storage very antiquated quickly.

1
SQL Server and SharePoint

Why Should the SQL DBA Become a SharePoint

Administrator?
A number of factors make SQL Server professionals the logical choice for serving as
SharePoint administrators. First, SharePoint is based on and its core functionality is
derived from SQL Server. During the first versions of SharePoint, Bill Gates was
even quoted as saying SQL Server and SharePoint would become more intertwined.

It is easy to see how all of Microsoft's products will begin to utilize the features
SharePoint has to offer. Microsoft SQL Server Reporting Services is the first and
"lowest hanging fruit" for us, the SQL Server professionals. But it is only the beginning.
SharePoint administration has the same base requirements as that of the SQL Server
DBA. Performance optimization, backup, restore, and recovery are fundamental to
both SQL Server and SharePoint. Just like any other SQL Server implementation, in
times of high traffic load or availability, the usage of SQL Server mirroring and
clustering becomes necessary. We will continue to dig deeper into other areas where
our experience as SQL Server DBAs and professionals make this a smooth and optimal
transition, but first let’s look at the details of SharePoint itself.

2
 White Paper

SHAREPOINT OVERVIEW

Introduction

The most recent version of SharePoint actually consists of two different versions:
Windows SharePoint Services (WSS), which is a free add-on for Windows Server
2003 and newer, and Microsoft Office SharePoint Server (MOSS), which is the
enterprise edition built on top of WSS. MOSS includes more features and greater
functionality than WSS. The graphic below shows the SharePoint technology stack
and how the various layers are built on top of each other, from Windows Server
2003 all the way up to Microsoft Office SharePoint Server Enterprise Edition 2007:

For your convenience, the chart below provides a breakdown of SharePoint’s

capabilities and features, along with the versions that include them:

CAPABILITIES WINDOWS OFFICE OFFICE

SHAREPOINT SHAREPOINT SHAREPOINT
SERVICES 3.0 SERVER 2007 SERVER 2007
STANDARD ENTERPRISE
EDITION EDITION

Platform Services X X X

Collaboration X X X

Portals X X

Enterprise Search X X

3
SQL Server and SharePoint

CAPABILITIES WINDOWS OFFICE OFFICE

SHAREPOINT SHAREPOINT SHAREPOINT
SERVICES 3.0 SERVER 2007 SERVER 2007
STANDARD ENTERPRISE
EDITION EDITION

Enterprise Content X X
Management (ECM)

Business Forms and Business X

Process Management (BPM)

Business Intelligence X

The Seven Core Points of SharePoint

Every discussion about SharePoint begins with the familiar seven point wheel or pie
chart showing the seven core points of SharePoint, shown below. I will discuss
these core points in more detail in the following order:

1. Platform Services
2. Collaboration and Social Networking
3. Portals
4. Enterprise Search
5. Enterprise Content Management (ECM) and
Web Content Management (WCM)
6. Business Forms and Business Process Management (BPM)
7. Business Intelligence

4
 White Paper

Platform Services
Platform Services provide the foundation for SharePoint. Like the services of the
Microsoft SQL Server product line (Analysis Services, Reporting Services, etc.),
Platform Services consists of multiple capabilities. The Microsoft Office SharePoint
Server makes the entire feature areas described above function as one integrated
and holistic application.

• Security Trimming ensures that you see only the content and links to
content that you have permission to see, even in search results, ranging
from individual content items to entire sites. It utilizes groups and policies,
along with a wide array of authentication providers, including Active
Directory, Kerberos, NTLM, basic, LDAP, ASP.NET Forms, and web single-
sign on.
• Search extends across all areas of MOSS and other enterprise applications
when they are configured to take advantage of the Business Data
Catalog feature. These services include the server-side applications for
Microsoft Excel and InfoPath, as well as site-specific and site-wide recycle
bins that aid in content recovery.
• Storage capabilities allows for a complete document management system
with easy storage of practically any document type with version control,
approval workflows, metadata, search, administration, quotas, and
retention policies.
• Site Model provides a consistent user interface, automated navigation,
and a template-based infrastructure for customizations, site formatting,
and deployment.
• Server Topology Management provides a highly flexible and scalable
distributed architecture that enables you to isolate and configure various
services on specific servers and easily deploy applications across multiple
web and database servers.
• Workspaces Management allows for easy collaboration across
documents, projects, and more. It even provides a simple environment
that allows multiple users to work on the same document until it is ready
to be published.

Collaboration
MOSS provides out-of-the box functionality for a wide range of collaboration
features: announcements, events, issue tracking, task lists, calendars, blogs and
RSS feeds, wikis, discussion boards, document, slide, and picture libraries,
contacts, surveys, e-mail and Outlook integration, and offline documents.

All of the built-in and custom-configured features include configurable security

trimming, version control, workflow approval processes, and e-mail alerts.

5
SQL Server and SharePoint

Portals
Wikipedia defines a portal as “a framework to provide a single point to a variety of
information and tools,” while an Enterprise portal is described as “a framework for
integrating information, people, and processes across organizational boundaries.”
With its long list of built-in features and functionality and its ability to tightly
integrate with Microsoft Office, MOSS can easily be the single entry area for all
information and content, along with easy integration with other third-party and
custom applications.

MOSS also optionally allows all you to have your own private site. This allows for
depth personalization and audience targeting. You can easily share information with
others, making that data accessible anywhere internet service is available.

Enterprise Search
MOSS not only searches all content in the SharePoint site; it can also be configured
to search other web sites, files on a file share, any database content, and any mail
on an Exchange or Lotus server.

Search can be easily filtered, and it can also make suggestions for misspelled words.

Enterprise Content Management (ECM) and Web Content

Management (WCM)
Enterprise Content Management (also known as Document Management) provides
you with complete functionality to author, create, version, audit, workflow-approve,
and publish documents with item-level security. Recycle bins protect documents
from accidental deletion.

Web Content Management enables you to enter and edit content (sites, text,
images, etc.) without writing any code. Master Pages and Page Layouts are used to
customize how the web site looks. Site columns, content types, and workflows can
all be shared for reusability.

6
 White Paper

Business Forms and Business Process Management (BPM)

SharePoint enables the easy automation of key business processes and business
process management with its built-in support of workflow templates that can
automate routing, approval, review, and archiving processes. The ability to create,
maintain, customize, and analyze custom workflows produces automation and
collaboration, from simple employee vacation request forms to complicated
business processes.

MOSS includes InfoPath Services, so you can view and edit forms, simple or complex,
without having to have the InfoPath application installed on your own machines. With
the appropriate permissions levels, you can even create your own forms, thanks to a
Form Library specifically designed to store InfoPath forms inside of SharePoint . The
United States Marine Corps has implemented SharePoint to improve the administration
of their tasks and processes, all without the help of a single developer (see
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleI
d=9024819&source=rss_topic16).

As this article mentions, the Federal Aviation Administration (FAA) has saved over $7
million, with $3 million in travel costs alone, after their deployment of SharePoint,
which started with 50 users and has grown to 27,000 users and a 600 GB site.

Business Intelligence
Business intelligence applications and reports have become a high priority for many
organizations. MOSS supports business intelligence through built-in web site
templates for connecting to external data sources and applications (such as SQL
Analysis Services and SQL Server Reporting Services) for reports and data. The
Business Data Catalog (BDC) is one of the most interesting features of MOSS. It
provides the functionality to link to data stores, whether they are third-party or
custom applications, including search results and direct linking to their individual
applications as well. The data is not duplicated on the MOSS server but results are
still real time.

MOSS includes Microsoft Excel Services, which allows you to view spreadsheets via
html without requiring Excel on their local machines, providing extra security for
formulas. Moss also supports key performance indicators, so MOSS can provide a
central location for real-time reports, spreadsheets, and KPIs with their built-in
dashboard template.

7
SQL Server and SharePoint

BECOMING A SHAREPOINT ADMINISTRATOR:

WHAT YOU NEED TO KNOW

Similarities in SharePoint and SQL Server

Administration

SharePoint and SQL Server architecture and administration responsibilities are

similar in many ways. Both platforms share the following features related to
determining optimal configuration:

• Data access: internal, public, external

• Data capacity planning for performance, preventing data corruption, and
accidental overwriting of data.
• Estimation of capacity: number of users, concurrency, number of
operations, peak operational hours, etc.

Security similarities include:

• Intranet, public, and extranet

• Authority to create new sites, personal sites, etc.
• Integration with Active Directory

Typical maintenance includes the following:

• Establishing policies and schedules for data backups

• Establishing storage quotas
• Establishing policies and schedules for data archival

Determining the Base Architecture for a SharePoint

Deployment

First and foremost, SQL DBA expertise can be beneficial in simply determining the
base architecture for a SharePoint deployment. Fundamentally, this choice is based
on the actual needs of the company, end user, and client, but two simple questions
can help with the decision:

• What kind of hosting is needed: intranet only, extranet, or internet

accessible?
• What are the main objectives of the site: document storage, collaboration,
or communication?

Architecture choices include single server, small farm, medium farm, and large farm,
as explained below.

8
 White Paper

Single Server Architecture

Single server architecture should be used only when there are only a few users. A
single server runs all WSS 3.0 components and services (IIS–web rendering, SQL
database content store, search, and indexing), so installation and management are
easy. But because everything is on a single server, this architecture is not scalable.

You can access the server by simply adding your Windows account to the server. As
a built-in feature of WSS 3.0, the capability for doing this automates regular
backups, but a specific backup schedule requires a scheduled task and the
stsadm.exe command-line tool.

Small Farm
Small farms include components scaled to two tiers, a WFE and a database server.
This topology is good for organizations that keep data in SQL Server for scalability
and centralized management.

Small farms have the following characteristics:

• Components are scaled to two tiers

• A dedicated SQL Server stores content
• A web front-end server hosts the web applications

One of the disadvantages of a small farm is lack of redundancy: there is only one
WFE server, so if the database or WFE server goes down, the data becomes
unavailable. You also have to wait during server patches, maintenance, or reboots.

9
SQL Server and SharePoint

Small farms are comparatively cheap to set up and maintain. However, if you have
to expand them, more resources should be available. This topology is ideal for
multiple teams or departments who have outgrown a single server.

Medium Farm
Medium farms include components scaled to three tiers: a WFE, a dedicated
database server as a back end, and a dedicated search server for indexing (because
the amount of data being indexed would overload the WFE server).

Medium farms have the following characteristics:

• Components are scaled to three tiers

• SQL can be included as a back end in an infrastructure that supports a
clustered or mirrored SQL Server back end because SQL Server can have a
large amount of data
• They support extranet deployments

Maintaining the SQL Servers requires more resources and more hardware than a
small farm, along with a dedicated database administrator who has the knowledge
and experience to set up this sophisticated and fault-tolerant structure.

This topology is ideal for medium to large organizations where users require
storage space, a search mechanism, and extranet deployments.

10
 White Paper

Large Farm
Large farms include components scaled to three tiers with multiple dedicated
application and service servers. A large farm has a failover at the front end with
multiple web servers that have load balancing.

Large farms have the following characteristics:

• They support:etwork load-balanced web front-end servers

• Multiple SQL clusters are used for database storage
• They are ideal where database availability is critical

A large farm has more than one search server to crawl through data, and multiple
SQL clusters for storing data. Large farms require more resources, including people,
money, and hardware. But they have a higher fault tolerance than smaller farms,
which is critical to some organizations. This topology is ideal for large organizations
that require higher database performance, enhanced storage space, and availability
of data at all times.

11
SQL Server and SharePoint

Large farms do present same concerns regarding perimeter security. First, the
perimeter network should have its own domain. The domain controller and other
domain infrastructure computers, such as DNS and DHCP, must be able to
communicate with one another and should be in the same domain as the WSS 3.0
servers—both WFE and database.

The perimeter domain should have a one-way trust with the corporate domain to
ensure that corporate accounts can be used for WSS 3.0 authentication but not the
other way around.

If SharePoint sites need access to internal corporate resources, they should use the
perimeter network domain accounts. But, like any other corporate intranet security
account, large farms are at a greater risk of attack from an intruder.

12
 White Paper

Best Practices

Your focus should be on the ways to secure WSS 3.0 servers rather than on
configuring SharePoint group or user accounts. The following are security-related
best practices for SharePoint.
Much like SQL Server, SharePoint uses a typical port configuration; to expose
SharePoint outside a firewall would mean to expose it on the router, firewall and/or
ISA server. Since SharePoint is a web application, it uses the typical ports: 80 for
HTTP, 443 for HTTPS (HTTP + Secure Socket Layering), and 25 for SMTP. Of
course, security can be increased by changing the default port numbering. If an ISA
server is used, remember to reverse the proxy settings configuration so that the
host header can still be communicated to the SharePoint server, since this is used
to resolve the actual application requested on the web front end.
As with SQL Server, the time to expand the architecture, hardware, or farm is
determined by the usage utilization. The number of web front end servers greatly
depends on the usage pattern and number of users. Are the users simply
performing read transactions, or do they need read/write transactions?
You should place Web site files and folders on a dedicated disk volume. The default
path for the same is [systemroot]\Inetpub\WWWroot. You can move the files and
folders to a separate volume to restrict access to system operations.
You should create separate accounts for each Web application—IIS application
pool identity.
You should configure IIS server logging to store logs on a non-system
striped/mirrored volume for increased performance. IIS logs can include
information such as who has visited a site and what each visitor viewed. This
information can be used to assess content popularity, identify information
bottlenecks, or to help investigate attacks. Logs such as W3C Extended Log File
format, ASCII, or ODBC are stored in a SQL database.
You should secure well-known accounts by renaming the administrator and guest
accounts at the domain and server levels. Also, ensure that you use long,
complex passwords.
As with any server, you should also disable unnecessary services such as FTP,
SMTP, and NNTP.
You should use group policies to enforce security. Then you should use the Security
Configuration Wizard to create a group policy. Place WFE servers together in their
own domain organizational unit (OU) and apply this policy.
You should deploy and maintain antivirus and antispyware software within the
organization. You also need to keep computers updated with updates and hot fixes
from Microsoft.
You need to restrict anonymous access. If anonymous access is needed, add deny
access control entries to the access control list (ACL) of key programs and folders
for the anonymous access accounts

13
SQL Server and SharePoint

CONCLUSION
Your experience as a SQL Server professional provides you with the most sought-
after and highly valued skills required of a SharePoint administrator. Don't be
scared. Embrace these new Microsoft technologies because "The More You Know,
the Better off You Are."

14
 White Paper

ABOUT THE AUTHOR

David Walker is an accomplished IT professional with more than
15 years of experience of software development, server
configuration and web site development. He is currently a
Technical Specialist in the Microsoft Practice Area for The Revere
Group, an NTT Data Company, where he is focused on enterprise
and content management systems. David is also a current board
member for INETA as the Vice President of the Speakers Bureau,
the current President of the Tulsa Developers NET user group, founder and
President of the Tulsa SQL Server Group and Tulsa Java Developers Group, and the
Vice-President of the Tulsa SharePoint, and a member of Quest’s Association of SQL
Server Experts.

15
SQL Server and SharePoint

ABOUT QUEST SOFTWARE, INC.

Quest Software, Inc. delivers innovative products that help organizations get more
performance and productivity from their applications, databases and Windows
infrastructure. Through a deep expertise in IT operations and a continued focus on
what works best, Quest helps more than 50,000 customers worldwide meet higher
expectations for enterprise IT. Quest Software can be found in offices around the
globe and at www.quest.com.

Contacting Quest Software

Phone: 949.754.8000 (United States and Canada)

Email: info@quest.com
Mail: Quest Software, Inc.
World Headquarters
5 Polaris Way
Aliso Viejo, CA 92656
USA
Web site www.quest.com

Please refer to our Web site for regional and international office information.

Contacting Quest Support

Quest Support is available to customers who have a trial version of a Quest product
or who have purchased a commercial version and have a valid maintenance
contract. Quest Support provides around the clock coverage with SupportLink, our
web self-service. Visit SupportLink at http://support.quest.com

From SupportLink, you can do the following:

• Quickly find thousands of solutions (Knowledgebase articles/documents).

• Download patches and upgrades.
• Seek help from a Support engineer.
• Log and update your case, and check its status.

View the Global Support Guide for a detailed explanation of support programs,
online services, contact information, and policy and procedures. The guide is
available at: http://support.quest.com/pdfs/Global Support Guide.pdf

16