February 02, 2008 
To manage overload of WFEs and slower services, you can move services to a different server. For example, you can stop the WSS 3.0 search indexing service on the WFEs and move it to a third server.
You can dedicate specific roles to servers so that there is more memory available for storage. Adding more servers enables quick processing of user requests.
You can use the SharePoint Central Administration site to remove servers. For a farm, you can click the Remove Server link. For a single server installation, you can use the Control Panel.
If you remove the server that is running the central administration service, you will lose the SharePoint Central Administration site. To install it again, run the SharePoint Configuration Wizard again.
You can use the SharePoint Central Administration site to assign different roles to servers.
To configure the services running on a server, click the Operations tab in SharePoint Central Adminitration. Next, click the Servers In Farm link to display. This shows all the servers in the farm and the services for each server. You can configure any or all of these services.
Search
To start the search service, open the Operations tab. Select the server on which you want to start the search service.
In the Service Account section, enter the user account that you want to use. This account must be a domain user account that is not in any security group. You should then use the principle of least privilege and choose an account that has no administrative privileges on the WFEs or the back-end database servers. You can use the user account that you specified as the WSS version 3 service account. Just make sure you use the least privilege when using that account.
The user name must be in the DOMAIN\username format.
In the Content Access Account section, you need to set the user account that you want to use to crawl content on the sites. The recommendations for this account are described in the previous paragraphs.
Email service
You can use any SMTP server. For incoming email, enable Directory Management Service. If using the SMTP service, specify the email address for receiving messages.
Timer Jobs
WSS 3.0 performs several tasks regularly:
-
Backups
-
Monitoring site quotas
-
Updating indexes
Some system-generated tasks, such as disk quota warnings, can be disabled.
Alternate access mappings
Users access WSS 3.0 sites by using different URLs for intranet and extranet. The links and URLs displayed to the users should match the zone from where they are connecting. Use the Operations tab in SharePoint Central Administration to set up altnerate access mappings.
Outbound URLs allow users to access your Web application. Specify all zones on the Edit Public URLs page. If you have a load-balanced configuration with a host name, you can add the host name to the Internet URL for the Default zone. For extranet, you must implement the firewall feature and specify routing to the WSS 3.0 server for external users.
You require an intranet zone other than the machine name if you want to use the intranet name as the load-balanced URL between two or more Web front-end servers.
The incoming URL is http://servername:portnumber. For load-balanced farms, you must add the server name of each WFEs to the list of internal URLs.
You must also make sure that the zone you select for the incoming URL matches the zone of the outbound URL for the load balancer. You can have multiple incoming URLs associated with a single outbound URL with the same port number.
-
The default zone is the default administrative zone.
-
The Internet zone has the Internet URL mapped with the default URL. The intranet zone has the intranet URL mapped with the default URL.
-
The custom zone defines customized URLs required for redirection of public requests to the Web application.
Usage Reporting and Security Settings
-
To configure logging settings, you must enter thresholds for logging a system event, implement usage statistics, and use the Best Practices Analyzer tool.
-
To manage security configuration settings, you must modify the user accounts of Web applications and services, configure virus-scanning options for the farm, and add users to the farm administrators group.
Configuring Logging and Reporting
For diagnostic logging, you can view event logs with the Event Viewer in Windows or the Web Event Viewer in SharePoint Central Administration. Event Viewer allows checking the log of multiple servers.
Diagnostic logging can help figure out problems on several servers and with the databases on those servers. If you use a file path for logs other than the default, you must make sure that directory path exists before you change the settings.
You can configure usage analysis logging in SharePoint Central Administration in the Operations area. Configure the start and end times for early morning or late evening to ensure a full day of reporting. You can store usage reports in SQL databases to allow SQL Server Reporting Services to generate better reports.
Security settings
When creating a Web application, you must specify a Windows or domain user account that the Web application’s Application Pool will use to access resources. You might need to change this account occasionally depending on how it can access resources. You can do this in SharePoint Central Administration site instead of IIS Manager.
You can configure WSS 3.0 to scan documents on the server before users download them. Microsoft Forefront Security can be used for this.
SharePoint administration group is a Windows domain group that can perform SharePoint Central Administration tasks. Members of the physical server’s local administrators groups always have full permission to administer WSS 3.0. However, the SharePoint administration group cannot administer the server, extend virtual servers, manage paths, and use the stsadm.exe command-line tool. This group cannot change the SharePoint administrative group membership or the configuration database settings.
Global settings for a Web application
Set the global settings on the Web Applications General Settings page in SharePoint Central Administration.
Person Name Smart Tag and Presence Settings allow you to see if people are online and initiate a chat with them using WSS 3.0.
You should keep the maximum number of alerts that a user can create at 20.
Blog API settings allow users to update their blogs through third-party applications. You should specify that the user name and password should be accepted from the API.
Security validation is relevant if your site has extranet users using basic authentication to access WSS 3.0. This setting makes sure that users are reprompted for their password if they leave their computers unattended for a specific length of time.
You enable Backward-Compatible Event Handlers when you need to reuse the event handlers you wrote for SharePoint Portal Server 2003 (SPS 2003). After you upgrade from SPS 2003, you might want to use the event handlers for a specific workflow. These event handlers create a workflow that adds an item to a task list when a document is added to a document library.
To save space on the server, set the change log to save entries every five days, instead of the default 15 days.
To save space on the SQL server, change the Recycle Bin to keep deleted items for seven days, instead of the default 30 days.
Types of managed paths
Managed paths allow administrators to declare URLS that WSS 3.0 controls. A managed path is the folder location in the URL tree of a WSS 3.0 server. The path provides the virtual root for creating site collections. If you don’t have this virtual root, every site collection must have its own virtual server. With managed paths, you can also divide site collections into different groups for better navigation.
Each application has two managed paths: root and /sites.
Included managed paths: WSS 3.0 manages the content for that path by capturing the request and translating the URL into a database location. WSS 3.0 gets the data from the content database.
-
Explicit inclusion - WSS 3.0 manages only that path and no path subordinate to the root path.
-
Wildcard inclusion - WSS 3.0 manages all the paths subordinate to the root path.
Excluded paths: WSS 3.0 does not manage the path–and does not capture the request. For example, custom ASP.NET pages displayed in Page Viewer Web Parts can show content from an external system. Although you can save the ASP.NET files in a folder on the server, while excluding that folder from running as part of WSS 3.0. This means that the files in the URL path do not work with SharePoint.
Managing content databases
Content databases are managed at the site collection level. Web applications can have several site collections and several content databases. In general, you need to limit the number of top-level web sites that users can create in a content database. If a content database runs low on allocated storage space, you can create a new database on the same web application.
Guidelines to follow are:
-
When creating a new database, specify the database server. The content of a new site is added to the database with the most free space.
-
You must define the database server for the content database. If you choose a different server other than the original one, the Application Pool identity account requires the Database Creators and Security Administrators role on the database server.
-
Total number of sites = the total disk space is divided by the estimated size of the space occupied by each site. Divide the disk space by the quota limit, if quotas are used.
-
You must reserve buffer space, the difference between the warning limit and the maximum size allowed for each site. The server’s Microsoft Windows NT® event log records when the limits are reached.
-
When a content database reaches the maximum number of sites, no new sites can be created. You can still add content to the existing sites.
-
When a content database is deleted, the site data stored in that database is not removed.
Removing a web application from a farm
Different ways to remove WSS 3.0 from a server:
- Remove WSS while preserving content,
- Remove WSS and the content from a virtual server,
- Completely uninstall Windows SharePoint Services completely.
You can use SharePoint Central Administration or stsadm.exe.
Administering WSS 3.0 sites
You can use two different tools to create sites:
- Self-Service Site Creation feature
- Use server administrator privileges
You must create a top-level site at the root level of the site collection. You do this in SharePoint Central Administration on the Application Management page.
If you enable Search visibility, unauthorized users will see restricted content in their search results. Moreover, if you set advanced permissions on pages within a site and enforce indexing of these pages, you may break certain permissions. This will enable unauthorized users to see restricted content in their search results.”
Additional web applications and site collections
SharePoint Central Administration can administer several web applications.
Create a new web application when you need the following:
-
URL independence,
-
Database independence,
-
Application pool/security independence.
Each site has its own Web address on the front end and stores data on a different SQL server. The Web applications run on different application pools so that if one application fails, the other applications continue to run.
However, after you create new Web applications, you must make sure that you add the new applications to the same IIS server. This exposes the new web applications on one or more host headers. Different host headers allow Web applications to have different FQDNs (Fully Qualified Domain Names).
You must have new Web applications isolated from the existing one for content that is easily managed. Each Web application has its own content database that allows you to move them to other servers easily, create backup schedules, or host the database on a separate SQL Server.
You can also add a Web application by backing up and restoring the existing Web application. You should make a copy of the content database of the “old” Web application, and attach the database to the new Web application.
You can also create a copy to ensure that even if the new Web application crashes for some reason, nothing happens to the existing Web applications on the same server.
You can only have one root site per Web application. Creating more Web applications with different host header values allow users to access different sites on the same server. If the application pool on one site fails and one site is not available, users can still access the site that is running.
A Web application can contain several site collections that are combined with managed paths.
For example, your Web application could use the host header, http://wss with a managed path for people who are external users of your intranet.
You can create several site collections in the same managed path for different people. This establishes a relationship between the sites.
Adding additional web applications and site collections
When creating a web application, you also include a separate configuration database, authentication method, and unique URL. You must create a new IIS Web site for the Web application. You must also configure the Web application port number, host header, application pool, authentication levels, and database server.
When you extend a web application, you get a unique URL for accessing the current web application. To use an existing application pool, select the Use existing application pool option in the Application Pool section on the Create New Web Application page in SharePoint Central Administration. You get better security and control of resource allocation on a site if you create a new application pool for the site.
Note: If you create a site collection and it does not appear at the location you intended, you might have added the site collection to the wrong web application.
