Field security/Column Security in SharePoint(MOSS/WSS) List:
Free from CodePlex:
http://www.codeplex.com/SPListDisplaySetting
http://securefields.codeplex.com/
http://sppex.codeplex.com/
The free ones will work for the most part but if you need more then go for the paid one here:
http://www.kwizcom.com/ProductPage.asp?ProductID=1048&ProductSubNodeID=1049
Monday, November 16, 2009
Tuesday, November 10, 2009
Improve SharePoint Server (MOSS) Performace
Thanks to Roger Lamb please find references to improve SharePoint’s performance:
Case Study: Using Microsoft® Office SharePoint® Server to implement a large-scale content storage scenario with rapid search availability (TechNet)
White paper: Database Maintenance for Microsoft® SharePoint® Products and Technologies (TechNet)
White paper: Scaling SharePoint 2007 - Storage Architecture (Knowledgelake)
Physical storage recommendations (Office SharePoint Server) (TechNet)
How to defragment Windows SharePoint Services 3.0 databases and SharePoint Server 2007 databases (KB)
White paper: Planning and Monitoring SQL Server Storage for Office SharePoint Server: Performance Recommendations and Best Practices (TechNet)
Configuring Caching, IIS Compression, and Other Performance Options for SharePoint (Video)
Case Study: Using Microsoft® Office SharePoint® Server to implement a large-scale content storage scenario with rapid search availability (TechNet)
White paper: Database Maintenance for Microsoft® SharePoint® Products and Technologies (TechNet)
White paper: Scaling SharePoint 2007 - Storage Architecture (Knowledgelake)
Physical storage recommendations (Office SharePoint Server) (TechNet)
How to defragment Windows SharePoint Services 3.0 databases and SharePoint Server 2007 databases (KB)
White paper: Planning and Monitoring SQL Server Storage for Office SharePoint Server: Performance Recommendations and Best Practices (TechNet)
Configuring Caching, IIS Compression, and Other Performance Options for SharePoint (Video)
Monday, November 9, 2009
Block Certain Web Sites using Your Linksys WRT54G Series Router
Find the screen shots:
The point is to create a policy name and enter the list of PC's that the policy is going to be applied for, in my case I just gave a range of PCS 192.168.1.0 ~ 254.
If you want to be specific give the Mac Address.
In the "Website Blocking by URL Address" specify the website, skip the "http://" from the front of the URL name or the router will not block access to the website.
You can also block it by "Website Blocking by Keyword" the same way.
The point is to create a policy name and enter the list of PC's that the policy is going to be applied for, in my case I just gave a range of PCS 192.168.1.0 ~ 254.
If you want to be specific give the Mac Address.
In the "Website Blocking by URL Address" specify the website, skip the "http://" from the front of the URL name or the router will not block access to the website.
You can also block it by "Website Blocking by Keyword" the same way.
Wednesday, November 4, 2009
List Item level Security in sharepoint
Set Item Security based on Content Type that it is created from, and the based on the security groups (naming convention is used to tie them up)
http://mindsharpblogs.com/pauls/archive/2007/05/07/1754.aspx
----------------------------------------------------------------------------
http://www.endusersharepoint.com/2008/12/23/security-trimming-a-list-view/
Here’s a question that comes up quite a bit. This time, it was on Stump the Panel:
Does anyone know how I can use one SharePoint List but have different site users only access specific views (kinda like security trimming views) The scenario is I am working with some lawyers who should only access data on the list they are responsible for and shouldn’t see the data the other lawyers are responsible for. I want to only maintain one list so that its easy for me to update just the one list.
Response from Paul Grenier, Moderator of Stump the Panel:
Perfect reason to use folders. Folders can have their own permissions. You can break inheritance and give every object in them the same permissions. This allows you to group things in a list or library by permission. Works great for things like a library of personal expense reports.
"you can set views to not show folders"
---------------------------------------------------------------------------
http://www.siolon.com/blog/the-folder-less-sharepoint-paradigm/
Post opposing folders and using views instead. But provides no idea on how to implement item level security.
----------------------------------------------------------------------------
http://www.infoq.com/articles/Dressel-Gogolowicz-wss-security
Column Level Security in SharePoint, by defining a custom field type(inheriting from SPFieldLookup) and using that as a lookup column from another list.
----------------------------------------------------------------------------
http://mindsharpblogs.com/pauls/archive/2007/05/07/1754.aspx
----------------------------------------------------------------------------
http://www.endusersharepoint.com/2008/12/23/security-trimming-a-list-view/
Here’s a question that comes up quite a bit. This time, it was on Stump the Panel:
Does anyone know how I can use one SharePoint List but have different site users only access specific views (kinda like security trimming views) The scenario is I am working with some lawyers who should only access data on the list they are responsible for and shouldn’t see the data the other lawyers are responsible for. I want to only maintain one list so that its easy for me to update just the one list.
Response from Paul Grenier, Moderator of Stump the Panel:
Perfect reason to use folders. Folders can have their own permissions. You can break inheritance and give every object in them the same permissions. This allows you to group things in a list or library by permission. Works great for things like a library of personal expense reports.
"you can set views to not show folders"
---------------------------------------------------------------------------
http://www.siolon.com/blog/the-folder-less-sharepoint-paradigm/
Post opposing folders and using views instead. But provides no idea on how to implement item level security.
----------------------------------------------------------------------------
http://www.infoq.com/articles/Dressel-Gogolowicz-wss-security
Column Level Security in SharePoint, by defining a custom field type(inheriting from SPFieldLookup) and using that as a lookup column from another list.
----------------------------------------------------------------------------
Friday, October 23, 2009
Creating Site Definitions? The Best way, is actually not creating one.
Not exactly, NOT creating a new one, but create a lightweight one.
The Point is to create minimal site definition(nothing more than the ID and name) and put all custom lists, webparts etc in features and just staple with the site definition so that they get activated when the site is created.
Described here:
http://www.andrewconnell.com/blog/archive/2008/02/15/You-dont-need-to-create-site-definitions.aspx
Raymond Mitchell takes it to the next level by describing a way where you will truly be independent from the custom site definition to the point of being able to delete the custom site definition, He also describes the different ways to create a new site, without creating a site definition at all.
His best approach solves two problems:
1. Making further changes to site definition, lists and webparts in it.
2. Deleting the site definition and keeping it updated with new version.
http://www.iwkid.com/blog/Lists/Posts/Post.aspx?ID=53
When you install the site definition/template, and when users are creating a new site based on that, the site provisioning handler will create the site based on the custom site definition. But if you hijack it and use applywebtemplate method you can make the site created based on OOTB site definition. This way you are free to delete your custom site definition and the sites will still work. The trick is to hijak the site provision handler and use the method applywebtemplate method and apply the OOTB site definition instead of the custom site definition. Excellent Idea by: Raymond Mitchell.
The word doc of the post in SharePoint folder.
The Point is to create minimal site definition(nothing more than the ID and name) and put all custom lists, webparts etc in features and just staple with the site definition so that they get activated when the site is created.
Described here:
http://www.andrewconnell.com/blog/archive/2008/02/15/You-dont-need-to-create-site-definitions.aspx
Raymond Mitchell takes it to the next level by describing a way where you will truly be independent from the custom site definition to the point of being able to delete the custom site definition, He also describes the different ways to create a new site, without creating a site definition at all.
His best approach solves two problems:
1. Making further changes to site definition, lists and webparts in it.
2. Deleting the site definition and keeping it updated with new version.
http://www.iwkid.com/blog/Lists/Posts/Post.aspx?ID=53
When you install the site definition/template, and when users are creating a new site based on that, the site provisioning handler will create the site based on the custom site definition. But if you hijack it and use applywebtemplate method you can make the site created based on OOTB site definition. This way you are free to delete your custom site definition and the sites will still work. The trick is to hijak the site provision handler and use the method applywebtemplate method and apply the OOTB site definition instead of the custom site definition. Excellent Idea by: Raymond Mitchell.
The word doc of the post in SharePoint folder.
Wednesday, October 21, 2009
Fulltime or Contracting
From: http://www.johnkellar.com/2009/06/so-you-want-to-be-consultant-billable.html
More info from:
http://www.biztaxtalk.com/node/3
http://www.cehandbook.com/
http://discuss.joelonsoftware.com/default.asp?joel.3.661943.22
So you want to be a consultant? – Billable Hours
Recently, I have been getting a number of questions about what it takes to be a consultant. This is obviously a huge topic to try and cover in a single post. The conversation usually turns to a question about how much the person should charge for bill rate. This is not easy to answer either, since several factors come into play. To get started at determining your bill rate you really need to think about how many hours you will be able to bill someone for your services. So how many billable hours are REALLY in a year? Let’s look at the numbers.
| 52 weeks in a year x 5 work days each week 260 possible work days each year |
Now that we have a starting point, let’s think about time off. Yes, you have to take time off whether you like it or not sometimes. There are essentially 10 major holidays to consider in the United States. While not all companies close on every holiday, you have to plan for them all since you never know what a company will recognize.
New Year’s Day
Martin Luther King Jr. Birthday
President’s Day
Memorial Day
Independence Day
Labor Day
Columbus Day
Veterans Day
Thanksgiving Day
Christmas Day
Next, consider how much vacation time you plan to take each year. This will be different for everyone, but I use 15 days vacation in my planning. That covers sick days and actual vacation time, remember you don’t get paid when you are on vacation as a consultant. Let’s apply our time off to the number of days available and see where we fall.
260 possible work days each year
- 10 holidays
- 15 days vacation
235 possible work days remaining each year
So you might think you can stop here and you could, but I don’t recommend it. Ask any recruiter how many billable hours are in a year and you will probably hear a number around 2000 hours. That number sure sounds great, but this is not a perfect world. You may or may not be on a contract for the duration of the year, consultants experience change and you must be ready. So below I have two scenarios, the first is a scenario where you will have no more than 5 days of not being on a contract and the second is a scenario where you will have 25 days of no work. This may or may not be representative of what you will experience, but better to prepare for the worst.
| Good Scenario | Bad Scenario |
235 possible work days | 235 possible work days |
So there you have it, plan for both scenarios and you should have a good idea of where to get started with bill rate.
Posted by John Kellar at 11:13 PM
Labels: Consulting
4 comments:
Mark Holmes said...
Back in the "good old days" of 1998 I was told that a consultant should charge twice the hourly rate of a salaried employee; does that still hold true? i.e. an experienced FoxPro developer at $50k salaried (estimating 2000hrs/year) = $25/hr salaried would translate into $50/hr as a consultant. And yet, the consultants hired by my employer (in Denver) were charging corporations $125/hr. Is that even reasonable nowadays?
June 24, 2009 11:54 PM
John Kellar said...
Most salaried employees have very diverse salaries, so the formula you mentioned could vary widely. I would venture to guess that most salaried employees are not getting paid a market wage either, so you could undercut yourself.
A number of things come into play when deciding a billable rate. For example:
- Supply and demand
- Experience of the individual
- The type of service being rendered (i.e. architecture, development, strategic consulting)
The list can go on. As to your question about $125 being a reasonable rate. It depends. :) I know people who would accept $50/hr and others who charge much more. If you can ask for $125 and someone is willing to pay that rate, then it is reasonble.
June 25, 2009 12:24 AM
Joe Webb said...
Good information. John!
There's also a fair amount of non-billable work that must be done either during the work day (taking way from billable hours) or during the evenings (taking time away from your family). Tasks such as creating/updating your web site, filling out state and local tax forms, etc.
Another consider is that if you're doing primarily project based work rather than augmenting a client's IT staff (contracting), you may end up spending a non-trivial amount of time meeting with prospects, writing proposals, etc.
June 25, 2009 6:59 AM
John Kellar said...
Thanks Joe, two excellent points. I actually count these types of tasks as no contract time, but didn't do a good job pointing that out in the post.
- Many people do these types of activities outside of their billable hours, but they definitely take their toll. It goes to show that you should not expect to be a 9-5 person if you are consulting on your own.
- The project versus contracting is definitely different and requires a considerable effort to keep projects coming. Even if you are just contracting, if you are getting your own work it can be very time consuming.
Thursday, September 3, 2009
Preventing recurrent Boils
I have been having boils from as far as I can remember, there is definitely a "colonization" of staph in my body. I am going to try injecting some anti-biotic through nose. Here are my sources:
Physicians have tried eradicating the staph by simply applying an antibiotic to the nose, and this approach sometimes is successful.
http://yourtotalhealth.ivillage.com/preventing-recurrent-boils.html
BoilOver.com
Questionable treatment? One Doctor said "Put Neosporin in your nose twice a day for 30 days and you will get rid of these for good." I'm sure the look on my face said it all. I thought he was nuts. According to this Doc the Center for Infectious Disease did a study and for those of us colonized with staph infection this would clear it up. I am still skeptical, but willing to try. Perhaps it will help someone else.
Physicians have tried eradicating the staph by simply applying an antibiotic to the nose, and this approach sometimes is successful.
http://yourtotalhealth.ivillage.com/preventing-recurrent-boils.html
BoilOver.com
Questionable treatment? One Doctor said "Put Neosporin in your nose twice a day for 30 days and you will get rid of these for good." I'm sure the look on my face said it all. I thought he was nuts. According to this Doc the Center for Infectious Disease did a study and for those of us colonized with staph infection this would clear it up. I am still skeptical, but willing to try. Perhaps it will help someone else.
Monday, August 24, 2009
Virtualation of SqlServer box
Here is a comment from Joel about Virtual SqlServer:
http://www.sharepointjoel.com/Lists/Posts/Post.aspx?ID=249
"I tell people not to virtualize SQL, but for small and medium environments you could likely get away with it with dedicated disks. SQL is IO intensive."
I agree with this. For large databases SQLServer should be on physical machine.
http://www.sharepointjoel.com/Lists/Posts/Post.aspx?ID=249
"I tell people not to virtualize SQL, but for small and medium environments you could likely get away with it with dedicated disks. SQL is IO intensive."
I agree with this. For large databases SQLServer should be on physical machine.
Friday, August 21, 2009
Sync a SharePoint list to database table
Since SharePoint list provides the interface to edit/view data, you might want to use a list as the UI. But the data will be stored in the content database. Sometimes you might want the data to be used by other non SP applications for which the data might need to be in its own SQL Table. SharePoint exposes all its data using Web Services. One might ask then why do you need to sync a list to database table, why not call the web service directly from the other non-SP applications. The answer to that question is you can but for some reporting applications you might want your data to be in SQL, a weak argument but its a possibility. So how do you sync a list to SQL table using SSIS: You might be tempted to use the SSIS webservice task to call the SP List webservices, not so fast, the Web Service task supports primitive types only. If you look at the WSDL for method GetListItems, we will have a problem. So the solution is to use WSDL to generate the proxy, and use the Script task to call the webservice, you can add the proxy in the script task as reference. The next problem is the xml data that you get from the webservice method will have multiple namespaces in it, which will be a problem for the xmlSource to read the xml and pass it to the ado.net data source. So you need an XML task to remove multiple names spaces from the output xml. The xsl to remove the namespaces is:
References:
http://www.sidatkinson.com/post/Extracting-SharePoint-Data-using-SSIS.aspx
http://www.devx.com/dotnet/Article/35070/0/page/1
http://blogs.pointbridge.com/Blogs/matyas_ethan/Pages/Post.aspx?_ID=2
http://sqlblogcasts.com/blogs/drjohn/archive/2007/11/02/Getting-a-list-of-files-from-a-moss-document-library-using-a-SharePoint-web-service.aspx
http://sqlblogcasts.com/blogs/drjohn/archive/2007/11/03/ssis-calling-sharepoint-web-services-from-the-data-flow.aspx
In the script task dump the output in a variable and direct the xml task to get the data from the variable and overwrite it after applying the xsl. Do you see how powerful the varibles are in SSIS, you can communicate between tasks using the variables. In the XMLSource set it so it gets the data from the variable. To generate the columns in the xmlsource keep some sample data in the variable and let the xmlsource generate the schema so that you can map the columns to the ado.net data source. If you dont do the sample data in the variable, it would be hard to map the columns.<?xml version="1.0" encoding="utf-8" ?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="xml" indent="no" />
<xsl:template match="/|comment()|processing-instruction()">
<xsl:copy>
<xsl:apply-templates />
</xsl:copy>
</xsl:template>
<xsl:template match="*">
<xsl:element name="{local-name()}">
<xsl:apply-templates select="@*|node()" />
</xsl:element>
</xsl:template>
<xsl:template match="@*">
<xsl:attribute name="{local-name()}">
<xsl:value-of select="." />
</xsl:attribute>
</xsl:template>
</xsl:stylesheet>
References:
http://www.sidatkinson.com/post/Extracting-SharePoint-Data-using-SSIS.aspx
http://www.devx.com/dotnet/Article/35070/0/page/1
http://blogs.pointbridge.com/Blogs/matyas_ethan/Pages/Post.aspx?_ID=2
http://sqlblogcasts.com/blogs/drjohn/archive/2007/11/02/Getting-a-list-of-files-from-a-moss-document-library-using-a-SharePoint-web-service.aspx
http://sqlblogcasts.com/blogs/drjohn/archive/2007/11/03/ssis-calling-sharepoint-web-services-from-the-data-flow.aspx
Thursday, August 20, 2009
Formatting columns inside gridview using codebehind helper function
Formatting columns inside gridview: There is more power with the server tags '' you can call codebehind functions from inside there eg:
<asp:GridView ID="GV" runat="server" DataSourceID="XmlDataSource1" AutoGenerateColumns="False">
<Columns>
<asp:BoundField DataField="title" /> <asp:TemplateField>
<ItemTemplate>
<asp:Label ID="lblnumber" runat="server"
Text='<%# FormatThis(Eval("title")) %>' />
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView>
In code behind:
public string FormatThis(object value)
{
return "This is my formatted string: " + str ;
}
In the above code the value passed by the Eval function comes as object, we dont know the type at compile time. So we need to cast as the type that we know is coming in. I prefer this approach over the overriding the databinding events and modifying the value of cells with column names, yuck!
<asp:GridView ID="GV" runat="server" DataSourceID="XmlDataSource1" AutoGenerateColumns="False">
<Columns>
<asp:BoundField DataField="title" /> <asp:TemplateField>
<ItemTemplate>
<asp:Label ID="lblnumber" runat="server"
Text='<%# FormatThis(Eval("title")) %>' />
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView>
In code behind:
public string FormatThis(object value)
{
return "This is my formatted string: " + str ;
}
In the above code the value passed by the Eval function comes as object, we dont know the type at compile time. So we need to cast as the type that we know is coming in. I prefer this approach over the overriding the databinding events and modifying the value of cells with column names, yuck!
Wednesday, July 22, 2009
Anything to PDF
Two products that I have looked into for converting an ASPX page into PDF:
1. http://www.html-to-pdf.net/
around $
2. http:/www.sautinsoft.com/help/rtf-to-pdf/net/help/about.htm
The companies above also have other pdf converters to covert rtf into PDF.
Here is why we choose to use the converter:
Earnest,
Converting the signed forms to PDF is the only reasonable option we have, considering these as legal documents and need to be retained for a lengthy period of time, tamper –proof. We have explored different converters that will achieve the functionality that we require and the following two products came close:
1. Sautinsoft HTML to PDF Converter: $338 per machine: Total of : $676 http://www.sautinsoft.com/
2. Outside Software Inc.: HTML to PDF Converter: $350 for development and deployment. - 20% off = Total: $280
The alternate option to buying a PDF Converter is to develop the converter ourselves, the downside being it will take at least Eight weeks to develop the software with similar functions. If we have the flexibility to deliver this mid September we can do away with purchasing the software.
Thanks!
-Anil.
We used the discount code provided.
Hi,
We can offer you a 20% discount for any company license that you purchase. Use our payment provider shareit and enter this coupon code: 20off.
Thanks,
Florentin BADEA
Product Manager
www.html-to-pdf.net
1. http://www.html-to-pdf.net/
around $
2. http:/www.sautinsoft.com/help/rtf-to-pdf/net/help/about.htm
The companies above also have other pdf converters to covert rtf into PDF.
Here is why we choose to use the converter:
Earnest,
Converting the signed forms to PDF is the only reasonable option we have, considering these as legal documents and need to be retained for a lengthy period of time, tamper –proof. We have explored different converters that will achieve the functionality that we require and the following two products came close:
1. Sautinsoft HTML to PDF Converter: $338 per machine: Total of : $676 http://www.sautinsoft.com/
2. Outside Software Inc.: HTML to PDF Converter: $350 for development and deployment. - 20% off = Total: $280
The alternate option to buying a PDF Converter is to develop the converter ourselves, the downside being it will take at least Eight weeks to develop the software with similar functions. If we have the flexibility to deliver this mid September we can do away with purchasing the software.
Thanks!
-Anil.
We used the discount code provided.
Hi,
We can offer you a 20% discount for any company license that you purchase. Use our payment provider shareit and enter this coupon code: 20off.
Thanks,
Florentin BADEA
Product Manager
www.html-to-pdf.net
Thursday, July 9, 2009
ORM - Object-Relational Mapping
Just started using LinqToSql. Absolutely love it, typed data objects are just awsome. Co-worker
mentioned Subsonic, looks like it was pretty good. But I think linq may be faster compared to SubSonic or NHibernate.
Here is quick comparision of various ORM's by the SubSonic creator:
http://blog.wekeroad.com/2007/12/14/aspnet-mvc-choosing-your-data-access-method/
In my current project, the sys admin has mentioned he wouldn't encourage access to data except through stored procs, I agree with him. Fortunately using LinqToSql does allow invoking stored procs.
Here is an excerpt
"Many people believe that database access should always be performed through Stored Procedure to improve security (permissions can be granted only for those stored procedures an application should run), and for improved performance (query plans are cached between calls and better optimization can be carried out). LINQ to SQL fully supports Stored Procedures for general calls and the update, insert and delete operations, and in many cases improves the developer experience by freeing you from having to create input parameters by hand or having to create a strongly typed object collections to work with any returned results. However, solely using Stored Procedures eliminates the benefits of writing Query Expressions in the developer’s native coding language. There is middle ground though; you can use Stored Procedures for all Insert, Update and Delete operations and use Query Expressions for data retrieval. This allows the database to be secured against data corruption, while still allowing the developers to construct query expressions in VB or C#."
http://www.hookedonlinq.com/LinqToSQL5MinuteOVerview.ashx:"
mentioned Subsonic, looks like it was pretty good. But I think linq may be faster compared to SubSonic or NHibernate.
Here is quick comparision of various ORM's by the SubSonic creator:
http://blog.wekeroad.com/2007/12/14/aspnet-mvc-choosing-your-data-access-method/
In my current project, the sys admin has mentioned he wouldn't encourage access to data except through stored procs, I agree with him. Fortunately using LinqToSql does allow invoking stored procs.
Here is an excerpt
"Many people believe that database access should always be performed through Stored Procedure to improve security (permissions can be granted only for those stored procedures an application should run), and for improved performance (query plans are cached between calls and better optimization can be carried out). LINQ to SQL fully supports Stored Procedures for general calls and the update, insert and delete operations, and in many cases improves the developer experience by freeing you from having to create input parameters by hand or having to create a strongly typed object collections to work with any returned results. However, solely using Stored Procedures eliminates the benefits of writing Query Expressions in the developer’s native coding language. There is middle ground though; you can use Stored Procedures for all Insert, Update and Delete operations and use Query Expressions for data retrieval. This allows the database to be secured against data corruption, while still allowing the developers to construct query expressions in VB or C#."
http://www.hookedonlinq.com/LinqToSQL5MinuteOVerview.ashx:"
Subscribe to:
Posts (Atom)