Choosing Scalable Active Directory Account Creation Mode

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

In the situation described by this white paper, the team chosescalable hosting mode with Active Directory account creationconfiguration to meet the following requirements:

  • SharePoint sites have a naming convention by which a host nameis identified with a customer site, for example,http:// customer . program . host_name .com.

  • Each customer site should have a configurable disk space quota.Quotas in Windows SharePoint Services enforce this limit.

  • Customers can invite their friends or colleagues to collaborateon their sites, but the number of accounts created by customers canbe limited by using user-invitation quotas.

  • Sites support e-mail for sending invitations and alertresults.

  • The hosting organization creates sites for customers. Membersof the Administrator site group or service accounts that havenecessary permissions on the server can create sites by using theWindows SharePoint Services object model, the Stsadm.exe commandline tool, or the SharePoint Central Administration pages.

  • English versions of Windows SharePoint Services are installedon each front-end Web server. Language packs and template packs forGerman and Japanese are also installed on the servers to enablecreating sites in Japanese and German languages. (Other languagepacks, including those for Chinese Simplified, Chinese Traditional, Korean, Arabic, Hebrew, and French will beavailable when the final version of Windows SharePoint Services isavailable.)

  • Usage logging and processing is enabled so that customers cantrack traffic and see usage data from Site Administration.

In addition, the Internet Platform and Operations group had thefollowing goals for the Windows SharePoint Services deployment:

  • Validate the Windows SharePoint Services scalability design andimplement a huge data store. Windows SharePoint Services supportsscalability through multiple servers in server farms. To provescalability and compatibility, the server farm was configured tocontain at least two unique content databases on two clustersrunning Microsoft SQL Server and a storage area network(SAN) repository with more than 700 GB of raw data.

  • Verify that upgrading and applying software patches to WindowsSharePoint Services, Microsoft Windows Server 2003, and SQLServer work in a Windows SharePoint Services server farmenvironment. All of the Web front-end servers, Active Directoryservers, and servers running SQL Server are routinely updated withservice packs as they become available to ensure security andstability of the server farm.

  • Provide high availability, reliability, and short responsetime. The server farm uses Microsoft Internet Information Services(IIS) 6.0, Windows Server 2003, Windows SharePoint Services, SQLServer clustering, and hardware load balancing to provide highavailability for customer sites, excluding planned downtime forupgrades. Windows Cluster service, SQL Server clustering, loadbalancing across front-end Web servers, and Microsoft OperationsManager (MOM) technologies provide scalability and monitoringsupport, as well as availability.

  • Design the backup and disaster recovery plans. Back up contentand configuration information regularly and test the restorationduring complete system failure situations.

  • Support up to 15,000 customer sites at 30 MB for eachsite.

  • Test wild-card Domain Name System (DNS) and Secure SocketsLayer (SSL). Implement wild-card DNS and SSL on the server farm andidentify limitations of these solutions.

  • Design security and Active Directory directory serviceimplementation strategies that can meet ISP or domain controllerneeds. Review infrastructure and security design to help ensurethat Windows SharePoint Services infrastructure architecture cansupport stringent security requirements for enterprise-level serverfarms.

  • Fully or partially automate configuration and deploymentefforts. Minimize the need for operations resources.

  • Work with external customers, provide feedback, and identifyWindows SharePoint Services (Beta) bugs to enhance servicequality.

The remaining sections of this white paper describe how todeploy Windows SharePoint Services to satisfy all of these goals.The deployment descriptions include server types andconfigurations, the Active Directory configuration, the design ofauthentication and authorization design, additional installationand deployment steps, and the configuration of the second contentdatabase and Windows SharePoint Services utilities. Threeadditional white papers focus on the design of monitoring, networkand load balancing, and data repository for this deployment.

Note: The following tablelists permissions you must have to carry out the steps in thiswhite paper.


Permission level

Configure Microsoft Windows 2000 ActiveDirectory

Member of the Domain Admins group on the domaincontroller computer

Configure Microsoft Internet Information Services(IIS)

Member of the Administrators group on the localfront-end Web server

Configure SQL Server 2000

Member of the System Administrators serverrole

Install software on a server running Windows 2000Server or Windows Server 2003

Member of the Administrators group on the localcomputer

Use Windows SharePoint Services CentralAdministration

Member of the Administrators group on the localcomputer, or member of the SharePoint administrators group

Use Windows SharePoint Services SiteAdministration

Member of the Administrators site group on theSharePoint site