Exploring Microsoft SharePoint 2013: Social Computing

  • 3/15/2013

Planning for social computing

As with any ESN technology, the success of social computing within an organization is not dependent on the installation of one or more products. You should not install SharePoint Server 2013, enable all the social computing features, and expect them to be adopted by users. “Technology is only a smaller portion of the answer,” said by many consultants, “Sometimes as little as 10 percent.” For any ESN project, you will need to spend more time and effort on people and the way they work than the products that they use.

Nearly every company and every person in a company will have a different idea of what to expect out of social computing. When you begin to deploy social computing in your organization, start with a vision. Take your time as to discover what exactly your organization wants to accomplish: to what business process are you attempting to add social capabilities, and try to figure out where you will get the most value. This will drive your strategy, which will usually entail some measurable goals so that you can prove to the business that it has achieved some return on its investment.

Enterprise social computing is different from consumer social computing—you should not try to replicate exactly the Twitter or Facebook experience in the organization. The aim of enterprise social computing is to find a way of giving users more information in the areas where they need it and more tools to make their jobs easier. It’s really about providing the means for users to be more productive.

Installation lifecycle

Another aspect to take into consideration when you plan your implementation is that at the SharePoint Conference 2012, Microsoft announced the move away from major releases of SharePoint every two and a half to three years. The idea is to have a more agile approach and to push out functional changes more quickly on a recurring basis. Over the past two releases SharePoint has incorporated infrastructure changes that support such a model; therefore, any new functionally will not need a major upgrade as the core infrastructure will remain unchanged. However, there will be times when key components will be switched out; for example, in SharePoint 2013, search is an example of a component that has been drastically re-engineered. With the acquisition of Yammer, social computing might be the next component that will have a major step change.

Many organizations expect a new installation on new hardware every three years and plan their deployments and finances around a three-year release model. Now, with this agile approach to releasing new functionality in SharePoint, you might need to change your approach to implementing SharePoint projects to ensure that you build a durable solution that can accommodate rolling releases. This increases the importance of appropriate planning and governance.

If you are migrating from SharePoint Server 2010 to SharePoint Server 2013, you might consider a module approach to your SharePoint implementation, where multiple connected SharePoint farms are deployed, where each farm hosts specific functionally. The emphasis is away from one SharePoint farm, which you must ensure is of the right size, to the subsequent monitoring of performance and capacity of that farm as well as completing other daily operational tasks to ensure it continues to meet your needs. In a connected model, one or more of the farms could be managed by a third party, thereby making it possible for your organization to concentrate on taking advantage of the features and building solutions to meet business needs.

Social computing might be the trigger to consider going to a connected model, whereas previously, you only installed one farm. One farm could host your organization’s My Sites and collaboration sites on SharePoint 2013; the rest of the farms could still be using SharePoint Server 2010. The farm that hosted your My Sites could be SharePoint Online, which is often referred to as a hybrid model. The advantage of using SharePoint Online as compared to other third-party hosting companies is the Active Directory synchronization capabilities of Office 365 with on-premise Active Directory domains.

Related SharePoint components

To take advantage of the full social computing functionality, you must deploy the following:

  • Search is a major dependency for social computing within SharePoint Server 2013. It is used for security trimming, for returning social activities, and for improving the ranking. Before deploying any other components you must install Search and verify that it is working correctly.
  • MMS, because this is used for #Tags and interests.
  • You will need a number of Web Applications. The number you need can be reduced with the preference to use Host Named Site Collections (HNSC), which were discussed in Chapter 1, “Architectural Enhancements”; however, it is still best to separate My Sites site collections (and the My Site Host site collection) in their own Web Application from the Web Application(s) for other site collections.
  • A User Profile service application. In SharePoint Server 2013 the User Profile process is still based on a User Profile service application, and because the service application infrastructure has not changed in SharePoint 2013, creating a User Profile service application has not changed.

Optional services could include the Business Connectivity Services (BCS) as well as the supporting infrastructure to incorporate properties from the authoritative identity management source.

Identity management

Undoubtedly, any social computing project will entail internal politics, especially as nearly all the social computing features within SharePoint Server take advantage of User Profiles in some way. Therefore, your organization’s strategy to Identity Management (IdM) is important, and it will become more important as the breadth of social features in SharePoint Server grows.

Business decisions must be made as to what makes up a individual’s persona, where the profile properties are to be obtained, which properties are to be exposed, and who will be able to see them, as well as taking into consideration privacy policies, regional regulations, and so on.

Although Active Directory (AD) plays a major role in your SharePoint installation, it might not be the authoritative source for identity and you will need to discover or get agreement as to where the authoritative source is. All the identity information might not reside in one location. Wherever you are going to get the properties, they need to be up to date and fresh, and there needs to be a business process backup by technology that keeps them in that state. Properties in AD can be augmented with properties from other systems by using the BCS.

The User Profile synchronization process

When SharePoint 2010 was first released, there were problems starting the User Profile synchronization process. Now, the results of a monumental effort—implemented in stages through cumulative updates to SharePoint 2010—form the basis for the synchronization process in SharePoint 2013. The User Profile service application in SharePoint Server 2013 uses the same build of Microsoft Forefront Identity Manager (FIM) and Microsoft Identity Manager Synchronization Service (FIMSS), 4.0.2450.47 (see Figure 4-17) that first appeared in the SharePoint Server 2010 February 2012 cumulative update (CU). The locations of the files for these two services are:

  • FIM (Microsoft.ResourceManagement.Service.exe):

    %ProgramFiles%\Microsoft Office Servers\15.0\Service

  • FIMSS (miiserver.exe):

    %ProgramFiles%\Microsoft Office Servers\15.0\Synchronization Service\Bin

    Figure 4-17

    Figure 4-17 The details of the FIM Windows service.

In SharePoint Server 2013, you can see several optimizations that were already added in SharePoint 2010, such as the following:

  • The addition of indexes to certain user properties that eliminate full table scans
  • Importing data from the BDC in batches
  • Removing unused provisioning steps
  • Cleaning up unused historical data
  • Moving resolution of some objects out of SharePoint and into the sync system

Profile synchronization options

As in SharePoint Server 2010, SharePoint Server 2013 has a two-way (read and write) AD synchronization process implemented via FIM; however, new with SharePoint Server 2013 is the introduction of an AD Import capability, also known as AD Direct Mode, as shown in Figure 4-18. Even with the optimization improvements to FIM, AD Import is faster.

Figure 4-18

Figure 4-18 To use AD Import, select Use SharePoint Active Directory Import in the Synchronization Options section on the Configure Synchronization Settings page.

This is similar to the AD import functionality of Microsoft Office SharePoint Server 2007. However, in SharePoint Server 2013, it is a new implementation of this functionality. AD import is a one-way (read-only) synchronization process by which SharePoint can import AD properties but cannot update those properties. The account used to read the properties from AD still needs the Replicating Directory Permissions on the domain from which you want to read the properties.

The AD Import runs as part of the User Profile Service instance; therefore, the User Profile Synchronization Service instance does not need to be started, and although the Sync database is created when the User Profile service application is created, it will not be used.

On the Add New Synchronization Connection page (see Figure 4-19), you can define one synchronization connection per AD domain; that is, if you have a forest with multiple domains, you need to create one synchronization connection for each domain in the forest.

Figure 4-19

Figure 4-19 You use the Add New Synchronization Connection page to enter the AD domain name and account that has Replicating Directory Permissions on the domain.

On the Add New Synchronization Connection page, you can select the Organizational Units (OUs) that contain the users and groups, and you can also specify a Lightweight Directory Access Protocol (LDAP) filter. After a full import is started, you will notice that a timer job is configured by default to complete incremental imports every five minutes. When you configure Profile Synchronization, the timer job is configured by default to complete an incremental import daily.

The AD Import functionality is constrained by the following limitations:

  • You are tied to a single forest.
  • Links across forests via the AD contact object are not processed.
  • Mapping multivalue user profile properties to single-value profile properties, or vice versa, is not supported.
  • Mapping to system SharePoint properties, that is, those that begin with SPS-, is not supported.
  • Mapping two different AD attributes to the same SharePoint property is not supported.
  • You cannot import additional user properties by using BCS.

Timer jobs and the role of distributed cache

Although the service application architecture has not changed, there are some aspects of the supporting platform architecture that have changed because of the new social computing features. Social computing in SharePoint 2013 consists of a number of activities that can be divided into two types:

  • User generated For example, microblogging activities, such as when a user creates, includes @mentions, likes, or replies to a post.

  • System generated These are activities that are mostly triggered by information stored in the Profile or personal site databases. For example, an activity is generated when it’s a user’s birthday or a user changes his job title. System-generated activities do not display on Site feeds. The User Profile Service Application - Activity Feed Job creates system-generated posts for the following events:

    • Following a tag

    • Tagging an item

    • Birthday celebration

    • Job title change

    • Workplace anniversary

    • Updates to Ask Me About

    • Posting on a note board

    After you configure My Sites, check that the User Profile Service Application - Activity Feed Job is enabled. By default, this time job is schedule to run every 10 minutes. There are a number of User Profile Service-related timer jobs, as shown in Figure 4-20.

Figure 4-20

Figure 4-20 User Profile Service-related timer jobs.

Both the user and system-generated activities are reported by a number of feeds such as the Web Parts on the Newsfeed and Sites hubs, which were described earlier in this chapter. The information for these feeds is stored and retrieved from the following:

  • Content databases

  • Distributed Cache, which was described in Chapter 1. Information is written to the Distributed Cache quickly and retrieved almost in real time. The Distributed Cache is divided into several caches, the two that are related to social computing are as follows:

    • Feeds Cache (DistributedActivityFeedCache) The Feeds Cache is where all the activity information is captured and displayed by Web Parts. This includes activities from personal sites and other sites; for example, where newsfeeds are used, such as on team sites, project sites, and community sites.

    • Last Modified Time Cache (DistributedActivityFeedLMTCache) The Last Modified Time Cache is used to keep track of when something was written to the My Sites content databases and to the content database of other types of sites.

This is completely different from SharePoint Server 2010, wherein all the social tagging information was stored in the Social database. Multiple User Profile service applications in a farm can cause delays in notifications. This is especially true because you can only have one Social database per User Profile service application and it is recommended that you only have one User Profile Application service application in your farm. Now, in SharePoint Server 2013, whereas much of the social tagging is stored in content databases, social computing can scale much better.

It is also best if site feeds and communities are in the same farm as the web application that hosts the My Site Host and personal site collections; otherwise, notifications in the Newsfeed and Sites hubs will not occur. This might change with future updates. Also the My Site web application and the web application that contains the collaboration sites that use newsfeeds should use the same application pool account.

Privacy settings

Privacy settings can be configured at the User Profile service application level and by users on their My Site. So, when you are planning your social computing deployment, you need to decide whether everything is to be available to all users within your organization or whether to prevent others from seeing a user’s information. Remember, many of the social features available in the latest versions of SharePoint depend on open privacy settings so that others in the organization to see profile information.

User Profile Service Application settings

You can modify the Privacy settings by using the SharePoint Central Administration website or by using Windows PowerShell. To display the Manage Policies page (see Figure 4-21), in the browser, on the Manage Profile Service page, in the People section, click Manage Policies.

The new settings in the Privacy Settings section are as follows:

  • Following A Document Or Site On My Site

  • Tagging An Item On My Site

  • Workplace Anniversary On My Site

  • Following A Tag On My Site

  • Updating “Ask Me About” On My Site

  • Liking Or Rating Something

  • Participation In Communities

  • Following A Person On My Site

  • Posting On A Note Board On My Site

  • Job Title Change On My Site

  • Posting A New Blog Post

  • Birthday Celebration On My Site

Figure 4-21

Figure 4-21 Use the Manage Policies page to configure the Privacy Settings at the User Profile Service Application level.

The following are the new settings in the People Settings section:

  • People On My Site

  • Auto-Follow People From Team

  • People Recommendations

On the Manage Policies page, by hovering over a policy, a down-arrow appears that you can click to display a menu with which you can edit the policy by displaying the Edit Policy page, as shown in Figure 4-22.

Figure 4-22

Figure 4-22 On the Edit Policy page, you can specify the privacy policy settings and whether or not the user can change the policy.

The default setting for all the My Sites privacy settings is Only Me; that is, My Sites are private by default. However, on the Set Up My Sites page for the User Profile server application, you can select the Make My Sites Public checkbox (see Figure 4-23) to make public the people who are following information and activities.

Figure 4-23

Figure 4-23 On the Set Up My Sites page, you can choose to make all user’s My Sites public by default.

When the Make My Sites Public check box is selected, this has precedence over the privacy settings on the Manage Policies page; that is, the user’s list of followers, the user’s list of people they are following, and all activities—including new follow notifications, social tagging and rating of content, birthdays, job title changes, workplace anniversary, updating Ask Me About, posting on a note board, and new blog posts—will be public. For those privacy settings that cannot be managed by using the Manage Policies page, a message on that page informs you that “People on My Site” policy and all policies under “Privacy settings” are ignored, as shown in Figure 4-24.

Figure 4-24

Figure 4-24 A message on the Manage Policies pages displays when the Make My Sites Public option is enabled.

My Site privacy settings

When a user first visits her My Site a privacy notification displays (see Figure 4-6, earlier in this chapter). If a user clicks Learn More, a new browser window opens and displays a SharePoint Help page that explains how she can update her privacy settings.

On the privacy notification, by accepting the default, Let’s Get Social, the privacy settings are automatically updated to let others see and respond to site activities. To leave the privacy settings as set at the User Profile service application level, clear the check box before clicking OK.

For users to update their privacy settings, they should complete the following steps:

  1. If they are on their My Site, on the Quick Launch, click About Me. Or, at the top of a SharePoint Site, under their name, click About Me.

    The user’s profile page opens.

  2. To display the Edit Details page, click Edit Your Profile.

  3. To the right of Details, click the ellipsis to display additional options and then click Newsfeed Settings, as shown in Figure 4-25.

    Figure 4-25

    Figure 4-25 Users can click Newsfeed Setting to modify their privacy settings.

The Newsfeed Settings are displayed, as shown in Figure 4-26. On this page users can do the following:

  • Pick what email notifications they want to receive.

  • Allow others to see the people a user is following and the people following the user when they view the user’s profile.

  • Pick the activities that the user wants to make public.

    Figure 4-26

    Figure 4-26 Use the Newsfeed Settings page to update your privacy settings to allow co-workers to see your activities in their newsfeeds.

My Site settings

Make My Sites Public is just one of the new settings on the My Site Settings page in the User Profile service application. Other settings with which you should familiarize yourself with during the planning stage are as follows:

  • Security Trimming Options When the Check All Links For Permission option is selected, users do not see links to activity feeds, ratings, social tags, and notes if they do not have permissions to see them. Site feeds and newsfeeds posted on sites will use the permission settings on that site. Search is used for security trimming; therefore, the frequency of your incremental crawls will affect the freshness of the social activity links. This can delay the links from appearing on the My Site pages, such as the About Me page and the Newsfeed and Sites hubs. The other options in this section are: Check Only Specific Links For Permissions, and Show All Links Regardless Of Permission (see Figure 4-27). However, remember that if you decide to microblog to everyone, which is the default on the Newsfeed hub, the options in this section are irrelevant.

    Figure 4-27

    Figure 4-27 You can use the options in the Security Trimming Options section to decide whether to hide social activity from users who do not have permissions to see them.

  • Newsfeed This section on the My Site Settings page contains two options, as shown in Figure 4-28. You can enable or disable activities on My Sites newsfeeds. Also, although SharePoint Server 2010 newsfeeds are deprecated, if you migrated from SharePoint Server 2010 and used newsfeeds in SharePoint Server 2010, you can incorporate those newsfeeds by selecting the Enable SharePoint 2010 Activity Migration check box. However, if you choose to incorporate them, the newsfeeds are not migrated and remain as they were in SharePoint 2010.

    Figure 4-28

    Figure 4-28 Use the Newsfeed section to enable SharePoint 2013 and SharePoint 2010 newsfeeds.

  • Email Notifications In this section, you can provide an email address that will be used as the sender’s email when certain email notifications are sent. Such an email notification could be if someone mentions you in their microblog. The sender’s email does not have to be a monitored email address. Also in this section, you can select whether you want users to receive emails for newsfeed activities, such as replies to conversations in which they’ve participated and conversations in which they have been mentioned. For these email notifications to be sent, the outgoing email settings for the farm must be configured.

  • My Site Cleanup In this section, you can decide when to enable access delegation and provide a secondary owner. When a user’s profile has been deleted, that user’s My Site is flagged for deletion after fourteen days. To prevent inadvertent data loss, if access delegation is enabled, access is granted to the user’s manager so he can retrieve content from the former user’s My Site before it is deleted. If the user has no manager or the user’s manager cannot be determined, the name provided as the secondary owner is granted access to the former user’s My Site.

Permissions for the User Profile Service Application

Using the SharePoint Central Administration website, you can control who can create My Sites and use other features provided by the User Profile Service Application, by clicking Manage User Permission, in the People section. On the Permissions For User Profile Service Application dialog box shown in Figure 4-29, in the Permissions For list, as in SharePoint Server 2010, there are three options; however, the text for each option explains clearly and reflects the new social computing features in SharePoint Server 2013.

Figure 4-29

Figure 4-29 The Permissions for User Profile Service Application dialog box.