compdigit44
asked on
Sharepoint Infrastructure Redesign Question
Our current SharePoint environment is running SharePoint 2010 with 2 WFE's 1 app server and a cluster DB. The whole environment a mess because it was never setup correctly since the web team setup the environment before I started here. Anyway I have been finally given the OK to write a plan on create a new SharePoint environment. this will include setting up the servers, databases, sharepoint install and site authentication. Once this is done with will be handed over to the web team so they can add and manage the content only...
here are my questions.
1) I would like to setup the new environment for performance and redundancy. With 2 WFE's , 2 APP server and a clustered 2012 DB. My manager has asked that I use the same DB server to save on hardware. Would I need to install another instance of SQL on the cluster to do???
2) Our clients use Windows 7 and IE 9 with Office 2010. Should we go with SharePoint 2010 or 2013?
3) Currently external users connect to sharepoint come through our external Netscaler which then redirects users to the ISA server then to the internal SharePoint servers. Is there a better way to do this.
4) My understanding is that even though sharepoint stored all it content in the DB you can only restore a web app or site using a SharePoint farm restore. With this in mind a planned on doing a daily farm backup ontop of the sql backup. Should I use local or remote storage for the farm backup?
5) Right now sharepoint is setup for claims - NTLM and would like to change this to claims-kerbose.
6) I want to keep out test environment in sync with production and create a regually schedule content refresh in test. To do this would I use a SQL or farm restore? The test environment uses difference host name. If I use a farm restore this would remove all of their test web apps correct? If so this is not what I want.
Any tips and suggestion on how to plan and built this environment are greatly apprieachaited.
here are my questions.
1) I would like to setup the new environment for performance and redundancy. With 2 WFE's , 2 APP server and a clustered 2012 DB. My manager has asked that I use the same DB server to save on hardware. Would I need to install another instance of SQL on the cluster to do???
2) Our clients use Windows 7 and IE 9 with Office 2010. Should we go with SharePoint 2010 or 2013?
3) Currently external users connect to sharepoint come through our external Netscaler which then redirects users to the ISA server then to the internal SharePoint servers. Is there a better way to do this.
4) My understanding is that even though sharepoint stored all it content in the DB you can only restore a web app or site using a SharePoint farm restore. With this in mind a planned on doing a daily farm backup ontop of the sql backup. Should I use local or remote storage for the farm backup?
5) Right now sharepoint is setup for claims - NTLM and would like to change this to claims-kerbose.
6) I want to keep out test environment in sync with production and create a regually schedule content refresh in test. To do this would I use a SQL or farm restore? The test environment uses difference host name. If I use a farm restore this would remove all of their test web apps correct? If so this is not what I want.
Any tips and suggestion on how to plan and built this environment are greatly apprieachaited.
Ingeborg Hawighorst (Microsoft MVP / EE MVE)
The answer to these six questions could easily be a book. You'll probably get better response if you ask six individual questions.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wow!!!! Great feedback everyone...
2) I planned on migrating nothing and starting from scratch since the site pages have many broken webparts that we poorly coded.
3) I guess I am looking for a guidance on this one. Our External connection is a follows firewall -> netscaler -> ISA ->internal Sharepoint. Since I did not setup the environment do I even need an ISA/TMG server going forward? Or is this required to give users an external login page?
4) We are already using BLOB in SQL... ;-)
6) Here is how our environment work we have production and test and or web team is constantly testing and developing things . Ideally I would like to provide them with updated content monthly. Would the best way to do this would be through a SQL restore? Can you explain more about the SQL Alias and how I could make this work in test and production without mixing data?
2) I planned on migrating nothing and starting from scratch since the site pages have many broken webparts that we poorly coded.
3) I guess I am looking for a guidance on this one. Our External connection is a follows firewall -> netscaler -> ISA ->internal Sharepoint. Since I did not setup the environment do I even need an ISA/TMG server going forward? Or is this required to give users an external login page?
4) We are already using BLOB in SQL... ;-)
6) Here is how our environment work we have production and test and or web team is constantly testing and developing things . Ideally I would like to provide them with updated content monthly. Would the best way to do this would be through a SQL restore? Can you explain more about the SQL Alias and how I could make this work in test and production without mixing data?
I'll answer one question. If you already have a SQL cluster or SQL server running it can host DB's for multiple SharePoint farms. You don't need another instance either. The SQL server doesn't have to be a member of the SharePoint farm unless it's running SharePoint SQL Reporting Services which I don't recommend. If you want to run SharePoint SQL Reporting Services, use a dedicated box for it.
ASKER
Thank you very much...
My only last item that I am still stumped on is the created of a monthly test environment date refresh.
I in-order to preserve the web parts in test the best way to refresh the data is by doing a SQL restore..is this correct..
I am still confused on how a sql alias could help
My only last item that I am still stumped on is the created of a monthly test environment date refresh.
I in-order to preserve the web parts in test the best way to refresh the data is by doing a SQL restore..is this correct..
I am still confused on how a sql alias could help
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It's hard to say this after reading tedbilly's profile, but try to avoid doing development on a production system. SharePoint backup is granular and you should be able to develop safely on a dev system and then using the on-board tool, deploy to a prod system. Best practice and defined procedures will allow you to keep two systems in sync. Takes a lot of effort, but well worth the work. That will be understood once you have the pressure on your shoulders of restoring a mission critical prod system that a developer had accidentally taken down because they were developing on a prod system. This not only applies to SharePoint, but to most all systems.
Good luck
Good luck
ASKER
Thanks for the replies everyone....
I am still a bit confused on how to restore date from prod into test but will need to look research this further myself.
Back to my original questions...
One item I forgot to mention is that we do have a new ADFS server we are using. Could this some how help my future sharpoint design? Also is a ISA/TMG server required???
I am still a bit confused on how to restore date from prod into test but will need to look research this further myself.
Back to my original questions...
One item I forgot to mention is that we do have a new ADFS server we are using. Could this some how help my future sharpoint design? Also is a ISA/TMG server required???
A common scenario is to have a development server, which holds only a small part of production and which has to be configured in the same way, but not necessarily hold the whole content. A second server for testing, which may have the whole content, but is more or less equal to production and the production, where you deploy your solution, when they are tested. Due to performance reasons and hardware requirements, I seldom have seen a test system, which hold really all the data. But SharePoint backup and restore would be the way. Have in mind, that this is not quite easy for a development server, as the developer has put content there for there development. Backup / restore destroys / overwrites even test configurations. --> Therefore the test system.
Another way is, but work only if you work with SQL alias names to keep all settings equal on all servers, to copy the databases from production to development. For this you have to redirect the production database connection to the test databases. With SQL server aliases you can configure the same settings (even the same database server, and the alias redirects the request to a different machine. You keep the configuration databases and can copy the content databases.
This procedure is faster than backup / restore, which can take hours, dependent from the content.
What do you mean with ADFS server? Active directory ... ?
ADFS I would translate to AD Federation. I my mind, there is not need to have separate domain, this may complicate your test / development environment.
ISA: The ISA server has the advantage, that you can split the authentication. ISA can take the request, authenticate the user and reestablishes a connection to the sharepoint. This way, you can use form based authentication from external and work with windows authentication from internal. But other firewall can do the same job, depends from your hardware. So ISA can simplify your configuration, but needed... - not in all cases. For just publishing a SharePoint you don't need ISA.
Another way is, but work only if you work with SQL alias names to keep all settings equal on all servers, to copy the databases from production to development. For this you have to redirect the production database connection to the test databases. With SQL server aliases you can configure the same settings (even the same database server, and the alias redirects the request to a different machine. You keep the configuration databases and can copy the content databases.
This procedure is faster than backup / restore, which can take hours, dependent from the content.
What do you mean with ADFS server? Active directory ... ?
ADFS I would translate to AD Federation. I my mind, there is not need to have separate domain, this may complicate your test / development environment.
ISA: The ISA server has the advantage, that you can split the authentication. ISA can take the request, authenticate the user and reestablishes a connection to the sharepoint. This way, you can use form based authentication from external and work with windows authentication from internal. But other firewall can do the same job, depends from your hardware. So ISA can simplify your configuration, but needed... - not in all cases. For just publishing a SharePoint you don't need ISA.
SharePoint is very different than a typical web application. It's very difficult to duplicate the farm configuration because of the way features are interconnected with the domain servers. Each web application can be completely isolated from another web application. SharePoint features can be isolated to specific web applications. A development web application can work in complete isolation from the rest of the farm without harm. Trust me, I've been through this with SharePoint.
ASKER
thank you so much for all of the great suggestions. Every a given me so much to think about.
Here is my problem. I want to design a new SharePoint environment that is built correct while at the same time setting up a new test/dev environment that would mirror the production environment.
In our enviromet test/dev enviroments are one in the same.
After so much testing and dev the test environment needs to get refreshed/ reset? From all of the SharePoint experts point of view would be the best way to do this/
I know I am not strong in sharepoint but doing my best to read / study everything that I can in the mean time.
Also is it better to use ISA or TMG???
Here is my problem. I want to design a new SharePoint environment that is built correct while at the same time setting up a new test/dev environment that would mirror the production environment.
In our enviromet test/dev enviroments are one in the same.
After so much testing and dev the test environment needs to get refreshed/ reset? From all of the SharePoint experts point of view would be the best way to do this/
I know I am not strong in sharepoint but doing my best to read / study everything that I can in the mean time.
Also is it better to use ISA or TMG???
TMG reflects more the later development, Assistants are updated and there are some new functionalities. ISA is from 2006 and MS didn't put a lot of effort anymore to further develop it.
So the clear answer is, yes, TMG is better. Nevertheless even TMG is outdated in the meanwhile but support is promised until 2020. The base of ISA and TMG is the same. But later enhancements doesn't cover ISA anymore. And some lacks of ISA, which are solved in TMG are never implemented into ISA:
TMG is not a bad choice, it do the job and helps with assistants, but he base functionality of ISA/TMG is a firewall and this job can be done by other HW firewalls as well. If you are firm with ISA, you may stay with ISA / TMG.
So the clear answer is, yes, TMG is better. Nevertheless even TMG is outdated in the meanwhile but support is promised until 2020. The base of ISA and TMG is the same. But later enhancements doesn't cover ISA anymore. And some lacks of ISA, which are solved in TMG are never implemented into ISA:
TMG is not a bad choice, it do the job and helps with assistants, but he base functionality of ISA/TMG is a firewall and this job can be done by other HW firewalls as well. If you are firm with ISA, you may stay with ISA / TMG.
Been a lot of information on this thread, so just as a refresher. Are you going to allow external access to SharePoint of will it be for internal use only?
ASKER
Sharepoint is accessed both internally and externally...
ASKER
THis thread has been going on for a while and everyone have provided great feedback. I am going to close this thread and open another one shortly.
Thanks - Hope it helped some!