We help IT Professionals succeed at work.

Sharepoint data center setup

pgm554 asked
I ned to set up a VDR using SharePoint. It is for sharing and collaborating with external partners. Important features of a VDR are, but not limited to:

1) User Management and Control (User login, Login auto expiry, Assigning access permission etc)

2) Data Management and Control (Access permission, watermarking, cannot download/save, cannot print, cannot edit etc)

3) User Activity Report (when did user login, frequency of login, which files, etc)

Any best practices or any advice?
Watch Question


your question is a bit generic so let me comment your points as you list them up...

1.) SharePoint uses usually (but is not limited) to Active Directory with all its options and possibilities. Beside AD you can use also other user repositories up to just database tables. While AD provides a lot of functionalities, i.e. using AD global / universal groups for assigning permissions in SharePoint, the possibilities with other user repositories are limited to the functionality of the repository itself. That means, SharePoint synchronizes users, groups and user attributes, but SharePoint doesn't really manage them. User management (including expiry etc. it provided by the repository.

2.) The permissions for items can be set down to each single item. If an item does not have its own permissions, the permissions of the parent container are used. Means Permissions are inherited top down if you do not set individual permissions. Permissions are set by permission levels, which are collections of single rights, which then can be assigned to users or groups. Typical permission sets are read, contribute and manage, but you are free to create your own as needed. Beside this permissions levels, there are additional settings in each single library to allow or deny library based functionality. Similar setting on web site level as well as site collection level as well as web-application level. The Hierarchie in SharePoint is: Web-Application (the URL), can contain several site collections (root site), can contain several web site, can contain several list and libraries which are storing the content items.

Printing works on applications level, this means, as far as a user can open a document, he can print it as far as the application allows it.
Watermarking is also connected to applications. SharePoint can individually stamp Documents with a unique ID and adding a lot of metadata to the document, but does not change the document itself. Nevertheless there may be third party solutions outside which can add additionally functionality.

User activities you can follow up on different levels, starting with versioning, where you can track each document change by users. Additionally SharePoint has a kind of "Web-Analytics", which offers out of the box standard reports about the web usage as  well as auditing, which allows to "observe" actions on "audit enabled" items, libraries etc.  

As SharePoint is item related, SharePoint itself can track actions on items, but not basic user actions. Means, SharePoint can track who changed a SharePoint item, but not when a user login on or off. This is more the job of the underlying user repository (i.e. Active Directory).

There is no general best practice for SharePoint as it, but hundreds of best practices for several topics and usage scenarios.
As SharePoint is just like a big "Lego"-Box, where you can enable or disable a lot of features and create you own environment for each single site collection. And what is not directly covered by SharePoint out of the box, you can add by thousands of third party solutions / apps out there or even to construct yourself.

So it is not really possibly to answer all questions in a single thread like here. SharePoint conceptual designs can contain hundreds of pages which describe, which usage scenario is realized in which way in SharePoint.
So the best start point may be to define the functionality you need (as well as you do not need or want) and then to check point by point against SharePoint, how to realize it. If you are not aware about SharePoint functionality, you may start with a testing system, where you can play around with all the options you have.


Got a demo from M$ that gave be a bit more detail.
But your input was helpful.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.