moss2007的规划与架构

      作为一个IT Pro，我一直在应用方面下功夫（当然是应为我不是Developer，不会开发了！）。我发现大凡微软的Server产品，都会有个规划指南以及部署指南，帮助我们做好系统的规划和实施，这个从windows server 2000开始就有了！动辄几百页的文档，让人看了实在眼晕，不过这些东西确实非常有价值！前几天看到了关于moss2007 的规划指南，只是看了看目录，就觉得收益非浅，让我们切实感到，做好一个项目，需要事先在规划方面下多大的功夫！先看看我们需要规划什么内容吧：
 

Planning and architecture for Office SharePoint Server 2007, Part 2.............................. 1

Abstract.............................................................................................................. 1

内容.......................................................................................................................... 3

I. 规划系统需求....................................................................................................... 15

确定软件和硬件需求 (Office SharePoint Server)......................................................... 16

关于硬件和软件需求............................................................................................... 16

独立安装............................................................................................................... 16

硬件需求............................................................................................................ 17

软件需求............................................................................................................ 17

数据库............................................................................................................ 18

操作系统......................................................................................................... 18

Windows 组件................................................................................................ 19

Microsoft .NET Framework 3.0......................................................................... 19

服务器场安装........................................................................................................ 20

应用服务器........................................................................................................ 20

硬件需求......................................................................................................... 20

软件需求......................................................................................................... 21

前端服务器........................................................................................................ 22

硬件需求......................................................................................................... 20

软件需求......................................................................................................... 21

数据库服务器..................................................................................................... 23

规划浏览器支持 (Office SharePoint Server)................................................................ 25

关于浏览器支持..................................................................................................... 25

浏览器支持的级别.................................................................................................. 25

一级浏览器支持............................................................................................. 25

二级浏览器支持.................................................................................................. 26

II. 设计服务器场和拓扑............................................................................................ 27

Chapter overview: 设计服务器场和拓扑(Office SharePoint Server)............................... 28

规划服务器场........................................................................................................... 29

授权需求............................................................................................................... 29

组织需求............................................................................................................... 32

可用性和服务协议.................................................................................................. 33

功能需求............................................................................................................... 34

独立安全性需求..................................................................................................... 34

性能及可扩展性..................................................................................................... 35

Design extranet farm topology (Office SharePoint Server)......................................... 37

设计内容部署拓扑..................................................................................................... 38

内容部署拓扑的要素............................................................................................... 38

典型的内容部署拓扑............................................................................................... 39

标准的Internet拓扑............................................................................................ 39

三级拓扑............................................................................................................ 40

单服务器场拓扑.................................................................................................. 41

设计文档转换拓扑..................................................................................................... 42

关于文档转换........................................................................................................ 42

典型的文档转换拓扑............................................................................................... 44

在服务器场中配置文档转换..................................................................................... 46

为文档转换规划拓扑............................................................................................... 48

工作表.................................................................................................................. 49

可用性规划 (Office SharePoint Server)...................................................................... 50

关于可用性............................................................................................................ 50

定义服务器冗余需求............................................................................................... 51

有限服务器部署的规划........................................................................................... 53

最小级别可用性的规划........................................................................................... 55

四台服务器的场.................................................................................................. 55

五台服务器的场.................................................................................................. 56

六台服务器的场.................................................................................................. 57

三台服务器的场.................................................................................................. 58

选择基本的服务器场拓扑..................................................................................... 59

规划前端Web服务器的可用性................................................................................ 59

规划应用服务器的可用性........................................................................................ 61

可以冗余的角色.................................................................................................. 61

不能冗余的角色.................................................................................................. 62

评估应用服务器失败的风险.................................................................................. 63

规划数据库的可用性............................................................................................... 65

选择基本的拓扑..................................................................................................... 67

III. 设计逻辑架构..................................................................................................... 68

Chapter overview: 设计逻辑架构............................................................................... 69

逻辑架构模型: Corporate deployment........................................................................ 70

关于模型............................................................................................................... 70

公司Internet站点............................................................................................ 73

全面的设计目标................................................................................................ 74

服务器场............................................................................................................... 75

用户、区域和验证.................................................................................................. 77

用户和验证..................................................................................................... 77

区域............................................................................................................... 82

SSPs................................................................................................................... 84

管理站点............................................................................................................... 87

应用程序池............................................................................................................ 88

Web应用.............................................................................................................. 89

站点集.................................................................................................................. 90

内容数据库............................................................................................................ 94

区域和 URLs......................................................................................................... 96

设计负载均衡URLs......................................................................................... 97

Using explicit and wildcard inclusions for URL paths........................................ 99

管理 URLs.................................................................................................... 102

区域策略............................................................................................................. 102

A. 设计一个Internet解决方案架构.......................................................................... 104

为协作站点设计逻辑架构......................................................................................... 105

关于内部环境中的工作组站点................................................................................ 106

工作组站点设计建议............................................................................................. 106

在专门的Web应用中宿主功过组站点.................................................................... 107

规划Web应用的常规设置.................................................................................... 110

规划站点创建的方法............................................................................................. 113

为工作组站点计划内容数据库设置......................................................................... 114

不使用自动删除站点............................................................................................. 117

使用路径或主机名组织工作组站点的 URLs............................................................ 118

规划定制的元素................................................................................................... 119

规划工作组站点的权限......................................................................................... 120

设计我的站点的架构................................................................................................ 124

我的站点设计建议................................................................................................ 124

使用专门的Web应用宿主我的站点....................................................................... 125

在整个组织中协调我的站点................................................................................... 127

规划 Web应用的常规设置.................................................................................... 128

计划我的站点的内容数据库设置............................................................................ 131

不使用自动删除站点............................................................................................. 133

规划我的站点的权限............................................................................................. 133

设计报告中心的架构................................................................................................ 136

规划 Web applications........................................................................................ 136

确定报告中心站点的数量...................................................................................... 138

规划数据库.......................................................................................................... 139

规划报告中心的设计............................................................................................. 140

规划安全............................................................................................................. 141

保护报告管理解决方案的常规步骤...................................................................... 141

在报告中心站点中配置权限................................................................................ 141

Promoting vault behavior................................................................................. 143

规划 e-mail 设置................................................................................................. 144

日志和报告规划................................................................................................... 144

搜索规划............................................................................................................. 145

确定 shared service provider............................................................................ 145

规划索引.......................................................................................................... 145

规划元数据搜索................................................................................................ 146

管理搜索范围................................................................................................... 146

IV. 验证规划......................................................................................................... 147

Chapter overview: 验证规划 (Office SharePoint Server)........................................... 148

规划验证模型 (Office SharePoint Server)................................................................. 149

关于验证............................................................................................................. 149

支持的验证方法................................................................................................... 149

系统帐号的验证................................................................................................ 151

配置验证............................................................................................................. 152

为SharePoint Web applications配置验证.......................................................... 152

连接到外部的或非基于windows的身份管理系统................................................. 157

启用匿名访问................................................................................................... 161

使用不同的验证方法访问站点............................................................................ 161

爬网内容的验证需求......................................................................................... 163

爬网访问区域的次序...................................................................................... 163

验证的场景................................................................................................... 166

为验证设计规划区域......................................................................................... 167

选择你环境中允许的验证方法................................................................................ 168

针对特殊安全环境的建议................................................................................... 169

验证方法的建议和折中...................................................................................... 170

用户身份信息的管理......................................................................................... 172

用户帐号的管理................................................................................................ 174

浏览器支持...................................................................................................... 176

工作表................................................................................................................ 177

Plan authentication settings for Web applications in Office SharePoint Server........... 179

Plan authentication settings................................................................................. 179

Authentication type.......................................................................................... 180

Anonymous access......................................................................................... 181

Client integration.............................................................................................. 181

Settings for ASP.NET forms authentication and Web SSO................................. 186

Plan authentication exclusions............................................................................. 187

Worksheet.......................................................................................................... 188

Authentication samples.......................................................................................... 189

SQL membership provider................................................................................... 189

Active Directory membership provider.................................................................. 192

LDAP membership provider................................................................................. 194

Web SSO with AD FS......................................................................................... 197

V. Plan for and design security............................................................................. 202

Chapter overview: Plan for and design security (Office SharePoint Server)................ 203

Choose your security environment (Office SharePoint Server).................................. 207

Internal team or department................................................................................. 207

Internal IT-hosted................................................................................................. 208

External secure collaboration............................................................................... 208

External anonymous access................................................................................ 209

A. Plan server farm security (Office SharePoint Server).......................................... 210

Overview: Plan server farm security (Office SharePoint Server)................................. 211

Review the secure topology design checklists (Office SharePoint Server)................. 212

Server topology design checklist......................................................................... 212

Networking topology design checklist.................................................................. 213

Logical architecture design checklist.................................................................... 213

Operating system design checklist....................................................................... 215

Plan for secure communication within a server farm (Office SharePoint Server)......... 216

Plan server-to-server communication.................................................................... 216

IPsec.............................................................................................................. 218

SSL................................................................................................................ 218

Scenarios to consider for SSL....................................................................... 219

Plan client-server communication......................................................................... 219

Plan for using SSL.............................................................................................. 220

Plan security hardening for server roles within a server farm (Office SharePoint Server)221

About security hardening..................................................................................... 221

Application server recommendations.................................................................... 223

Secure communication with the Microsoft SQL Server database............................ 224

Blocking the standard SQL Server ports............................................................ 224

Configuring SQL Server database instances to listen on a nonstandard port....... 225

Configuring SQL client aliases.......................................................................... 225

Hardening steps.............................................................................................. 226

Configure SQL Server................................................................................... 226

Configure Windows Firewall........................................................................... 229

Configure a SQL client alias.......................................................................... 230

File and Printer Sharing service requirements........................................................ 231

Single sign-on hardening requirements................................................................. 232

Office Server Web services................................................................................. 233

Connections to external servers........................................................................... 234

Service requirements for e-mail integration........................................................... 235

Service requirements for session state................................................................. 236

Office SharePoint Server services........................................................................ 236

Accounts and groups.......................................................................................... 237

Web.config file................................................................................................... 237

Secure snapshot additions.................................................................................. 238

Plan security hardening for extranet environments.................................................... 245

Extranet hardening planning tool.......................................................................... 245

Network topology................................................................................................ 246

Domain trust relationships................................................................................... 247

Communication with server-farm roles.................................................................. 251

Communication with infrastructure server roles...................................................... 256

Requirements to support document conversions.................................................. 258

Communication between network domains............................................................ 259

Connections to external servers........................................................................... 260

Plan secure configurations for Office SharePoint Server features............................. 262

Recommendations for Office SharePoint Server features...................................... 262

B. Plan environment-specific security (Office SharePoint Server)............................ 274

Overview: Plan environment-specific security (Office SharePoint Server)................... 275

Plan security for an internal team or department environment (Office SharePoint Server)276

Secure design checklist....................................................................................... 276

Plan security hardening for server roles................................................................ 278

Plan secure configurations for Office SharePoint Server features.......................... 278

Plan security for an internal IT-hosted environment (Office SharePoint Server)........... 281

Secure design checklist....................................................................................... 281

Plan security hardening for server roles................................................................ 281

Plan secure configurations for Office SharePoint Server features.......................... 282

Plan security for an external secure collaboration environment (Office SharePoint Server)283

Protect back-end servers..................................................................................... 283

Secure client-server communication..................................................................... 284

Secure the Central Administration site.................................................................. 284

Secure Shared Services Provider administration sites........................................... 285

Secure design checklist....................................................................................... 285

Plan security hardening for server roles................................................................ 286

Plan secure configurations for Office SharePoint Server features.......................... 286

Plan security for an external anonymous access environment (Office SharePoint Server)287

Protect back-end servers..................................................................................... 287

Configure anonymous access.............................................................................. 288

Secure the Central Administration site.................................................................. 288

Secure content deployment................................................................................. 289

Disable incoming e-mail...................................................................................... 289

Use lockdown mode............................................................................................ 289

Secure design checklist....................................................................................... 290

Plan security hardening for server roles................................................................ 291

Plan secure configurations for Office SharePoint Server features.......................... 292

Plan for security roles (Office SharePoint Server).................................................... 296

Farm-level administration..................................................................................... 297

Farm administrators......................................................................................... 297

Single sign-on administrators........................................................................... 299

Server-level administrator................................................................................. 302

Shared services administration............................................................................ 305

Site-level administration....................................................................................... 316

Worksheet.......................................................................................................... 317

Plan for single sign-on........................................................................................... 318

About single sign-on........................................................................................... 318

Common SSO scenarios..................................................................................... 319

Office SharePoint Server SSO architecture........................................................... 319

Microsoft Single Sign-On service...................................................................... 319

Enterprise application definitions...................................................................... 321

SSO tickets..................................................................................................... 321

SSO administration.......................................................................................... 322

Networking dependencies................................................................................. 322

Plan farm-level SSO settings............................................................................... 323

SSO encryption-key server............................................................................... 323

SSO accounts................................................................................................. 324

Database settings............................................................................................ 331

Time-out settings............................................................................................. 331

Plan enterprise application definition settings....................................................... 331

Application and contact information.................................................................. 332

Account type................................................................................................... 332

Authentication type.......................................................................................... 333

Logon account information for users................................................................ 333

Account information for enterprise application................................................... 335

Plan for SSO operations..................................................................................... 335

Managing the encryption key............................................................................ 335

Auditing the encryption key........................................................................... 335

Regenerating the encryption key.................................................................... 336

Backing up the SSO environment...................................................................... 337

Restoring the SSO environment........................................................................ 338

Change the SSO service account................................................................... 339

Restore only the SSO database server........................................................... 339

Restore the entire SSO environment............................................................... 339

Responding to an SSO security compromise.................................................... 340

Worksheets......................................................................................................... 341

Plan for administrative and service accounts (Office SharePoint Server)................... 342

About administrative and service accounts........................................................... 342

Server farm-level accounts............................................................................... 342

SSP accounts................................................................................................. 343

Windows SharePoint Services Search accounts................................................ 345

Application pool accounts................................................................................ 346

Standard account requirements............................................................................ 346

Server farm-level accounts............................................................................... 346

SSP accounts................................................................................................. 349

Windows SharePoint Services Search accounts................................................ 351

Application pool accounts................................................................................ 353

Planning recommendations for accounts.............................................................. 353

Secure farm environment.................................................................................. 354

Server farm-level accounts............................................................................ 354

SSP accounts.............................................................................................. 354

Windows SharePoint Services Search accounts............................................. 355

Application pool accounts............................................................................. 356

Single-server environment................................................................................ 356

VI. Plan for performance and capacity.................................................................. 358

Chapter overview: Plan for performance and capacity (Office SharePoint Server)...... 359

About performance and capacity planning (Office SharePoint Server)....................... 361

Planning for capacity vs. availability.................................................................... 361

64-bit vs. 32-bit................................................................................................... 362

Upgrading from SharePoint Portal Server 2003.................................................. 362

Performance and capacity planning approach...................................................... 363

Performance and capacity planning process........................................................ 364

Plan for software boundaries (Office SharePoint Server).......................................... 366

Test environment................................................................................................. 366

Test results......................................................................................................... 367

Throughput changes when creating a site vs. enumerating sites as the number of sites increases      368

Throughput vs. number of site collections......................................................... 369

Throughput differences between flat document library vs. document library with folders     370

Guidelines for acceptable performance................................................................ 372

Throughput vs. number of Web servers............................................................. 380

User response times........................................................................................ 380

A. Estimate performance and capacity requirements (Office SharePoint Server)...... 382

Overview: Estimate performance and capacity requirements (Office SharePoint Server)383

Estimate performance and capacity requirements for Windows SharePoint Services collaboration environments (Office SharePoint Server).............................................................................................. 385

Key characteristics.............................................................................................. 385

Test environment................................................................................................. 386

Assumptions................................................................................................... 386

Lab Topology.................................................................................................. 387

Usage profile...................................................................................................... 387

Recommendations.............................................................................................. 389

Hardware recommendations............................................................................. 389

Starting-point topologies.................................................................................. 390

Capacity and performance of scaled-out topologies....................................... 390

Estimating throughput targets........................................................................... 390

Estimate throughput targets.......................................................................... 391

Estimating disk space requirements.................................................................. 395

Database server disk space requirements...................................................... 395

Search server disk space requirements.......................................................... 397

Web server disk space requirements.............................................................. 397

Performance monitoring................................................................................... 398

Web server................................................................................................... 398

Database server........................................................................................... 399

Estimate performance and capacity requirements for portal collaboration environments400

Key characteristics.............................................................................................. 400

Test environment................................................................................................. 401

Assumptions................................................................................................... 402

Lab Topology.................................................................................................. 402

Usage profile...................................................................................................... 403

Recommendations.............................................................................................. 405

Hardware recommendations............................................................................. 405

Starting-point and scaled-out topologies........................................................... 406

Estimating throughput targets........................................................................... 407

Estimating disk space requirements.................................................................. 409

Database server disk space requirements...................................................... 410

Index and application server disk space requirements..................................... 411

Web server disk space requirements.............................................................. 412

Performance monitoring................................................................................... 412

Web, search, and application servers............................................................. 413

Database server........................................................................................... 413

Estimate performance and capacity requirements for search environments............... 415

Key characteristics.............................................................................................. 415

Test environment................................................................................................. 416

Assumptions................................................................................................... 416

Lab Topology.................................................................................................. 417

Usage profile................................................................................................... 418

Recommendations.............................................................................................. 420

Hardware recommendations............................................................................. 420

Starting-point topologies.................................................................................. 421

Capacity and performance of scaled-up and scaled-out topologies................. 421

Estimating throughput targets........................................................................... 422

Test results: Throughput by farm configuration............................................... 423

Estimate disk space requirements..................................................................... 424

Index server disk space requirements............................................................. 424

Query server disk space requirements............................................................ 425

Database server disk space requirements...................................................... 425

Determining specifications for index, query, and database servers..................... 426

Determining specifications for index servers.................................................. 426

Determining specifications for query servers.................................................. 432

Determining specifications for database servers............................................ 434

Estimate performance and capacity requirements for Excel Services environments... 436

Additional performance and capacity planning factors (Office SharePoint Server)..... 437

Caching.............................................................................................................. 437

Output Caching............................................................................................. 438

Object Caching............................................................................................. 441

Disk-based Caching for Binary Large Objects (BLOBs)................................... 444

Content Query Web part...................................................................................... 445

Environmental factors......................................................................................... 445

Network configuration...................................................................................... 446

Network security.............................................................................................. 446

Authentication.................................................................................................. 446

Developing custom code................................................................................. 447

Tools for performance and capacity planning (Office SharePoint Server).................. 449

About the SharePoint test data load tool.............................................................. 449

Constructing a SharePoint test data load configuration file.................................... 450

Deleting SharePoint test data.............................................................................. 451