Tuesday 11 August 2015

SharePoint getting lost in the Cloud?

My experience is that though most Office 365 users include SharePoint (sites) in their tenant, the real use is coming from Exchange Online, Office ProPlus, and OneDrive.

Most people seems to think OneDrive settles the document storage needs.

They are wrong in a number of ways.

The most obvious problem is a OneDrive is that when you lose a staff, and end their license, all their documents go with them.

What you need is a central place to put key documents and lists that you company needs beyond a single users.  These documents you might want version controlled, assigned with metadata, and searchable.

What you want is Sites which is SharePoint in Office 356. Better yet SharePoint with Delve, allowing your users to see the socially most significant documents in circulation.

Planning a proper Sites configuration is not technically hard but it is a lot of work to create a good Information Architecture, that is a plan of sites and subsets.

Here are some simple rules:


  1. Regardless of what anyone says the hard limit for supported Sites is 200 GB.  So if you have a lot of content to store make many sites.
  2. Don't rely on your company structure to provide the structure for the sites, rather find out what people need or let teams design they own layout.
  3. Keep it clean and simple, don't worry too much about colours or new layouts.  Spend effort on design of layout and making it easy to use over making it look a certain way.
  4. Use Wikis, they are easy light weight way to store data.
  5. Keep pushing users to it, if they have a question don't write an answer when a link in a wiki exists, have the search for it in the wiki.  Get users to learn the independent way of looking for things, break the ask first habit.
  6. Have people who have keeping SharePoint up to date and clean as part of their jobs.
  7. Find energetic people who want to work with Sharepoint.

Identity: Cloud for Sync vs AD FS

Lots of people using Office 356 seem to assume they just need AD FS.

What AD FS gives you primarily is Single Sign On, this also enables you to connect your Office 365 to a number of other Cloud services provided by Microsoft like CRM and Azure.

But there is a cost of AD FS.  To get this benefit you need to to build a 5 server farm, with load balancers.


This servers farm will create a number of single points of failure: load balancers, firewalls, web servers (2) of them and AD FS servers (2).  You need to create and manage these servers.

Now if you use simple sync, using AADS or AADC or what ever it will be when you read this, you need only one server and all it does is updates identities from AD, including sending a HASH or a HASH of the password.

So what it the difference for users.  Users in the worst case without AD FS 2 you users log in to their computer, they then open the web page and log in again with the same credentials.  The worst case is that they need to login twice.  Normally users just save their passwords so they only need to enter it when they change browsers or machines, or when their password changes.

From a user perspective you get maybe 10 re-entries of a password THEY MUST KNOW to get on their computer in the first place.  With Federation you get rid of those 10 actions a year, actions the staff will know in every case how to manage, at the cost of a single point of failure and 5 boxes and 2 load balances.

Frankly its hard to make the case.

If management demands SSO I would suggest you go over the facts above, point out that servers like Twitter, Facebook, Hotmail, Gmail, Instagram, and Snap Chat work across devices without Single Sing On.

You will save money and effort by treating Office 365 as what it is, a Cloud tool

Web 1 to Web 2 to Web 3