SharePoint 2013: Personalize a page and configure Web Parts to create a personal view.

Scope

Site users can personalize a page and configure Web Parts to create a personal view.

Implementation:

Out of the box approach

Personalize this Page

- On pages the site contributors can add the Web Parts to create a personal view of the page. For example, a Web Part can be added to a page and viewable by only those users. When users personalize a page, others will continue to view the public version or the shared version, or their own personalized version. Once a page is personalized, we have an option to view either your personal version or the shared version.

• Create web part page “My Page”
• Check following permission level at Web Application level and user group level in order to enable personalize this page menu in the site for the user.

• Restrict personal page from showing all web parts in the Add Web Part list by assigning appropriate permission to Web Part Gallery.

Following customization need to be carried out

• Hide Ribbon on page edit.
• Enable Personalize this Page option only to the custom "My Page". Hide this menu for all the other pages.

Custom approach

• Create a List "PersonalizableWebParts" to have the list/library name that can be configured as personal web part. The list data should be configurable by the administrator in portal base UI.

• Adding menu item "My Page" to the User/Welcome Menu in SharePoint

• Create a Web Part page with following Web Part Zones and layout.

• Create a custom Web Part that displays the items in PersonalizableWebParts list and provide a button to "Add to Web Part" in the Web Part Zone right.

• Create a single Web Part in Right zone with four sections using table/div

• Load four different user controls in four different sections based on user selection

• Save the user selection of user controls and load next time automatically.

• The page should have read permission to all users. Adding Web Part should be executed programmatically using elevated privileges.

• Set default view for each Web Part.

Limitations/Risks

There are few limitations/risks using the out of the box SharePoint features to personalize pages.

1. Using Target Audience for the Web Parts added in the “My Page”. If multiple users add Web Parts with audience set, then there will be multiple copy of the Web Part in the page which lead to performance issues. Also the order/alignment set by the users to display Web Part cannot be retained.
2. Web Part Zone does not have personalization option like Web Parts.
3. Personal Site – Personal Site gives users a central location to manage and store documents, content, links, and contacts. Content providers can use My Site as a method of customizing the information they present to users. However this feature is supported only in SharePoint Servers and not on Foundation versions.

SharePoint 2013 Single Sign-On Authentication via SAML with OneLogin

Introduction

SharePoint supports the SAML Profile for single sign-on out of the box. This chapter provides guidelines to configure a third party Identity Provider,OneLogin
(http://www.onelogin.com  ). 

Configuring the Trusted Identity Provider for SharePoint

To configure OneLogin to sign in users into SharePoint using SAML, ensure that the SharePoint Web Application is SSL Enabled, and then proceed to the following steps.

1. In OneLogin, navigate to Apps > Find apps and search for SharePoint 2013 (EMAIL). Click Add.
2. In the Add SharePoint 2013 (EMAIL) screen select for the app to be used by the Organization. Press Continue.

3. Select "Configuration"  tab

• Set "FQDN" (SharePoint Web application URL for which the OneLogin IP need to be added)
• Set "Realm" (The realm can be any unique value. This will be used later in the SharePoint configuration)
• Set "Site" (Site collection /site  relative URL ex. /sites/sitename/)

      4. Create new users if required from Users > All Users

5. From menu Users > Roles, make sure that the SharePoint application is added to the Default Role.

6. Grant access to the SharePoint App in OneLogin.

Download OneLogin Certificate for SharePoint

• Login to OneLogin as an administrator
• Download the OneLogin Certificate (DER)
  • https://app.onelogin.com/saml/download_der
• Open the OneLogin Certificate
• Select "Details" tab
• Select "Copy to file"
• Select "DER encoded binary X.509 (.CER)"
• Save as "c:\onelogin.cer"

Define the certificate used to validate the signed WSFed assertion

Open "SharePoint Management Shell" on SharePoint server and execute the lines codes.

1. Load OneLogin Certificate into an Object:
   • $cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\onelogin.cer")
2. Install OneLogin Certificate as a Trusted Root Authority:
   • New-SPTrustedRootAuthority -Name "OneLogin Certificate" -Certificate $cert
3. Set Email as the common identifier between OneLogin and SharePoint:
   • $email=New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming
4. Set SharePoint Site Realm Identifier:
   • $realm= "urn:saml:sharepoint"
   • Note:The realm must match the value in OneLogin under the "Configuration" tab of the SharePoint connector.
5. Create OneLogin IdP option in SharePoint:
   • $x=New-SPTrustedIdentityTokenIssuer -Name "OneLoginSharePoint" -Description " OneLoginSharePoint" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $email -SignInUrl  "{WS-Federation Web SSO Endpoint}" –IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
   • Note: Replace the {WS-Federation Web SSO Endpoint} with the URL found in OneLogin under the "Single Sign-on" tab.

After executing the script, the OneLogin identity provider will be listed under Trusted Identity Providers in the Web Application page.

Configure the site to use Trusted Identity Provider

Open "SharePoint 2013 Central Administration" on SharePoint server and create new Web Application with SSL Enabled or update existing Web Application.

1. Navigate - "Application Management"
2. Click - "Manage web applications"
3. Select a SharePoint Web Application that is SSL Enabled.
   •  Note: "SharePoint Central Administrator" can NOT be used with SSO.
4. Click "Authentication Providers" from the top menu options.
5. Click "Default - Claims Based Authentication"
   
   
   
6. Check mark - "Trusted Identity Provider" and select the OneLogin IdP
   
   
   
7. Click "Save"

Reference: https://onelogin.zendesk.com/hc/en-us/articles/201173964-Configuring-SAML-for-SharePoint-2013  

Define the Initial Users

1. Select the web application for which onelogin IdP is configured 
2. Select "User Policy" from the menu ribbon to bring up the "Policy for Web Application" dialog box.
   
   
   
3. Select "Add Users" in the menu ribbon. 
4. Select the appropriate zone or select the default "All Zones" and select the "Next" button.
5. From the "Add Users" dialog, select the people picker book in the "Choose Users" section.
6. Select the Trusted Identity Provider in the left frame and enter a group or account name to grant access in the "Find" text box at the top.
7. Click Ok.
   
   
8. Select the Permissions intended for the user or group. 
9. Select the "Finish" button to go back to the "Policy for Web Application" Dialog.
10. Select the "OK" button to close.

Login to SharePoint

Navigate to your web application. You should see a drop down box with windows and OneLogin authentication options.

 

User will be taken to OneLogin login page.

On successful authentication, the page will be redirected to SharePoint site. If the user has already logged in to OneLogin and has a cookie, that user will not need to enter his/her credentials again.  

SharePoint 2013: Feature Versioning

Feature Versioning Overview 

Feature versioning allows Features and their associated instances to be easily tracked. Features has a version number that can be specified in the respective feature.xml file. When a Feature is activated, a Feature instance is created and associated with that version of the Feature. When a new version of a feature is deployed, the associated Feature instance also needs an upgrade as the instance version number is lower than the new version number specified in the current feature.xml file.

Update a new column/Modify an existing column

1. Update the Feature version, if a Feature does not have a Version attribute, the version is 0.0.0.0. To update the feature set it to 1.0.0.0

2. Open the feature manifest and add the Upgrade Actions

In the UpgradeActions place a VersionRange to tell the versions you are upgrading from and to. Give it the properties BeginVersion=”1.0.0.0″ and EndVersion=”2.0.0.0″. Between the VersionRange you can specify what will happen when we are upgrading from version 1 to 2.

3. Upgrade the solution in the farm

Update-SPSolution
-Identity FeatureVersioning.wsp
-LiteralPath C:\devprojects\ bin\Debug\ FeatureVersioning.wsp
–GACDeployment

4. After solution update, you need to call a feature.Upgrade(false) method to upgrade the  feature. 
The above method will update all the sites with feature version 1 to 2. That means you can have multiple version of the same feature installed, and selectively upgrade only the features you want. Multiple versions can live side-by-side. 

• Microsoft SharePoint Foundation provides new members that make it possible for you to upgrade custom Features through versioning and declarative upgrade actions. As a result, you can perform the following kinds of modular upgrades to Features in SharePoint Foundation:

• Define upgrade definitions for new Feature versions.
• Provision a list instance as part of a Feature upgrade.
• Create separate upgrade action sets, based on the Feature version, that remove different sets of files.
• Apply settings to site collections where a particular Feature is activated.

• See Also

http://www.sharepointnutsandbolts.com/2010/06/feature-upgrade-part-1-fundamentals.html  
http://www.deepcode.co.uk/2012/09/using-sharepoint-2010-feature-upgrades_28.html  
http://blog.furuknap.net/sharepoint-2010-feature-versions-and-upgrade-support 

What can we do with SharePoint Designer 2013?

Following is the high level list of features and functionality that we can do using SharePoint Designer 2013

1.      Edit Site

a.      Create list/libraries/Sites

b.      Create site pages

c.      Create Web Part Pages

d.      Create/edit Master pages

e.      Create custom new form

f.       Copy/move/delete items

g.      Create content types/columns/external content types/site assets

h.      Site Groups

2.      Create Workflows

a.Workflow Actions
         Dictionary actions
         Coordination actions
         Task Actions
         Eventing Actions
b. List Workflow

b.      Reusable Workflow

c.      Site Workflow

d.      Package workflows

e.      Loops in Workflow

• 
  

3.      Create external Data sources

a.      Connect to external database server and insert data into database

b.      Create SOAP Service connection

c.      Create Linked data source

d.      Rest Service connection

e.      XML file connection

4.      Integrate the Visio designer into SharePoint

5.      Call REST Web Services

SharePoint installation types/modes

Overview

Currently, the installation types include single server with built-in database installations, single-server farm installations, and multiple-server farm installations. This document describes the advantage and disadvantage with each installations in SharePoint.

Reference: https://technet.microsoft.com/en-us/library/ee805947(v=office.14).aspx

Installation mode

Multiple-server farm installations

            A farm configuration consists 2 or more server. While the farm configuration is not complex, it provides a fundamental infrastructure to implement a SharePoint solution on similar or more complex farms.

            In terms of performance, capacity, and scalability, a three-tier topology is recommended over a two-tier topology. A three-tier topology provides the most efficient physical and logical layout to support scaling out or scaling up, and provides better distribution of services across the member servers of the farm.

Single-server farm installations

            A single server farm generally consists of one server that runs both SharePoint and Microsoft SQL Server. You can deploy SharePoint in a single server farm environment if there are only few sites required for a limited number of users.  This configuration would be useful if you want to configure a farm to meet your requirements first, and then add servers to the farm at a later stage whenever required.

Single server with built-in database (Standalone)

            A single server installation consists of one server that runs both SQL Server and SharePoint. You can install and configure SharePoint on a single server if you are creating only few application for a limited number of users or if you want to create a trial or development environment. This deployment uses SQL Server Express.

Restrictions

·         You cannot use this method on a domain controller or in a workgroup environment.

• This method is not supported for production on a domain controller.
• If your computer is in a workgroup, you cannot install AppFabric for Windows Server.

·         This installation, using Microsoft SQL Server 2008 R2 SP1 Express Edition, the maximum database size is 10 GB

·         Cannot add another server in future

·         No Domain Service, because it is configured only in one server and it runs under local accounts like Network Service account. Also you cannot create User Profile Service for this reason.

Summary

            If you choose ‘stand-alone’ installation type, you cannot change it back to ‘Farm’ and you would then be permanently unable to add additional machines (such as a separate Web Front End, SQL etc.). You may need to do a SharePoint re-installation to convert that to Farm environment. Also database size is limited and cannot be extended for standalone installation with build in database. So the recommended installation for Web Framework would be to select between “Multiple server farm installations” or “Single server farm installation” measured against expected user activity.