Thursday, September 11, 2014

Speaking at SUGDC Tonight

I am excited to be speaking at SUGDC (SharePoint Users Group of DC) tonight. I am presenting on "How to Leverage SharePoint 2013 to Organize, Label, Navigate, and Search Your Information". This is material adapted from an AIIM course I developed that is available in the AIIM Resource Center for professional members.

Monday, September 8, 2014

Managing SharePoint User Access

What is the best way to manage individual users' access to SharePoint sites? Through AD security groups inside corresponding SharePoint groups. I prefer to keep the names consistent between SharePoint and AD security groups.
Example Permission Groups for SharePoint
AD Security GroupSharePoint GroupSharePoint Permission Level
WebApp1_Site1_InfoManagersWebApp1_Site1_InfoManagersManage Information

After creating SharePoint groups and placing AD groups, you can add and remove individual AD user accounts from the AD groups without triggering new crawls. However, to me the main benefit here is about Information Governance: If you have a documented process of requesting, adding, removing, and documenting membership in AD security groups, and if you remove the ability of site "information managers" to add individuals and groups to their SharePoint sites, you can effectively manage information access and security in a way that is auditable and defensible.

Note: The permission level "Manage Information" is not an out of the box permission level. I typically create this permission level and remove the ability to manage permissions and lists. I plan to write more about this in future posts. I also blow away the "Site Owners" group, leaving those permissions to trained site collection administrators. I have seen too many site owners "accidentally" delete entire subsites and lists when they should never have had those rights to begin with. This is better for everyone.

Note: It is usually a good idea to keep Active Directory Security Group object names to no more than 64 characters in length. You need a naming convention that is unambiguous when identifying web applications and site collections as well as permission roles. And document this!

See this post for details about how adding people and groups to SharePoint sites will affect search crawls:
Clarifying Guidance on SharePoint Security Groups versus Active Directory Domain Services Groups

Friday, July 18, 2014

Clean Up Mac OS X Mavericks "Open With" Menu

After upgrading my OS X a few times on my MacBook Pro and because I had Parallels and Windows installed, I had a lot of extra options when right-clicking and going to "Open With >" Some of these don't exist anymore (the Windows apps in particular) and some were duplicates of different versions of apps like TextWrangler. I wanted to clean this up. So I found the way to do it on another blog post. I am summarizing it here for my own convenience:

First, open a Terminal window.

Then, paste the following command, changing "[user]" to your user name on the Mac:
/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister -kill -r -domain local -domain system -domain [user]

If it executes with no errors, then relaunch the Finder. You should have a much cleaner "Open With >" menu.

Sunday, July 13, 2014

Digital Accountability and Transparency Act (DATA Act)

On May 9, 2014, President Barack Obama signed the Digital Accountability and Transparency Act (DATA Act), Public Law No. 113-101, which had been passed unanimously by both the House of Representatives and the Senate.

—Data Transparency Coalition (

The above statement is great news for everyone in the United States who cares about efficiency and transparency in the federal government. How many pieces of legislation can you think of that were passed unanimously by both the House and the Senate, especially when they were controlled by different parties? And for the first time, the U.S. Government must have a data standard that every agency follows, making dramatic improvements in data calls by Congress and interchanges of data between agencies. There is a lot of work to be done for this enormous data strategy, architecture, and governance endeavor, but I believe it will have a fairly quick ROI and continue to improve our government's data management for many years to come.

I learned about the DATA Act when I was researching data standards earlier this year. This should have been headline news when it passed the House and Senate and when it was signed into law by the President (I was so excited, I even watched when the Senate passed it on C-SPAN!). Yet, very few people I meet have even heard of the DATA Act so far. Well, since you are reading this, count yourself among the very informed. Watch this brief video to get an overview of what the DATA Act and the Data Transparency Coalition are all about.