SharePoint 2016

As Microsoft SharePoint Roadmap suggests that future innovations will be cloud inspired, Companies who have invested in their On Premise versions are considering to go hybrid as the first step towards embracing Cloud. Using Hybrid Approach, Enterprises can continue to use their existing portal while gradually migrating it to Cloud.

Following capabilities can be achieved in hybrid implementation.
1. Hybrid Search
2. Hybrid Sites

a. Hybrid Profiles
b. One Drive for Business
c. Hybrid Extranet Sites

3. Hybrid BCS
4. Duet Enterprise Online
There are three ways to achieve hybrid implementations.

1. One-Way outbound Topology (SharePoint on-premises version can query SharePoint Online)
2. One-Way Inbound Topology (SharePoint Online can be connected to SharePoint On-Premises)
3. Two-Way bidirectional Topology (SharePoint On-premises and SharePoint Online can access each other functionalities)

In this blog, I will focus on Hybrid Search using One-Way Outbound topology.

Hybrid Search

Hybrid Search can be achieved using three steps.

  1. Directory Synchronization
  2. Server to Server Trust & Identity Management
  3. Search Service Integration

Directory Sync

Three Identity Models are available. We will focus on Synchronized identity for simplicity.

  1. Cloud Identity
  2. Synchronized Identity
  3. Federated Identity

In Synchronized Identity, Identities are managed in on-premises Active Directory and are synchronized to Azure AD through Azure AD Connect. Synchronization also sync password hashes.

Here is given the steps to achieve directory synchronization.

  1. Enable Directory Synchronization in you tenant (Office 365)
  2. Add On-Premise domain (user suffix) to Office 365 Tenant. (Domain Name should be publicly accessible for reverse sync)
  3. Update DNS Records (MX / TXT records) in your Domain Hosting Panel.
  4. Download and Run the User Sync from Tenant
  5. In Office 365, Import users / groups and validate.
  6. Activate Users and Assign Licenses.

Server to Server Trust & Identity Management

Trust between SP On-Premises and Office 365 tenant (Server to Server) can be established by following below steps.

1. Replace STS Certificate (All on-premises servers)

Set-SPSecurityTokenServiceConfig –ImportSigningCertificate

 2. Establish Remote Windows Power Shell Connection

enable-psremoting
new-pssession
Import-Module MSOnline –force –verbose
Import-Module MSOnlineExtended –force –verbose

3. Add Service Principal for on-premises domain

Connect-MsolService
New-MsolServicePrincipalCredential –AppPrincipalId -Type asymmetric –Usage Verify –value
$SPOnlinePrincipal = Get-MsolServicePrincipal – AppPrincpalId $SPOnlineNameSpace = $SPOnlinePrincipal.ServicePrincipalNames
$SPOnlineNameSpace.Add(“PrincipalID/PrincipalCommonName”)
Set-MsolServicePrincipal –AppPrincipalId -ServicePrincipalNames $SPOnlineNameSpace

4. Establish On-Premise Farm Trust with ACS

$SPContextID = (Get-MsolCompanyInformation).ObjectID
Register-SPAppPrincipal –site -nameIdentifier <SPPrincipalID@SPContextID> -displayName “SharePoint Online”

5. Set Authentication Realm

Set-SPAuthenticationRealm –realm

6. Configure Proxy in On-premises farm

New-SPAzureAccessControlServiceApplicationProxy –Name “ACS” –MetaDataServiceEndPointUri “https://accounts.accesscontrol.windows.net/metadata/json/1/” –DefaultProxyGroup
New-SPTrustedSecurityTokenIssuer –MetadataEndpoint “https://accounts.accesscontrol.windows.net/metadata/json/1/” –IsTrustedBroker –Name “ACS”

Search Service Integration

Search Integration process is based on 3 parts.

1. Configure Result Source
Search Result Source can be configured in SharePoint on-premises by Adding Result Source in Site Collection Administration. Protocol should be chosen as Remote SharePoint. Credential should be chosen as Default Authentication. In case of Inbound, Select SSO ID.

2. Create Query Rule
You can filter when to trigger remote Query Processor by creating a Query Rule. Specific words can be added as triggers.
You can also specify where the result set should appear. By Default, all remote results come on top for easier identification. It can also be set to come in between complete result set.

3. Validate Query Rule
It’s an optional step to verify whether Query Rule has been configured properly and is returning correct result.

Following improvements / enhancements have been done in SharePoint 2016.

Hybrid Improvements

SharePoint 2016 allows you to integrate with Office 365 and gives a overall hybrid experience. Following capabilities are extended during hybrid implementations.

One Drive for Business

SharePoint 2016 App Launcher (One Drive) can be connected with Office 365 One Drive giving an integrated view of hybrid solution. This feature has been added in last release also i.e. SharePoint 2013 – SP1.

Single Sites View

Whether you are following the sites in Office 365 or SharePoint 2016, a single site view would show list of all followed sites in single view. SharePoint Hybrid Team Sites must be configured to utilize this feature.

Unified Search

SharePoint 2016 and Office 365 can now be integrated and can provide a unified search experience. User can also take the advantage of Delve and Office Graph to find contextual results.

Search Sensitive Information in Hybrid Search

Hybrid search can also search for sensitive information like credit card and other confidential information using DLP (Data Loss Prevention) policies.

You can implement DLP policies by creating an eDiscovery Center (site collection) and creating an eDiscovery case with in it (subsite). DLP Query can now be run on eDiscovery case to find all sensitive and personal data stored in a particular site.

Unified UI

SharePoint 2016 offers identical UI as of Office 365 so that users can navigate without any hassle of learning different UI experience. This also motivates users to get more familiar with Office 365 experience in general.

Performance, Scaling and Deployment

Search Scaling Capabilities

SharePoint 2016 search now supports up to double (500 million) items per Search Server Application than its predecessor SharePoint 2013 (250 million).

Site Collection Enhancement

SharePoint 2016 features a fast site collection creation. It can create site collection faster by saving the round trip between SharePoint and SQL Servers by using new templates at same location as SQL Server.

Each site collection can also now store 5 time more information than its predecessor (SharePoint 2013).

Deterministic View Threshold – Removing 5000 Limit

In earlier version, there has been a limit of 5000 items per view in List. You can increase the threshold limit however it will start to deteriorate the performance. Fix was to index the columns. For end users, this could be some time challenging. Hence Microsoft has added ‘Automatic Index Management’ to automate the process of creating indices so you can know take the advantage of large lists view without worrying of performance degradation.

Durable Links and Large Files Support

Durable Links enable all files stored in SharePoint to have a unique id. It requires Office Online Server (previously Office Web Apps 2013) to be configured. If user moves or renames the file, it attaches the unique document id as query parameter resulting in returning the actual file from new location / new name. For more Details, Durable Links

SharePoint 2016 supports uploading and downloading of large files (like Auto CAD files). Users can specify file size per web application. Though there is no restriction in file size limit, Microsoft recommends it to be at 10GB. This features specially helps file

In SharePoint 2016, file name length and special characters restriction have been removed.

Deployment Improvements

SharePoint 2016 offer following flexibility during installation.

MinRole

In min role installation, you can specify specific role for server. Each server role has been optimized for its specific needs. Following roles are available with installation.

  1. Front End
  2. Application
  3. Distributed Cache
  4. Search
  5. Custom

Standalone installation has been replaced with Single Server Farm. Prior installation of SQL Server would be required as it’s not included in SQL Server Farm unlike Standalone installation.

Zero Downtime Patching

Using Zero Downtime patching in SharePoint 2016, SharePoint Administrator can now apply patches and cumulative updates without going offline. It works by distributing payload (patches, cumulative updates) in smaller chunks and installing specific chunks. All chunks must be in sequence to be installed. This greatly reduces the complexity of full patch being applied at once thus offering easier deployment with zero downtime. For more details, Zero Downtime Patching.

Upgrade Paths

SharePoint 2013 web applications can be upgraded to SharePoint 2016 by attaching SP 2013 database.

Upgrade paths from SharePoint 2010 to SharePoint 2016 are not available. Web applications must be in SharePoint 2013 mode.