There is a great deal of confusion around some terms related to the different levels of SharePoint hierarchy. Some of this is buzword overload and some has been brought about by inconsistent usage from Microsoft (and to be fair actually most of us in this industry).
- When you load a page each element (including the page itself) makes a request to SharePoint and receives some data – which can be html, images, files etc.
Network Load Balancer (NLB)
- A device to distribute requests from your users browsers to the Web Front Ends
Web Front Ends – (WFE)
- A collection of servers that take requests from users (via the NLB), process them and return the data.
- This is the primary method for scaling – as the number of users grow you add more WFE’s.
- The database servers store all volatile data (i.e. data that changes) in SharePoint.
- You have exactly 1 configuration database and 1 to many content databases.
- Each content database can only be on 1 server (more technically if you consider failover servers) but you can have different content databases on different servers – another method of scaling with increased load.
Authorisation and Authentication
- Authentication is the process of deciding WHO a user is.
- Authorization is the process of deciding WHAT they can do.
- IIS (the web server) handles Authentication alongside things like Active Directory and SharePoint handles authorization.
- Authentication methods include things like Anonymous, Basic, Forms, Integrated (NTML/Kerberos and Claims).
- A collection of servers (web, database, index) that together make up a SharePoint Installation – aka Topology.
- You can do all this (web/datababase/index etc) on a single server in “Simple Installation” mode in which case you don’t need a NLB. For many small businesses this is plenty enough.
- Medium sized businesses usually start with at least 2 Web Front Ends (WFE’s) and a database server.
- Multinationals can have some very complex setups involving dozens of components.
Levels of the SharePoint Hierarchy
When you hear someone talking about ‘Scope’ this is what they mean.
- The entire installation as a whole. So if something has “Farm” level scope it applies to everything.
- An IIS Website that has been configured to run SharePoint.
- Can only be created in the Central Admin UI (or via the STSADM tools etc)
- A Farm has one running the central administration site and 1 to many others running normal SharePoint sites.
- This is generally how the main part of the URL is defined – e.g. http://somesite.yourcompany.com and http://othersite.yourcompany.com will be separate Web Applications.
- This authentication method is set at the Web Application level – though you can have the same content (i.e. SharePoint site) delivered by two different web applications with two different authentication methods.
- Port and network card bindings, host headers and a host of other networky stuff is set at the Web Application level – so if you want external users, for example, to have access to a site that would apply at the Web Application level (you can apply more granular restrictions using authorization security though).
- The Application Pool (the account that SharePoint runs under and the resources that it can consume) are also set at the Web Application level.
- Each web application has at least 1 Site Collection (but can have many).
- Each Site collection has exactly 1 ‘Top Level Site’.
- The Site Collection doesn’t actually contain anything itself - that is down to the Top Level Site.
- This is the level that things like the Recycle bin and Quotas are organised at.
- Each site collection can only use a single content database (though multiple site collections can us the same content database) – this has major design implications as there are maximum recommended sizes for a content database.
Top Level Site
- A Top Level Site is a site… at the top level… see – this terminology is not that confusing after all
- Most of the time we can use Top Level Site and Site Collection interchangeably - in fact Microsoft do this all the time.
- Each Top Level Site has zero to many sub-sites (simply called sites)
- This is the lowest level that many things can be scoped to, for example only the Top Level site contains a web part Gallery so you can’t say Collection X, Site A can have a web part but Collection X, Site B can’t.
- When you look at Site Settings in a top level site you will see the highlighted sections – in a sub site you will not. Both are called Sites in the UI.
- (aka Web’s) – these are the actual sites that you use.
- A site can be a top-level site or a sub site of the top level site.
- A site can also have other sites – these are called sub-sites.
- Sub sites can also have other sub sites and so on.
- A site can inherit its parent’s permissions or define its own – more on this complex subject in a future article.