Friday, April 19, 2013
Thursday, September 27, 2012
Wednesday, March 14, 2012
This intermediate to advanced level class is meant to take current users of InfoPath to the next level of form design and integration. Through hands-on labs and expert-led instruction, you can learn how to create codeless forms solutions that minimize administrative costs and maximize the value of InfoPath in your organization.
Tuesday, February 28, 2012
To see the full agenda and register for the event, go to http://www.sharepointconference.com.au
Sunday, February 12, 2012
For more details, check out the Sydney SharePoint User Group site
Sunday, October 09, 2011
InfoPath has this concept of trust levels. A form template can be running in one of three levels of trust – Restricted, Domain or Full Trust. By default, InfoPath uses the Restricted trust level. This prevents you accessing any resources outside of the form template. If you add any managed code or data connections, InfoPath will raise the trust level to Domain. Sometimes your template needs to include code that requires the Full Trust level. If that’s the case, then you need to jump through extra hoops to enable this level.
There are two approaches that you can use to enable Full Trust – deploying the form to desktops using an installation package or digitally signing a form. To me, the first approach is cumbersome, as it requires you to redeploy the form any time there are changes. That’s fine if your forms are very stable, but most of the forms we work on go through multiple updates. Perhaps there are easy ways to redeploy forms using products like SCCM, but I haven’t any experience with them.
The second approach – digitally signing - allows you to deploy the form to a SharePoint forms library or network share. For me, this makes life easier if you need to update the template.
So what is involved in digitally signing an InfoPath template? In this post, I’ll walk you through my recent experiences. Digital signatures is just one of the many areas I’m no expert in, so please forgive any incorrect assumptions I have made. I was inspired to write this post due to the lack of information I found when researching this topic myself.
To state the obvious, before you can digitally sign a form template, you are going to need a digital certificate. This certificate needs to be issued by a “Certificate Authority” (commonly called a CA) that is trusted. My understanding is that our operating systems maintain a list of Trusted Root Certification Authorities. In Vista and Windows 7, this list of root certificates is updated any time your computer encounters a certificate signed by a Certificate Authority that it doesn’t already know about. You can read more about this on TechNet.
If you want to have a look at the list of Root Certificates on your computer, open Internet Explorer 9, then go to Internet Options – Content – Certificates – Trusted Root Certification Authorities. Have a look at the Untrusted Publishers while you are there. It just goes to show that you can’t trust everyone.
I believe that it is possible for an organisation to set up their own certificate server and register themselves as a Trusted Root Certification Authority on computers within their own network, but that is not something I have played with. Instead, we decided to purchase a certificate from Thawte, one of the main commercial Certificate Authorities.
My first challenge was trying to figure out exactly what I needed to buy. I couldn’t find any reference to InfoPath code signing on any of the Certificate Authority web sites. They all seem to offer a bunch of certificate types and it was unclear to me which one I needed. For example, Thawte offer a Microsoft Authenticode certificate and a Microsoft Office VBA certificate. Well, InfoPath is an Office product, but I’m not signing VBA code. I decided to go with the Authenticode option.
When I first started looking into digital signing, I wasn’t sure what exactly I needed to purchase a certificate for. Did I need a certificate for each InfoPath form template, for each computer that needed to sign forms or for each person? It turns out I was purchasing a certificate for my company. We could then sign any number of InfoPath forms with this certificate. We could deploy the code-signing certificate to as many computers as we wanted and it could be used by as many staff members as we wanted. It makes sense though to keep a tight control over who has access to the certificate, otherwise you run the risk of your certificate being used to sign code that you really don’t want to be associated with.
In my next post, I’ll walk you through the steps for purchasing a cert, installing it on a computer and then signing your InfoPath form template.
Tuesday, August 23, 2011
Every so often I need to delve into the murky waters of SharePoint licensing. I always find this challenging. Mainly because there is a lot of contradictory information out there. I can understand why – there are many different scenarios, its complicated, people interpret the rules in lots of different ways, the rules have changed over time.
Where possible, I try to reference information directly from Microsoft, as this obviously has a lot more credibility than some blog post that you read (present blogger excepted). Imagine my surprise when I recently had to research information for a SharePoint 2007 engagement I’m working on – Microsoft seems to have removed all of the SharePoint 2007 licensing information from their site. Well, they aren’t selling it any more, so I guess that makes sense. But what if you need to answer a licensing question from an existing SharePoint 2007 client?
Of course the correct answer here is to refer your client to a mythical licensing expert, then wash your hands of the whole incident. After all, you are responsible for zeros and ones, not licensing compliance.
But what if you did actually want to understand what is allowed and even provide “evidence” to back up any readings you have taken of the licensing tea-leaves?
Here are two links that I have recently come across that I think are worth sharing. These are correct at the time of writing.
http://www.microsoftvolumelicensing.com/userights/DocumentSearch.aspx – Search for licensing documents. I’d recommend selecting PUR (Product Use Rights) in the first column and then your preferred language, region and sector. The real magic for me is the “Show Archived” checkbox. This allows you to access older documents that contain details on products that are no longer sold (e.g. SharePoint 2007). I’ve found I get more archived results if I set Region to “WW (World Wide)”. Note that the archived results are displayed in a separate box below the current results.
http://download.microsoft.com/download/6/8/9/68964284-864d-4a6d-aed9-f2c1f8f23e14/Assessing_SharePoint_Server_Licensing.docx – “A Guide to Assessing SharePoint Server Licensing” – December 2010. Here is the summary, straight from the document:
“This document gives Microsoft® Volume Licensing customers an overview of licensing for Microsoft SharePoint® Server 2010, SharePoint Server 2007, and SharePoint Server 2003, as well as guidance on how to assess the licenses needed. Please refer to the Product Use Rights (PUR) document for detailed guidance”