Blog

Auto-Provisioning with SharePoint - a new model

By Anthony Baratta on April 29, 2016

A new way of communicating with SharePoint

With the security requirements needed to run SharePoint in a multi-tenant environment, Microsoft cannot support Farm Solutionswith SharePoint Online. Additionally, Microsoft is encouraging all companies running SharePoint on premise to move to the Client Object Model (CSOM). For on premise users moving to the CSOM architecture provides continued support, application stability, and an easier transition path to SharePoint Online at a future time. For SharePoint Online, the CSOM architecture is the only path for adding additional functionality and branding options to your tenant space.

The CSOM communication options are:

  • .NET Framework redistributable assemblies

    Almost every class in the core site and list server object model has a corresponding class in the .NET Framework client object model. In addition, the .NET Framework client object model exposes a full set of APIs for extending other features, including some SharePoint Server features such as ECM, taxonomy, user profiles, advanced search, analytics, BCS, and others.

  • JavaScript Library

    SharePoint 2013 provides a JavaScript object model for use in either inline script or separate .js files. It includes all the same functionality as the .NET Framework and Silverlight client object models.

  • REST/OData Endpoints

    SharePoint provides an implementation of a Representational State Transfer (REST) web service that uses the OData protocol to perform CRUD operations on SharePoint list data. In addition, almost every API in the client object models has a corresponding REST endpoint.

  • Windows Phone assemblies

  • Silverlight redistributable assemblies

    The Silverlight client object model in SharePoint 2013 is nearly identical to the .NET Framework client object model, and it includes support for the same extensibility areas. The principal difference is that in the Silverlight version, all batches of commands are sent to the server asynchronously so that the UI of the application remains active.

What does this mean for my coding processes?

What you have to change from the original way of communicating with SharePoint is that everything you do will be hosted outside of SharePoint, whether the code is executed by the browser via JavaScript or by a hosted application communicating server to server with SharePoint. This abstraction of the execution layer to an outside party means you don’t have to provide elevated trusts to your code because it’s no longer executing inside the SharePoint memory space (High Trust) or a sandbox controlled by SharePoint (Low Trust). Your code now executes as a user and its login permissions are as controllable as a normal user.

This is a plus, because you now have more control over the access to your provisioning application. Users who request auto-provisioning do not need SharePoint access to make the request, nor do you need to open the provisioning forms to anonymous and therefore can use your current AD security model to control access. The creation of the auto-provisioning form(s) is now free from the limitations of InfoPath and your approval workflow does not have to be a custom SharePoint workflow / approval process if it needs to be more complicated than a simple review and approval step. And you are not required to store the submitted record in a SharePoint list and are free to create a truly relational table structure for your provisioning model.

Lastly, you get to leverage a coding environment that you are already familiar with and don’t need to spend time trying to understand the complexity of executing code within the SharePoint environment.

But how does this translate to auto-provisioning?

The new CSOM coding style means you setup a hosted application on a server you control or maybe an Azure virtual service. And then setup a scheduled service to pick-up any new requests and process them. All of the communications with SharePoint are performed remotely and via the communications model that makes the most sense for your service updates.

Anything you can do via the SharePoint web interface can be translated into remote service calls, so just script out the steps needed you can use that as the basis for your communications with SharePoint.  The key to your provisioning app is collecting the necessary data to build out a new site collections or sub-sites. But you are not limited to site creation processes, you can also update features in existing sites, and even provide updated documents, templates, or assets to your existing user base.

More importantly, we think that the CSOM architecture is the perfect communication process for complex site collection builds, especially those SharePoint sites that don’t want to look like out of the box SharePoint.  Branding SharePoint has never been easy and required multi-step processes to change / enable features, upload files and assets, as well as, activate and style web parts for useful Corporate, Departmental and Teamsite landing pages. With a well thought out auto-provisioning process you can script all the steps needed via code and ensure that no step is missed due to interruption or distraction. Additionally, changes to the process don’t require re-installation and activation on SharePoint as a solution and are less likely to encounter issues after SharePoint upgrades.

Ok, I’m sold on the new process. Now what?

Start small and build out. Take a manual provisioning process, like new Teamsites and script out all the steps you do to build it. After you have the remote build running via code, sprinkle in your approval workflow and then layer in a custom form to collect all the data you need to execute your build code.

Or connect with us at 1.510 652-7700 or complete this form and we’ll contact you as soon as possible.

Anthony Baratta
Anthony Baratta – Chief Technology Officer
Anthony helps the company realize it's mission - Real results. Every time. Fluent in technology, Anthony breaks down complex problems into scalable solutions and manageable automated tasks.