Over the past few months, I've been looking at a whole range of options to do with file storage on the basis that Microsoft's OneDrive simply doesn't do what we need. The whole time of course, I've been unable to shake the feeling that Microsoft should be offering something that already covers this space. After all, file sharing is one of the major "tentpoles" in most Windows networks.
As it turns out, SharePoint is the answer to this - and it works well if it's playing nicely with OneDrive.
My initial investigation of SharePoint was flawed for a number of reasons. Firstly, it appears that I was looking at an "old version". The "new" version has really only started to come out over the last few months but it's light years ahead of its predecessor.
The second reason that SharePoint was overlooked was because I really didn't have a great understanding of how (or why) it works. I was trying to compare it to IBM Domino and IBM Connections. There's a lot of similarities, particularly, with connections but they're vastly different beasts.
SharePoint Security differs from Domino SecurityThe security model of SharePoint is actually the opposite of Domino. In Domino, you start off with reasonably "open" access controls. For example, the server is open to "everyone in the company". From there, you restrict access to specific databases. Within each of these databases, you further restrict access to views, forms, controls and documents; firstly via roles and then later via reader and editor fields.
SharePoint seems to be the opposite. Systems start out with a specific set of restrictions and then suddenly, even if you're halfway down the file structure tree, you might decide to share a particular folder and all sub-folders with someone who didn't previously have access. In fact, you can take it a step further an share with someone entirely outside of the company.
In SharePoint it is much, much easier to grant access to people however I'd venture to say that the security model it uses is by no means as "safe" as Domino.
In Domino, if you wanted to suddenly revoke access for someone at a database level, you could simply remove them from the ACL. In SharePoint, it's potentially a lot more complicated. As administrators, it's important to understand these differences because the SharePoint security model is also "mostly opposite" to the way the standard file server security works in Windows.
The Explorer Interface is GoneIf you talk to the Microsoft support team, they'll tell you how to map a drive from Windows file explorer to SharePoint. It works but in order to do it properly, you need to use Microsoft Internet Explorer ... not Edge ... nope, only the older technology will do.
I asked about the plans for edge but clearly there are no plans. It's not something that Microsoft wants to support. This was quite a shock to me after the amazing level of integration offered by IBM Connections.
I guess the important "take-away" from this is that Microsoft feels that the Windows File Explorer interface needs to "die". Everything will be web from here on.
Plan AheadIn the old days, you created a file server by dumping all of your files into folders and sharing various bits out. It was a fairly forgiving process that enabled you to fiddle about with files until you got them right. SharePoint today is not quite so forgiving and moving things about will generally break links and muck up shared connections. You need to plan ahead.
Logical Ownership FirstIn the first instance, separate your files via logical ownership, which generally means "departments". For example, most companies will have files in at least the following business areas;
- Information Technology
- Human Resources
- Sales and Marketing
Unless your company is a very small one (under about 30 employees), you'd be best off creating a SharePoint site for each of these major areas. This will make overall security a whole lot easier.
Smaller Chunks SecondThe other thing to be aware of is that there seem to be some fairly serious limitations on the way that OneDrive syncs SharePoint data. In particular, there's an upper limit on both the number and the total size of the files that can be synched.
1. They are subject to change
2. I've seen OneDrive behave poorly with much lower limits.
The file limitation would not normally be a problem except that OneDrive is currently incapable of doing a "partial synch". It tries to synchronise the entire library and will dummy spit if it's too large.
For this reason, you need to add multiple document libraries to your SharePoint site.