December 6, 2010

SharePoint 2010 and the Site Directory

I’m working with a client right now that has a large SharePoint 2010 deployment (8 web apps, couple hundred site collections (not counting My Sites), a couple thousand sites and about 80,000 users (potential)).  They were in need of a tool to keep site collections and sites categorized – a reasonable request.  I started down the path, like so often before, by setting up the site directory template.

The first thing that I noticed was that it was missing when I went to create a site collection off of the home web app to hold the site directory.  A quick Google Bing search revealed that the site directory template was hidden by default, however, it is still supported and available for  SP2010.  To do that, the following step was performed:

Open C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions14TEMPLATE1033XMLwebtempsps.xml.  Locate the line that begins with “<Configuration ID=”0″ Title=”Site Directory” Type=”0″ Hidden=”TRUE””.  Change Hidden=”TRUE” to Hidden=”FALSE” and save the file.  Note that this is FULLY SUPPORTED by MSFT and is not a hack.

Set up the site directory like normal and then configure the site directory in Central Admin under General Application settings.  So far so good; all is well.

A few days later, as we were approaching the production deployment of the farm, we noticed some odd behavior, some might call it very BAD behavior.  You see, as per MSFT’s newest best practices, claims are the future, and so this farm is using claims mode on all web apps, including the WA that stores the site directory.  However, Central Admin is not set up in claims mode, it uses classic mode.  As a result, now that the site directory settings are configured, any page that requires a web service call into the site directory cats (say, like create site collection) WILL FAIL because the central admin site doesn’t have the right cred store to hit a claims based web app.

Four days of MSFT support later, we have found ourselves a genuine bug.  The expected result is that create site collections would work (the workaround was to create site collections in powershell for a few days, not too bad but annoying).  The guidance from MSFT was to either A) not use the Site Directory because it is being deprecated anyways (not an ideal answer) or, put the web app hosting the site directory into standard authentication mode (another not so great answer).  We recommended they submit it as a bug and they have graciously accepted that.  There will be a MSFT KB article coming out soon that I’ll update with and I’ll also keep you posted to see if MSFT accepts it into QFE or Hotfix land (unlikely).

By the way, when asked what MSFT was replacing the deprecating Site Directory…they informed us that they were not replacing it with anything.  That’s a bit of a bummer!  Many thanks to my client and the awesome Jason Himmelstein for all the hard work in supporting this effort!