Document your deviations

Documentation-Dude

When we were designing the new SharePoint intranet, some things needed (?) to be customized. And you know I am a big fan of custom functionality. (NOT)

  • Formal Publishing sites needed to resemble our internet site (I have always wondered why people think that is a good idea)
  • Collaboration Team sites home pages showed the security classification of the content, the audience and the site owner. (Useful! If applied correctly…)
  • We added another permissions level to avoid site owners creating subsites.
  • The document content types had 20 fields of hidden metadata in them, as per our term store. This was to improve the search experience – after all, in a 40.000 employee company with many locations, a few metadata would be most helpful to find the document from the correct business, function or location.

Dude, where’s my documentation?

So, when the intranet was ready to launch, and support was handed over to the regular support team, the Support team manager asked the developers for all the documentation.
It was not there and they had not planned for it. Against the advice of Veronique Palmer, he accepted this as a fact and support was handed over to the support team. After all, one of the developers was in-house so we could always turn to him.

Or so we thought, as he left the organization shortly after launch of the intranet…

Support

Support mostly went OK as the majority of issues had to do with permissions.
But when the content types started to show issues we had no clue where to go for help, so we ended up installing the regular content types. Nobody wanted to complete 20 metadata fields for each document!
And when the organization changed structure, the metadata changed as well and nobody knew where to make the changes in the content types.

What to document?

So, while I agree with everyone that too much documentation is a waste of time and effort, it DOES make sense to document:

  • Any custom functionality. What is the customization supposed to do? What are the specific settings? Is this set by tenant, site collection, or site? Where are the settings to install and implement it? What can go wrong? What NOT to do (for the admins and the users)? Where to go when support people or architects need to look, change or troubleshoot? Etc.
  • Anything that is on the roadmap to be improved after the MVP-state. What does it do now? Into which direction will improvements most likely go? Where and how to make those changes? What to look out for? What will break and will need to be fixed when you make those improvements?
  • Anything that can be expected to need adjustments with organizational change. And trust me, organizational change will happen! The company’s name, the company’s logo, the businesses, there may even be splits, mergers or acquisitions on the horizon. So, make clear where your intranet logo and images live, what effect changing terms in the term store will do to your customizations, and where you need to make the necessary changes to make sure the organizational changes are reflected correctly.

This post was created after reading Gregory Zelfond’s recent post about implementing SharePoint in large organizations, which made me chuckle with recognition ūüôā
Then Veronique Palmer commented with things you should document, so I thought I would give a real-life example.

Any other experiences or suggestions for documentation?

Developer image courtesy of lemonade at FreeDigitalPhotos.net

Advertisements

7 SharePoint permissions bloopers

Permissions bloopers 4

The other day I came across an interesting tweet:

Yes, been there, done that! And this made me think of all those other times that I, or my users, have made a mistake with permissions, either by forgetting to think and doing this on routine, or by ignorance.
Here they are, for your learning and enjoyment.  Laughing is allowed; sharing your own bloopers is encouraged!

2. Deleting a group

Did you know that deleted Groups do not go via the Recycle Bin, so they are gone for good?
So, when you want to do this, first check to which content the group has access. If that is only to your site, you can safely delete it; if is has permissions to other sites, please talk to the owner(s) of the other site(s) first!

How to check: Click on the group name on your permissions page, click Settings > View Group Permissions and you will see a pop-up like this:

accessforgroups
In this case the group only has access to one site, so it can safely be deleted if needed.

3. Removing a group from a site and forgetting its name

Good luck finding that in your site collection’s list of groups! (which likely contains at least 3 x as many groups as there are sites, and most likely many more)

A good naming convention, as well as keeping some documentation or screenshots of your permissions setup may help limit the damage. Another good idea is noting the MembershipGroupID’s of the group’s URL. These can be found in the group’s URL, e.g.

…/Share/_layouts/15/people.aspx?MembershipGroupId=165

The 3 default groups of a site are created with subsequent numbers, so if you remove one of those you can probably find them by changing the MembershipGroupID at the end of the group URL. In the screenshot above, Owners, Members and Visitors group have numbers 164, 165 and 166, respectively.

4. Clicking on “manage parent” to edit permissions

You need to change permissions of a site that has inherited permissions.¬†Without thinking you click on “Manage parent” and start making changes, not fully realizing that you are¬†now changing¬†the permissions for both sites. You should have clicked on “Stop¬†Inheriting Permissions” first!
The damage can vary.
I¬†have once changed the top site of a site collection that way. The good news was that I finally got rid of a lot of outdated “Limited Access” users, but it was only later that I realized I had also removed everyone’s permissions from various site collection¬†galleries.

5. Removing yourself from a group, site or library

This is generally annoying but benign, as long as you have quick access to a site collection administrator who can add you back.  I get about one call a week from someone who has locked themselves out.

6. Not clicking ‚ÄúShow Options‚ÄĚ when you¬† share something with ‚ÄúEveryone”

Sharesitewitheveryone
Do click that “show options” link on the bottom of the Share screen!

This¬†sends an email to all the company (and gives them contribute permissions if it is a site). Well, at least people know you and your site exist, but I do not know if “Everyone” will appreciate your marketing tactics! ūüôā

And (in my opinion) the most disastrous of them all:

7. Inheriting the permissions from the parent site

You click “Delete unique permissions’ without realizing you are not at the document library, but at the site level. The permissions of your site will now be the same as the parent site.
You may not be the site owner of that site. Even worse, you may not even have access! An even if someone is kind enough to create unique permissions again and give you back your access, all unique permissions are gone.

An example: this site has unique permissions.

UniquePermissions
If you see “This Web Site” you are at site level!

This site has some content with different permissions

UniqueExceptions

When I click “Delete unique permissions” in the site I get a warning in a mix of English and Dutch – which is the first time I have seen this:

UniquePermissionsWarning

And if you click OK the permissions are inherited from the parent and there are no unique permissions anymore. The original groups also have no access anymore.

Uniqueafterinherit
No content with unique permissions after inheriting permissions from the parent site.

While this may be a good reset of your site if you have completely lost the overview of the permissions, it can be a nightmare if you have a well-managed site with confidential content that needs well-managed unique permissions.

General recommendations

  • Make sure you have an overview of the permissions of your site. It can be a¬†simple mention in the description of the list or library (“this list is only accessible for the MT”), or a separate document with a detailed description.
  • Stop and think before you hit a button – if in doubt contact your help person.

Have you made any other permissions management mistakes? Do share!

Update March 2018:
Via Twitter I received some more gems from Stefan S:

8. Renaming a SP group that is used in the Target Audiences setting of a webpart; it will disappear. You should re-enter the group.

9. Forgetting that Members groups have the permission level Edit instead of what used to be Contribute.

 

SharePoint Online Site owner training

Learning-Collect‚ÄúThere‚Äôs plenty of SharePoint Online help, blogs and videos around‚ÄĚ I boasted some months ago, when I set off to execute the training plan for the SharePoint Online intranet that we have launched recently.
I expected to “curate” most of the learning materials, and¬†to create only a few.

Our criteria

We set off with a number of company and project criteria:

  • The company‚Äôs learning strategy is the 70/20/10 model. This means people learn new skills and knowledge in different ways: 10 % in formal training, 20% in peer-to-peer learning and 70% in their daily work.
  • Learning is based on the 5 moments-of-need model, so we have to make sure the right materials are available at the right moment.
  • We have made some customizations, such as a limited permission set for Site owners (less than Full Control), and a custom display on Promoted Links. We knew beforehand we would have to create materials for those topics.
  • I would focus on learning materials for Site owners.

Learning-principles
Our learning principles

Formal learning

The 10% formal training now consists of an e-learning program providing a high-level overview of purpose, concepts and functionalities of the new intranet, including the Critical Skills. (The ‚Äúhow-to-click‚ÄĚ details are in the “on-the-job learning materials” which are referred to in the e-learning). It takes¬†between 1 and 1 1/2 hour.

elearning-testI created several modules in PowerPoint, and recorded voice-overs. This means we can replace any module (e.g. Permissions, or Custom Site Templates) easily without having to redo it all. Some inconsistencies are still being fine tuned as I write, new functionality developed, and Microsoft may change some things as well ūüôā
I then created a number of test questions with multiple-choice answers, and added a Site Owner agreement (rights & responsibilities) which all trainees have to sign off (using a SharePoint survey).

Our e-learning specialist¬†turned this all into an e-learning programme. It looked very easy but he has obviously done this before ūüôā (He also does freelance work if you are looking for someone!)

This e-learning is mandatory for all existing and new Site owners.
And before you ask how we are going to enforce that: content migration from the old into the new platform is still going on, and a Site owner can not start working in their SharePoint Online site until they have completed the training.

Peer-to-peer learning

The 20% was easy to set up: a Yammer group to ask peers or the intranet support team about all kinds of intranet- and SharePoint Online-related questions.
With the platform being launched recently and the migration of content in full swing, it will be no surprise that this channel is currently very active.

elearningyammerIn the e-learning and in all communications we invite people to share their questions in this Yammer group, and we make it a point to have all questions answered quickly.

For issues, such as things not working as they should, or errors, we have a more formal support channel.

On-the-job learning

The 70% would be the ‚Äúcurated content‚ÄĚ I envisaged. I set off enthusiastically in the Microsoft support pages, as well as in many other blogs by people who write for Site owners, such as Let‚Äôs Collaborate, SharePointMaven, Sharegate and icansharepoint. Oh, and my own blog of course. My posts are often inspired by “my users” and my daily work.

Well, that was a bit of a disappointment.

Learning-format

As it turns out, the majority of the available information is not 100% applicable to us.

  • Our customized Site owner role made it hard to use anything that has to do with permissions. But also materials that tell you how to customize your site are not appropriate because the new role also has limited design options. So I could not use Gregory Zelfond’s Power User Training, for instance – it starts with creating a site and changing the look.
  • Our custom Promoted Links display needs some extra steps for certain page templates.
  • Many of the materials were not 100% current – with document libraries being managed with Tabs instead of the Modern look-and-feel, for instance.¬†I wanted things to be 100% applicable when we launched – the correct look-and-feel and correct functionalities. The difference between the old and the new platform is too large otherwise.
  • Most of the materials have NOT been written in a ‚Äúlife cycle‚ÄĚ format
    1. What it is and when to use it
    2. Create and configure ‚Äúapp‚ÄĚ
    3. Add to and configure web part on page
    4. Add item to app
    5. Edit or delete item in app
    6. Modify something in app and/or web part (views)
    7. Delete web part
    8. Delete app
    9. Tips & tricks & troubleshooting
    10. Good practice

So, I have done a lot of writing, and my colleague has made tons of videos to accompany that.¬†I have used¬†Microsoft materials and some of the blogs I mentioned – often as ‚Äúadditional information‚ÄĚ or ‚Äúgood practice‚ÄĚ.

Final setup

Learning-tabel
This is the final setup

Next steps

I will continue to adjust my own materials and scout for other good stuff. I hope that over time, people will learn to deal with the ever-changing look-and-feel and not be confused by a video of a document library that has “last years style”.¬†Then we will be able to use more materials created by others.

We are also working on a plan to make sure the Yammer¬†channel keeps being active when¬†everyone will be in the¬†“business as usual” mode again.

I will also have to adjust the e-learning on a regular basis.

It has been quite an interesting project to create all this, but it is strange to be doing that while there are so many materials already available on the internet. It feels as if I am reinventing wheels, which I hate!

Have you created learning materials yourself or have you borrowed with pride?

Multiple choice image courtesy of Becris at FreeDigitalPhotos.net

 

Site Permissions Breaking Bad, episode 2

The Invisible Library.

Broken eggSome time ago, a Team Site Owner asked me if I could help her move some content from one site to another. Since she had Full Control in both sites, she had the right to ask and I helped her transfer some large libraries and lists.

I then asked her what to do with the rest of the content. There was another library with a large number of documents in there, and the usual array of semi-empty Calendars, Task Lists etc.

She said she did not need anything else and that the site could be removed after some time. So we agreed that I would add a message to the site’s homepage, informing people of the new location for the content, and the date¬†when the site would be removed.

At the agreed date I removed the site.

Several months later…

…another person from that department asked me about a certain library that he could not find anymore.¬†He sent me the link and I saw it was the large library in the¬†site I had deleted…

It was too late for a restore so the content was lost. Of course we all felt devastated, and I made a short analysis of what had gone wrong. As with most major accidents, it was a combination of several mistakes.

What had happened?

  • One content owner had removed all other people with Full Control from the library, and made it accessible for himself and a few other people only. So, the other people with Full Control did not see the library anymore, including the person I had worked with.
  • They used only the direct link to the library to check the documents. They never went via the homepage, so they never saw the message that the site was about to be deleted.
  • There was no message in the description of the library, so I had no reason to assume that there¬†were any different permissions in that library.

What have we learned?

  1. Never remove the  Owners/Full Control group from a library. The Owners should be able to manage their site properly. If they do not see all their content, they may make incorrect assumptions.
  2. Add information about different permissions to the description field of the list or library .
  3. Ask the SharePoint administrator for a screenshot of the “View site content” page before you decide to delete a site.¬†The administrator sees¬†all content, and you can compare that with what you see.

This was the situation:

Library where Site Owners have been removed.

As always, your comments, suggestions and shared experiences are welcome!

Image courtesy of artur84 / FreeDigitalPhotos.net

Site Permissions Breaking Bad, episode 1

BreakingPermissionsThe Survey.

In my earlier post, I showed default site permissions and what happens when you break permissions in one library.

This time I will show another common scenario with non-standard permissions, that may give issues if you do not set it up properly.

Scenario: Your list or library has a larger audience than the rest of the site.
This is quite common when you conduct a survey or have a request list in your site. You give your target audience contribute access to the survey or request form. They will generally not need to do anything else in your site.

In the picture below, the yellow circle is an additional members group with access to the one list, only.

A common setup for a survey, or a request form. The audience has access to the one list only.
A common setup for a survey, or a request form. The audience has access to the one list only.

This is an adequate setup if you are conducting a one-time survey, or have a request form where you invite people to participate via a link distributed by email. But in the following cases your users will still experience issues:

  • If¬†you use a “Thank you page”¬†after submitting feedback. The “Thank You”¬† page¬†lives in another part of the¬†site. Users¬†will get an access denied as soon as they hit “Save”. Their feedback will be saved, but it is an unpleasant experience which will lead to many questions.
  • If you send them the link to the site, and ask them to navigate to the survey or request form, or click the survey/request form link or button. They will get an access denied when they try to enter the site.
  • If there are drop-down fields in the request form that use lookup lists. If they do not have access to the lookup lists, they will get a blank drop-down box.

Suggestion for a different setup.

  1. Determine if the rest of the site content is very confidential. If yes, store your survey in a less confidential environment. If not, proceed with 2.
  2. Add everyone in your audience to the a new group with Read access
  3. Create the survey, request form, library or other “app” ūüôā¬† (I think it is really funny that lists are called Apps now)
  4. Now break permissions in the list or library
  5. Edit permissions for the¬†new group from “Read” to “Contribute” in that list
  6. Break permissions in any confidential lists/libraries from your visitors and remove the new group. (Optional)

Your site’s permissions will now look like this. Much better and less issues!

Your audience now has read access throughout the site (with perhaps an exception or two) and contribute permissions for the list. This is less error-prone.
Your audience now has read access throughout the site (with perhaps an exception or two) and contribute permissions for the list. This is less error-prone.

Giving people access to one library or list only, is like asking the painter to come in through the window, not through the front door. It is better to let him in through the front door, and close or lock some rooms, than the other way around.

Next time, another example of how breaking permissions can go really bad!

Title inspired by award-winning series Breaking Bad.

Image courtesy of David Castillo Dominici at FreeDigitalPhotos.net

The Curse of Customization

The briefing for our new intranet was: “It should work like the current¬†intranet as much as possible”.

CurseofCustomizationWe had just spent a lot of energy in educating our users, and usage of our custom-built intranet was going up rapidly. We had appointed some Intranet Champions that were keen to create intranet sites for their departments or processes. We did not want to annoy or even lose them by changing the functionality that we had created with such care.

Development
A¬†bunch of excellent consultants had built our old intranet. They were a Microsoft Gold Partner, so when¬†management decided we would “buy” rather than “make”,¬†they were the perfect partner to create¬†our new SharePoint intranet as well.
We had a great time! Together we brainstormed about how we would wanted the functionality to work and we reviewed all functionalities, opportunities and potential issues for users and for ourselves. Our partners happily tweaked everything the way we wanted it. I guess we provided them with an excellent learning opportunity, because it was early days for SharePoint and everyone needed to make some miles to truly understand it all.

Pre-launch
6 months before launch, we set up a test environment for our Champions and other heavy users. We gave them a short training and asked them to do a few things and provide us with feedback. They appreciated being involved and came up with some good remarks.
3 months before launch we made an improved test environment available for all users. We created e-learning modules for end users, because we had customized so much that regular SharePoint trainings did not fit. We trained our Intranet Champions in site management and other new functionality.

Launch
Launch day came and went without major issues. Everything worked, there were no connection or other technical issues and apart from some questions, all went smoothly. After some weeks we found that in some small remote offices they were still using the old intranet (they asked why the news was not updated), but we could quickly solve that.

Post-launch
After some time, we noticed that our Intranet Champions became a little less engaged. Partly this was due to normal turnover, but we also learned that our most active Champions had¬†lost track of how things worked. And when¬†our Top Champion asked for help because he did not know exactly how to rearrange the content for his new department, we started up our “Business Solutions Team” to help people set up their sites and help them streamline their processes.
But¬†this taught us that all our efforts to mimic the “custom-built” functionality had been in vain…

Maintenance and support
In the beginning, Microsoft was very interested in what we had done. (as it turned out, the next SharePoint version had many features that we had built in our earlier version :-)). However, since we had deviated so far from the platform, they could not always provide proper support. Every time an issue arose, we first had to discuss how we had implemented it, and only then they could investigate and solve.  After some time they stopped this because we were out of the initial service window.

Also, within our own team of consultants turnover and loss of knowledge became an issue. As people moved on it was harder and harder to find someone who had sufficient understanding of our tweaks, and was able to keep the system stable without making changes. And of course most consultants want to work with the latest SharePoint version, not with the current or an older one.

But also our outsourcing partner did not properly understand what we had done, and they had their bit of turnover as well.  Issues were not being solved anymore because everyone was afraid to touch the system.

Service packs
Every service pack deployment was an adventure! We would never know which tweak would be negatively impacted, so we had an extensive test script of which we all had to do a part. Fingers crossed that nothing would break!

Upgrade/content migration
When we thought we would finally migrate to a newer version of SharePoint, we did some migration tests together with Microsoft.¬†We migrated one site with documents to the new platform, using Microsoft’s migration tooling. Although the receptor site and the logs showed all indications about receiving the documents, until this day we have never been able to make them visible.
That meant we would have to completely rebuild any new intranet from scratch and find another way to migrate the content.

What have we learned?
The briefing for our new intranet was: “It should be out-of-the-box as much as possible”…

Image courtesy of Kheat at FreeDigitalPhotos.net

Lingerie and Labeling on the intranet.

LaceOnce upon a time (it must have been around 2002) we¬†reserved some space on our intranet home page for new products. Being in an international consumer goods company, we thought it would be¬†good if local marketeers could share their new products or promotions with the rest of the world. At that time, the company was very decentralized, and¬†many wheels¬†were being reinvented. We hoped the little “box” (the words “widget” or “web part” still had to be invented¬†¬†ūüôā ) ¬†would make it easier to share ideas.

We called the box “New Products”.

Once¬†someone had¬†requested and received contribute rights, they could upload pictures and enter text. These¬†were visible to all employees, and all new products were being shown in¬†rotation. (the¬†concept of “carousel” had not yet been invented ūüôā )

It was quite popular because people were proud of their innovations. Employees in other countries would sometimes ask if and how they could buy the product, or if they could use the promotion mechanism for their own purpose. So we considered this functionality a moderate success.

That does not mean all went smoothly.

Lingerie
The company¬†also had a textiles¬†division, and a brand specializing in pantyhose and ladies’ lingerie. The products were great ‚Äď beautiful designs,¬†innovative materials and latest technologies.¬†The brand marketeers were¬†very proud of their products and¬†showed every new product in the New Products ‚Äúbox‚ÄĚ. They displayed their products¬†on beautiful¬†models who wore¬†not much else…
Not everyone appreciated that amount of exposed skin, and we (as the owners of the functionality) received many complaints.
We therefore asked the brands to dress the models in a long-sleeved blouse, unbuttoned, to cover some of the skin. The brands agreed, but did not understand that some people were uncomfortable with their pictures, just as the other party did not understand why you would want to post that kind of pictures on the homepage of the intranet.

Pads vs Pods
Another interesting discussion was the one following the display of our latest varieties of coffee and tea pads on the New Products box. ¬†The European marketing teams were proud of their very successful new products, but other countries objected to the use of the word ‚ÄúPads‚ÄĚ on the product pack, because that was associated with feminine hygiene products. In those countries, the common word was ‚ÄúPods‚Äô.
Of course the European brands did not change the name of their succesful range, but it was an interesting reminder of the different meanings of a brand name in different cultures.
Some time later,¬†a computer company launched a tablet computer that used the ‚Äúwrong‚ÄĚ word and nobody complained about that. ūüôā

A strategic decision
But then company management had a¬†session about the future direction of the company. As¬†a result, we were asked to change the name from “New Products” into¬†“Growth Drivers”.
While we understood the concept, we were not happy with this, because we were afraid that many employees would not understand the purpose of this box anymore. After all, we were a multinational manufacturing company, and a large part of our employee base, including local marketing, was not exactly fluent in English.

We tried to discourage management but alas,¬†“Growth Drivers” it had to be.

NPGD

From that moment, the use of the¬†web part ¬†(by then we had moved to SharePoint) declined.¬†Even while the only change was the¬†name,¬†employees did not recognize it anymore, especially our non-US population.¬†They asked where the New Products functionality¬†had gone and were annoyed when they discovered that a perfectly good name had been changed into something¬†“fuzzy” that needed “translation”.

What have we learned?
Keep your intranet labels simple and intuitive, especially when you are in a multinational company where not everyone may be fluent in English.

You may also like:

Mind your language. A guest post on Wedge’s Kilobox Communiqu√©.
How NOT to implement a Discussion Forum.
What does your content smell like?

Lace Image courtesy of andyk at Morguefile.com
The Banana-Caramel pie is my own creation. Recipe available on request!