SharePoint Working Group Minutes
June 2, 2008

*Attending*

Mike Grady, University of Illinois at Urbana-Champaign (chair)
Rick Downs, University of Virginia
Pat Ostendarp , Johns Hopkins University
Mary Dunker, Virginia Tech
Rick Downs, University of Virginia
Alan Walsh, Indiana University
Matt Kolb, Michigan State University
Debbie Bucci, National Institutes of Health
Paul Caskey, University of Texas System
Nick Roy, University of Iowa
Greg Nims, University of Iowa
Galen Rafferty, Committee on Institutional Cooperation (CIC)
Tim Newcomb, Committee on Institutional Cooperation (CIC)
Steve Olshansky, Internet2

Email list: InC-SharePoint@incommonfederation.org
Wiki: https://spaces.at.internet2.edu/display/InCCollaborate/InC-SharePoint

*Action Items*
Debbie Bucciwill gather information about how NIH is licensing SharePoint in relation to its PIO-net application.

Mike Gradywill report back on how the CIC is licensing its SharePoint.server.

*SharePoint at NIH*

NIH continues to work at rolling out PIO-net, a federated SharePoint application. This will be the first of 12-15 grant-related applications the NIH plans to federate. There has been significant discussion on the InC-Participants list concerning the definition of an "organization" as it relates to Shibboleth and the passing of attributes.

As this and other use-cases progress, the NIH and IdPs will need to discuss the attributes that need to be delivered. These discussions should lead to the development of best practices and guidelines. NIH is developing a wiki for such discussions, but it is not yet federated.

*9Star ActiveShare Software*

Mike Grady reported on the just-released beta version of the 9Star Research ActiveShare software, which now supports ePPN and entitlements. It is possible to include a list of ePPNs in the config file and map the IDs into SharePoint groups. When an administrator de-provisions a user, however, information must be removed in both the ActiveShare config file and in the underlying SharePoint group. If the ID is not removed from the SharePoint group, that person will continue to have access. This may require the need to develop tools to manage such a process.

Mike also suggested one or more members of this group research GUI tools to SharePoint permissions and deal with issues like that mentioned above. Otherwise, scaling could become an issue. Perhaps, for example, Grouper might be a useful tool for managing these groups, or some other workflow process to provision groups. This presents another case that would benefit from a group considering best practices and issues with scaling.

Alan Walsh discussed some code provided by Yale (the link has been sent to the InC-SharePoint list) that takes a pluggable approach to enable authentication with SharePoint. While this is not written specifically for Shibboleth, it may provide a starting point, in terms of a code base, to use with the SharePoint forms authentication methodology. Since this is open source, it could be modified and distributed as needed.

There was a general discussion about the need for Microsoft to provide some of this functionality as part of SharePoint. The CIC has had some preliminary discussions with someone associated with the SharePoint product group who has shown some interest in discussing these issues. Tim Newcomb will keep the working group posted as this progresses.

*SharePoint Server Licensing*

There was a discussion about the various types of SharePoint licensing contracts. Institutions that run a MOSS SharePoint Server system, for example, need to have a CAL (Client Access License) for each device. Theoretically, one user with multiple computers would need a CAL for each one. Microsoft also offers an Internet license, which provides unlimited access to SharePoint from outside of the institution. (AI) Debbie Bucci will gather information about how NIH is licensing SharePoint in relation to its PIO-net application. (AI) Mike Grady will report back on how the CIC is licensing its SharePoint.server.
*Next Call*

The next call is scheduled for June 16, at 2 p.m. EDT.