For Windows and Office users, Microsoft “Tahoe” is a rich
server for knowledge workers to easily find, share and publish information.
Microsoft “Tahoe” delivers dramatic new value by bringing together and making
mainstream a single solution for corporate portals, document management,
content searching and team collaboration.
For architects and developers who need to easily and
quickly create high-value collaborative end-user solutions, Microsoft “Tahoe”
is a powerful web portal, document management and enterprise content indexing
and search and collaboration.
As this whitepaper is being written, Microsoft “Tahoe” is
in its Beta 2 release and it will be the first chance that most customers will
have a chance to see and learn about Tahoe’s extensive capabilities. The most
frequent question will be “How will I be able to effectively leverage Microsoft
“Tahoe” in my organization?”
Initially, customers can expect to see a significant
amount “organic growth” of Tahoe servers as people begin to understand Tahoe
and learn to apply it in a variety of ways. This is an important step in the
adoption of any new technology or solution – essentially “learning to walk before
you run”. Ultimately, this growth will evolve, incrementally, into a full
enterprise infrastructure. The goals of this whitepaper are to help you
leverage Microsoft “Tahoe”’s extensive capabilities and plan for successful
Tahoe deployments in your enterprise environment.
As an organization creates more and more information,
managing that information effectively becomes a priority. To assist with that
goal, Microsoft “Tahoe” offers document management and publishing features, content
indexing and search services, and a ready-to-use portal. These features work
together to help you organize, share, and find information throughout your
organization.
Tahoe helps you manage draft and final document versions,
add searchable properties to documents, and select automated e-mail routing for
document approval. It also offers flexible control over who has access to the
information.
Data stores, such as file shares, can be very large and
often store many different types of files, making it hard for users to find the
information that they need. Documents can be lost or accidentally overwritten.
It can also be difficult to coordinate efforts when more than one person is
contributing to a document. Tahoe offers a number of features to help
streamline your group processes and avoid these common problems.
You can use version control to track changes made to a
document and to eliminate the possibility of people overwriting each other’s
documents. When you want to edit a document, you check it out, which prevents
others from changing it until you check in the document. Each time you check in
a document, Tahoe records a new version of the document. When you check out a
document, you see the most recent version. Tahoe stores each version, however,
so older versions of the document can be reviewed, if necessary.
Document profiles offer a way to add searchable
information about a document. This information can help describe or identify
the document more clearly. By default, a profile includes basic properties such
as Author and Keywords. You can easily add custom properties like Account
Number or Project Manager to capture additional information that would make it
easier to organize and find documents in your organization.
Published documents are available for users to search or
view on the portal. Tahoe supports both private and public views, or versions,
of documents. For each folder, you can establish a policy for publishing
documents. A document can be published automatically each time it is saved to
the Tahoe server or you can choose to edit document drafts and publish the
document when it is complete. You can generate as many drafts as necessary
before publishing a version of the document.
Approval routing is an easy way to ensure that a document
is adequately reviewed before being published. When an author chooses to
publish a document, publication can be delayed while the document is routed to
one or more people for review. Each of these people, called approvers, has the
option of approving or rejecting the document.
Figure 1. Tahoe Publishing
Processes
Approvers receive e-mail notification when a document
requires review. Two publishing or approval processes are supported: serial and
parallel approval routing. These two processes are depicted in Figure 1. Tahoe
Publishing Processes.
Comments about a document can be tracked and saved using
the Web Discussions. Rather than using e-mail to discuss a document, authors
can now communicate with each other through Web discussions and approvers can
add comments during approval routing. Web discussions enable you to add remarks
to documents without actually modifying the document itself. You can access Web
discussions from Office 2000 and Microsoft Internet Explorer 5.
Roles control how and to what extent a user can access
content. Each role identifies a specific set of permissions. Coordinators
handle management tasks, authors add and update files, and readers have
read-only access to published documents. Roles are assigned for each folder and
a user can have different roles in different folders. On individual documents,
Tahoe offers the option of denying access to users.
Whether you are searching for something specific or just
want to browse through a group of related documents, Tahoe makes finding
information easier. You can search for information regardless of its location
or format. In addition, subscriptions notify you about new or updated
information on topics that match your interests.
Information is usually stored in multiple locations, in a
variety of formats. Even if a server infrastructure allows searches across
multiple data stores, often only limited text searches are available. It can
also be difficult to determine quickly if the information you require is
included in the search results list. Tahoe offers several features that make
searches faster and more successful.
The Tahoe portal provides a full-text search option to
search content and any associated properties for the keywords you enter. Tahoe
looks for all documents that match your search terms and returns a list of
results. For a more focused search, you can use the advanced search option to
add properties to your search criteria. In addition to searching documents
stored in Tahoe, you can search information stored outside the Tahoe server by
adding content sources.
Tahoe improves your search efficiency by enabling you to
search across multiple information sources at the same time. Organizations keep
information in a variety of data stores such as Web sites, file systems,
Microsoft Exchange Servers, and Lotus Notes databases. By adding content
sources, you identify the locations of the content you want to make available
for searching and link that content to your portal. Data from each content
source is indexed for users to search and view on the portal. The portal
becomes the consolidated source for the information that the user needs,
regardless of its location or format.
You can organize information in the portal by using
categories to group similar documents together. This provides the ability to
browse through information using a category hierarchy that fits the needs of
your organization. For users who are unfamiliar with where documents are
stored, categories help them easily find what they need. A document may appear
in several different categories in the portal. Categories can contain documents
stored in Tahoe as well as information from other content sources.
Although categories are an excellent way to organize your
information, if you have a large number of documents, categorizing them might
seem a time-consuming task. Tahoe provides an automated categorization tool
called the Category Assistant to help you. After you have manually categorized
a small sample of representative documents, the Category Assistant uses those
documents as a training guide. The Category Assistant compares the training
examples to the uncategorized documents to select the best category matches.
Using this tool, you can categorize large numbers of documents quickly and
maintain a useful category structure for your portal.
Best Bets enhance search efficiency by directing you to
the most appropriate information for your search terms. A Best Bet is a
document that a Tahoe coordinator selected as the best match for a specific
category or keyword. Best Bets are displayed at the top of a search results
list and are identified with a special icon.
When you find information that is useful to you, you can
subscribe to that content. You can subscribe to a specific document, all
documents in a folder, an entire category, or a set of search results.
Subscription notifications can be sent when a document is modified or discussed
or if a new document matches your subscription criteria. You can view your
subscription notifications on the portal Subscriptions page. You can also
choose to receive notifications by e-mail.
Tahoe integrates with familiar tools and applications,
such as Microsoft Windows and Office, to provide access to document management
features. The Tahoe portal provides a centralized access point for finding and
managing information. The portal is a Web site that installs automatically with
Tahoe. Using a Web browser, you can access document management tasks and search
functions through the portal.
Some of the activities you can do in the portal include:
·
Search for information
·
Sort search results by rank, title, size, or last modified date
·
View document properties
·
Subscribe to new or changing information
·
Check documents in and out
·
Publish documents
·
Approve documents routed to you
Because it uses Microsoft Digital Dashboard technology,
you can easily customize the Tahoe portal to meet the needs of your
organization.
A Tahoe workspace is an organized collection of
documents, content sources, management folders, categories, document profiles,
subscriptions and discussions. An organization can have one workspace or
several workspaces depending on its needs. An individual Tahoe server can host
multiple workspaces (although 10 is the recommended maximum).
There are three types of Tahoe workspaces:
·
Document management workspaces
·
Search workspaces
·
Index workspaces
Document management workspaces differ from the other two
types in that the document management workspace is used as a repository for
actual content (Office documents, text files, fax images, images, audio and
video, etc.) in addition to optionally supporting content indexing, search and
retrieval.
Search workspaces are virtually the same as document
management workspaces. The only difference is that dedicated search workspaces
do not store any local content. Instead, search workspace indices are built
from content sources that point to external information stores or receive
indices propagated from dedicated index servers and index workspaces.
External information stores can be other Tahoe workspaces,
intranet or Internet sites, Exchange 2000 and Exchange 5.5. Server public
folder hierarchies, Lotus Notes 4.6a+ databases, local file systems and
networked file servers as well as any proprietary information store through the
development of a Microsoft Search custom protocol handler.
Figure 2. Dedicated Index Workspace Server Sample
Configuration
Index workspaces typically live on dedicated content indexing
servers, index content on external information stores and propagate their
indices back to one or more search or document management workspaces.
Users can access a workspace through the Microsoft “Tahoe”
portal as well as Tahoe’s integration with Windows Explorer and Web Folders
(via the Tahoe Client shell extensions) and Microsoft Office (via the Microsoft
“Tahoe” Add-in for Microsoft Office). This list of three “user interfaces” is
sometimes referred to as the three Tahoe client applications.
Lastly, in-house developers and solution providers can
quickly and easily build custom-developed solutions using Tahoe, the Tahoe SDK
and the underlying Microsoft Web Storage System.
During the installation of your first Microsoft “Tahoe”
server, Tahoe automatically prompts you to create your first document
management workspace and portal. Installation completes with the creation and
initialization of the workspace’s portal. As soon as the workspace has been
created, the following functions are enabled:
·
Default portal digital dashboard configuration (the default Home,
Categories, Document Library, Management, Search and Subscriptions dashboards
available on the portal web toolbar)
·
Threaded web discussions
·
Indexing and search of the workspace content (except for web
discussion content)
·
The Everyone
security group is assigned to the Reader role and the local Administrator is
added to the Coordinator role
·
Document version pruning is disabled
At this point, any of the three Tahoe client
applications can be used to create additional subfolders under the initial
Documents enhanced folder. New subfolders inherit the properties of the parent
folder. Folder coordinators can override the default Tahoe publishing process
used for each enhanced folder.
The workspace coordinator, in addition, can change the:
·
List of Web Parts that appear in the portal dashboards as well as
their layout
·
The users and groups assigned to each Tahoe role
·
Existing document profiles or create new ones
In a single server configuration, a Tahoe workspace can
also grow through the addition of content sources. Content sources extend the
reach of the local workspace’s index and search function to external content –
content stored in external information stores outside the workspace. External
information stores can be other Tahoe workspaces, intranet or Internet sites,
Exchange 2000 Server and Exchange 5.5. Server public folder hierarchies, Lotus
Notes 4.6a+ databases, local file systems and networked file servers as well as
any proprietary information store through the development of a Microsoft Search
custom protocol handler. Documents made available through a content source can
be search for and viewed in the portal.
Lastly, a single Tahoe server can grow through the
creation of additional workspaces. The local Administrator using the Microsoft
“Tahoe” Microsoft Management Console can create new workspaces. These
workspaces can be traditional document management workspaces like those
described above or they can be search or index workspaces.
To summarize, there are primary ways a single Tahoe
server can grow within your organization:
1. Customization
of the individual workspace portals
2. Enabling
or overriding the default Tahoe publishing process
3. Extension
of the workspace content index and search function to include content external
to the workspace
4. Greater
use of Tahoe’s role-based security model
5. Enable
pruning of the major versions of a document
6. Creation
and configuration of additional workspaces
Teams and departments will install additional Tahoe
servers and workspaces as required to meet their group’s web portal, document
management, content indexing and search and collaboration needs.
At some point, most organizations will want to consider
strategies for integrating, and perhaps consolidating, the Tahoe servers that
have been deployed. Most often, this happens when one or more groups want to
index and search someone else’s content – whether it lives in another Tahoe workspace,
corporate intranet site or some other document repository. This situation gives
rise to two situations:
·
It begins to make sense to have one (or possibly a couple) common
content index and search engines that index all of the content across a division
or the entire enterprise organization.
·
Security becomes a more serious concern when content that only
used to be accessed locally with no security policies in place (other than the
default) now becomes more broadly available through the enterprise or divisional
index and search engine.
Identifying these two scenarios represents the next step
towards growing a Microsoft “Tahoe” solution towards a full enterprise
deployment strategy. For more information on Microsoft “Tahoe”’s role-based
security model, checkout Appendix B: Microsoft “Tahoe” Security on page 20. The next section looks at how Tahoe servers and workspaces can be integrated.
Microsoft “Tahoe” leverages the world-class Microsoft
Search technology for crawling, indexing, searching and retrieving both local
content as well as external information stores. From a capacity perspective,
Microsoft Search is easily able to handle:
1. 10,000s
of documents stored in a single server, single document management workspace
2. 100,000s
of documents using a similar single server configuration where a majority of
the content is stored on external information stores
3. Several
million documents when dedicated Tahoe content index and search server
configurations are used to index external content stores
The first scenario is depicted in the following diagram:
Figure 3. Group Document Management Scenario
In the above group document management configuration, a
department that primarily uses Microsoft “Tahoe” for document creation, version
control, and publishing documents within the group is using Tahoe primarily for
document management. In this example, the workspace consists almost entirely of
content stored in the workspace. The amount of content stored outside the
workspace is small and might consist of content sources pointing to one or two
competitors’ Web sites. The emphasis is on document management rather than search.
For the scenario that follows in Figure 4, a group uses Tahoe to search content stored on its file servers, database servers, and an Internet web site. The portal is also used to display organization-wide communication such as announcements, holiday schedules,
and human resources information.
Figure 4. Group Document
Management with External Content Indexing and Search
The single Tahoe server stores indices for the configured
content sources and makes them available to the portal associated with the
workspace. In addition to the content sources that link to documents stored
outside the workspace, the workspace itself can contain documents. The group
primarily searches its own content. There may be limited searching on Internet
sites. Document management is required only for the documents stored in the
workspace. The only users performing document management tasks are those responsible
for the portal.
When the requirement for a divisional or corporate
enterprise-wide search engine solution is recognized, Microsoft “Tahoe” easily
handles these scenarios through its support for dedicated bank-end index
workspace servers and either dedicated or hybrid front-end search and workspace
portal servers. Two configurations that address the needs of this scenario are
depicted in Figure 5.
Figure 5. Dedicated Index
Workspace Servers Configurations
The configuration on the left supports an intranet site
for an organization that needs extended search functionality but has limited
document management needs. This deployment uses two Tahoe servers: an index
workspace server and a search server.
For example, an organization uses Tahoe to search content
stored on its file servers, Lotus Notes database servers, intranet sites, and
the Web sites of several competitors. The index workspace server creates an
index of this content and then propagates the index to the search server. The
search server provides the portal used for searching this content and stores
documents displayed on the portal, such as announcements, holiday schedules,
and organization information.
One server is a search server and the other is the index
workspace server. The search server stores workspace content and provides the
portal associated with the workspace. The workspace also contains the index
propagated from the index workspace server.
The index workspace server stores indexes associated with
content sources only. This server is dedicated to the resource-intensive task
of creating an index of content stored outside the workspace. After the index
is created, it is propagated to the search server. The index can be propagated immediately
after it is created, or you can schedule propagation to coincide with low
network traffic times.
Searches encompass both intranet and Internet content.
Document management is required only for the documents stored in the workspace.
The only users performing document management tasks are those responsible for
configuring the portal.
This configuration on the right side of Figure 5 supports an organization that requires both document management features and robust search capability. This deployment includes at least three Tahoe servers: a search server, an index workspace server, and one or more
document management servers. It is important to include a sufficient number of
document management servers to support those users that require the document
management functionality (for example, each division in a large organization
might have a document management server).
The document management server stores documents in its
workspace. The index workspace server creates an index of all of the content on
each document management server as well as other content from the intranet and
Internet. The index workspace server then propagates its index to the search
server. The search server provides the portal used for searching this content
and stores documents displayed on the portal, such as announcements, holiday
schedules, and organization information.
The server duplication process enables you to deploy
multiple copies of master Tahoe workspaces across an organization’s global
network. This allows you to distribute read-only copies of the content of a Tahoe server while content sources and index
workspace propagation enables you to optimize the distribution of content index
information across your organization.
You use the Tahoe backup and restore process to make
multiple copies of the master Tahoe server by restoring Tahoe server backup
images remotely to other servers in the same domain. You can reduce the amount
of traffic on your network taken up by the backup and restore process by
backing up to and restoring from compressed drives.
You can duplicate a Tahoe server by using the backup and
restore process as follows:
·
Back up your Tahoe server to a local or remote hard disk.
·
Restore from the backup image to the remote Tahoe server.
You can write scripts to automate server backup and
create scheduled jobs to create a backup image of the master Tahoe server for
duplication. You can also configure a scheduled duplication process to restore
the image on the target server.
A sample script MSDMBackup.vbs
is provided in the Tahoe program files folder.
The administrator manages Microsoft “Tahoe” as the system
grows to meet your organization’s needs. Depending on the size of your
organization, the administration team may consist of one or more individuals.
In smaller organizations, the server administrator may also be a Tahoe
coordinator and perform coordinator tasks, such as creating content sources on
index workspaces.
Tahoe requires little administration in comparison to
other services. The administrator uses Microsoft Management Console (MMC) to
set security on the workspace node. Coordinators configure security directly on
folders and documents in the workspace. This decentralizes security
configuration from a single administrator to one or more coordinators.
The administrator works in conjunction with workspace
contacts or other users responsible for workspace content to determine the number
and type of Tahoe servers required. A workspace is an organized collection of
documents, content sources, management folders, categories, document profiles,
subscriptions, and discussions. The workspace contact is a user who is the
single point of contact for workspace-related issues. In many cases, you will
configure the workspace contact to be a coordinator on the workspace node. It
is not mandatory for the workspace contact to have coordinator permissions.
There can be multiple coordinators, but there is only one workspace contact.
In a deployment where Tahoe primarily crawls content
sources to make content available for search, you might configure a search
server and an index workspace server. In a deployment where you use Tahoe
primarily for document management, you might configure only one Tahoe server
with up to ten workspaces.
The administrator also works in conjunction with the users
responsible for workspace content to determine how many workspaces to place on
each server, taking into consideration the number of users for each workspace
and the quantity of documents stored on the workspace. In a larger deployment,
you may configure multiple Tahoe servers with multiple workspaces on each
server. The administrator determines how to best meet customer needs and
balance the server load.
You can combine resources for administering Microsoft
Windows 2000 Server and Tahoe, or you can manage these resources separately.
Administrators use the Tahoe MMC to manage Tahoe servers.
Administrative tasks include:
·
Attaching the Tahoe server to an organization-wide security
infrastructure and linking the server to an organization-wide directory.
·
Setting up the Tahoe server. The administrator must determine the
type of server configuration needed in conjunction with the user responsible
for the workspace content.
·
Creating workspaces on the server. The administrator monitors
disk space available and the number of workspaces per server to determine when
additional servers are required for additional workspaces. Although a Tahoe
server can store multiple workspaces, the recommendation is to have no more
than ten workspaces per server.
·
Setting security on the workspace node. Coordinators configure
security on folders and documents in the workspace. This decentralizes security
configuration from a single administrator to one or more coordinators.
·
Maintaining a list of index workspace names, the index workspace
server on which they are stored, and the server and workspace to which they are
propagated.
·
Propagating an index from an index workspace to a workspace on
another Tahoe server, ensuring there is sufficient disk space on the
destination server for propagated indexes.
·
Managing Tahoe servers by using the Tahoe MMC. The snap-in is
automatically installed on the Tahoe server. If you want to manage one or more
Tahoe servers remotely, you can install the snap-in on your desktop computer.
·
Manually performing full, incremental, or adaptive updates to a
workspace index, if required.
·
Backing up and restoring the Tahoe server.
·
Configuring the Tahoe server to crawl Exchange Server 5.5 and
Lotus Notes content sources.
·
Maintaining the Tahoe server and keeping it available for users,
including monitoring usage levels of the server, disk space, and performance
counters.
·
Before you install Tahoe, you should create a plan for system
maintenance. In addition, you might want to use the Windows 2000 Backup utility
to create an image of your system before installing Tahoe.
·
Maintaining your system includes monitoring the performance of
your servers. You can use performance counters to assist you in
troubleshooting, capacity planning, and monitoring performance.
Administrators might maintain and use historical copies
of the gatherer log to collect statistics or perform trend analysis. Each time
Tahoe updates an index, it creates a gatherer log file for the workspace. This
file contains data on URLs accessed while an index is being created. You can
specify that you want to log successful accesses, items excluded by rules, and
the number of days to keep log files by using the Tahoe MMC.
Administrators can manage Tahoe servers and workspaces
from the Tahoe Microsoft Management Console (MMC). You can install the Tahoe
snap-in to MMC on your desktop computer if you want to manage one or more Tahoe
servers remotely. For example, if you are responsible for several Tahoe servers
in different locations, you can set up your desktop computer to manage the
servers. Before configuring your computer to do this, you must have the
following software installed and running on your computer:
·
Windows 2000 Professional, Windows 2000 Server, or Windows 2000
Advanced Server
·
Tahoe client
The Tahoe MMC is available by clicking Start, pointing
to Programs, pointing to Administrative Tools, and then clicking Tahoe.
Remote workspace creation is not supported. You can only
create a workspace on a Tahoe server by using MMC on that Tahoe server. If you
have added a remote Tahoe server to MMC, you cannot create a workspace for that
remote server. If you have installed MMC on a desktop computer, you cannot use
it to create a workspace.
For Windows and Office users, Microsoft “Tahoe” is a rich
server for knowledge workers to easily find, share and publish information. The
goals of this whitepaper are to help answer the questions:
·
How will I be able to effectively leverage Microsoft “Tahoe” in
my organization?
·
Can I identify and help plan for the organic growth of Tahoe
servers in my workgroup, department, division and corporate enterprise?
The whitepaper addressed these questions by first
explaining what Microsoft “Tahoe” is and the portal, document management,
content index and search and collaboration features it provides. Then, it
looks at the deployment considerations around an organization’s first Microsoft
“Tahoe” server and how a single server can grow to meet the needs of its users.
The next stage of growth occurs when the need for Tahoe
server integration, specialization and consolation strategies come into play.
Several single and multiple server configurations were described.
Finally, Tahoe’s server operations and remote management
capabilities and requirements were described. Tahoe’s role-based security
model and hardware and software requirements were described in the appendices.
Microsoft “Tahoe” promises to deliver dramatic new value
by bringing together and making mainstream a single solution for corporate
portals, document management, content searching and team collaboration. Visit
the Tahoe web site http://www.microsoft.com/windows/servers/tahoe
for more information.
Although Microsoft “Tahoe” uses the same Web Storage
System technology that underlies Exchange 2000 Server, Tahoe does not require
Active Directory services. A Tahoe server can be installed in either a Windows
NT or an Active Directory domain without loss of Tahoe functionality.
Microsoft “Tahoe” does require it be installed on a
Windows 2000 Server Pack 1 server. Initially, Tahoe will be localized for 6
languages: English, Japanese, German, Italian, Spanish and French. Hardware
requirements include a 600MHz+ Intel Pentium III with 256MB RAM and sufficient free
disk space to store 2 times the expected size of corpus (document collection)
to allow space for the full-text indices, revisions and future growth.
From a client perspective, Tahoe will run on Windows 2000,
Windows 98, and Windows NT 4 and greatly leverages Windows Web Folder
technology. The document management integration with Microsoft Office requires
Office 2000 or later. The Tahoe portal provides the best experience on the
latest versions of Internet Explorer (IE) as well as support Netscape Navigator
and earlier versions of IE.
You must be running Transmission Control Protocol/Internet
Protocol (TCP/IP) on your network.
You can install Tahoe in Microsoft Windows NT 4.0 or
Microsoft Windows 2000 domains. Tahoe honors the trust relationships between
domains.
A proxy server enhances the security of your intranet by
preventing unauthorized access by someone on the Internet. A proxy server also enhances
performance by caching recently accessed Web pages, minimizing download time.
Tahoe uses the Hypertext Transfer Protocol (HTTP) verbs,
the Distributed Authoring and Versioning (DAV) set of HTTP extensions, and a
custom Tahoe verb called INVOKE. If you use a proxy server, it must be
configured to pass these verbs.
By default, Tahoe uses the proxy server settings of the
default content access account, taken from the current proxy server settings in
Microsoft Internet Explorer. Changes to the proxy settings for the Tahoe server
do not affect other applications on the server. For example, you can configure
the Tahoe server to use a specific proxy server without affecting Internet
Explorer.
The Tahoe client components and the portal communicate
with the Tahoe server by using HTTP. As a result, the proxy setting for
Internet Explorer on the client can affect how the client and portal
communicate with the server.
If your organization uses firewalls, you should plan where
the firewalls will be placed in relation to your Tahoe servers. Index
propagation uses the standard Windows file sharing protocol. If you are using
index propagation, ensure that there is no firewall between the index workspace
server and the search server, or ensure that any firewall between the two
servers allows Windows file share access.
Security is essential for both document management tasks
and the search function. In document management, it is important to restrict
access to sensitive information. In document approval scenarios it is important
to restrict the viewing of a document to those who edit or approve it, until it
is ready for a larger audience. For search, it is important that Microsoft
“Tahoe” recognize security settings for crawled content so that users, when
viewing the results of searches, are not made aware of documents to which they
have no access.
Tahoe recognizes any security policies currently assigned
to your organization’s servers, file shares, and databases. For example, when
Tahoe crawls documents stored on your organization’s servers, the security
policy on each document is enforced when Tahoe provides search results.
Search and document management share security attributes.
Document management stores Windows NT users and groups in Tahoe roles, which
facilitates administration. Search matches Windows NT access control lists
(ACLs) at the time of a query to determine whether to include a document in
search results displayed to a particular user. For this to work on all servers
in a multiple server scenario, the security credentials must be shared across
the servers (using single domain or trust relationships, for example).
Assigning a role to a user gives that user permission to
perform specific tasks. For example, a user assigned to the Tahoe author role
has permission to add new documents to a folder, edit all documents in the
folder, delete any document from the folder, and read all documents in the
folder.
Tahoe uses a fixed set of three roles to offer a flexible
and secure method for controlling user access to workspace documents. You
cannot modify role permissions. Although roles can be set at the workspace
level, they are usually set at the folder level. In addition, you can completely
deny a user or users access to a specific document.
Tahoe includes the following roles:
Reader
A reader can search for and read documents but cannot add
them to the workspace. By default, all folder users have reader permissions. In
an enhanced folder, readers can only view folders and published versions of
documents. A reader cannot check out, edit, or delete workspace documents and
cannot view draft document versions.
By default, Tahoe assigns the Windows 2000 Everyone group
to the reader role for all folders in the workspace when it creates the
workspace.
Author
An author can add new documents to a folder, edit all
documents in the folder, delete any document from the folder, and read all
documents in the folder. In an enhanced folder, authors can also submit any
document for publishing.
An author can create, rename, and delete folders. When a
new folder is created, the roles and folder policies are inherited from the
parent folder. However, the author cannot change the roles or the approval
policy on folders he or she creates.
Coordinator
A coordinator on the workspace node manages content in the
top-level folder and performs a set of workspace administration tasks. These
tasks include managing content sources, document profiles, categories, and subscriptions,
and customizing the portal. The coordinator creates indexes of updated content
when necessary or schedules this to occur automatically.
A coordinator on a specific folder configures user roles
for the folder. The coordinator creates subfolders as well as adds, edits, and
deletes documents from them. Coordinators can also read and delete a document
that has been created but is not yet checked in. For enhanced folders, the
coordinator selects the appropriate approval process. In addition, the coordinator
can undo the check-out of a document or end the publishing process by using the
Cancel Publishing or Approve Now actions.
Tahoe automatically assigns the administrator who creates
the workspace to the coordinator role on the workspace node and on each folder.
Tahoe provides the Deny Access security option on
documents only. This setting supersedes all access permissions except those of
the local Administrators group. You can deny access to a document for a
specific user or group if you do not want that user or group to view that
document. Denying access to a document does not affect the local Administrators
group’s access to that document.
Additionally, there is a set of folders that support
workspace management functions: the Management, Help, Portal, System, Shadow,
and Categories folders and their subfolders. A user must be assigned to the
coordinator role on the workspace node in order to manage these folders. You
cannot directly set security on these folders, and these folders are generally
not exposed to the end-user.
The Windows 2000 local Administrators group has permission
to read documents and configure security on any folder or document in a
workspace. The ability to configure security provides a way to access every
folder in the event that through accident or malicious intent, the folder is
made unavailable to those who should have access to it. The local
Administrators group can restore permissions for individual folders. Denying
access to a document does not affect the local Administrators group’s access to
that document.
A User Can Have More Than One Role
A user can have different roles for different folders in
the same workspace. For example, in one folder a user may have reader
permissions only, while in another folder, the same user may have author
permissions.
You can give groups of users access to folders in the
workspace as though they were a single user by assigning the group to a role,
such as reader. If you assign an individual user to more than one role in a
folder (as a member of a group and as an individual), the most permissive
combination of rights takes precedence. However, you can also deny a user or
group access to a specific document, which would supersede all other
permissions associated with roles. Because you can deny access to a particular
document, a user can have one role on a folder but have no access to a document
within that folder.
Server Administrators
If you are an administrator on the Tahoe server, you can
assign users to roles on the workspace node by using the Tahoe console in
Microsoft Management Console (MMC). In addition, Tahoe automatically assigns
the administrator who creates the workspace to the coordinator role on the
workspace node and on each folder.
The Windows 2000 local Administrators group has permission
to read documents and configure security on any folder or document in a
workspace. Denying access to a document does not affect the local
Administrators group’s access to that document.
Where Can You Manage Roles?
As a Tahoe server administrator, you manage roles on the
workspace node by using Tahoe MMC on the Tahoe server. If you have coordinator
permissions on the Tahoe workspace node, you can assign users to roles on the
workspace node and on any individual workspace folder that inherits its
security setting from the node. In addition, a user must be assigned to the
coordinator role on the workspace node in order to manage the set of folders
that support workspace management functions.
As a coordinator, you manage roles at the folder and document
level by using the folder or document properties pages in the workspace. To do
so, you must have the Tahoe client installed on your computer with Windows
2000. Microsoft Windows 98 and Windows NT version 4.0 users cannot manage Tahoe
roles.
Microsoft “Tahoe”’s role-based security model is only
enforceable when the underlying Web Storage System is accessed through the ADO
and CDO object models or through the WebDAV Internet protocol. Access to the
Web Storage System via its installable file system (IFS) driver (which
typically exposes the hierarchical folder store as a hierarchical file mounted
as the M: drive) bypasses Tahoe’s role-based security mechanisms requiring the
server to be secured with respect to local physical access as well as network
and terminal services access.
