Here’s a good explanation of why we should care, as quoted from the more recent MSFT post: “Starting with Windows Vista , Internet Explorer has a new security zone protection feature, called protected mode, and that is set up by default for Internet, Intranet and Restricted Security zones.
The effect of the protected mode is that the sites in these zones will not have access to the folders available to other application (i.e. data available in other zones). This means the cookies available for one session for a site in a Protected mode zone will not be accessible to a site that resides in a separate zone (and the other way around), which will trigger behind the scene repeated authentication attempts.”
Net result: persistent login prompts, hair pulling, annoyances. The fix? Either manually or through group policy, apply the following settings to your Windows workstations:
I’m not one to make a blatant product plug but I really like the SharePoint Code Analysis Framework tool and they’ve upped the ante on how effective it is for running QA on SharePoint code, including tests for SharePoint Apps.
What is the SPCAF tool? A desktop program that evaluates SharePoint code, solutions, features, Apps etc. and checks all XML, HTML, ASPX, CSS, JavaScript and also assembly code against the quality policies, calculates metrics, generates dependency graphs and builds an inventory report.
WARNING: This tool can reveal flaws big and small in your SharePoint Solutions. Prepare for some soul-crushing issues to be discovered in your code that your previously considered beautiful. Hearts may be broken but remember the phoenix always rises out of the ashes. SharePoint is hard, Dev is hard, SharePoint + Dev = well.. a grey hair or two should be expected. Tools like SPCAF help keep us in line with best practices.
You may find that some of the problems reported by SPCAF do not meet your operational engineering minimum standards for rectifying – in particular HTML, CSS, & JS validation is such a patchwork of standards & recommendations, automated validation reports need to be taken with a grain of salt.
Overall, I’ve found SPCAF to be a worthwhile exercise to run on any major chunk of new or updated SharePoint code.
New Features in v5
Analyzers
New analyzer for JavaScript code applies ca. 150 rules to .JS files in WSPs and Apps
New analyzer for SharePoint Apps with lots of rules, metrics, dependencies and inventory checks
Client application
Completely new client application to improve usability and functionality
New client application “Result Viewer” (separate download) to view analysis results without license
New settings editor application
Migration Assessment
New analyzers and reports to analyze WSPs and give recommendations for a transition to the App model
Free limited version available
Reporting
New format of HTML reports with filters, charts, sorting, grouping and many more
Extensibility with custom reports and report section
New reporting engine based on Razor to ease the creation of custom reports
New report type PDF
Can’t wait to try SPCAF? Get your trial now or update the SharePoint Code Analysis Framework already installed on your machine.
New Client Application
The new SPCAF client makes your code analysis even easier.
Just drop your WSP or App Packages in the center of the application and start the analysis or access your recent analysis results directly from the start screen.
Full trust customizations are the main risk and cost driver for migrations to a newer SharePoint version or to Office 365. Without knowing what has been customized you cannot manage the transformation or elimination of custom code.
The new SharePoint Code Migration Assessment provides deep insight into your customizations and allows better effort estimations and risk mitigation.
With the JavaScript and Apps becoming the only future-proof way of customizing SharePoint both on-premises and in the cloud many seasoned SharePoint developers are now facing a paradigm shift which requires them to adjust their skills.
With the new App and JavaScript analyzers, which contain already in this first release over 170 rules, developers can assure their code quality with SPCAF like they are used to for full-trust code.
Identifying performance bottlenecks can be cumbersome. From the individual machine, the local LAN, the WAN, Web Front Ends and SQL Server, this session will show you the strategies for identifying weak links and provide hard evidence to affect change. We’ll combine IIS, ULS, Performance Monitor, and Network Mapping to develop a complete health picture and empower admins to quickly answer the question “Why is SharePoint slow?”. From these strategies, objective measurements can be developed to show impact of code, infrastructure, or configuration changes.
SharePoint offers many choices to optimize database storage and performance using Remote BLOB Storage (RBS). However, the introduction of “Shredded Storage” adds an extra dimension of performance tuning and complexity. We’ve run through hundreds of test loads using a broad range of parameters to configure RBS and Shredded Storage in a wide variety of usage patterns and file sizes. There are HUGE performance gains to be realized by using non-default settings! So join us for a review of content database best practices and BLOB optimization in SQL with SharePoint.
SharePoint Online Performance – Designing your Pages to be Fast
Are your SharePoint Online pages slow? Do you understand what knobs you have to tune the performance of your own pages? Do you know how diagnose perf on your pages? Do you ever wonder what kind of load SharePoint online can handle? Come for an in-depth presentation on SharePoint page perf. We’ll take a look behind the curtain to understand what happens when pages get rendered, what factors contribute to bad perf and how we tune servers in SharePoint Online to handle everything that you can throw at us.
SharePoint 2013 introduces a new and highly flexible search topology. This gives more flexibility on how to scale a system, and allows search to tackle demanding requirements for query and indexing performance. In this session we will take you through the deployment of a multi-node search installation, provide best practices for common operational procedures, and give you tips and tricks on how to keep your search system healthy.
More than 90% of the content accessed via SharePoint is stored in SQL Server and without the correct configuration of SQL Server it can have a detrimental impact on the performance of SharePoint. Regardless of whether you have a dedicated Database Admin (DBA), or the SharePoint administrator is also the DBA, there are critical SQL Server configurations that can be made to help optimize SharePoint. Often DBA’s are familiar with how to manage SQL Server, but may not be familiar with some nuances that SQL Server has when integrated with SharePoint. In this session we will demonstrate how some default SQL Server settings negatively impact SharePoint and what changes can be made to improve the performance of SharePoint. These changes include database file settings and SQL Server instance settings. We’ll also examine how to properly install SQL Server and SharePoint so they work together as efficiently as possible. This discussion will introduce the Best Practices framework that will allow your SharePoint administrator and/or your DBA to configure SharePoint and SQL Server to provide optimal performance for your SharePoint implementation.
Today the ever-helpful President of PerfectDisk, Bob Nolan, wrote me to share a very interesting tidbit that he found on VMware’s VSphere documentation:
“You may want to look at this too. Cormac Hogan is a VMware storage architect and this is a blog he did on how Storage I/O Control (SIOC) balances fairness and performance http://blogs.vmware.com/vsphere/2013/04/virtual-machine-io-fairness-versus-performance.html . The gist of the blog is that VMware Kernel settings reduce the number of outstanding I/O requests any VM can have when multiple VMs are sharing a LUN. SIOC basically throttles performance to improve latency. Further, if you do sequential I/O, VMware will grant you more I/O requests.
This reinforces the original conclusion: This data combined with my decade-plus experience of seeing direct noticeable performance improvements on IIS boxes after full defragmentation and implementation of regular defrags, located on physical or virtual disks, leads to me to stand by my guns: I will continue to recommend disk defragging. Would love to see if someone can change my mind..
Here are the assets from my presentation last night to the Victoria SharePoint User Group, vSharePoint (view on Meetup.com). Thanks to Gerry Brimacombe from Sector Learning for hosting and Heidi Bergstrom for her detailed insight into how Government in BC uses SharePoint.
Here’s a selection of the key presentations at the recent 
