Most of the customizations made by using SharePoint Designer affect only the site being customized. However, there are some customizations that can affect and potentially break sites and other sites in the hierarchy. It is also possible to customize pages in a way that affect the maintenance and performance of the server running SharePoint 2010. All of this can result in more work for a SharePoint administrator. There are controls built-in to SharePoint Server 2010 that did not exist in SharePoint Server 2007, but can help to reduce or eliminate the risk of issues when customizing with SharePoint Designer 2010. The controls restrict SharePoint Designer 2010 at the site collection level or at the central administration level.
There are four selections that enable SharePoint Designer 2010 restrictions and there are two Web pages where this can be controlled. Both Web page locations have the same controls but they behave differently:
1. Central Administration: Restricts what the site collection administrator may do.
2. Site Collection Administration: Affects what the site owners and designers may do.
SharePoint Designer Controls are listed with risks and mitigation. List items 2-4 are the most common reasons for sites that are negatively impacted when customizing with SharePoint Designer:
1. Enable SharePoint Designer
Risk: When SharePoint designer is enabled, users with designer, site owner, or site administrator have the ability to make changes to SharePoint sites.
Impact: Changes made to SharePoint can be made at any time without approval and/or testing. While the time frame to produce solutions is fast, the probability that issues may arise can be high. Data may not be well structured or time frames to render data may be slow due to slow connection or poorly formed designs.
Mitigation: Reduce the number of people that are able to customize pages using SharePoint Designer. Provide sufficient training before providing access to SharePoint Designer. Test customizations before implementing and use solutions whenever possible. This control is enabled by default.
2. Enable detaching pages from their site definition
Risk: When a site is opened using SharePoint Designer, you may have the ability to perform advanced customization that can detach it from the site definition.
Impact: Once this is done, pages are no longer ghosted. This means that all site content is retrieved from SharePoint content databases instead of the ghosted page that is loaded in RAM. This over rides the existing content that is stored in the site definition. When an upgrade is performed that includes new content for the site definition, it will not be included with an un-ghosted site, which may cause undetermined issues. Un-ghosted site way also increase SQL Server resources.
Mitigation: Enabling this setting also allows SharePoint Designer users to edit pages in advanced mode as opposed to normal mode. This is done by right clicking a file and selecting “Edit in advanced mode” after opening a site with SharePoint Designer 2010. This is turned off by default. It may be turn on at the site collection level so that site administrators may edit in advanced mode or from central administration so that no users can edit in advanced mode. Consider only turning this on when planned changes are necessary and turning of when changes are complete.
3. Enable customizing master pages and page layouts
Risk: Users may have the ability to customize pages and page layouts.
Impact: Organizational branding or designs may not match the company look and feel or present data in the manner intended. Required content rendering that has been enforced by the agency or objects that allow the page to render properly can also be deleted.
Mitigation: This setting is turned off by default. It may be turned on for all users from the site collection level or turn on only for the site collection administrator at the central administration level. This control is only effective when the publishing feature is turned on.
4. Enable managing of the Web site URL structure
Risk: When the All Files option is clicked in SharePoint Designer, from the navigation pane authorized users will see all of the files in your site hierarchy or web site URL structure giving a complete view of everything.
Impact: A user may change or delete a file or delete a name space that is required by the site, which may create issue with the site rendering or loss of content.
Mitigation: This setting is turned off by default. It may be turned on for all users at the site collection level or turn on only for the site collection administrator at the central administration level.
Recommendations for managing SharePoint Designer
- Leverage the governance model in determining whether SharePoint designer should be used. In general, top level sites or publishing sites have tight governance policies in place; whereas, collaboration sites have little governance.
- Consider the qualifications of the user and offer training if necessary.
- Consider leaving the customizations up to the development group.
- Do not let users customize in advanced mode if they are not on the development team.
- Provide a request form for customers so that they may easily place requirements for customization.
- Tier the level of customization and assign roles (e.g. 1 = browser, 2 = SPD normal mode, 3= SPD advanced mode, etc).
- When using SharePoint Designer, execute it against a Web Front End that is not part of the load balancing pool so that resource remains dedicated to users.
- For finer grain restrictions, consider leveraging controls through Group Policy. If Group Policy controls are used in conjunction with SharePoint controls, be sure to test the results more closely before going live.