Enabling Multi Tenant Support in SharePoint 2010

SharePoint 2010 adds some new features to support hosting environments, which we generally refer to as multi tenant support.  In the beta release, the core multitenant infrastructure is not turned on by default.  It requires a custom service application to be provisioned, and once that's done you can begin configuring the different pieces of multi tenancy.  Here's just a brief rundown on what those features are:

  1. Multi tenant admin sites:  these sites give you a central location where all of the sites for a particular tenant can be managed.  It includes things like managing certain aspects of service applications (like user profiles, managed metadata store, etc.).  It also allows you to view all of the site collections in the tenancy, create new site collections, manage the owners of those site collections, etc.
  2. Multi tenant member sites:  tenancy in SharePoint 2010 is managed through something we call a subscription.  Simply stated, a subscription is just a GUID that we can use to identifiy members of a subscription as well as data associated with a subscriber.  The membership identity is how we can determine which site collections are part of which tenancy.  From a data perspective, we can use that subscriber key when data is stored in a service application.  For example, so tenant A can have a set of administrators and data in the managed metadata service application, and tenant B can have an entirely different set of admins and data.  From a farm perspective in this scenario, you are only using one instance of the managed metadata service application, but it is being shared by all tenants.  However their data is isolated and secured from one another by virtue of their subscriber ID.
  3. Feature Packs:  feature packs are ways in which SharePoint features, the same regular features you know and love, can be organized into groups (NOTE:  "feature packs" is what this has been called, it may be called something else by the time the product ships).  Once you organize these features into feature packs, you can associate them with a subscriber.  Once that's been done, that subscriber can only use those features that have been added to the feature pack.  That gives you control over which tenants are using which features, as well as giving you a means by which you can create different packaged offerings at different prices for hosting customers.

That's the really brief overview of what it does - I'm sure the SharePoint user assistance folks (the people that write all that content for TechNet) will have a lot more detail on this in the months ahead.  In the meantime, if you want to get the basic infrastructure in place you can get started by running this PowerShell script:

Get-SPServiceInstance | where{$_.GetType().Name -eq "SPSubscriptionSettingsServiceInstance"} | Start-SPServiceInstance

$acc = Get-SPManagedAccount “Specific Account Name” ( OR create a new managed account)

$appPool = New-SPIisWebServiceApplicationPool -Name SettingsServiceAppPool -Account $acc
$app = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $appPool –Name SettingsServiceApp –DatabaseName SettingsServiceDB
$proxy = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $app

Once you have that in place, you can create new subscriptions, add existing site collections to subscriptions, create tenant admin sites, create feature packs, associate feature packs with subscribers, etc. I actually have a simple winforms app that does all of this now; I will try and write a future post that describes how to do some of these things in PowerShell, and post my admin app as well to help get you started.  One quick note I will make here, if you are exploring on your own and want to create a tenant admin site, you need to make sure you include the "-AdministrationType TenantAdministration" flag when using the new-spsite cmdlet. 

To take advantage of these features in a service application, you need to use the -PartitionMode flag when creating the service application.  Here's an example of a PowerShell script to create a new instance of the managed metadata service in multi tenant mode:

$pool = Get-SPIisWebServiceApplicationPool -Identity 'SharePoint Web Services Default'
$meta = New-SPMetadataServiceApplication -HubUri
https://hosting -ApplicationPool $pool -Name 'Tenant Managed Metadata' -DatabaseName O14_TenantMetadataDB -DatabaseServer SP14B -PartitionMode -SyndicationErrorReportEnabled
$proxy = New-SPMetadataServiceApplicationProxy -PartitionMode -ContentTypePushdownEnabled -DefaultKeywordTaxonomy -DefaultSiteCollectionTaxonomy -Name 'Tenant Managed Metadata Proxy' -DefaultProxyGroup -ServiceApplication $meta

Hopefully that's enough to get you curious and started for now.  I'll follow up with additional scripts and the tenant admin app later.