Wednesday, February 18, 2015

How to Hide Share, Follow and Sync Buttons in Sharepoint 2013

We got a requirement to remove Share, Follow and Sync buttons in SharePoint 2013. Let me summarize various ways to disable these buttons.
sharepoint 2013 disable share, follow, sync buttons
How to disable "Share" button in SharePoint 2013?
Share button is relying on "Access requests" configuration of the site. To disable "Share button" in SharePoint 2013, simply disable access requests.
  • Go to Site settings page of your SharePoint site.
  • Click on "Site Permissions" link under "Users and Permissions" group
  • Click on "Access Request Settings" in the ribbon.
  • Uncheck "Allow access request" and click on "Ok" to save your changes. This should hide Share button in SharePoint 2013.sharepoint 2013 disable share button
Remember, You will have to do this change for each site! However, Share button will still be visible for Site owners and administrators!

How to Disable Sync buttons in SharePoint 2013
To disable sync, Navigate to  Site settings >> Click on "Search and offline availability" >> set offline client availability to "No". There are few more ways discussed in my another article: Hide Sync Button in SharePoint 2013

How to disable "Follow" button in SharePoint 2013?
To disable "Follow" button in SharePoint 2013, You'll have to disable a feature called "Following Content". Navigate to:
  • Site Settings >> Click on "Manage Site Features"
  • Click on "Deactivate" on " Following Content" feature
This removes following button in SharePoint 2013. If you want to disable "Following" feature at Farm level, disable "ContentFollowingStapling" feature at Farm features page in SharePoint 2013 Central Administration.

Disable Access Request, Deactivate Features using PowerShell:

  • Share: To disable access requests on all sites using PowerShell, refer: Disable access request in SharePoint 2013
  • Following: To deactivate "Following content" feature using PowerShell as:
    Disable-SPFeature -identity "FollowingContent" -URL "" 
  • Sync: To exclude from offline client, run:
    Get-SPSite -limit all | get-SPWeb -limit all | Foreach { $_.ExcludeFromOfflineClient=1; $_.Update()} 

Remove Share, Follow, Sync buttons at Master page level:

These promoted action buttons are in master page as follows:
Share Button:
Follow Button:
<SharePoint:DelegateControl ID="DelegateControl2" runat="server" ControlId="PromotedActions" AllowMultipleControls="true" />
Sync Button:
<SharePoint:SPSyncPromotedActionButton ID="SPSyncPromotedActionButton1" runat="server" />
To hide these controls, simply move them inside Comment block. <!--  -->. Do not delete this controls from the Master page! You'll end-up in crash!!

CSS to hide Share, Follow and Sync Buttons:

Lets hide them based on their IDs. You can place this CSS code with "Script Editor" web part or you can place it in Master page.
  • Sync button's id: ctl00_SyncPromotedAction
  • Follow button id: site_follow_button
  • Share button's id:  ctl00_site_share_button
<style type="text/css">

a[id$=site_share_button], a[id$=SyncPromotedAction], a#site_follow_button
    display: none !important;

Tips: This hides Share button from promoted actions section. But share button is present in ECB/Callout menu and in list view quick control also. To hide them all as well, use selectors:  a[id$="site_share_button"],[title="Share"], button.js-listview-qcbShareButton.

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Five Challenges in SharePoint Security
...And How to Solve Them. Free White Paper

Sunday, February 1, 2015

Application Pool Monitoring for SharePoint using PowerShell Script

If SharePoint Application Pools are stopped that would cause "Service Unavailable" outages to your SharePoint environment! While SCOM can monitor SharePoint IIS web application's application pool status, it makes bit more noisy with alerts and doesn't start the application pool automatically - when stopped. So, lets address this issue with the help of PowerShell! Here is my nifty PowerShell script to monitor application pools on all SharePoint web front end servers.

This script not only scans IIS Application Pool status on SharePoint Web-Front end servers, But also:
  • Logs application Pool status if its not in Started state
  • Automatically starts AppPool if its in stopped state
  • Sends out an Alert-Email to SharePoint Admin team (or whoever configured!)
PowerShell script to Monitor IIS Application Pool statues:
Import-Module WebAdministration

#Array to hold Server names - Change it to YOUR SharePoint front end servers
$WFEServers =("HS-WFE01", "HS-WFE02", "HS-WFE03")

#Log file location
$LogFile = "D:\Scripts\AppPool-Log.txt"

#Loop through each server and Check Application Pool status
foreach ($Server in $WFEServers)
    $ServerMgr = [Microsoft.Web.Administration.ServerManager]::OpenRemote($Server)

    #Get all Application Pools which are not in Started State
    $AppPoolColl = $ServerMgr.ApplicationPools | Where-Object {$_.State -ne "Started"}

    foreach($AppPool in $AppPoolColl)
        #Get the time to Log
        $now = Get-Date –f "yyyy-MM-dd HH:mm:ss"

        #Log to file
        "`n Found Application Pool: $($ in stopped state at the server : $($Server) on $($now)" >> $LogFile
        "Trying to Start the application Pool...">> $LogFile
        #Try Starting the application Pool
        Start-Sleep -s 10
        "Application Pool's current Status: $($AppPool.State)" >> $LogFile

        #Send Alert-Mail message
        $emailFrom = ""
        # Use commas for multiple addresses
        $emailTo = ""
        $subject = "Application Pool: $($AppPool.Name) in stopped state in Server: $($Server) at $($now)"
        $body = "Hi SharePoint Team, `n `n The Application Pool $($ was in stopped state in server: $($server). `n`n We tried Re-starting it... Current State of the Application Pool: $($AppPool.State). `n`n Please take necessary actions if its not started !. `n `nThanks, `nSharePoint AppPool Monitoring Script."
        $smtpServer = "" #IP or HOST Name of SMTP Server
        $smtp = new-object Net.Mail.SmtpClient($smtpServer)
        $smtp.Send($emailFrom, $emailTo, $subject, $body) 
Here is the sample alert from IIS AppPool monitoring script:

Schedule this PowerShell script in Windows Task scheduler in any Application server (or any other server will do!) to periodically scan App Pool status, Say once per 5 Min! run interval can be adjusted based on your application priority.

Here is my another post on Scheduling PowerShell scripts using Windows Task scheduler: Create a Scheduled Task for PowerShell Script with Windows Task Scheduler

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Five Challenges in SharePoint Security
...And How to Solve Them. Free White Paper

Sunday, January 25, 2015

Delete Button Missing in SharePoint Column? Here is How to Delete them.

How to delete a Column when Delete Button is missing:
Unable to delete list column in SharePoint since there is no delete button in field properties? In some cases, columns added through "Add existing columns" doesn't provide the option to delete! To make them deletable, just revert these two properties: AllowDeletion & Sealed
sharepoint column no delete button - sharepoint list sealed and non-deletable columns
Here is how to delete SharePoint list column programmatically with PowerShell: 
#Get the Web
$web = Get-SPWeb ""

#Get the List
$list = $web.Lists["Design Documents"]

#Get the column
$column = $list.Fields["Category"]

#Disable Delete
$column.AllowDeletion = $true
$column.Sealed = $false

#To delete a SharePoint list column in PowerShell, use: $column.Delete() 

sharepoint column delete button missing
We can also make fields to Sealed, So that nobody can change the field settings.

SharePoint Manager tool  can be used to set these properties. Just navigate to the site, list or library and set the "AllowDeletion" property to false, save the changes. This hides delete option in SharePoint list. sharepoint list column enable disable delete option

Here is my another post to make a column non-deletable: How to Prevent SharePoint List or Columns from Deletion

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Five Challenges in SharePoint Security
...And How to Solve Them. Free White Paper

Tuesday, January 20, 2015

Copy Permissions from One User to Another in SharePoint using PowerShell

Permission management in SharePoint is always a complex task especially on large environments. Granting permissions in SharePoint becomes cumbersome when you are in a situation to clone an existing user's access rights. Consider this scenario: You have an existing user in a department granted access to various SharePoint web applications, sites, lists, files, etc. and when a new user joins to this department, You-SharePoint Administrator get the requirement of adding new user to all of the places with same access rights as the existing team member!

How will you compare access rights of an existing team member and grant access in bulk? He may be granted permission on various levels with different access rights. It would become very time-consuming to find and grant same level of permissions to multiple users on multiple SharePoint objects. Existing user may be grated access as part of:
  • Farm Administrator group and/or as part of web application policies
  • Member of Site collection administrator group
  • Permissions granted at site level either as part of SharePoint group or with direct permissions
  • Permissions granted to list or libraries by breaking inheritance 
  • Access rights may be via List item or folder level permissions.
In short, permissions can be granted at the following levels in SharePoint:
sharepoint copy permissions from one user to another
Well, To copy permissions from one user to another user on above levels, I've written this PowerShell script - It just scans all possible levels for given source user's access rights and grants permission to the target user.

PowerShell script to clone SharePoint User Permissions:
Important: You must run this script as Farm Administrator! Otherwise, you'll get "Access Denied" error!!
This script iterates through each levels as in the above image and copies permissions between given users at List Item/Folder, Lists, site, Site Collection, Web Application and Farm levels. Just change the parameters for variables $SourceUserl, $TargetUser and $WebAppURL accordinly and run the script. You'll find the script outputs logs on the screen, on wherever it copies permissions.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#Function to copy user permissions 
Function Copy-UserPermissions($SourceUserID, $TargetUserID, [Microsoft.SharePoint.SPSecurableObject]$Object)
 #Determine the given Object type and Get URL of it
  "Microsoft.SharePoint.SPWeb"  { $ObjectType = "Site" ; $ObjectURL = $Object.URL; $web = $Object }
   if($Object.Folder -ne $null)
     $ObjectType = "Folder" ; $ObjectURL = "$($Object.Web.Url)/$($Object.Url)"; $web = $Object.Web
    $ObjectType = "List Item"; $ObjectURL = "$($Object.Web.Url)/$($Object.Url)" ; $web = $Object.Web
  #Microsoft.SharePoint.SPList, Microsoft.SharePoint.SPDocumentLibrary, Microsoft.SharePoint.SPPictureLibrary,etc
  default { $ObjectType = "List/Library"; $ObjectURL = "$($Object.ParentWeb.Url)/$($Object.RootFolder.URL)"; $web = $Object.ParentWeb }

 #Get Source and Target Users
 $SourceUser = $Web.EnsureUser($SourceUserID)
 $TargetUser = $Web.EnsureUser($TargetUserID)

 #Get Permissions of the Source user on given object - Such as: Web, List, Folder, ListItem
 $SourcePermissions = $Object.GetUserEffectivePermissionInfo($SourceUser)

 #Iterate through each permission and get the details
 foreach($SourceRoleAssignment in $SourcePermissions.RoleAssignments)
  #Get all permission levels assigned to User account directly or via SharePOint Group
        foreach ($SourceRoleDefinition in $SourceRoleAssignment.RoleDefinitionBindings)
   #Exclude "Limited Accesses"
   if($SourceRoleDefinition.Name -ne "Limited Access")
          $SourceUserPermissions += $SourceRoleDefinition.Name
  #Check Source Permissions granted directly or through SharePoint Group
   if($SourceRoleAssignment.Member -is [Microsoft.SharePoint.SPGroup])   
    $SourcePermissionType = "'Member of SharePoint Group - " + $SourceRoleAssignment.Member.Name +"'"
    #Add Target User to the Source User's Group
    #Get the Group
    $Group = [Microsoft.SharePoint.SPGroup]$SourceRoleAssignment.Member
    #Check if user is already member of the group - If not, Add to group
    if( ($Group.Users | where {$_.UserLogin -eq $TargetUserID}) -eq $null )
      #Add User to Group
      #Write-Host Added to Group: $Group.Name
    $SourcePermissionType = "Direct Permission"
    #Add Each Direct permission (such as "Full Control", "Contribute") to Target User
    foreach($NewRoleDefinition in $SourceUserPermissions)
      #Role assignment is a linkage between User object and Role Definition
      $NewRoleAssignment = New-Object Microsoft.SharePoint.SPRoleAssignment($TargetUser)
   $SourceUserPermissions = $SourceUserPermissions -join ";"  
   Write-Host "***$($ObjectType) Permissions Copied: $($SourceUserPermissions) at $($ObjectURL) via $($SourcePermissionType)***"

Function Clone-SPUser($SourceUserID, $TargetUserID, $WebAppURL)
 ###Check Whether the Source Users is a Farm Administrator ###
 Write-host "Scanning Farm Administrators Group..." 
   #Get the SharePoint Central Administration site
   $AdminWebApp = Get-SPwebapplication -includecentraladministration | where {$_.IsAdministrationWebApplication}
    $AdminSite = Get-SPWeb $AdminWebApp.Url
    $AdminGroupName = $AdminSite.AssociatedOwnerGroup
    $FarmAdminGroup = $AdminSite.SiteGroups[$AdminGroupName]
 #enumerate in farm adminidtrators groups
    foreach ($user in $FarmAdminGroup.users)
     if($User.LoginName.Endswith($SourceUserID,1)) #1 to Ignore Case
       #Add the target user to Farm Administrator Group
    $FarmAdminGroup.AddUser($TargetUserID,"",$TargetUserID , "")
    Write-Host "***Added to Farm Administrators Group!***"

 ### Check Web Application User Policies ###
 Write-host "Scanning Web Application Policies..." 
  $WebApp = Get-SPWebApplication $WebAppURL   
  foreach ($Policy in $WebApp.Policies)
      #Check if the search users is member of the group
       #Write-Host $Policy.UserName
       foreach($Role in $Policy.PolicyRoleBindings)
        $PolicyRoles+= $Role
  #Add Each Policy found
   $WebAppPolicy = $WebApp.Policies.Add($TargetUserID, $TargetUserID)
   foreach($Policy in $PolicyRoles)
   Write-host "***Added to Web application Policies!***"
 ### Drill down to Site Collections, Webs, Lists & Libraries, Folders and List items ###
 #Get all Site collections of given web app
 $SiteCollections = Get-SPSite -WebApplication $WebAppURL -Limit All

 #Convert UserID Into Claims format - If WebApp is claims based! Domain\User to i:0#.w|Domain\User
    if( (Get-SPWebApplication $WebAppURL).UseClaimsAuthentication)
        $SourceUserID = (New-SPClaimsPrincipal -identity $SourceUserID -identitytype 1).ToEncodedString()
  $TargetUserID = (New-SPClaimsPrincipal -identity $TargetUserID -identitytype 1).ToEncodedString()
 #Loop through all site collections 
    foreach($Site in $SiteCollections)
  #Prepare the Target user 
  $TargetUser = $Site.RootWeb.EnsureUser($TargetUserID)
     Write-host "Scanning Site Collection Administrators Group for:" $site.Url
  ###Check Whether the User is a Site Collection Administrator
     foreach($SiteCollAdmin in $Site.RootWeb.SiteAdministrators)
          #Make the user as Site collection Admin
           $TargetUser.IsSiteAdmin = $true
       Write-host "***Added to Site Collection Admin Group***"
  #Get all webs
  $WebsCollection = $Site.AllWebs
  #Loop throuh each Site (web)
  foreach($Web in $WebsCollection)
       if($Web.HasUniqueRoleAssignments -eq $True)
     Write-host "Scanning Site:" $Web.Url
     #Call the function to Copy Permissions to TargetUser
     Copy-UserPermissions $SourceUserID $TargetUserID $Web    
    #Check Lists with Unique Permissions
    Write-host "Scanning Lists on $($web.url)..."
    foreach($List in $web.Lists)
              if($List.HasUniqueRoleAssignments -eq $True -and ($List.Hidden -eq $false))
      #Call the function to Copy Permissions to TargetUser
      Copy-UserPermissions $SourceUserID $TargetUserID $List 
     #Check Folders with Unique Permissions
     $UniqueFolders = $List.Folders | where { $_.HasUniqueRoleAssignments -eq $True }                    
                    #Get Folder permissions
                    foreach($folder in $UniqueFolders)
      #Call the function to Copy Permissions to TargetUser
                                                Copy-UserPermissions $SourceUserID $TargetUserID $folder      
     #Check List Items with Unique Permissions
     $UniqueItems = $List.Items | where { $_.HasUniqueRoleAssignments -eq $True }
                    #Get Item level permissions
                    foreach($item in $UniqueItems)
      #Call the function to Copy Permissions to TargetUser
      Copy-UserPermissions $SourceUserID $TargetUserID $Item  
 Write-Host "Permission are copied successfully!"
#Define variables for processing
$WebAppURL = ""

#Provide input for source and Target user Ids
$SourceUser ="Crescent\TonyW"
$TargetUser ="Crescent\Salaudeen"

#Call the function to clone user access rights
Clone-SPUser $SourceUser $TargetUser $WebAppURL

Copy User Permissions at list level:
This script is broken into two functions: Copy-UserPermissions and Clone-SPSuer for convenience. Lets say, you want to copy permissions at list level, then you can utilize the Copy-UserPermission function as:
$WebURL = ""

$web = Get-SPWeb $WebURL

$SourceUser ="i:0#.w|Crescent\TonyW"
$TargetUser ="i:0#.w|Crescent\Salaudeen"

$list = $Web.Lists["Invoice"]

#$folder = $list.Folders[0]
#$ListItem = $list.Items[0]

#Call the function to copy user permissions programmatically at LIST level
Copy-UserPermissions $SourceUser $TargetUser $list

This script just clone's user permissions at list level (copies at only list level, no drill-down to Folders and Items!).

Please note, This script doesn't clone permissions which are granted via Active Directory Security groups!

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Five Challenges in SharePoint Security
...And How to Solve Them. Free White Paper

Saturday, January 10, 2015

SharePoint 2013 Patch (Service Pack-CU-Hotfix) Installation Guide - Step by Step

So you want to maintain your SharePoint environment healthy, secure, stable and up to date by installing latest patches? Well, this article walks through the various steps involved in installing patches for your SharePoint 2013 environment.

SharePoint 2013 patching best practices
Before proceeding , Lets consider some of the best practices for SharePoint 2013 patching. I would strongly recommend patching your development/test SharePoint farms first before proceeding with the production environment. Make sure Dev/Test environments are thoroughly tested, all custom/third-party components are fully functional. Watch those environments, Identify and address common issues and then schedule the maintenance window for your SharePoint 2013 production farm.

Always, Its a good idea to stay one CU behind the current release (or 3 to 6 Moths behind latest patch) for production environments to avoid any potential issues that may be introduced by a new CU. Simply installing the latest updates is not a best practice and may put your environment at risk. Take snapshot backups of your SharePoint servers before applying updates. (That's why I'm a big fan of SharePoint server visualization!). This will help when things don’t go right.

Downtime Mitigation: If you have a TEST environment (or call it QA/Pre-Production) closer to production, you can backup-restore SharePoint content databases, make them read-only, change the publishing servers to point TEST farm as Production farm during this maintenance window. Keep your user community aware of this maintenance window. Plan and send out a proper e-mail communication about the scheduled maintenance. SharePoint 2013 provides an excellent way SharePoint 2013 Maintenance Window Notifications

It is no longer required to install the SharePoint Foundation patches before proceeding with SharePoint Server patches.

SharePoint 2013 patch procedure
At high level, SharePoint 2013 patching process is done as follows:
  1. Get your current farm patch level
  2. Download SharePoint 2013 service pack/CU/Hot-fix
  3. Install binaries on SharePoint Servers
  4. Run the SharePoint Products Configuration Wizard
  5. Verify the updated build number of your SharePoint farm.

Step 1: Get SharePoint 2013 Patch Level

There are many ways to find SharePoint build numbers including PowerShell (more info:  How to find SharePoint Farm Build Version Number/Patch Level ). Here is the easiest way to find SharePoint patch level:
  • Go to your SharePoint 20103 Central Administration site. 
  • From the Central Administration, navigate to System Settings >> Manage Servers in this Farm
  • From the Servers in this Farm page, under the Farm information section, you will see the SharePoint Farm Build Version.
sharepoint 2013 check sharepoint patch level
To match the build number with SharePoint 2013 patch, use Todd Klindt's blog:

Step 2: SharePoint 2013 patch download
To start with SharePoint 2013 patching, We must download the relevant patches first!. The major difference in downloading patches for SharePoint 2013 and its previous versions is: You don't have to download and install patches for both SharePoint Foundation and SharePoint Server, if you are running with SharePoint 2013 server. You can just download and install SharePoint Server patch alone!!

To download SharePoint 2013 service packs, hot-fixes and cumulative updates(CU), head on to Microsoft SharePoint updates site:
You have to download the relevant patch depending on your SharePoint environment version/edition and patch level.
Download all patches to a network location so that you do not have to download for every server in the farm!

Step 3: Install SharePoint patch Binaries
The next step is to install service pack/patches to all SharePoint servers (except the database server). You can start with SharePoint App Server(s) that host Central Administration first.
  • Browse to the location where you downloaded patches. 
  • Start the patching process by double clicking the installers (you may have to extract the downloaded binaries!). Accept the license agreement and click on "Continue".
sharepoint 2013 service pack installation
  •  You should see the installation progress window. You may asked to reboot the server to complete patch installation.
  •  Wait for the installation is complete message.

Install Patches on All other servers in the Farm:
You must install any patch on every server in your SharePoint farm including WFE and App servers. SharePoint 2013 Products Configuration Wizard is good enough to detect and prevent you from proceeding, If you try to run SharePoint 2013 Products Configuration Wizard without installing binaries on all servers.
sharepoint 2013 patch management
Install all other required binaries before proceeding with the next step.

Step 4: Run SharePoint 2013 Products Configuration Wizard
Once binaries are installed on all SharePoint servers, The next step is run SharePoint 2010 Products Configuration Wizard.
  • Go to start >> Search "SharePoint products configuration wizard" and run PSConfig wizard as administrator. Click on Next to continue.
sharepoint 2013 foundation patch
  • You will get a warning message saying few services will be restarted during this upgrade process. Click Yes and then Click Next
  •  SharePoint products configuration wizard will run through the upgrade process. Wait for the wizard to complete.
  •  When the wizard is completed, click Finish.
sharepoint 2013 patching best practices
Repeat this patch procedures in rest your SharePoint Servers in the farm.

Run SharePoint 2013 Products Configuration Wizard ONE Server at a time:
We have to run SharePoint 2013 products configuration wizard in all other servers. Although SharePoint patch installation can happen simultaneously, I would suggest you run SharePoint Products Configuration Wizard only on ONE sever at a time! Start from App Server which hosts central admin, Once its completed move on to other app servers and then SharePoint web front ends. SharePoint 2013 patching process may take about 30 minutes on each server.

If you try to run the wizard simultaneously, You'll get to see SharePoint 2013 places a lock until the configuration gets completed on the other server already running the wizard.

Step 5: Verify Installation for SharePoint 2013 Service Pack:
We have successfully installed patches in our SharePoint 2013 environment. To verify patching and make sure installation is successful lets check the farm's build number. There are many ways to find SharePoint build number (more info:  How to find SharePoint Farm Build Version Number/Patch Level ). Here is the easiest one:
  • Go to your SharePoint 20103 Central Administration site. 
  • From the Central Administration, navigate to System Settings >> Manage Servers in this Farm
  • From the Servers in this Farm page, under the Farm information section, you will see the Configuration Database Version.
sharepoint 2013 service pack version number
Make sure your new build number is matching with the patch your have just installed. Also, check "Manage Servers in this Farm" page in Central administration. This page will also tell you if you need to run the SharePoint Products Configuration Wizard on a server to complete the update process. Make sure every server in your SharePoint farm is upgraded and displays status as "No Action Required".
SharePoint 2013 patch status page:
You can check the patch status on each and every individual server with "Manage patch status page" (Central Administration >> Upgrade and Migration >> Check product and patch installation status.
sharepoint 2013 patch status page
"Check upgrade status" page gives insights on detailed upgrade status information.
sharepoint 2013 patch status page
Don't just stop by SharePoint 2013 service pack installation. But apply Windows Server OS patches and SQL Server patches on regular maintenance windows.

SharePoint 2013 Service installation failed?
In case of failure, review the error log presented to determine the source . Simply re-running the products configuration wizard worked for me any times! or you may have to run psconfig command instead of running the wizard.
psconfig -cmd upgrade -inplace b2b -wait
What is the difference between service pack, Cumulative updates and hot fixes (or patches)?
  • Hotfix/patch is a update addressing a specific problem/bug/security issue. On Demand - normally not for everyone, you should only apply the patch if you're having the specific problem it addresses. Microsoft publishes a corresponding KB article for every hotfix that is released for every Microsoft product. 
  • Cumulative Updates  - As their name suggest, they are cumulative in content so they include a collection previously released hotfixes to date. Hotfixes and CUs are not always publicly released.  You'll get a link to download these hotfixes and CUs on requesting via Microsoft site. 
  • Service pack is a collection of CUs (and patches). It rolls together all patches that have come along over a given period of time. - Usually contains new features and available to public.
Every Hotfix, CU, Service pack you install, will increment the version/build number of your SharePoint Farm.

Last but not least: Its a good idea to have a maintenance page during scheduled down times in SharePoint: Maintenance Page for SharePoint - Quick way to Implement  

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Five Challenges in SharePoint Security
...And How to Solve Them. Free White Paper

You might also like:

Related Posts Plugin for WordPress, Blogger...