Administration

What to do Before and After CU Update? SP2016

Posted on Updated on

After the recent CU Update for SharePoint 2016, there is some points to keep in mind.

You downloaded and installed

SP1CU

Description:

KB 3118289 – Update for SharePoint Server 2016 September 2016 (language independent)

KB 3118295 – Update for SharePoint Server 2016 September 2016 (language dependent fixes)

For Office Server

KB 3118299 – Update for Office Online Server 2016 September 2016

Download

Download Update for SharePoint Server 2016 September 2016 (language independent)

Download SharePoint Server 2016 September 2016 (language dependent fixes)

Download Office Online Server 2016 September 2016

SP2CU

PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent 
-install -cmd installfeatures -cmd secureresources -cmd services -install

PSCONFIG

Usage:
        PSCONFIG.EXE -cmd <Command> [Parameters]
        PSCONFIG.EXE -help [Command]
        PSCONFIG.EXE -?
Commands:
        configdb
        helpcollections
        secureresources
        services
        installfeatures
        adminvs
        upgrade
        applicationcontent
        quiet

Ensure everything is updated, don’t miss a thing

PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd secureresources -cmd services -install 

ANY PROBLEM just delete the “-” from “-install” and type again

  1. applicationcontent – Copies shared application data (for example, resource files and Web application binaries) to existing Web application virtual directories;
  2. installfeatures  – Registers any SharePoint Products and Technologies features located on the file system of this server with the server farm;
  3. secureresources  – Performs SharePoint Products resource security enforcement on the server. For example, security is enforced on files, folders, and registry keys.

SP5CU

SP6CU

If you are separating the CU install from the PSCONFIG, should be required to run the bellow command to unsure that all application content be upgraded.

Install-SPApplicationContent

In any case you should have some WARNINGS, it should be OK, the result it’s what you expect.

Attempted to set SchemaVersion to 16.0.4432.1000 < 16.0.4432.1003 on Database SOME_Content_CentralAdmin, Status = Online — skipping.

Attempted to set SchemaVersion to 16.0.4432.1000 < 16.0.4432.1003 on Database SOME_Content_Portal, Status = Upgrading — skipping.

Attempted to set SchemaVersion to 16.0.4432.1000 < 16.0.4432.1003 on Database SOME_Content_Dev, Status = Upgrading — skipping. Attempted to set SchemaVersion to 16.0.4432.1000 < 16.0.4432.1003 on Database SOME_Content_Store, Status = Upgrading — skipping.

SP7CU

The tool was unable to install Application Server Role, Web Server (IIS) Role

Posted on Updated on

For my experience, this error may happen in virtualized environments, manly in Azure.

There are many workarounds, but I,ll suggest this one:

Off-line Install

  1. Copy the sxs file from sources “Binaries”
  2. Run this PowerShell script (assuming D:\sxs), change last line
Import-Module ServerManager `
Add-WindowsFeature `
	Net-Framework-Features, `
	Web-Server,Web-WebServer, `
	Web-Common-Http,Web-Static-Content, `
	Web-Default-Doc,Web-Dir-Browsing, `
	Web-Http-Errors,Web-App-Dev, `
	Web-Asp-Net, `
	Web-Net-Ext, `
	Web-ISAPI-Ext, `
	Web-ISAPI-Filter, `
	Web-Health, `
	Web-Http-Logging, `
	Web-Log-Libraries, `
	Web-Request-Monitor, `
	Web-Http-Tracing, `
	Web-Security, `
	Web-Basic-Auth, `
	Web-Windows-Auth, `
	Web-Filtering, `
	Web-Digest-Auth, `
	Web-Performance, `
	Web-Stat-Compression, `
	Web-Dyn-Compression, `
	Web-Mgmt-Tools, `
	Web-Mgmt-Console, `
	Web-Mgmt-Compat, `
	Web-Metabase, `
	Application-Server, `
	AS-Web-Support,
	AS-TCP-Port-Sharing, `
	AS-WAS-Support, `
	AS-HTTP-Activation, `
	AS-TCP-Activation, `
	AS-Named-Pipes, `
	AS-Net-Framework, `
	WAS,WAS-Process-Model, `
	WAS-NET-Environment, `
	WAS-Config-APIs, `
	Web-Lgcy-Scripting, `
	Windows-Identity-Foundation, `
	Server-Media-Foundation, `
	Xps-Viewer -Source D:sxs

2. Download Files in a PC with internet

#***************************************************************************************
# Written by Craig Lussier - http://craiglussier.com
#
# This script downloads SharePoint 2013 Prerequisites
#   
# -Only run this script on Windows Server 2012 (RTM, either Standard or Datacenter)
# -Do not run this script on a Windows Server 2008 R2 SP1 Server!
# ---These are the Prerequisites for Windows Server 2012
# -Run this script as a local server Administrator
# -Run PowerShell as Administrator
#
# Don't forget to: Set-ExecutionPolicy RemoteSigned
# If you have not done so already within you Windows Server 2012 server
#****************************************************************************************
param([string] $SharePoint2013Path = $(Read-Host -Prompt "Please enter the directory path to where you wish to save the SharePoint 2013 Prerequisite files.")) 
 
# Import Required Modules
Import-Module BitsTransfer 


# Specify download url's for SharePoint 2013 prerequisites
$DownloadUrls = (
            "http://download.microsoft.com/download/9/1/3/9138773A-505D-43E2-AC08-9A77E1E0490B/1033/x64/sqlncli.msi", # Microsoft SQL Server 2008 R2 SP1 Native Client
            "http://download.microsoft.com/download/E/0/0/E0060D8F-2354-4871-9596-DC78538799CC/Synchronization.msi", # Microsoft Sync Framework Runtime v1.0 SP1 (x64)
            "http://download.microsoft.com/download/A/6/7/A678AB47-496B-4907-B3D4-0A2D280A13C0/WindowsServerAppFabricSetup_x64.exe", # Windows Server App Fabric
            "http://download.microsoft.com/download/7/B/5/7B51D8D1-20FD-4BF0-87C7-4714F5A1C313/AppFabric1.1-RTM-KB2671763-x64-ENU.exe", # Cumulative Update Package 1 for Microsoft AppFabric 1.1 for Windows Server (KB2671763)
            "http://download.microsoft.com/download/D/7/2/D72FD747-69B6-40B7-875B-C2B40A6B2BDD/Windows6.1-KB974405-x64.msu", #Windows Identity Foundation (KB974405)
            "http://download.microsoft.com/download/0/1/D/01D06854-CA0C-46F1-ADBA-EBF86010DCC6/rtm/MicrosoftIdentityExtensions-64.msi", # Microsoft Identity Extensions
            "http://download.microsoft.com/download/9/1/D/91DA8796-BE1D-46AF-8489-663AB7811517/setup_msipc_x64.msi", # Microsoft Information Protection and Control Client
            "http://download.microsoft.com/download/8/F/9/8F93DBBD-896B-4760-AC81-646F61363A6D/WcfDataServices.exe" # Microsoft WCF Data Services 5.0
                ) 


function DownLoadPreRequisites() 
{ 

    Write-Host ""
    Write-Host "====================================================================="
    Write-Host "      Downloading SharePoint 2013 Prerequisites Please wait..." 
    Write-Host "====================================================================="
     
    $ReturnCode = 0 
 
    foreach ($DownLoadUrl in $DownloadUrls) 
    { 
        ## Get the file name based on the portion of the URL after the last slash 
        $FileName = $DownLoadUrl.Split('/')[-1] 
        Try 
        { 
            ## Check if destination file already exists 
            If (!(Test-Path "$SharePoint2013Path\$FileName")) 
            { 
                ## Begin download 
                Start-BitsTransfer -Source $DownLoadUrl -Destination $SharePoint2013Path\$fileName -DisplayName "Downloading `'$FileName`' to $SharePoint2013Path" -Priority High -Description "From $DownLoadUrl..." -ErrorVariable err 
                If ($err) {Throw ""} 
            } 
            Else 
            { 
                Write-Host " - File $FileName already exists, skipping..." 
            } 
        } 
        Catch 
        { 
            $ReturnCode = -1 
            Write-Warning " - An error occurred downloading `'$FileName`'" 
            Write-Error $_ 
            break 
        } 
    } 
    Write-Host " - Done downloading Prerequisites required for SharePoint 2013" 
     
    return $ReturnCode 
} 


 

function CheckProvidedDownloadPath()
{


    $ReturnCode = 0

    Try 
    { 
        # Check if destination path exists 
        If (Test-Path $SharePoint2013Path) 
        { 
           # Remove trailing slash if it is present
           $script:SharePoint2013Path = $SharePoint2013Path.TrimEnd('\')
       $ReturnCode = 0
        }
        Else {

       $ReturnCode = -1
           Write-Host ""
       Write-Warning "Your specified download path does not exist. Please verify your download path then run this script again."
           Write-Host ""
        } 


    } 
    Catch 
    { 
         $ReturnCode = -1 
         Write-Warning "An error has occurred when checking your specified download path" 
         Write-Error $_ 
         break 
    }     
    
    return $ReturnCode 

}


 
function DownloadPreReqs() 
{ 

    $rc = 0 
    
    $rc = CheckProvidedDownloadPath  

    # Download Pre-Reqs  
    if($rc -ne -1) 
    { 
        $rc = DownLoadPreRequisites 
    } 
     

    if($rc -ne -1)
    {

        Write-Host ""
        Write-Host "Script execution is now complete!"
        Write-Host ""
    }


} 

DownloadPreReqs

3. Install Pre files (Servers)

#***************************************************************************************
# Written by Craig Lussier - http://craiglussier.com
#
# This script downloads and instals SharePoint 2013 Prerequisites
#  
# -Only run this script on Windows Server 2012 (RTM, either Standard or Datacenter)
# -Do not run this script on a Windows Server 2008 R2 SP1 Server!
# ---These are the Prerequisites for Windows Server 2012
# -Run this script as a local server Administrator
# -Run PowerShell as Administrator
# 
# IMPORTANT NOTES:
# -The $SharePoint2013Path is the path to your SharePoint 2013 installation media
# -This script utilizes the PrerequisiteInstaller.exe in your SharePoint 2013 media
# -The script points to your $SharePoint2013Path\PrerequisiteInstallerFiles directory.
# ---BE SURE TO COPY THE PREREQ FILES INTO THIS DIRECTORY IF THEY ARE NOT ALREADY THERE FROM THE Download-SP2013PreReqFiles.ps1 script
#
# Don't forget to: Set-ExecutionPolicy RemoteSigned
# If you have not done so already within you Windows Server 2012 server
#****************************************************************************************
param([string] $SharePoint2013Path = $(Read-Host -Prompt "Please enter the directory path to where your SharePoint 2013 installation files exist.")) 
 

 
function InstallPreReqFiles() 
{ 

    $ReturnCode = 0

    Write-Host ""
    Write-Host "====================================================================="
    Write-Host "Installing Prerequisites required for SharePoint 2013" 
    Write-Host ""
    Write-Host "This uses the supported installing offline method"
    Write-Host ""
    Write-Host "If you have not installed the necessary Roles/Features"
    Write-Host "this will occur at this time."
    Write-Host "=====================================================================" 
     
     
        Try 
        { 
        

             Start-Process "$SharePoint2013Path\PrerequisiteInstaller.exe" -ArgumentList "`
                                                                                             /SQLNCli:`"$SharePoint2013Path\PrerequisiteInstallerFiles\sqlncli.msi`" `
                                                                                             /IDFX:`"$SharePoint2013Path\PrerequisiteInstallerFiles\Windows6.1-KB974405-x64.msu`" `
                                                                                             /IDFX11:`"$SharePoint2013Path\PrerequisiteInstallerFiles\MicrosoftIdentityExtensions-64.msi`" `
                                                                                             /Sync:`"$SharePoint2013Path\PrerequisiteInstallerFiles\Synchronization.msi`" `
                                                                                             /AppFabric:`"$SharePoint2013Path\PrerequisiteInstallerFiles\WindowsServerAppFabricSetup_x64.exe`" `
                                                                                             /KB2671763:`"$SharePoint2013Path\PrerequisiteInstallerFiles\AppFabric1.1-RTM-KB2671763-x64-ENU.exe`" `                                                                                             
                                                                                             /MSIPCClient:`"$SharePoint2013Path\PrerequisiteInstallerFiles\setup_msipc_x64.msi`" `
                                                                                             /WCFDataServices:`"$SharePoint2013Path\PrerequisiteInstallerFiles\WcfDataServices.exe`""
        } 
        Catch 
        { 
            $ReturnCode = -1 
            Write-Error $_ 
            break 
        }     
 
    return $ReturnCode 
} 
 
function CheckProvidedSharePoint2013Path()
{


    $ReturnCode = 0

    Try 
    { 
        # Check if destination path exists 
        If (Test-Path $SharePoint2013Path) 
        { 
           # Remove trailing slash if it is present
           $script:SharePoint2013Path = $SharePoint2013Path.TrimEnd('\')
       $ReturnCode = 0
        }
        Else {

       $ReturnCode = -1
           Write-Host ""
       Write-Warning "Your specified download path does not exist. Please verify your download path then run this script again."
           Write-Host ""
        } 


    } 
    Catch 
    { 
         $ReturnCode = -1 
         Write-Warning "An error has occurred when checking your specified download path" 
         Write-Error $_ 
         break 
    }     
    
    return $ReturnCode 

}


 
function InstallPreReqs() 
{ 

    $rc = 0 
    
    $rc = CheckProvidedSharePoint2013Path  

     
    # Install the Pre-Reqs 
    if($rc -ne -1) 
    { 
       $rc = InstallPreReqFiles 
    } 

    if($rc -ne -1)
    {

        Write-Host ""
        Write-Host "Script execution is now complete!"
        Write-Host ""
    }


} 

InstallPreReqs

4. Install Roles (Servers)

#***************************************************************************************
# Written by Craig Lussier - http://craiglussier.com
#
# This script installs SharePoint 2013 Roles/Features for Windows Server 2012
#  
# -Only run this script on Windows Server 2012 (RTM, either Standard or Datacenter)
# -If you are running this script 'offline' have your Windows Server 2012 installation
#  Media mounted/copied to this machine. You can also use a network UNC path.
# -Do not run this script on a Windows Server 2008 R2 SP1 Server!
# ---These are the Prerequisites for Windows Server 2012
# -Run this script as a local server Administrator
# -Run PowerShell as Administrator
#
# Don't forget to: Set-ExecutionPolicy RemoteSigned
# If you have not done so already within you Windows Server 2012 server 
#****************************************************************************************
# Import Required Module
Import-Module ServerManager

function AddWindowsFeatures() 
{ 
    Write-Host "==================================================================================="
    Write-Host "Install required Windows Roles/Features for SharePoint 2013 on Windows Server 2012"
    Write-Host ""
    Write-Host "Note: You'll receive prompt to restart your server when the"
    Write-Host "      Windows Server 2012 Role/Feature installation is complete."
    Write-Host "==================================================================================="        
     
      
    # Note: You can use the Get-WindowsFeature cmdlet (its in the ServerManager module) 
    #       to get a listing of all features and roles.
    $WindowsFeatures = @(
            "Net-Framework-Features",
            "Web-Server",
            "Web-WebServer",
            "Web-Common-Http",
            "Web-Static-Content",
            "Web-Default-Doc",
            "Web-Dir-Browsing",
            "Web-Http-Errors",
            "Web-App-Dev",
            "Web-Asp-Net",
            "Web-Net-Ext",
            "Web-ISAPI-Ext",
            "Web-ISAPI-Filter",
            "Web-Health",
            "Web-Http-Logging",
            "Web-Log-Libraries",
            "Web-Request-Monitor",
            "Web-Http-Tracing",
            "Web-Security",
            "Web-Basic-Auth",
            "Web-Windows-Auth",
            "Web-Filtering",
            "Web-Digest-Auth",
            "Web-Performance",
            "Web-Stat-Compression",
            "Web-Dyn-Compression",
            "Web-Mgmt-Tools",
            "Web-Mgmt-Console",
            "Web-Mgmt-Compat",
            "Web-Metabase",
            "Application-Server",
            "AS-Web-Support",
            "AS-TCP-Port-Sharing",
            "AS-WAS-Support",
            "AS-HTTP-Activation",
            "AS-TCP-Activation",
            "AS-Named-Pipes",
            "AS-Net-Framework",
            "WAS",
            "WAS-Process-Model",
            "WAS-NET-Environment",
            "WAS-Config-APIs",
            "Web-Lgcy-Scripting",
            "Windows-Identity-Foundation",
            "Server-Media-Foundation",
            "Xps-Viewer"
    )


    #Prompt To Start Role/Feature Installation
    $title = "Do you wish to perform an online or offline installation?"
    $message = "Please ensure that you have read and understand the instructions located at http://gallery.technet.microsoft.com/DownloadInstall-SharePoint-e6df9eb8. 'Online' means Windows Server 2012 is connected to the Internet and Windows Update is used to download supporting files, Offline means Windows Server 2012 is not connected to the Internet and you have your Windows Server 2012 installation media mounted/copied to this server to install supporting files."

    $yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Online", `
       "Uses Windows Update to download and install necessary components related to .NET 3.5 feature (NET-Framework-Core)"

    $no = New-Object System.Management.Automation.Host.ChoiceDescription "O&ffline", `
           "Uses Windows Server 2012 media to install necessary components related to .NET 3.5 feature (NET-Framework-Core)"

    $options = [System.Management.Automation.Host.ChoiceDescription[]]($yes, $no)

    $result = $host.ui.PromptForChoice($title, $message, $options, 0) 

    $windowsServer2012MediaPath = ""
    Write-Host ""

    switch ($result)
    {
        
        0 {"You will be using Windows Update to download the necessary components to install features related to .NET 3.5. This will extend the duration of your Role/Feature installation."}
        1 {$windowsServer2012MediaPath = $(Read-Host -Prompt "Please enter the directory pointing to the directory of your Windows Server 2012 installation media. Fore example, D:\sources\sxs")}
    }
    Write-Host ""


    Try 
    { 
    # Create PowerShell to execute 

        $source = "" 

        if($windowsServer2012MediaPath -ne "") {
           $source = ' -source ' + $windowsServer2012MediaPath
        }
        

        $myCommand = 'Add-WindowsFeature ' + [string]::join(",",$WindowsFeatures) + $source

        # Execute $myCommand
        $operation = Invoke-Expression $myCommand    

        if ($operation.RestartNeeded -eq "Yes") { 
        
             #Prompt User for Restart
       $title = "Restart your server now?"
       $message = "Would you like to restart your server now? It is required to complete the Windows Role/Feature Installation."

       $yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes", `
             "Restarts your Windows Server 2012 server now to complete the Role/Feature installation."

       $no = New-Object System.Management.Automation.Host.ChoiceDescription "&No", `
        "Does not restart your server now... But you should..."

       $options = [System.Management.Automation.Host.ChoiceDescription[]]($yes, $no)

       $result = $host.ui.PromptForChoice($title, $message, $options, 0) 

       switch ($result)
       {
            0 {Restart-Computer;}
            1 {"Your server will not restart at this time. Before installing the Pre-requisite files, restart your computer."}
       }


        }

    } 
    Catch 
    { 
        Write-Warning "Error when Adding Windows Features. Error details are below:" 
        Write-Error $_ 
        break 
    } 
      
} 

AddWindowsFeatures

References:

REF1 – http://kx.cloudingenium.com/
REF2 – https://gallery.technet.microsoft.com 

Next Steps:

https://autospinstaller.com/

SharePoint Farm Task List Sample

Posted on

Farm:

Capacity planning and sizing.
Server acquisition and setup.
Deployment.
Scaling out, patching, and operations.
Backing up data.
Maintaining a disaster recovery environment.

Server Operating System:

SQL Server
SharePoint 2014 Server License
SharePoint 2014 Client Access License

Design the SharePoint environment on-premises environment:

SharePoint farm topology and logical architecture.
Server hardware.
Virtual environment
Load balancing.
Integration with Active Directory and DNS.
Design the disaster recovery environment.

Deploy and manage the SharePoint on premises environment:

Provision servers.
Deploy the SharePoint environment.
Update SharePoint farm servers.
Add or remove farm servers as needed based on farm utilization.
Backup the SharePoint environment.
Implement the disaster recovery environment and protocol.

Front-end servers:

Service applications, services, and components that serve user requests directly are placed on front-end servers.
These servers are optimized for fast performance.

Batch-processing servers:

Service applications, services, and components that process background tasks are placed on a middle-tier of servers referred to as batch processing servers.
These servers are optimized to maximize system resources.
These servers can tolerate greater loads because these tasks do not affect performance observed by users.

Database-servers:

Guidance for deploying database servers remains the same.
In a small farm, server roles can be combined on one or two servers.
For example, front-end services and batch-processing services can be combined on a single server or on two or more servers to achieve redundancy.

Object cache user accounts in SharePoint Server 2013

Posted on Updated on

From TechNet we can read

“The object cache stores properties about items in SharePoint Server 2013. Items in this cache are used by the publishing feature when it renders web pages. The goals of the object cache are to reduce the load on the computer on which SQL Server is running, and to improve request latency and throughput. The object cache makes its queries as one of two out-of-box user accounts: the Portal Super User and the Portal Super Reader. These user accounts must be properly configured to ensure that the object cache works correctly. The Portal Super User account must be an account that has Full Control access to the web application. The Portal Super Reader account must be an account that has Full Read access to the web application.”

The problem is that assigning accounts like SuperUser and SuperReader to your Web Applications is not enough, you need to give Full Control to SuperUser and Full Read to SuperReader, so you can have everything working and well. Sometimes scripts stop running and sites become inaccessible because bad configuration off Cache Accounts’.

This is my complete script to set the cached accounts according:

cls
$ver = $host | select version
if ($ver.Version.Major -gt 1)  {$Host.Runspace.ThreadOptions = "ReuseThread"}
Add-PsSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
Import-Module WebAdministration -ErrorAction SilentlyContinue
 
## SharePoint DLL
[void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") 
$wa = Get-SPWebApplication -Identity "http://yoursite.corp"
$SuperUserAcc = "i:0#.w|DOMAIN\SP_YourSuperUser"
$SuperReaderAcc = "i:0#.w|DOMAIN\SP_YourSuperReader"
Function Set-WebAppUserPolicy($wa, $userName, $displayName, $perm) 
{
    [Microsoft.SharePoint.Administration.SPPolicyCollection]$policies = $wa.Policies
    [Microsoft.SharePoint.Administration.SPPolicy]$policy = $policies.Add($userName, $displayName)
    [Microsoft.SharePoint.Administration.SPPolicyRole]$policyRole = $wa.PolicyRoles | where {$_.Name -eq $perm}
    If ($policyRole -ne $null) {
        $policy.PolicyRoleBindings.Add($policyRole)
    }
    $wa.Update()
}

$wa.Properties["portalsuperuseraccount"] = $SuperUserAcc
Set-WebAppUserPolicy $wa $SuperUserAcc "Super User (Object Cache)" "Full Control"
$wa.Properties["portalsuperreaderaccount"] = $SuperReaderAcc
Set-WebAppUserPolicy $wa $SuperReaderAcc "Super Reader (Object Cache)" "Full Read"
$wa.Update() 

Install and Configure SharePoint 2013 with Powershell

Posted on Updated on

This article intent to demonstrate how to automate Configuration and Installation in a DEV Environment

The Source 

Codeplex Tools for installing and configuring SharePoint 2013

Tools

  1. AutoSPInstaller v3
  2. AutoSPInstallerGUI

The secret is follow a sequence:

  1. Copy SharePoint Binaries, Service Pack’s and Language Packs to folder structure
  2. Configure your XML File with AutoSPInstallerGUI
    1. Configure Installation
    2. Configure Farm
      1. Create your Portal App
      2. Create MySites App
    3. Configure Service Applications
  3. Choose to stop the script after install binaries

Copy SharePoint Binaries, Service Pack’s and Language Packs to folder structure

 image  

image

image

Use the correct language code, in my case folder “pt-pt”

Configure your XML File with AutoSPInstallerGUI

Download tools for a folder and open “AutoSPInstallerInput.xml”

image

image

image

image

image

Configure Services

Bellow is my script that will install and configure

  1. MMS
  2. UPS
  3. Search
  4. State
  5. Usage and Health
  6. Secure Store
  7. Subscription Service
  8. App Management
  9. Work Management
  10. Machine Transaction
  11. PDF MIME Type Configure

Result

image

Script

Get here: http://wp.me/a4C9Xq-2e

Use a provider-hosted App with HTTP

Posted on Updated on

In some cases you may want to use HTTP instead of HTTPS in your ISS Web Site for consuming in your SharePoint Provider-hosted App. Here how to do it

if ((Get-PSSnapin -Name Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue) -eq $null)
{
    Add-PsSnapin Microsoft.SharePoint.PowerShell
} 
# Allow SPSecurityTokenService over HTTP
$serviceConfig = Get-SPSecurityTokenServiceConfig
$serviceConfig.AllowOAuthOverHttp = $true
$serviceConfig.Update()
Write-Host “You’re about to do a iisreset. Press any key to continue or CTRL+C to cancel.”
Read-Host
iisreset  

On-Premises Provider-hosted Apps – Part II

Posted on Updated on

Part IOn-Premises Provider-hosted Apps – Creating a Task List and Fundamental Configurations

Part II – Creating a High Trust relationship between your Web Application and SharePoint 2013

In Order to provide a trusted relation between your Web Application and SharePoint, you must tell that your website created in Part I is secure and can be added to the App Catalog and communicate with your Iframe within the Application Part of your Visual Studio project.

Task List

  1. Ensure that your have a non “sharepoint\system” user, eg: “DOMAIN\SP_Apps”
  2. Ensure that the User is part of the Site Collection Administrator in the App Calalog and Target Sharepoint Site
  3. Ensure that the User in the IIS Application Pool for the App Catalog and Target SharePoint Site have Full Control over the folder that have the Certificates
  4. Ensure that your GUID in the Powershell Command is in Lowercase, stupid? ya, but can have some issues

Creating the Full Thrust

if ( (Get-PSSnapin -Name Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue) -eq $null )
{
    Add-PsSnapin Microsoft.SharePoint.PowerShell
}
$CertPath = "C:\Certs\ProviderHostedApps.cer"
$CertName = "ProviderHostedApps"
#create certificate from cer file
$certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($CertPath)
# Make the certificate a trusted root authority in SharePoint
New-SPTrustedRootAuthority -Name $CertName -Certificate $certificate 
# Get the GUID of the authentication realm
$realm = Get-SPAuthenticationRealm
# Generate a unique specific issuer ID
$specificIssuerId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
# Create full issuer ID in the required format
$fullIssuerIdentifier = $specificIssuerId + '@' + $realm 
Write-Host $fullIssuerIdentifier
$tokenIssuerName = "ProviderHostedApps Hi-Trust Apps " + $specificIssuerId
Write-Host $tokenIssuerName
# Register the token issuer
New-SPTrustedSecurityTokenIssuer -Name $tokenIssuerName -Certificate $certificate -RegisteredIssuerName $fullIssuerIdentifier -IsTrustBroker
Write-Host "ProviderHostedApps Issuer ID:" $specificIssuerId
Write-Host "You're about to do a iisreset. Press any key to continue or CTRL+C to cancel."
Read-Host
iisreset 
 

Now go to Central Administration

_admin/ManageTrust.aspx

On-Premises Provider-hosted Apps – Part I

Posted on Updated on

PART I – Creating a Task List and Fundamental Configurations

Part II – Creating a High Trust relationship between your Web Application and SharePoint 2013

There is many information on the Internet in order to configure SharePoint Apps, the problem is that a sequence of small errors can broke your configuration. This article is provided in a way that you can follow a sequence that will help you configuring SharePoint 2013 Provided-hosted Apps On-Premises. I will provide some links in order to you configure each point of the Task List

I assume that you have SharePoint and IT Skills

Before you begin:

SharePoint 2013 Provider Hosted Apps Model:

  1. From Microsoft: Choose patterns for developing and hosting your app for SharePoint – Provider-hosted apps

What tools will i need:

  1. Microsoft Web deploy 3.5
  2. IIS 6.0 Resource Kit

Help me build a Task List in a DEV Environment

  1. Configure DNS
    1. Create a Host A for your main SharePoint Application for IP: 127.0.0.1 sp.domain.local
    2. Create a Host A for IIS Application (Isolated) for IP: 127.0.0.1 web.domain.local
    3. Create a Host A for the App Catalog (Isolated) for IP: 127.0.0.1 apps.domain.local
    4. Edit your host file “C:\Windows\System32\drivers\etc”

The goal pointing to localhost, is you can resolve all sites even not connected to Internet

  1. Configure SharePoint 2013 Apps
    1. Create a App Catalog Site in sp.domain.local under /sites/
    2. Configure SharePoint Central Administration for the App Catalog
  2. Configure IIS for web.domain.local
    1. Install Management service delegate
    2. Manage Certificates
    3. Apply SSL to web.domain.local

Create Hosts in DNS

image

Install Management service delegate

image image

Create a App Catalog Site in sp.domain.local under /sites/

image
image
image

NOTE:

Create as SP_Farm because you Can’t manage Apps as System Account

Manage Certificates

 

image
image
image
Double Click Your Certificate to CER File
 image
Right Click Your Certificate to PFX File
image

Apply SSL to web.domain.local

image
image
image

Hope that help you, I’ll see you on part II