step-by-step SharePoint Setup with AutoSPInstaller

(the article is under construction)

How to setup SharePoint 2013/2016/2019 using AutoSPinstaller

the quick and easy way which can be used in your lab environment, as well in test and even in production and later be scaled-out, as performance and/or availability requirements grows up

Assume 3-tier topology – Front-End Server, Batch-Processing Server and SQL Server. Accounts according to least privilege principle.

Treat all server names, account names and domain names in this article are “for example”, i.e. you should use your own names.

What you must already have/get:

  • AD (Active Directory)

Prepare (request) hardware (virtual machines):

  • SP16SQL1 for SQL Server 2016
  • SP16WFE1 for SharePoint 2016 Front-End Roles
  • SP16BPS1 for SharePoint 2016 Batch-Processing Roles

SP16SQL1 for SQL Server 2016

refer to Microsoft SharePoint 2016 requirements for hardware specifications, but as minimum:

  • any 64-bit 4-core server CPU
  • RAM 4 GB for lab/test and 16+ GB for prod
  • HDD min 80 GB for system drive, 80 GB drive for application/data

Install MS Windows Server 2016 with GUI.
Configure time zone and time, static IP, name, language, region.
Add to domain.
Add App Server role, install updates, check event logs, resolve errors if any.

SP16WFE1 and SP16BPS1 for MS SharePoint 

refer to Microsoft SharePoint 2016 requirements for hardware specifications, but as minimum:

  • any 64-bit 4-core server CPU
  • RAM 8-12GB for lab/test and 16-24GB for prod
  • HDD min 80GB for system drive, 80GB drive for application

Install MS Windows Server 2016 with GUI.
Configure time zone and time, static IP, name, language, region.
Add to domain.
Add App Server role, install updates, check event logs, resolve errors if any.

Create (request) AD accounts:

– SQL-Adm
– SQL-Svc

– SP-Adm
– SP-Farm
– SP-Svc
– SP-PortalAppPool
– SP-ProfilesAppPool
– SP-CacheSuperUser
– SP-CacheSuperReader
– SP-ProfileSync
– SP-SearchService
– SP-SearchContent
– SP-ExcelUser
– SP-VisioUser
– SP-PerfPointUser

and

– SP_farm_administrators security group

add SP-Adm (and personal admin accounts) to SP_farm_administrators group

provide “Replicate Directory Changes” AD permissions to SP-ProfileSync account (refer to this how to article)

 

SQL Server:
add SQL-Adm to local administrators

SP Server:
add SP_farm_administrators group to local administrators group

Setup

on SQL Server:
login as SQL-Adm to install  MS SQL Server 2016

  • start MS SQL Server 2016 setup
  • features: Database Engine Services, (optional) Reporting Services – SharePoint
  • Directories: change to non-system drive
  • (optional) name instance
  • Service Accounts: use SQL-Svc as service account for SQL Server Agent and SQL Server Database Engine 
  • Server Configuration: AddCurrentUser
  • Data directories: ensure non-system drive is used
  • Windows Firewall and Advanced Security->Inbound Rules->New Rule->
    • Port TCP 1433-1434 Allow
    • Port UDP 1434 Allow

since “SQL Server Management Studio” is not a part of SQL Server, but distributed separately, you need to

  • download “SQL Server Management Studio” (any version – 2016+) and
  • install it on any machine – SQL, SharePoint or your personal workstation, then
  • start SQL Server Management Studio->Security->Logins
    • add SP_farm_administrators with roles securityadmin, dbcreator, public
  • SQL SQL Management Studio->Right Click on instance name->select properties->Advanced->Change Max Degree of Parallelism to 1

on SharePoint Server:
login as SP-Adm

  • (optional) setup MS SQL Server 2016 feature Reporting Services – add-in for SharePoint
  • check connection to SQL server
    • create empty file with extention .udl (create text file and rename it to sql.udl)
    • double-click it
    • enter server name, choose Windows NT integrated security, select database, Test Connection
    • if failed – check on SQL Server if protocol TCP/IP activated for remote access (SQL Server Configuration Manager -> SQL Server Network Configuration -> Protocols… -> TCP/IP -> Enable)
      check firewall
  • download AutoSPInstaller, unzip it, explore content

Generally, the steps are

  • install/configure prerequisites (Windows roles, some additional software)
  • install SharePoint binaries (SharePoint itself, language packs, updates)
  • create/configure farm (create configuration database, service applications, web applications etc.)

AutoSPInstaller is able to handle all steps, but personally I prefer to install prerequisites and SharePoint manually, and use AutoSPInstaller only to create/configure farm. If so, we will need only “Automation” folder from autospinstaller.zip

Prerequisites

I’d recommend copy all content from source SharePoint image to a folder. 

run prerequisiteinstaller.exe. It will take care of

  • Web Server (IIS) Role
  • Microsoft SQL Server 2012 Native Client
  • Microsoft ODBC Driver 11 for SQL Server
  • Microsoft Sync Framework Runtime v1.0 SP1 (x64)
  • Windows Server AppFabric
  • Microsoft Identity Extensions
  • Microsoft Information Protection and Control Client 2.1
  • Microsoft WCF Data Services 5.6
  • Microsoft .NET Framework 4.6
  • Cumulative Update Package 7 for Microsoft AppFabric 1.1 for Windows Server (KB3092423)
  • Visual C++ Redistributable Package for Visual Studio 2012
  • Visual C++ Redistributable Package for Visual Studio 2015
     

(optionally, you can run powershell:

Add-WindowsFeature Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase, WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Xps-Viewer

an then prerequisiteinstaller.exe )

It might require you to restart the server, then prerequisiteinstaller.exe will continue until you see “Installation Complete” message. Finally you must see “Installation Complete. All required prerequisites have been installed or enabled” message.

Now run setup.exe

Be ready to provide your SharePoint product key. You can use SharePoint trial key from here for test or evaluation environment. 

From Server Type choose “Complete” (for SharePoint 2013 only – option chosen by default).

NB! Choose File Location on “File Location” tab. I’d recommend install SharePoint on separate drive (e.g. E:).

Note that it says: “If you intend to use this computer as a search server, the search index files will be stored on the local drive. These files can be very large , so ensure that there is sufficient free space on the selected drive. To change where Microsoft SharePoint Server 2016 will store it’s index files…”

You might say that it is possible to configure index files location during provisioning Search Index component. 
Yes, I absolutely agree. But! There is also Analytics Processing Component, and during it’s work, it generates temporary files under “C:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\Analytics_GUID\AE\AnalyticsProcessingComponent1” which might be very big in size, and that location could not be “legally” changed. So if you miss this point, you might be required to reinstall SharePoint binaries later. See also this

After binaries installed, you should see “Run Configuration Wizard” “To complete configuration of your server, you must run the SharePoint Product Configuration Wizard”… 
Remove the checkmark “Run the SharePoint Product Configuration Wizard now” (untick this).
I.e. Do not run Product Configuration Wizard for now. Farm will be configured later via PowerShell AutoSPInstaller script.

If you need language packs – it’s time to install language packs. 

Now you are good to install Cumulative Update. Latest for test/lab environment, latest tested for production. Check updates against regressions (e.g. with Todd Klindt). 

Do not run Product Configuration Wizard.

Now let us have a closer look into AutoSPInstaller Automation folder.

у AutoSPInstallerInput.xml убираем атрибут “read only” файловой системы
AutoSPInstallerInput.xml правим так:
        <PIDKey></PIDKey> вбиваем ключ (можно триальный отсюда, потом вручную сменим на постоянный)
        <SKU>Enterprise</SKU> вбиваем Standard или Enterprise (ключ тогда должен быть соответствующий)
        <AutoAdminLogon Enable=”false” Password=”” /> вбиваем true и пароль, если хотим чтобы сервер каждый раз сам логинился (предполагается несколько перезагрузок)
        <Passphrase></Passphrase> вбиваем пароль/ключ (используется для присоединения дополнительных серверов к ферме)
        <Account…  везде, где встречаем DOMAIN\ или @domain, исправляем на наши реальные данные так:
            <Username>DOMAIN\SP_Farm</Username> , заменяем DOMAIN на настоящее имя нашего домена, оставляем название и имя учётки (SP_Farm) как есть
            <Password></Password> вбиваем пароль
            <Email>spfarm@domain.com</Email> вбиваем e-mail
        <CentralAdmin Provision=”true”>… ставим порт какой удобно, например <Port>2013</Port>
        <Database> первое упоминание делаем так
           <DBServer></DBServer>  вбиваем алиас для SQL Server (например <DBServer>SP3SQLAL</DBServer>)
                     DBInstance=”SERVER\INSTANCE” правим на только имя сервера (например, DBInstance=”SP3SQL1″)
            <DBPrefix>AutoSPInstaller</DBPrefix> меняем на удобный нам, например <DBPrefix>SP</DBPrefix>
        остальные упоминания <Database> не трогаем (оставляем пустыми как есть)
        <ManagedAccounts> домен и пароль  меняем на свой, всё остальное – названия акаунтов и сами акаунты – оставляем как есть
        <Logging><LogDiskSpaceUsageGB></LogDiskSpaceUsageGB> поставить приемлемое для своего дискового пр-ва значение, например 5
        <AppManagementService если вы в состоянии это сделать, то оставляем Provision=”true”
                и следуем инструкциям, например Setting up your App domain for SharePoint 2013
                иначе – ставим Provision=”false”

  • Собственно установка
    • Запускаем от имени администратора (Run As Administrator) батничек AutoSPInstallerLaunch.bat
    • Но не идём курить, как некоторые советуют, а пьем чай и наблюдаем, т.к. иногда срабатывает UAC и надо тыкнуть “OK”
    • Если скрипт почему-то “слетает”, то смотрим “почему”, поправляем и запускаем снова, ничего не меняя в других настройках.

Последействия:
        <AutoAdminLogon Enable=”false” Password=”” /> стираем пароль
        <Passphrase></Passphrase> стираем

поправить параметры логирования под себя

если есть exchange, можно настроить OutgoingEmail и сам Exchange

 

Notes:

if you plan federated SharePoint environment, i.e. having Publishing (Service) Farm and Consuming (Content) Farm – plan for SQL aliases carefully.

 

Sources:

Brian Lalancette: AutoSPInstaller 

Technet: Account permissions and security settings in SharePoint 2013
Technet: Install SharePoint 2013
Technet: Hardware and software requirements for SharePoint 2013
CodePlex: Automated SharePoint 2010/2013 PowerShell-based installation script
Technet: virtual environment for SharePoint 2013
Setting up your App domain for SharePoint 2013

F5 Load Balancing for SharePoint 2016

 

Management Tools Basic+Complete;

SharePoint Updates Qiuck Guide

(this article is under development)

It is important to test the update process in a test environment. Test environment must be as much as possible similar to production.

 

Applying SharePoint updates to a server farm

Safest update method

The safest method to update a SharePoint farm is to take the entire farm offline, update all servers, and then bring the farm back online. This method requires a maintenance window that might not be practical for all organizations.

High availability updating

High availability updating involves more planning, testing, and coordination. The general outline for the process includes the following steps.

Continue reading

SharePoint BC, HA and DR

(the article is under development)…

In short, keeping SharePoint online means designing a fault-tolerant architecture, coding customisations & apps in a well designed and tested manner, and implementing good SharePoint governance. First though, the architecture…

 

(SharePoint PLA – Product Line Architecture)

 

References:

Continue reading

SharePoint Distributed Cache

Distributed Cache should be patched separately from SharePoint (DC updatess will not come with SharePoint CUs…).

Do not use SharePoint Distributed Cache with your custom code.

 

Useful commands

Connect-AFCacheClusterConfiguration
Get-CacheHost
Get-AFCacheClusterHealth
Get-SPServiceInstance | ? {($_.service.tostring()) -eq "SPDistributedCacheService Name=AppFabricCachingService"} |fl
Get-AFCacheHostConfiguration -ComputerName XXX -CachePort "22233"
$svc=$f.Services | ? {$_.Name -eq "AppFabricCachingService"}
$svc.ProcessIdentity
Get-AFCacheAllowedClientAccount
#Stop-SPDistributedCacheServiceInstance –Graceful
#Update-SPDistributedCacheSize -CacheSizeInMB 1024
#Add-SPDistributedCacheServiceInstance
#Grant-AFCacheAllowedClientAccount -Account "domain\upsa_runas_account"
get-command -module DistributedCacheAdministration

 

=======================

Continue reading

SharePoint Workflow Manager setup

(see also Part1: SharePoint Workflow Manager Review)

Installation (offline) step-by-step

Ensure hardware/software requirements. Ensure/configure your server (time, time zone, IP, hostname, domain, language, region, ESC, updates, event log).

Accounts you need (for example):

  • Svc-WFM-FarmAdm – domain users + local admin on WFM Servers, DBCreator and SecurityAdmin on SQL
  • Svc-WFM-SBAcc – domain users
  • Svc-WFM-WFAcc – domain users

DNS: wfm.contoso.kz points to Workflow Manager Server (or load-balancer)

On an Internet connected machine:

Continue reading

SharePoint 2013 and Certificates. Quick Guide.

 

SharePoint Apps

wildcard SSL cert (*.contosoapps.com) is needed

$trustCert = Get-PfxCertificate "c:\wfm.cer"
New-SPTrustedRootAuthority -Name "Workflow Manager Farm" -Certificate $trustCert

Continue reading

SharePoint 2013 Configure an environment for apps Quick Guide

Configure App Management Service Instance and Service Application

purchase a domain name from a domain name provider for your apps, for example, ContosoApps.com
create a forward lookup zone for the app domain name (ContosoApps.com)
create a wildcard Alias (CNAME) record for the new domain name (*.ContosoApps.com -> Portal.contoso.com)
create a wildcard SSL certificate for app domain (*.ContosoApps.com)

Start App Management and Microsoft SharePoint Foundation Subscription Settings services.

Continue reading

SharePoint Workflow Manager quick review and setup guide

What is Workflow Manager

  • Formerly Azure Workflow Server/Services (AWS)
    – Same “code base” as Windows Azure Service Bus
  • Windows Workflow Foundation – .NET 4.5
  • Scalable and reliable workflow engine
  • REST based
  • Multi-tenant capable – logical construct of “scopes” provides partitioning

SharePoint 2013 Workflow Manager in comparison with 2010

  • Future of WF
  • Decoupled from SharePoint, and supporting other consuming platforms
  • Declarative only
  • On Premises or Cloud
  • Consistent with .NET Framework Workflow
  • Much more capable
  • App friendly
  • Available in SharePoint Server only

Topologies

One or three servers (Service Bus and quorum implementation)

Continue reading

WAC FAQ

Office Web Apps = WAC (Web Application Companion)

Outlook Web Access = OWA

Can be used by SharePoint, Exchange, Lync.
Can be shared between SharePoint Farms.
Used Mail.ru, OneDrive and Yammer.
 

Based on new WOPI protocol (open, documented) = Web Application Open Plaform Interface
WOPI hosts (SharePoint…); WOPI Apps/Clients (WAC, Office Web App)

Licensing. Free for viewing. Edit licence comes with Office Std/Pro license.

Support ODF 1.2, PDF.

How WAC/WOPI works:

 

Architecture

3 servers in WAC farm to support high availability and still be able to upgrade/pach the farm.

(recommendation) use session affinity on the load balancer

Continue reading