Getting Fiddler to work with SharePoint Online


Something that I’ve always struggled with is getting Fiddler to provide me with REST API results for SharePoint online. These steps should help you.

Install and configure Fiddler

  1. First download and install Fiddler if you haven’t already. You can download fiddler at the following URL : https://www.telerik.com/download/fiddler Unfortunately you have to use an email address to be able to download it now.
  2. After first install of Fiddler, you will get an AppContainer Configuration dialog appear. Just click Cancel for now.
  3. Once Fiddler has opened, from the menu click Tools > Telerik Fiddler Options
  4. On the HTTPS tab ensure that Decrypt HTTPS traffic is selected
  5. Click OK. You will get a dialog asking if you should Trust the Fiddler Root certificate. It is fine to say Yes here.
  6. Say Yes to install the certificate.
  7. They really want to make sure, you are sure. Click Yes again.
  8. Fiddler’s root certificate has now been added to the Machine Root List.
  9. Close and Restart Fiddler.

Composing a REST URL for SharePoint Online.

First we need to log in to SharePoint online.

Now this is the point when I can never get it to work. I open IE/Edge, and instantly whenever I try to hit a https web page I get the following screen.

The trick here is to open Chrome and use that instead.

  1. Using Chrome, log in to your SharePoint online.
  2. In Fiddler, you should see in the left pane, it’s been capturing all your requests. Find a 200 result for your SharePoint site.
  3. In the right hand pane, take down the following information and store it in NotePad.
    1. FedAuth Cookie
    2. rtFA Cookie
  4. Above the right hand pane in Fiddler, one of the tabs is called Composer click on this tab.
  5. In the GET section put your REST API request E.g https://<YourOnlineName>.SharePoint.com/sites/Workflow/_api/web
  6. In the section below enter the following:
    Accept: application/json;odata=verbose
    Content-Type: application/json;odata=verbose
    Cookie:
    
  7. After cookie, you will want to put the rtFa=<rtFaCode>;FedAuth=<FedAuthCode>
  8. Click the Execute button at the top right of the screen. Once you have pressed it a call will be made and show up in the left hand pane. It’s easy to spot because the icon is for JSON.
  9. Double click on this entry and the right hand bottom pane, you will have your JSON response.

Performing Post Requests

There are a few more steps to complete to perform a post request, I’m going to walk you through the steps below. I already have a list called FiddlerList in my SharePoint online site. Currently it holds one item. (My site called Workflow as I was testing something with workflow before working on this post, this has nothing to do with the demo, hopefully it won’t confuse you)

  1. In Fiddler, from your previous composed GET request, first change the GET request to list all items currently in this list. My GET request is now https:// <YourOnlineName>.sharepoint.com/sites/Workflow/_api/web/Lists/getByTitle(‘FiddlerList’)/Items
  2. The results are show below. Take note of your type in the __metadata node. Mine is SP.Data.FiddlerListListItem
    you will need this later for adding an item. The type is normally SP.Data.<ListName>ListItem
  3. Now we need to create a POST request to the URI of /_api/contextinfo and then capture the FormDigestValue

  4. Now we have all the information required to create an item. Go back to the composed tab. Change the URI back to the way we had before to get the list items. https://<YourOnlineName&gt;.sharepoint.com/sites/Workflow/_api/web/Lists/getByTitle(‘FiddlerList’)/Items
  5. Add the X-RequestDigest: put in your FormDigestValue. Your page should look similar to below.
  6. Then in the bottom pane, the Request Body, put the following (Remember to change the type to match your list type).
    {'__metadata': {'type':'SP.Data.FiddlerListListItem'},
    'Title':'Created by Fiddler REST'
    };
    
  7. Click Execute
  8. If all has worked well you should get a 201 Create Response back, and see the item created in your list.

Update API Request

To perform an update to the list item, first we need to know what the Item ID is. At the end of the 201 create JSON response I can see that the Item I created has the ID of 2.

  1. In my composer I have changed my URI to https://<YourOnlineName>.sharepoint.com/sites/workflow/_api/web/Lists/getByTitle(‘FiddlerList’)/Items(2)
  2. In the top pane, I have set the content-length back to 0 and added IF-MATCH: * and X-HTTP-Method: PATCH this indicates that the post request is actually an update.
  3. Lastly in the bottom pane, Request Body, I have changed the Title.

    Note: Screen shot shows MERGE which is backwards compatible, should use newer command PATCH.
  4. After executing, I get a 204 response, and I can see the title has changed in my list.

Delete API Request

Lastly I’m going to delete my item.

  1. Change X-HTTP-Method to say DELETE instead of PATCH
  2. Remove the Request Body text.
  3. Click Execute, you will get a 200 response back.
  4. Your item has now been removed from the List.

The above should be enough to get you going. You can now use fiddler to test out your REST API calls.

Building SharePoint 2016 development environment – Part 16 – Installing and setting up Visual Studio


A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

The last part of the 16-part series is to install and set up visual studio so you can start developing on your machine.

I’m going to use Visual Studio 2015 Community edition, this might not be suitable for you, you might have access to Visual Studio 2015 Enterprise/Professional edition. Also there is Usage agreements to the Visual Studio 2015 Community edition, which if in an organisation you might be breaking the licensing agreement.

Downloading Visual Studio Community

  1. Open a browser, and go to URL https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx
  2. Click Download Community 2015 button
  3. Run or Save then run, the download file.
  4. Once the installer has started, select Custom then click Next
  5. On the Select Features screen, I didn’t need to select anything and clicked Next. However, you might want extra programming languages, maybe the common tools such as the Git for Windows extension.
  6. Click Install.
  7. When finished, you will be asked to reboot your machine. Click Restart Now.

Configuring Visual Studio

  1. After your server has rebooted, Sign in and open Visual Studio
  2. You will be presented with a screen to connect to your developer services, if you have any sign in now. It is worth looking into if you are planning on doing some Azure, as you can get some free credits by signing up to Visual Studio Dev Essentials https://www.visualstudio.com/en-us/products/free-developer-offers-vs.aspx. Either sign in, or click Not now, Maybe later.
  3. It will prepare Visual Studio for you on your machine as it is the first time it has been opened.
  4. First thing to do once open is check if there are any updates required. From the Visual Studio menu click Tools > Extensions and Updates… Update anything that needs updating.

Installing Office and SharePoint 2016 Developer Tools

After installing all your updates for Visual Studio, if you go and try to create a new project, you will find that there is no Office/SharePoint templates.

You will need to install this. Note: If you have already installed Microsoft Office Developer Tools for Visual Studio 2015 and Microsoft Office Developer Tools Preview for Visual Studio 2015, you will need to uninstall these first otherwise SharePoint 2016 projects will not show up in Visual Studio.

  1. In a browser go to the URL https://www.microsoft.com/en-us/download/details.aspx?id=51683 and click Download to download Microsoft Office Developer Tools Preview 2 for Visual Studio 2015
  2. Select 14.0.23930\enu\cba_bundle.exe. Once downloaded, run.
  3. Click Install
  4. After it has successfully installed, you can click Close
  5. Open Visual Studio 2015 (Don’t forget to run as Administrator)
  6. Click File > New > Project
  7. Under Templates > Visual C# > Office/SharePoint > SharePoint Solutions and you should see the SharePoint 2016 templates.

Getting around the cannot connect to the target site message.

If you continued from the last part to create a SharePoint project and tried to connect to SharePoint, you would have got the following message about SharePoint solutions only work with locally-installed version of SharePoint Foundation or SharePoint Server.

To get around this problem you have to add the URL’s to your host file.

  1. Open Notepad as administrator
  2. Open the file C:\Windows\System32\drivers\etc\hosts. (You will need to look at all files, not .txt files to see it)
  3. Add the following lines and then save the hosts file.
    127.0.0.1 dev.cfcode2016.com

    127.0.0.1 intranet.cfcode2016.com

  4. Now when you click the Validate button in Visual Studio – SharePoint Customization Wizard you will get a connection successful message.

Other programs to install

You might decide not to use Visual Studio 2015, and use Visual Studio Code as I’m aware some developers are now doing, mainly because it is a lot faster to run on the machine. You might also want to install Office products such as Word/Excel.

Removing old Checkpoints.

Now your machines are complete, you probably don’t have a reason to go back re-apply an old checkpoint. Therefore it make sense to clean them up. After all every time you take a checkpoint a new file is created on your host, and the difference between your original or previous checkpoint file is stored within this new file. If you take a look at where your Virtual Machine stores it’s hard drive, there will be multiple files, all quite large in size. Not including the folders, this takes up over 85GB of space on my host machine.

  1. Ensure that your Hyper V virtual machines are shut down.
  2. Here you can either delete just the CheckPoints you want, or delete the whole subtree. As I don’t need to keep any of my checkpoints, I’m going to select the top checkpoint and then click Delete Checkpoint subtree from the right pane.
  3. Click Delete on the confirmation dialog box.
  4. If you look back where you store your Virtual Machines its hard drive, it looks a lot less messy, and uses up less space. (Total over 47GB)

Thank you for reading this series, hopefully you found it useful.

Building SharePoint 2016 development environment – Part 15 – Configuring Workflow


A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

The configuration of the Workflow Manager for SharePoint 2016 is the same as it was for SharePoint 2013. Not only do you need to install the separate Workflow Manager components, once installed SharePoint designer will show SharePoint 2013 Workflow in a dropdown when deciding which platform to build the workflow on.

We will be installing Workflow Manager 1.0 CU3. Although my instructions add all this to the SharePoint Machine, the reason why Microsoft have made the Workflow manager separate is for scaling. There is no need for this to be installed on the SharePoint box. You could create another Windows Server 2012 R2 and add that to the domain and run the Workflow manager on that. There are probably a few more steps required in configuring. Here is a full walkthrough provided by Microsoft Technet https://gallery.technet.microsoft.com/SharePoint-2016-Workflow-acd5ba2a if you wish to delve in deeper.

Installing SharePoint Designer 2013

Wait! SharePoint Designer 2013? Yes.

There is no SharePoint Designer 2016, there is no plan to release one either. Microsoft have stated that they will support SPD 2013 with SharePoint 2016. We are installing SharePoint Designer here because I can use it to prove if you have correctly configured Workflow Manager with SharePoint 2016 correctly.

SharePoint Designer 2013 is a free tool from Microsoft.

  1. Download SharePoint Designer 2013 32bit from the Microsoft Site.
    https://www.microsoft.com/en-GB/download/details.aspx?id=35491
  2. Once downloaded run the file sharepointdesigner_32bit.exe
  3. Accept the License terms and click Continue.
  4. Click Install Now, (Unless you wish to customise and change file location, user information etc)
  5. Once installed, I’d recommend performing a Windows Update. From the Start Menu, type Windows Update, open the application and run any updates required. Reboot if necessary.

Check to see Workflow settings in SharePoint Designer

  1. From the start menu, type SPD and open SharePoint Designer 2013.
  2. Once it has loaded up, click Open Site
  3. Type the URL https://dev.cfcode2016.com click Open
  4. If prompted, enter your credentials
    User: cfcode2016\SP_SetupPassword: Pa55w0rd
  5. From the Navigation menu, select Workflows

  6. On the ribbon menu, select List Workflows > Documents

  7. In the Create List Workflow dialog, at the bottom you will see a dropdown box for Choose the platform to build your workflow on. Only SharePoint 2010 will be listed.

  8. When we come back to this later, we will see SharePoint 2013 Workflow. Close SharePoint Designer for now.

Configuring Workflow Manger accounts

The Workflow Manager will run under new accounts that we haven’t created yet.

  1. On the Domain Controller machine, in the start menu, type Active Directory Users and Computers and open it.
  2. Expand the tree in the left hand pane to see the Managed Service Accounts OU. Select the Managed Service Accounts OU.
  3. Right click in the right hand pane, and select New > User.
  4. Create a user called SP_Workflow. Set the full name and log on name to SP_Workflow. Click Next.
  5. In the password dialog screen, enter the following and click Next
    1. Password and Confirm Password as: Pa55w0rd
    2. Untick User must change password at next logon.
    3. Leave User cannot change password as unticked
    4. Tick Password never expires
    5. Leave Account is disabled as unticked
    6. Click Next. Then click Finished.

Setting up SQL with the correct Security Accounts

  1. On the SharePoint Machine, from the start menu, type SQL Server Management Studio and open up the application
  2. In SQL Server click Connect. (This should be to SQL2016 database instance).
  3. In the left hand menu expand Security. Right click Logins. And select New Login…
  4. In the Login – New dialog box, click the Search button.
  5. Click the Locations button and select Entire Directory.
  6. Type SP_Workflow in the Enter the object name to select, and click Check Names. This will resolve the name. Click OK.
  7. In the left hand panel select Server Roles.
  8. Tick both securityadmin and dbcreator then click OK.
  9. Close down SQL Server Management Studio

Giving SP_Workflow administrative rights on the SharePoint machine.

  1. From the start menu, type Edit local users and groups and open up the application.
  2. In the left hand panel, select Groups
  3. In the right hand pane, double click Administrators
  4. On the Administrators Properties dialog box, click Add
  5. Type SP_Workflow in the Enter the object name to select, and click Check Names. This will resolve the name. Click OK.
  6. Close Edit local users and groups.

Install the Microsoft Web Platform Installer 5.0

  1. Go to the URL https://www.microsoft.com/web/downloads/platform.aspx and download the latest Microsoft Web Platform Installer
  2. Once downloaded run the file wpilauncher.exe
  3. If like my machine it is already on there, it will just open the Web Platform Installer 5.0 else it will install it for you. Accept the License Agreement and click Install. Then click Finish when complete.

Install Workflow manager

  1. From the Start menu, type Web Platform Installer and open the application

  2. In the search box in the top right of the screen, type Workflow Manager and press Enter.
  3. Click Add on the Workflow manager 1.0 Refresh (CU2) and click Install at the bottom.

  4. Click I Accept

  5. When complete, click Continue.

  6. Click Finish.

  7. Close the Workflow Manger Configuration Wizard that has popped up.

Apply Cumulative Update 3.0 for Workflow Manager 1.0

  1. Close and re-open the Web Platform Installer 5.0 we are going to install the CU 3. (You need to close and re-open otherwise the installer thinks Workflow Manger 1.0 hasn’t been installed)
  2. Type Workflow Manger and press Enter in the top right search box.
  3. Click Add for Workflow Manager 1.0 Cumulative Update 3, then click Install at the bottom.
  4. Click I Accept. Once installed click Finish. Click Exit on the Web Platform Installer.

Configure the Workflow manager

  1. From the start menu, type Workflow Manager Configuration
  2. Click on Configure Workflow Manger with Custom Settings
  3. In the Configure Farm Management Database,
    1. Enter your SQL Server Instance: sql2016.cfcode2016.com
    2. Tick Use the above SQL Server Instance and Settings for all Databases
    3. Enter the Database Name: WF_ManagementDB
    4. Click Test Connection button to ensure all working OK.
  4. In the Configure Instance Management Database
    1. Enter the Database Name: WF_InstanceManagementDB
    2. Click Test Connection button to ensure all working OK.
  5. In the Configure Resource Management Database
    1. Enter the Database Name: WF_ResourceManagementDB
    2. Click Test Connection button to ensure all working OK.
  6. In the Configure Service Account
    1. Enter the User ID: CFCODE2016\SP_Workflow
    2. Enter the Password: Pa55w0rd
  7. In Configure Certificates
    1. Leave Auto-generate ticked
    2. Certificate Generation Key: Pa55w0rd
    3. Confirm Certificate Generation Key: Pa55w0rd
  8. In Configure Ports leave default port numbers
    1. https: 12290
    2. http: 12291
    3. Leave Allow Workflow management over HTTP on this Computer unticked
    4. Leave Enable firewall rules on this compute unticked (As we have disabled our firewall)
  9. In Configure Admin Group
    1. Leave BUILTIN\Administrators
  10. Click Next button
  11. On the Service Bus Configuration page, please provide the following
  12. In Configure Farm Management Database
    1. Enter the Database Name: Sb_ManagementDB
    2. Click Test Connection button to ensure all working OK
  13. In Configure Gateway Database
    1. Enter the Database Name: Sb_GatewayDB
    2. Click Test Connection button to ensure all working OK
  14. In Configure Message Container Database
    1. Enter the Database Name: Sb_MessageContainerDB
    2. Click Test Connection button to ensure all working OK
  15. In Configure Service Account
    1. Tick Use the same service account credentials as provided for Workflow Manager
  16. In Configure Certificate
    1. Tick Auto-generate
    2. Tick Use the same certificate generation key as provided for Workflow Manager
  17. In Configure Ports
    1. https: 9355
    2. tcp: 9354
    3. Message Broker Port: 9356
    4. Internal communication Port Range: 9000
    5. Untick Enable firewall rules on this computer (as we have disabled out firewall)
  18. In Configure Admin Group
    1. Leave BUILTIN\Administrators
  19. Click Next button
  20. On the Summary page, click the Tick button at the bottom right of the screen to start installation.
  21. The configuration process can take up to 10 minutes to complete. Once complete, you will see a success pag

Add Workflow Manager Certificate into SharePoint

  1. In Start Menu, type IIS and open Internet Information Services (IIS) Manager
  2. Expand your server name, and Sites. You will now see a site called Workflow Management Site

  3. Click on Workflow Management Site, then on the right hand pane, click Bindings
  4. Select https and click edit.

  5. On the Edit Site Binding, under SSL certificate you will see a Certificate that matches your Server Name. Click the View button.

  6. On the Certificate dialog, click on the Details tab.
  7. Then click Copy to File button.
  8. On the Certificate Export Wizard click Next.
  9. On the Export Private Key page, select No, do not export the private key, click Next

  10. On Export File Format page, select DER encoded binary X.509 (.CER) Click Next
  11. On File to Export page, select a path and filename on your machine. Click Next.

  12. Click Finish. You will receive a successful export message.

Import Certificate into SharePoint Trust

  1. Open SharePoint 2016 central administration
  2. Under Security > General Security click Manage Trust
  3. Click the New button in the ribbon.
  4. On the Establish Trust Relationship page, enter following information:
    1. Name: Workflow Manager
    2. Root Authority Certificate: <Select your file from previous steps>
  5. Click OK.
  6. You will see your certificate in the store.

Register Workflow Service Proxy

  1. In Start Menu, type SharePoint 2016 management Shell (run as administrator) and open the application
  2. In the console type:

Verify the Configuration of Workflow Manager.

  1. Open SharePoint 2016 central administration
  2. Click Application Management
    > Manage services applications
  3. At the bottom of the Manage Services Applications page, there will be Workflow Service Application Proxy

  4. If you click on Workflow Service Application Proxy it will take you a status page that will show you that workflow is now connected.

Check to see Workflow Settings are working in SharePoint Designer

  1. From the start menu, type SharePoint Designer and open the application
  2. Once SharePoint designer has opened, click Open Site.
  3. Type the URL https://dev.cfcode2016.com click Open.
  4. If prompted, enter your credentials
    User: CFCode2016\SP_Setup
    Password: Pa55w0rd
  5. From the Navigation menu, select Workflows
  6. On the ribbon menu, select List Workflow > Documents
  7. In the Create List Workflow dialog, at the bottom you will see a dropdown box for Choose the platform to build your workflow on. Both SharePoint 2010 and SharePoint 2013 should be listed if the Workflow is set up correctly.

We are almost at the end. You SharePoint farm is configured to give you a good start as a development machine. Only thing left now is actual development tools. That will be covered in my final post of the series. Shut down your machines, take a checkpoint. (We will remove checkpoints in the last post)

Building SharePoint 2016 development environment – Part 14 – Enterprise Search Centre


A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Creating a vanity name

  • Log into your domain controller. In Start type DNS and open the DNS Manager.
  • In the left hand pane, expand Forward Lookup Zones and click on cfcode2016.com
  • Right click on cfcode2016.com and select New Host (A or AAAA)…
  • Put in the name search, put the IP address point to the SharePoint Server. 192.168.137.200. Click Add Host

Search Centre Web application

We are now going to create a new Web Application for our Search center site. We are going to create a path-based site collection.

  1. From the start menu, type SharePoint 2016 Central Administration and open the site.
  2. Select Application Management > Manage Web Applications.
  3. In the ribbon click the New icon
  4. In the Create New Web Application dialog leave Create a new IIS web site selected and set up the following
    1. Name: SharePoint Search – 33333,
    2. Port:33333
    3. Host Header: <Leave Blank>
    4. Path: <Leave as default>
    5. Allow Anonymous: No
    6. Use Secure Sockets Layer (SSL): Yes
    7. Claims authentication Types: Leave as is, enabled, integrated, NTLM
    8. Application Pool: Search – 33333
    9. Select Security Account: CFCODE2016\SP_Search
    10. Database Name: SP_SearchDB
  5. Click OK.
  6. After Web Application created, click OK.

IIS Bindings and AAMs.

  • . In Start type IIS and open IIS Manager
  • Navigate to SharePoint Search -33333 and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the bindings for port 33333 and click Edit
  • Leave the host name blank, but select your certificate. Click Ok
  • Click Add
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Ensure you tick Require Server Name Indication. Enter the Host name as search.cfcode2016.com then select your certificate. Click OK
  • Open SharePoint 2016 Central Administration and select Application Management then Configure alternative access mappings.
  • On the right of the screen, change the Alternate Access Mapping Collection to SharePoint Search -33333
  • Click on the only entry https://cfsp2016:33333 and edit it to say https://search.cfcode2016.com, click OK.
  • Click Add Internal URLs enter https://cfsp2016:33333 click Save.
  • Click Add Internal URLs enter https://cfsp2016.cfcode2016.com:33333 click Save.

Create Search Centre Site Collection

  1. From Central Administration landing page, select Application Management then select Create site collections
  2. Ensure the Web Application is https://search.cfcode2016.com then enter the following information:
    1. Title: Enterprise Search
    2. URL: /
    3. Template Selection: Enterprise > Enterprise Search Center
    4. Primary Site Collection Admin: SP_Setup
  3. Click OK.
  4. Once site is created, just click OK.

Give All users visitors access to Search.

  1. Once the site has been created, navigate to https://search.cfcode2016.com
  2. Go to Site Settings. Click the Cog icon at the top right of the page, then select Site Settings.
  3. Under Users and Permissions, click Site Permissions
  4. Click on Enterprise Search Visitors.
  5. On the menu bar, click New > Add Users
  6. Type and select Everyone. Click Share.

Configure Search Service Settings

  1. Back in Central Administration, select Application Management then Manage service applications.
  2. Click on Search Service Application.
  3. On the Search Service Application page, the top of the screen is already asking you Where should user’s searches go? Click on the location link.
  4. Enter the URL as https://search.cfcode2016.com. Click OK.

Note: At this point I uploaded a document to my intranet.cfcode2016.com site.

Search Content Sources

Here we are going to configure the Content Sources so that it searches and brings back the correct content.

  1. Open SharePoint 2016 Central Administration.
  2. Open Application Management > Manage Service application > Search Service Application
  3. In the Quick Launch menu on the left, under Crawling click Content Sources
  4. Click on Local SharePoint Sites.
  5. In the Start Address remove everything apart from the following :
    1. https://hnsc.cfcode2016.com
    2. https://hnsc.cfcode2016.com:11111
  6. Under Crawl Schedules we are going to set it up to run full crawl once a week and incremental once day. You may configure this differently or not at all for you environment. It really depends how much you need search to be up to date. It is quite an intensive resource process, and we are running everything on one box. Under Incremental Crawl,
    click on Create Schedule
  7. Set the Type as Daily. Accept the defaults and click OK.
  8. Under Full Crawl, click on Edit schedule. Set the Type as Weekly. Accept the defaults and click OK.
  9. Click OK
  10. Back on the Manage Content Source page, click New Content Source in the menu and fill out the following:
    1. Name: People
    2. Content Source Type: SharePoint Sites
    3. Start Addresses: https://my.cfcode2016.com
      sps3s://my.cfcode2016.com
    4. Crawl Settings: Crawl everything under the hostname for each start address
    5. Crawl Schedule: (Same as Local SharePoint Sites, use the dropdown)

Setting the Super User and Super Reader account

  1. Back in SharePoint 2016 Central Administration, select Application Management > Manage Web Applications.
  2. Select SharePoint HNSC Web Application and then click User Policy from the ribbon.
  3. On the Policy for Web Application dialog, click the Add Users on the menu.
  4. Accept (All Zones) then click Next.
  5. Add the user cfcode2016\SP_SuperUser and tick Full Control. Click Finish
  6. Repeat steps 3-5 for cfcode2016\SP_SuperReader and give Full Read rights.
  7. Click OK and close Policy for Web Application.

Kick off a full crawl

  1. Head back to the Search Service Application Service (Application Management > Manage Service Applications > Search Service Application.
  2. On the quick launch menu area, look for Content Sources under Crawling and click it.
  3. On the Manage Content Source page, click Start all crawls. This will kick of search crawling on your server.
  4. After crawling had finished, I headed to https://search.cfcode2016.com and searched for my document I uploaded earlier called “typescript”

Issue with People Search.

If you go to your People Search and type * but find no results come back, and you have followed everything correctly, I would ask you to check one thing.

  1. In SharePoint 2016 Central Administration, go to Application Management > Manage Service Applications. Then highlight the SharePoint User Profile Service Application.
  2. Click Administrator from the ribbon. Ensure that SP_Search is in there and has the permission Retrieve People Data for Search Crawlers, and ensure that SP_Farm is in there with Full Control.
  3. After updating this, run another full crawl, then try People search again.

We are almost at the end of the blog series on building a SharePoint 2016 development machine. Two more posts to go. Setting up workflows and setting up Visual Studio. Shut down your machines, take a checkpoint.


Building SharePoint 2016 development environment – Part 13 – Configuring My Sites and User Profiles


A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

My Sites

We are now going to create a new Web Application for our My Site site. However, we are not going to create a HNSC like we did for the other sites, here we are going to create path-based site collection.

Creating a Web Application for MySites

  1. From the start menu, type SharePoint 2016 Central Administration and open the site.
  2. Select Application Management > Manage Web Applications.
  3. In the ribbon click the New icon
  4. In the Create New Web Application dialog leave Create a new IIS web site selected and set up the following
    1. Name: SharePoint My Site Host – 22222,
    2. Port:22222
    3. Host Header: <Leave Blank>
    4. Path: <Leave as default>
    5. Allow Anonymous: No
    6. Use Secure Sockets Layer (SSL): Yes
    7. Claims authentication Types: Leave as is, enabled, integrated, NTLM
    8. Application Pool: MySites – 22222
    9. Select Security Account: CFCODE2016\SP_Content
    10. Database Name: SP_MySitesDB
  5. Click OK.
  6. After Web Application created, click OK.
  7. After you have created your Web Application, you should be returned to the Manage Web Application page. Select SharePoint My Site Host by clicking on it. This will highlight the line and items in the ribbon will become available to you.
  8. In the ribbon click the button Managed Paths
  9. In the Define Managed Paths dialog, tick Sites. Then click the link Delete Selected Paths.
  10. Now add a new path called personal and make it Wildcard inclusion
  11. Click OK.

IIS Bindings and AAMs.

  • . In Start type IIS and open IIS Manager
  • Navigate to SharePoint My Site Host -22222 and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the bindings for port 22222 and click Edit
  • Leave the host name blank, but select your certificate. Click Ok
  • Click Add
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Ensure you tick Require Server Name Indication.
    Enter the Host name as my.cfcode2016.com then select your certificate. Click OK
  • Open SharePoint 2016 Central Administration and select Application Management then Configure alternative access mappings.
  • On the right of the screen, change the Alternate Access Mapping Collection to SharePoint My Site Host -22222
  • Click on the only entry https://cfsp2016:22222 and edit it to say https://my.cfcode2016.com, click OK.
  • Click Add Internal URLs enter https://cfsp2016:22222 click Save.
  • Click Add Internal URLs enter https://cfsp2016.cfcode2016.com:22222 click Save.

Create My Site Hub

  1. From Central Administration landing page, select Application Management then select Create site collections
  2. Ensure the Web Application is https://my.cfcode2016.com then enter the following information:
    1. Title: My Site Hub
    2. URL: /
    3. Template Selection: Enterprise > My Site Host
    4. Primary Site Collection Admin: SP_Setup
  3. Click OK.
  4. Once site is created, just click OK.

Configuring SP_UserProfile account Active Directory Access

  1. On the Domain controller, log in as Domain Administrator
  2. Using Run, type adsiedit.msc
  3. Right click ADSI Edit and then select Connect To.
  4. On the Connection Settings dialog just click OK
  5. Expand the Default naming context.
  6. Right click on the folder underneath Default naming context and select Properties
  7. Select the Security tab, and add SP_UserProfile, giving the account “Read” and “Replicating Directory Changes” permissions.
  8. Click OK.

User Profile Service Application

  1. Back on the SharePoint box. From Central Administration landing page, select Application Management then select Manage Service applications
  2. Click New in the ribbon, and select User Profile Service Application put the following information (leave as, if I haven’t mentioned it).
    1. Name: User Profile Service Application
    2. Application Pool: Create New – SharePoint User Profile Service Application
    3. Account: CFCODE2016\SP_UserProfileWill need to register this account
    4. Profile Database Name: SP_ProfileDB
    5. Social Tagging Database: SP_SocialDB
    6. My Site Host url: https://my.cfcode2016.com
    7. My Site Managed Path: /personal
  3. Click Create, you will get a success message if created correctly.
  4. Back on the Manage Service Application page click the User Profile Service Application. (You might need to refresh the page first)

Configuring User Profile Service

  1. From within the Manage Profile Service screen underneath Synchronization click Configure Synchronization Connections
  2. Click Create New Connection
  3. Enter the following information:
    1. Connection Name: CFCode2016 AD import
    2. Type: Active Directory Import
    3. Connection Settings:
      1. FQDN: cfcode2016.com
      2. Account Name: CFCODE2016\SP_UserProfile
      3. Password: Pa55w0rd
      4. Port: 636 use SSL and filter out disabled user.
  4. Click Populate Containers
  5. Select Managed Service Accounts and Users.
  6. Click OK
  7. Click back on Application Management > Manage Service Applications > SharePoint User Profile Service Application to get back to Manage Profile Service screen.
  8. Click Start Profile Synchronization.
  9. Select Full Synchronization, then click OK.

After this has completed you will see the number of User Profiles gone up from 0 to a higher number (depending on how many accounts you have within your AD, apparently mine is at 12)


If I navigate to https://my.cfcode2012.com, after a bit of processing, I am able to see my One Drive for Business. Or if I navigate to https://my.cfcode2012.com/person.aspx I can see my profile information.

User Profile has changed for SharePoint 2016

The configuration I have set up above was pretty similar to what you would do in SharePoint 2013. However, things like user profile pictures don’t get imported. With SharePoint 2013 this was taken care of with some headbanging against a wall and using the FIM service. This has been removed in SharePoint 2016, and things don’t seem to be any easier. You now need to use the Microsoft Identity Manager Series, I won’t be configuring any of that here, but if you are interesting in learning about this please check out the following links

https://technet.microsoft.com/EN-US/library/mt627723(v=office.16).aspx

https://blogs.msdn.microsoft.com/spses/2016/07/19/overview-setup-of-mim-configuration-as-external-identity-manager-in-sharepoint-2016/

https://thesharepointfarm.com/2016/03/automating-mim-user-profile-synchronization-with-sharepoint-2016/

http://krossfarm.com/?p=145

My next blog post I will talk about setting up SharePoint Search. Time to check point your machines.

Building SharePoint 2016 development environment – Part 12 – Configuring Hosting Apps and HNSC


A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Before I create the App Management Service, I’m going to create a separate Domain for the Apps. By creating a separate domain, it helps you write apps that won’t allow cross-site scripting between apps and SharePoint site.

Configuring Hosting Apps

First we need to configure DNS

  1. Go to you Domain Controller and from the Start Menu type DNS, and open the application.
  2. In the Left Hand panel, right click Forward Lookup Zones and select New Zone… Click Next
  3. Keep the Primary zone selected and Store the zone in Active Directory ticked.
    Click Next
  4. Leave the option To all DNS servers running on domain controllers in this domain: cfcode2016.com. Click Next
  5. Here you enter the domain name, type cfapps.com. Click Next
  6. Leave the top option selected and click Next
  7. Click Finish. You will see your new domain showing in the Forward Lookup Zones in DNS.
  8. Now right click on cfapps.com and select New Alias (CNAME) …
  9. Type * for Name
  10. Set the FQDN of the server that hosts the SharePoint sites, CFSP2016.cfcode2016.com in my case. Click OK.

    If you are using more than one server, you should be pointing to the DNS record of the web server in here. This is either the DNS A record for the web server, or the DNS record of the primary cluster address for NLB environments.

    Now if you open a command window and type in nslookup something.cfapps.com it will resolve to your SharePoint server.

Configuring SharePoint 2016 for Hosting Apps

I would recommend to copy the following powershell script and running it as a ps1 file (CreateAppService.ps1 from my one drive). Change the Change any of the variables to match your environments.

  1. On the SharePoint box, logged in as SP_Setup, from the Start Menu, type SharePoint 2016 Management Shell.
  2. Run the Script
  3. To verify the script configured SharePoint 2016 correctly open Central Administration
    1. Under Application Management click Manage Service Application.
    2. You should now have two new service application created
      1. App Management Service Application
      2. Subscription Settings Service Application
    3. Now Navigate to System Settings by clicking the link on the left menu
    4. Under Servers
      click the link Manage Services on Server.
    5. Check that the following services have started
      1. App Management Service
      2. Microsoft SharePoint Foundation Subscription Setting Service
    6. On the left hand menu, click on Apps
    7. Under App Management, click the link Configure App URLs
    8. Verify that:
      1. App Domain: cfapps.com
      2. App Prefix: app

Configuring SharePoint Server 2013 for Host-Named Site Collection and create Initial Site Collections.

Here we are going to create Host Named Site Collection (HNSC) for testing and hosting our apps. Microsoft recommends this because the Office 365 environment uses host-named site collections, new features are optimized for these site collections and they are expected to be more reliable. More can be found out directly from the technet article: http://technet.microsoft.com/en-us/library/cc424952.aspx . The only sites within your environment you should use Path Based Site Collections (PBSC) are Search Center and MySites. HNSC aren’t really needed for Search Center. The only way you can create HNSC is via powershell. So this is what we are going to do.

Register SP_Content

  1. Open SharePoint Central Administration
  2. Select Security > Configure managed Accounts.
  3. Click Register Managed Account
  4. Type Username as cfcode2016\SP_Content and the password as Pa55w0rd. Then click OK.

Create a new Web Application

Open up a PowerShell window and put the following: (change the port number if you wish) (CreateHNSC.ps1)

Configuring the Alternative Access Mapping

  • From the Start Menu
    open SharePoint 2016 Central Administration, this ensures it runs as Administrator.
  • Click Application Management, then under Web applications,
    click Configure alternative mappings.
  • On the right hand side of the screen, Change the Alternate Access Mapping Collection to point to SharePoint HNSC Web Application.
  • Click the internal URL for https://cfsp2016:11111 so that you can edit it. Change the URL protocol, host to https://hnsc.cfcode2016.com
  • Click OK.
  • Back on the Alternate Access Mapping Screen, click Add Internal URLs and add a new Internal URL for each of the following listed below. Screenshot below

Add certificates to IIS

  • In Start type IIS and open IIS Manager
  • Navigate to SharePoint HNSC Web Application and then on the right hand panel, click Bindings…
  • On the Bindings dialog, click Add…
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Enter the Host name as hnsc.cfcode2016.com,
    and tick Require Server Name Indication then select your certificate you created earlier. Click OK
  • Add the binding for host names dev.cfcode2016.com and intranet.cfcode2016.com, ensure the Type is https, you have ticked Require Server Name Indication and you have selected your certificate.

Creating the Top level Site

Because the top-level site is an HNSC is not going to be used by anyone in the site. Therefore, this PowerShell script will create a blank site. (CreateHNSC.ps1)

  1. In PowerShell run the following script:

Site Collections

Here we are going to create a TeamSite called Intranet.cfcode2016.com and a developer site called dev.cfcode2016.com. Please note you can only create, debug and test apps using a developer site. You could type the PowerShell into notepad, save the file as PS1 and run it from SharePoint 2016 Management Shell, instead of typing each row directly. We are first going to create 2 databases, one for each Site collection. This is good practice for backups and restore purposes.

  1. From the Start Menu, type SharePoint 2016 Management Shell, and open the application. (CreateHNSC.ps1)
  2. Type

To verify that the host-name site collections are created:

  1. Open up SharePoint 2016 Central Administration
  2. Under Application Management click View all Site Collections
  3. Ensure the Web Application is pointing to the HNSC web and you should see the two site collections plus the root site.
  4. By clicking on the different site collections, you will also see that the Database Name is assigned correctly to the correct database as set up in our PowerShell script.
  5. You can also navigate in a browser to https://dev.cfcode2016.com or https://intranet.cfcode2016.com. Notice that the SSL certificate is valid.

Configuring SSL for Apps

As our App domain is on a different domain to our SharePoint domain, we should create a different SSL certificate for it.

  • Ensure you are on the SharePoint box with a Domain Admin Account. (cfcode2016\Administrator)
  • We have already configured the Certificate Authority earlier on the Domain Controller. Here we are going to request the certificate using Internet Information Services on the SharePoint Server. From the Start Menu, type IIS and open Internet Information Services (IIS) Manager
  • Once IIS opens, click on the Server Name. (CFSP2016) You will be prompted with a dialog asking to get started with Microsoft Web Platform, click do not show this message and then click No.
  • From the IIS section, double click Server Certificates

  • From the right hand side of the screen, click Create Domain Certificate

  • Complete the form for the Domain Certificate as follows (Change to match your environment if not following exactly along)
    • Common Name : *.cfapps.com
    • Organisation: CF Code
    • Organizational Unit: Computers
    • City/Locality: London
    • State/Province: London
    • Country/Region: GB


  • Click Next
  • On the Online Certification Authority enter the common name you gave your Authority Name\Server Name. (For example mine is MY-CA\CFAD.cfcode2016.com), You can also use the select button if you have configured everything correctly. You can put anything in the friendly name box, ensure it is different from your other certificate friendly name, and easy identifiable as the Apps certificate. Click Finish.

  • You should now see the certificate in the Server certificates window.

  • If there were other servers in your farm, you would need to export the .pfx file so that it can be imported into the other servers.

Configure SharePoint for Apps

We need to configure our SharePoint and IIS to use a different certificate for Apps, and also our Web Application needs to know to use our App Domain.

  1. Sign back into the SharePoint machine as SP_Setup.
  2. Run as administrator, SharePoint 2016 Management Shell
  3. Run the following PowerShell Script

  4. Next we need run the following command:
  5. In Start type IIS and open IIS Manager
  • Navigate to SharePoint HNSC Web Application and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the one without the Host Name on Port 11111 and click Edit
  • Change the Port to 443, and select the SSL Certificate as your App Certificate.
  • Click OK.


Add Apps to your Intranet Zone.

To prevent getting prompted for your login, configure the intranet zone in IE.

  • Open up Internet explorer
  • Click on the cog symbol, and select Intranet Options
  • Select the Security tab, and then click on Local Intranet. Then click on the Sites button.
  • On the Local intranet dialog, click the Advanced button.
  • Type *.cfapps.com and click Add. (You might need to untick Require server verification (https) for all sites in this zone )
  • Then click Close, OK, and OK

Checking that Apps are new set up for your farm

  1. Open up your intranet site https://intranet.cfcode2016.com
  2. At the top right of the screen click the cog icon.
  3. From the drop down, click Add an app
  4. On the App page, in the quick launch menu area, click on SharePoint Store
  5. If you have connected up correctly you will now see Apps that you can download from the SharePoint store.
  6. Pick a free one to install. I’m selecting Bright Banner. (Have no idea if it’s any good, so not endorsing, just using for testing purposes)
  7. Click Add it.
  8. Confirm that you wish to add the app. Click Continue
  9. A page will state that you have just go this app for everyone in your organization. Click Return to Site
  10. A prompt will appear, asking if you trust the application. Click Trust It.
  11. After a moment you will be returned to your Site Contents. You will also note that your app that you downloaded is currently being added to your site. Once complete the adding text will disappear.

  12. Click on the App. It will load. Take note of the URL. It is being called from the domain you created earlier cfapps.com. Congratulations you have got Apps working!

So glad I finally got Apps certificates to work. Took me a couple of attempts. Thank you to Anupam Shrivastava and his blog post http://akforsharepoint.blogspot.co.uk/2015/05/sharepoint-hosted-apps-in-aam-or-host.html for helping finally cracking it.

I recommend shutting down and taking checkpoints again.

Building SharePoint 2016 development environment – Part 11 – Configuring Services


A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

In this blog I will talk about setting up your environment, by setting up the services. I will be doing majority of this using PowerShell scripts. The scripts will be within this post, but at the end there is a link to my one drive that will contain the PowerShell scripts.

Setting up Services

At the end of the last blog post we Installed SharePoint 2016, however we told the wizard that we would configure the services ourselves. These steps will configure the following services:

  • Managed Metadata Service
  • Word Automation Service
  • BDC
  • Secure Store
  • Usage and Health Data Collection Service
  • Create Machine Translation Service

We are doing this as a script so that Application and Database names are friendly names instead of GUIDs. Before you run the script, on your SharePoint machine, please make sure there is a folder at D:\SPLogs\ULS. This is the folder required for Usage and Health Data Collection Service.

When you run the script there will be a prompt for the SP_Services password. Pa55w0rd. Lastly ensure that your PowerShell window is running in Administrator mode. (CreateSPServices.ps1)

Once this code is done, if you head to Central Administration > Application Management then under Service Applications click Manage Service Applications you will see all your new services created.

Also now note, if you open explorer and navigate to D\:SPLogs\ULS you will see your SharePoint logs being displayed there instead of the default location of c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\Logs


Configuring Created Services – Secure Store Service Application

Now we have created the services, they all should be working apart from the Secure Store. It requires a little configuration before it can be used.

  1. Open SharePoint 2016 Central Administration (run
    as administrator) and navigate to Application Management > Manage service applications (Under Service Applications)
  2. Click on Secure Store Service Application. You will see an error message saying you must generate a new key for this Secure Store Service Application. Click on Generate New Key in the ribbon.
  3. On the dialog that appears, put in a Pass Phrase and Confirm Pass Phase. I’m using Pa55w0rd. Click OK.

Creating a Search Service Application

This could also be configured using a PowerShell script, but at times I prefer to do point and click.

  • Open the Manage Service Applications screen again.
  • From the ribbon, click on New and select Search Service Application.
  • This will show you a dialog called Create New Search Service Application. Enter the following information:
    • Service Application Name: Search Service Application
    • Search Service Application Type: Leave unticked. (Out of scope of this blog post for hybrid)
    • Search Service Account: Click on Register new managed account.
      • Service Account UserName : CFCODE2016\SP_Search
      • Service Account Password: Pa55w0rd
      • Click OK.
    • Search Service Account: CFCODE2016\SP_Search
    • Application Pool for Search Admin Web Service: Use existing application pool – Default SharePoint Service App Pool
    • Application Pool for Search Query: Use existing application pool – Default SharePoint Service App Pool
  • Click OK
  • You get messages displayed to you as the service is created.
  • You will get a success message when completed.

We will configure it further in a later blog post where we create the Enterprise Search center. You might want to shut down your machines and take a checkpoint before continuing.

Onedrive link to PowerShell scripts