Category Archives: Windows

Building SharePoint 2016 development environment – Part 12 – Configuring Hosting Apps and HNSC

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Before I create the App Management Service, I’m going to create a separate Domain for the Apps. By creating a separate domain, it helps you write apps that won’t allow cross-site scripting between apps and SharePoint site.

Configuring Hosting Apps

First we need to configure DNS

  1. Go to you Domain Controller and from the Start Menu type DNS, and open the application.
  2. In the Left Hand panel, right click Forward Lookup Zones and select New Zone… Click Next
  3. Keep the Primary zone selected and Store the zone in Active Directory ticked.
    Click Next
  4. Leave the option To all DNS servers running on domain controllers in this domain: cfcode2016.com. Click Next
  5. Here you enter the domain name, type cfapps.com. Click Next
  6. Leave the top option selected and click Next
  7. Click Finish. You will see your new domain showing in the Forward Lookup Zones in DNS.
  8. Now right click on cfapps.com and select New Alias (CNAME) …
  9. Type * for Name
  10. Set the FQDN of the server that hosts the SharePoint sites, CFSP2016.cfcode2016.com in my case. Click OK.

    If you are using more than one server, you should be pointing to the DNS record of the web server in here. This is either the DNS A record for the web server, or the DNS record of the primary cluster address for NLB environments.

    Now if you open a command window and type in nslookup something.cfapps.com it will resolve to your SharePoint server.

Configuring SharePoint 2016 for Hosting Apps

I would recommend to copy the following powershell script and running it as a ps1 file (CreateAppService.ps1 from my one drive). Change the Change any of the variables to match your environments.

  1. On the SharePoint box, logged in as SP_Setup, from the Start Menu, type SharePoint 2016 Management Shell.
  2. Run the Script
    if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null)
    {
    #Add SharePoint PowerShell Commands
    Add-PSSnapin "Microsoft.SharePoint.PowerShell"
    }
    $DatabaseServerName = "SQL2016"
    $AppPoolName = "Default SharePoint Service App Pool"
    $AppPoolUserName = "CFCODE2016\SP_Services"
    $AppDomain = "cfapps.com"
    $SubSettingsName = “Subscription Settings Service”
    $SubSettingsDB = “SP_SubscriptionSettingsDB”
    $AppManagementName = “App Management Service”
    $AppManagementNameProxy = "App Management Service Proxy"
    $AppManagementDB = “SP_AppManagementDB”
    $SubSvc = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $AppPoolName –Name $SubSettingsName –DatabaseName $SubSettingsDB
    $SubSvcProxy = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $SubSvc
    Get-SPServiceInstance | where-object {$_.TypeName -eq $SubSettingsName} | Start-SPServiceInstance > $null
    $AppManagement = New-SPAppManagementServiceApplication -Name $AppManagementName -DatabaseServer $DatabaseServerName -DatabaseName $AppManagementDB –ApplicationPool $AppPoolName
    $AppManagementProxy = New-SPAppManagementServiceApplicationProxy -ServiceApplication $AppManagement -Name $AppManagementNameProxy
    Get-SPServiceInstance | where-object {$_.TypeName -eq $AppManagementName} | Start-SPServiceInstance > $null
    Set-SPAppDomain $AppDomain
    Set-SPAppSiteSubscriptionName -Name “apps” -Confirm:$false
    view raw CreateAppService.ps1 hosted with ❤ by GitHub
  3. To verify the script configured SharePoint 2016 correctly open Central Administration
    1. Under Application Management click Manage Service Application.
    2. You should now have two new service application created
      1. App Management Service Application
      2. Subscription Settings Service Application
    3. Now Navigate to System Settings by clicking the link on the left menu
    4. Under Servers
      click the link Manage Services on Server.
    5. Check that the following services have started
      1. App Management Service
      2. Microsoft SharePoint Foundation Subscription Setting Service
    6. On the left hand menu, click on Apps
    7. Under App Management, click the link Configure App URLs
    8. Verify that:
      1. App Domain: cfapps.com
      2. App Prefix: app

Configuring SharePoint Server 2013 for Host-Named Site Collection and create Initial Site Collections.

Here we are going to create Host Named Site Collection (HNSC) for testing and hosting our apps. Microsoft recommends this because the Office 365 environment uses host-named site collections, new features are optimized for these site collections and they are expected to be more reliable. More can be found out directly from the technet article: http://technet.microsoft.com/en-us/library/cc424952.aspx . The only sites within your environment you should use Path Based Site Collections (PBSC) are Search Center and MySites. HNSC aren’t really needed for Search Center. The only way you can create HNSC is via powershell. So this is what we are going to do.

Register SP_Content

  1. Open SharePoint Central Administration
  2. Select Security > Configure managed Accounts.
  3. Click Register Managed Account
  4. Type Username as cfcode2016\SP_Content and the password as Pa55w0rd. Then click OK.

Create a new Web Application

Open up a PowerShell window and put the following: (change the port number if you wish) (CreateHNSC.ps1)

$applicationPool = "SharePoint - HNSC - 11111"
$ServiceAcct = "cfcode2016\SP_Content"
$WebApp = "SharePoint HNSC Web Application"
$contentDB = "SP_HNSC_ContentDB"
New-SPWebApplication -ApplicationPool $applicationPool -ApplicationPoolAccount $serviceAcct -Name $WebApp -Port 11111 -AuthenticationProvider (new-spauthenticationprovider) -databaseName $contentDB -secureSocketsLayer
view raw CreateHNSC-1.ps1 hosted with ❤ by GitHub

Configuring the Alternative Access Mapping

  • From the Start Menu
    open SharePoint 2016 Central Administration, this ensures it runs as Administrator.
  • Click Application Management, then under Web applications,
    click Configure alternative mappings.
  • On the right hand side of the screen, Change the Alternate Access Mapping Collection to point to SharePoint HNSC Web Application.
  • Click the internal URL for https://cfsp2016:11111 so that you can edit it. Change the URL protocol, host to https://hnsc.cfcode2016.com
  • Click OK.
  • Back on the Alternate Access Mapping Screen, click Add Internal URLs and add a new Internal URL for each of the following listed below. Screenshot below

Add certificates to IIS

  • In Start type IIS and open IIS Manager
  • Navigate to SharePoint HNSC Web Application and then on the right hand panel, click Bindings…
  • On the Bindings dialog, click Add…
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Enter the Host name as hnsc.cfcode2016.com,
    and tick Require Server Name Indication then select your certificate you created earlier. Click OK
  • Add the binding for host names dev.cfcode2016.com and intranet.cfcode2016.com, ensure the Type is https, you have ticked Require Server Name Indication and you have selected your certificate.

Creating the Top level Site

Because the top-level site is an HNSC is not going to be used by anyone in the site. Therefore, this PowerShell script will create a blank site. (CreateHNSC.ps1)

  1. In PowerShell run the following script:

    New-SPSite -Url "https://hnsc.cfcode2016.com:11111" -OwnerAlias "cfcode2016\SP_Setup" -Template STS#1
    view raw CreateHNSC-2.ps1 hosted with ❤ by GitHub

Site Collections

Here we are going to create a TeamSite called Intranet.cfcode2016.com and a developer site called dev.cfcode2016.com. Please note you can only create, debug and test apps using a developer site. You could type the PowerShell into notepad, save the file as PS1 and run it from SharePoint 2016 Management Shell, instead of typing each row directly. We are first going to create 2 databases, one for each Site collection. This is good practice for backups and restore purposes.

  1. From the Start Menu, type SharePoint 2016 Management Shell, and open the application. (CreateHNSC.ps1)
  2. Type
    $devdb = “SP_DEVDB”
    $intranetdb = “SP_IntranetDB”
    $webApp = “SharePoint HNSC Web Application”
    #Build Databases
    new-SPContentDatabase -Name $devdb -WebApplication $WebApp -WarningSiteCount 0 -MaxSiteCount 1
    new-SPContentDatabase -Name $intranetdb -WebApplication $WebApp -WarningSiteCount 0 -MaxSiteCount 1
    $hnsc = Get-SPWebApplication | Where-Object {$_.DisplayName -eq $webApp}
    New-SPSite -Name “CF Development” -Url https://dev.cfcode2016.com –HostHeaderWebApplication $hnsc -OwnerAlias “cfcode2016\SP_Setup” -Template “DEV#0” -contentDatabase $devdb
    New-SPSite -Name “CF Intranet” -Url https://intranet.cfcode2016.com –HostHeaderWebApplication $hnsc -OwnerAlias “cfcode2016\SP_Setup” -Template “STS#0” -contentDatabase $intranetdb
    view raw CreateHNSC-3.ps1 hosted with ❤ by GitHub

To verify that the host-name site collections are created:

  1. Open up SharePoint 2016 Central Administration
  2. Under Application Management click View all Site Collections
  3. Ensure the Web Application is pointing to the HNSC web and you should see the two site collections plus the root site.
  4. By clicking on the different site collections, you will also see that the Database Name is assigned correctly to the correct database as set up in our PowerShell script.
  5. You can also navigate in a browser to https://dev.cfcode2016.com or https://intranet.cfcode2016.com. Notice that the SSL certificate is valid.

Configuring SSL for Apps

As our App domain is on a different domain to our SharePoint domain, we should create a different SSL certificate for it.

  • Ensure you are on the SharePoint box with a Domain Admin Account. (cfcode2016\Administrator)
  • We have already configured the Certificate Authority earlier on the Domain Controller. Here we are going to request the certificate using Internet Information Services on the SharePoint Server. From the Start Menu, type IIS and open Internet Information Services (IIS) Manager
  • Once IIS opens, click on the Server Name. (CFSP2016) You will be prompted with a dialog asking to get started with Microsoft Web Platform, click do not show this message and then click No.
  • From the IIS section, double click Server Certificates

  • From the right hand side of the screen, click Create Domain Certificate

  • Complete the form for the Domain Certificate as follows (Change to match your environment if not following exactly along)
    • Common Name : *.cfapps.com
    • Organisation: CF Code
    • Organizational Unit: Computers
    • City/Locality: London
    • State/Province: London
    • Country/Region: GB


  • Click Next
  • On the Online Certification Authority enter the common name you gave your Authority Name\Server Name. (For example mine is MY-CA\CFAD.cfcode2016.com), You can also use the select button if you have configured everything correctly. You can put anything in the friendly name box, ensure it is different from your other certificate friendly name, and easy identifiable as the Apps certificate. Click Finish.

  • You should now see the certificate in the Server certificates window.

  • If there were other servers in your farm, you would need to export the .pfx file so that it can be imported into the other servers.

Configure SharePoint for Apps

We need to configure our SharePoint and IIS to use a different certificate for Apps, and also our Web Application needs to know to use our App Domain.

  1. Sign back into the SharePoint machine as SP_Setup.
  2. Run as administrator, SharePoint 2016 Management Shell

  3. Run the following PowerShell Script

    New-SPWebApplicationAppDomain -AppDomain "cfapps.com" -WebApplication "https://intranet.cfcode2016.com" -Zone Default -Port 11111 -SecureSocketsLayer
    view raw CreateAppWebDomain.ps1 hosted with ❤ by GitHub
  4. Next we need run the following command:
    $contentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
    $contentService.SupportMultipleAppDomains = $true
    $contentService.Update();
    IIsreset
    view raw AppMultiDomains.ps1 hosted with ❤ by GitHub
  5. In Start type IIS and open IIS Manager
  • Navigate to SharePoint HNSC Web Application and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the one without the Host Name on Port 11111 and click Edit
  • Change the Port to 443, and select the SSL Certificate as your App Certificate.
  • Click OK.


Add Apps to your Intranet Zone.

To prevent getting prompted for your login, configure the intranet zone in IE.

  • Open up Internet explorer
  • Click on the cog symbol, and select Intranet Options
  • Select the Security tab, and then click on Local Intranet. Then click on the Sites button.
  • On the Local intranet dialog, click the Advanced button.
  • Type *.cfapps.com and click Add. (You might need to untick Require server verification (https) for all sites in this zone )
  • Then click Close, OK, and OK

Checking that Apps are new set up for your farm

  1. Open up your intranet site https://intranet.cfcode2016.com
  2. At the top right of the screen click the cog icon.
  3. From the drop down, click Add an app
  4. On the App page, in the quick launch menu area, click on SharePoint Store
  5. If you have connected up correctly you will now see Apps that you can download from the SharePoint store.
  6. Pick a free one to install. I’m selecting Bright Banner. (Have no idea if it’s any good, so not endorsing, just using for testing purposes)
  7. Click Add it.
  8. Confirm that you wish to add the app. Click Continue
  9. A page will state that you have just go this app for everyone in your organization. Click Return to Site
  10. A prompt will appear, asking if you trust the application. Click Trust It.
  11. After a moment you will be returned to your Site Contents. You will also note that your app that you downloaded is currently being added to your site. Once complete the adding text will disappear.

  12. Click on the App. It will load. Take note of the URL. It is being called from the domain you created earlier cfapps.com. Congratulations you have got Apps working!

So glad I finally got Apps certificates to work. Took me a couple of attempts. Thank you to Anupam Shrivastava and his blog post http://akforsharepoint.blogspot.co.uk/2015/05/sharepoint-hosted-apps-in-aam-or-host.html for helping finally cracking it.

I recommend shutting down and taking checkpoints again.

Building SharePoint 2016 development environment – Part 10 – Configuring Central Administration for SSL

Posted on by

A few years ago I wrote “Build You SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

At this point Central Administration is still running on non-secure HTTP. Let’s make central admin accessible from a vanity URL over SSL.

  • Ensure you are on the SharePoint box with a Domain Admin Account. (cfcode2016\Administrator)
  • We have already configured the Certificate Authority earlier on the Domain Controller. Here we are going to request the certificate using Internet Information Services on the SharePoint Server. From the Start Menu, type IIS and open Internet Information Services (IIS) Manager
  • Once IIS opens, click on the Server Name. (CFSP2016) You will be prompted with a dialog asking to get started with Microsoft Web Platform, click do not show this message and then click No.
  • From the IIS section, double click Server Certificates

  • From the right hand side of the screen, click Create Domain Certificate

  • Complete the form for the Domain Certificate as follows (Change to match your environment if not following exactly along)
    • Common Name : *.cfcode2016.com
    • Organisation: CFCode
    • Organizational Unit: Computers
    • City/Locality: London
    • State/Province: London
    • Country/Region: GB


  • Click Next
  • On the Online Certification Authority enter the common name you gave your Authority Name\Server Name. (For example mine is MY-CA\CFAD.cfcode2016.com), You can also use the select button if you have configured everything correctly. You can put anything in the friendly name box. Click Finish.

  • You should now see the certificate in the Server certificates window.

  • If there were other servers in your farm, you would need to export the .pfx file so that it can be imported into the other servers.

Set Central Admin to Run on SSL with Vanity URL

  • Log into your domain controller. In Start type DNS and open the DNS Manager.
  • In the left hand pane, expand Forward Lookup Zones and click on cfcode2016.com
  • Right click on cfcode2016.com and select New Host (A or AAAA)…
  • Put in the name you wish to call your Central Administration as an Alias. For example CAdmin, put the IP address point to the SharePoint Server. 192.168.137.200. Click Add Host

  • Log back into the SharePoint server as the SP_Setup account. In Start type IIS and open IIS Manager
  • Navigate to SharePoint Central Administration v4 and then on the right hand panel, click Bindings…
  • On the Bindings dialog, click Add…
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Enter the Host name as cadmin.cfcode2016.com (or whatever your alias is), tick Require Server Name Indication,
    then select your certificate you created earlier. Click OK
  • From the Start Menu
    open SharePoint 2016 Central Administration, this ensures it runs as Administrator.
  • Click Application Management, then under Web applications,
    click Configure alternative mappings.
  • Take note of the internal URL shown in the default zone for central admin. Click the internal URL for http://cfsp2016:2016 so that you can edit it. Change the URL protocol, host and port to https://cadmin.cfcode2016.com
  • Click OK.
  • Back on the Alternate Access Mapping Screen, click Add Internal URLs and add a new Internal URL for each of the following listed below. Screenshot below

  • Open the SharePoint Management Shell
    run as administrator. Type the following and run. Press A when prompted.

    Set-SPCentralAdministration -SecureSocketsLayer -Port 443

Add Central Administration to your Intranet Zone.

To prevent getting prompted for your login, configure the intranet zone in IE.

  • Open up Internet explorer
  • Click on the cog symbol, and select Intranet Options
  • Select the Security tab, and then click on Local Intranet. Then click on the Sites button.
  • On the Local intranet dialog, click the Advanced button.
  • Add your Central Administration to the Local Intranet Zone. (e.g., https://cadmin.cfcode2016.com)
  • Close Central Administration and then re-open it from the Start Menu SharePoint 2016 Central Administration.
  • Say Yes to any warnings if the site already exists in Trusted sites zone.
  • While here also add *.cfcode2016.com and https://cfsp2016:2016.
  • Tick Require server verification (https:) for all sites in this zone.
  • Then click Close, OK, and OK

Now if you go to Start Menu and open SharePoint 2016 Central Administration, it will open using the https://cadmin.cfcode2016.com URL and the certificate will be valid.

Next step will be getting the bulk of SharePoint working. This will be creating sites, getting services up and running, and ensure you can do SharePoint app development. Recommend shutting down and taking checkpoints again. (Don’t worry when you are happy with your build, you can go back and delete all the checkpoints.)

Building SharePoint 2016 development environment – Part 9 – Installing SharePoint 2016

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Giving SP_Setup Account administrative privilege on your SQL/SharePoint Virtual Machine

Before we can start installing SharePoint 2016, we want to install it using a Setup account. In Part 6 we created the SP_Setup account, now we need to add this to the administrators group of the local machine.

  1. On the start menu, type Edit local users and groups and select the application

In the left hand pane, click Groups. Then double click Administrators group to open it up.

  1. Click on Add… and enter SP_Setup. Click on OK, and then OK again to close the Administrators property box.
  2. Sign out of the SQL/SharePoint Virtual Machine as Adminstrator, and sign back in as SP_Setup

Insert SharePoint Server 2016 disk

  1. From the Hyper V Manager on your host machine, right click and select Settings…
  2. Under the DVD Drive, change the image file from SQL 2016 to SharePoint 2016. Click OK.

Install SharePoint 2016 prerequisites.

  1. Go back within the Virtual Machine, and double click the D drive, or run splash.hta
  2. Click the Install Software Prerequisites link.
  3. In the Microsoft SharePoint 2016 Products Preparation Tool dialog, click Next
  4. Accept the License Terms. Click Next.
  5. The prerequisites for SharePoint 2016 will be installed and set up. When it has completed, will be asked to reboot. Click Finish
  6. After a reboot and logged back in as SP_Setup, the installer continued. The prerequisites finally completed. Click Finish

Installing SharePoint 2016

  1. Double click the D drive, or run splash.hta
  2. Click Install SharePoint Server
  3. When prompted Enter your Product key. Click Continue.
  4. Tick I accept the terms of this agreement. Click Continue.
  5. Accept the default file location (Unless you have a reason not to). Click Install Now.
  6. When it has finished. Run the configuration wizard by clicking Close.
  7. On the Welcome to SharePoint Products click Next >
  8. Accept the dialog warning that services may have to be started or reset during configuration. Click Yes.
  9. On Connect to a server farm, select Create a new server farm. Click Next >
  10. On the Specify Configuration Database settings
    1. Database Server: SQL2016
    2. Database Name: SharePoint_Config
    3. UserName: cfcode2016\SP_Farm
    4. Password: Pa55w0rd
      Click Next >
  11. On Specify Farm Security Settings put the Passphrase as Pa55w0rd. Click Next >
  12. On Specify Server Role as this is a development environment, select Single Server Farm. Then click Next >
  13. On Configure SharePoint Central Administration Web Application tick Specify port number. Type in the number 2016. Select NTLM for security settings. Click Next >.
  14. On the final page Completing the SharePoint Products Configuration Wizard it will display a summary of what you have selected. Click Next >
  15. When the installer has finished, you will be presented with Configuration Successful. Click Finish. Internet explorer will open Central Administration allowing you to complete the installation. Click Cancel to Configure your SharePoint Farm. There is no need to run the wizard and better doing each service separately as you need it.

Next post will show you how to configure Central Administration for SSL. Again, now is a good place to shut down machines take checkpoints before continuing.

Building SharePoint 2016 development environment – Part 8 – Installing SQL 2016 ready for SharePoint 2016.

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Setting up directories for SQL.

We are going to set up following directories on the d: drive.

  • Bring up Explorer by click on Windows Key + E
  • Double click on the D drive.
  • Create the following directories.
    • D:\SQL
    • D:\SQL\Data
    • D:\SQL\Logs
    • D:\SQL\Temp\Data
    • D:\SQL\Temp\Logs
    • D:\SQL\Backup

Installing SQL Server 2016 Standard Edition 64 bit

From the part 5 of these blogs we have already inserted the ISO file into the virtual machine. By opening Explorer inside the virtual machine, you should see DVD Drive with the SQL disk inserted.

  • Double click on the DVD drive, or run Setup.exe
  • The SQL Server Installation Center will open up. On the left hand side, click Installation.
  • Click on New SQL Server stand-alone installation or add features to an existing installation
  • The product key should already be entered, click Next, accept the License Terms. Click Next.
  • Tick Use Microsoft Update to check for updates (Recommended). Click Next.
  • Setup install rules will identify any problems that might occur when installing SQL Server Setup support files. They should all passes. (Ignore warnings) Click Next.
  • On the Feature Selection Page. Select Database Engine Services, Full-Text and Semantic Extractions for Search. Click Next.
  • On the Installation Rules page click Next.
  • On the Instance Configuration page click Next.
  • On the Server Configuration page, change the SQL Server Agent Start Up Type to Automatic. Also change the SQL Server Database Engine to use your SP_SQL account, and enter the password. Pa55w0rd
  • Click Next
  • On the Database Engine Configuration page, select Mixed Mode and enter the password and confirm password as Pa55w0rd. And Click Add Current User.
  • On the Data Directories tab, change the location of the directories.
    • Data Root Directory – d:\SQL
    • User Database Directory – d:\SQL\Data
    • User Database Log Directory – d:\SQL\Logs
    • Backup Direcotory – d:\SQL\BackUp
  • On the TempDB tab
    • Data Directories – d:\SQL\Temp\Data
    • Log Directory – d:\Sql\Temp\Logs
  • On the FILESTREAM tab, tick Enable FileStream for Transact-SQL access and Enable FILESTREAM for file I/O access. Click Next.
  • On the Ready to Install page, click Install
  • After installation your SQL Server 2016 is installed. You may be asked to reboot.

Installing SQL Server Management Tools

It seems that SQL 2016 have now separated out the SQL Server and SQL Server Management Tools. So this is an additional step to carry out.

  1. Back on the SQL Server Installation Center (run setup.exe from DVD drive if not showing), click on Install SQL Server Management Tools
  2. This takes you off to a website address https://msdn.microsoft.com/en-us/library/mt238290.aspx to download the SQL Server Management Studio (SSMS) seperately.
  3. Click the download link, and run it. (Or Save and run it afterwards) Over 800MB in size.
  4. Click Install.
  5. Once installed, you will get a success message. Close this screen.

Configuring SQL Server 2016

  1. From the start screen type SQL Server Configuration Manager and select the application.
  2. Click to expand SQL Server Network Configuration (not the 32 bit), and choose Protocols for MSSSQLServer, and ensure TCP/IP and Named Pipes are enabled. To enable them right click them and select Enable. Click OK at the warning.
  3. Close the SQL Server Configuration Manager.

Apply the DisableLoopbackCheck Registry Fix

  1. Click the Windows PowerShell icon in the Taskbar.
  2. Run the following PowerShell commands, pressing [Enter] after each one:
    $regKeyPath = "HKLM:\System\CurrentControlSet\Control\Lsa"
    $key = "DisableLoopbackCheck"
    New-ItemProperty –Path $regKeyPath –Name $key –Value "1" –PropertyType dword
    view raw DisableLoopBackCheck.ps1 hosted with ❤ by GitHub

Giving SP_Setup account access

Note: If you continue without doing the DisableLoopback Check registry you will get an error message saying “Login Failed. The login is from an untrusted domain and connot be used with Windows authentication”

  1. From the start screen type SQL Server 2016 Management Studio and open the application.
  2. Change the server name to SQL2016 (we set a host name in an earlier post)
    and logon as Windows authentication.
  3. Expand Security from the object explorer and right click Logins and select New Login…
  4. Next to the Login Name click Search
  5. Ensure the Location is set for Entire Directory, and then type SP_Setup and click Check Names.
  6. Click OK.
  7. On the left hand panel, select the Server Roles page, and tick dbcreator, securityadmin and sysadmin. Then click OK.

Now we can think about Installing SharePoint 2016.

Now is another good time to shut down both Domain Controller, and the SharePoint machine and take a checkpoint/snapshot before continuing.

Building SharePoint 2016 development environment – Part 7 – Adding AD accounts.

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Creating the Accounts required

Please note that the following setup is just for a simple development environment. You should read the Microsoft SharePoint Server 2016 Prepare for Installation section.

First we need to create 9 different accounts.

SP_Farm – SharePoint Farm account

SP_Setup – SharePoint Setup Account

SP_Content – SharePoint Content account for the Content Databases

SP_Services – SharePoint account for the Shared Services within SharePoint

SP_SQL – The account to run SQL with.

SP_Search – The account used for SharePoint Search Crawler

SP_UserProfile – The account used for User Profile service

SP_SuperUser – SharePoint publishing infrastructure super user account

SP_SuperReader -SharePoint publishing infrastructure super reader account

  1. Log into the Domain Controller.
  2. In the Start Menu, type Active Directory Users and Computers. Select the application.
  3. Expand the tree in the left hand pane to see the Managed Service Accounts OU. Select the Managed Service Accounts OU.
  4. Right click on Managed Service Accounts and select New > User. Create a new user called SP_Farm. Set the Full Name and Log on name to SP_Farm. Click Next.
  5. In the password dialog screen, enter the following and click Next.
    1. Password and Confirm Password: Pa55w0rd
    2. Untick User must change password at next logon.
    3. Leave User cannot change password as unticked.
    4. Tick Password never expires
    5. Leave Account is disabled as unticked
    6. Click Next. Then Finish

Repeat the steps 1-4 for the remaining accounts (SP_Setup,
SP_Content, SP_Services, SP_SQL, SP_Search, SP_UserProfile, SP_SuperUser, SP_SuperReader, and SP_Unattended)

You could add any users here, but when creating their accounts, add them to User OU not the Managed Service Accounts

Setting up Host names (SQL2016, Intranet, Dev, HNSC, my)

  1. On your Domain controller, in the start menu, type DNS. Open the application to the DNS Manager
  2. Expand the forward lookup zones contained in the left panel.
  3. Right click on the zone cfcode2016.com and click on a New Host
    (A or AAAA)
  4. Type in the name of the record. In this case we are going to name our SQL Server SQL2016. Set the IP address as the IP address where we are installing SQL. This was configured in our previous post as 192.168.137.200. Click on Add Host.
  5. You will then get a verification dialog, and after click OK. You will see the record has been created in the right pane of the DNS manager.
  6. To Check that this is all working, open a command prompt, and type
    ipconfig -flushdns
    Then type
    ping SQL2016


    Note: If it’s unable to ping, you might have the firewall switched on for domains on your VM’s. You can turn this off. (Remember this is development machine only)

    Repeat the above steps 1-6 for Dev and Intranet, HNSC and my

Building SharePoint 2016 development environment – Part 6 – Creating SQL & SharePoint Machine.

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Creating your SQL & SharePoint Machine

  1. Follow my old blog on Creating your hyper V windows Server 2012 machine from a differencing disk. Give about 16GB (16,384Mb) of memory to the machine, and only add the Internal Network connection.
  2. When you start up your new Virtual Machine based on the base disk, you will be required to enter a valid Key Code for Windows Server 2012 R2 Standard Edition. Let the sysprep process complete, answer any installation questions required and then log in.
  3. You now have Virtual Machine that we are going to use for our SQL and SharePoint.
  4. Enhanced mode of Hyper V will work after you have logged in once, and then reboot. (Believe tools install themselves in the background).

Set Static IP address

  • In the start menu, type View Network Connections and under Settings you should see a link.
  • Right click your network internal adapter and click Properties.
  • In the properties windows, select Internet Protocol Version 4 (TCP/IPv4) and then click the Properties button.
  • Update the properties form to have the following information:
    • IP Address: 192.168.137.200
    • Subnet Mask: 255.255.255.0
    • Default gateway: 192.168.137.1
    • Preferred DNS Server: 192.168.137.100

Change the name of the Machine.

  1. From the Server Manager screen. Click on Local Server.
  2. Where it says Computer Name, click the link.
  3. This will open the System Properties dialog box.
  4. Click on the Change button.
  5. Enter the name of the server. I have called mine ‘CFSP2016’
  6. Click OK.
  7. Click OK and reboot when asked.

Add the SharePoint machine to the Domain.

  1. From the Server Manager screen. Click on Local Server.
  2. Where it says Workgroup, click the link.
  3. This will open the System Properties dialog box.
  4. Click on the Change button.
  5. Click on the Domain radio button. Type in the name of your domain you gave your machine in the previous blog post. (Part 4- Installing Active Directory)
  6. Enter the name of the server. I have called mine ‘CFSP2016’
  7. Click OK.
  8. Click OK and reboot when asked.

Important from now on: When you sign in, ensure you sign in as domain\administrator not computerName\Administrator, defaults to computerName\Administrator.
To ensure that when you type administrator into the SharePoint server to run as domain admin, it doesn’t automatically think that you mean built in administrator, we are going to rename the administrator built in account.

  1. From the Start menu, type User, and select Edit local users and groups
  2. In the left hand pane, select Users.
  3. On the right hand pane, right click Administrator and select Rename
  4. Change the name to something other than Administrator. I’ve renamed mine to Admin.
  5. If you log out, and try to log in as COMPUTERNAME\Administrator it will state the password is incorrect. Change this to COMPUTERNAME\Admin then try your password. You should be able to log in.

Adding a DVD drive for ISO in Virtual Machine.

Before I can install SQL or SharePoint I need a way to install my ISO files onto my Virtual Machine. These steps will show you how to add a DVD player to your virtual machine that will allow you to read ISO files.

  1. Open up Hyper-V Manager, right click your Virtual machine that you are using for SQL & SharePoint and click settings.
  2. Within the settings window, under Hardware select SCSI controller. Then select DVD Drive, and click Add.
  3. Then ready for the next step, select Image File: and find your SQL Server 2016 Standard Edition ISO file.

Building SharePoint 2016 development environment – Part 5 – Creating Certificate Authority.

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Installing Certificate Authority

To allow our SharePoint sites to use SSL, these certificates come from a trusted certificate authority. This is what we are going to create

  • On your domain controller, open up Server Manager
  • On the right, click Manage > Add Roles and Features
  • Click Next
  • On Select installation type ensure that Role-based or feature based installation is selected. Click Next
  • On Select destination server screen, keep default choice of your domain controller, and click Next.
  • Select Active Directory Certificate Services and click Add Features when dialog pops up. Click Next.
  • On Select features click Next.
  • On Active Directory Certificate Services screen, it informs you how you cannot change the name or domain settings of this computer. Click Next.
  • On Select role services, select the following
    • Certification Authority
    • Certificate Enrollment Policy Web Service
    • Certificate Enrollment Web Service

    Click Add Features when prompted.

  • On Web Server Role (IIS) click Next.
  • On the Select role services click Next
  • Tick the Restart the destination server automatically if required, say yes to the dialog prompt. Then click Install.
  • Once the installation completes, you need to configure the Certification Services, click the link Configure Active Directory Certificate Services on the destination server
  • On the Credentials screen, ensure you are using domain admin account. Click Next
  • On Role Services tick Certification Authority, then click Next
  • On Setup Type, leave the default of Enterprise CA, click Next
  • Since this is the first CA in the domain, on CA Type leave the default of Root CA. Click Next
  • On Private Key leave it as Create a new private key and click Next
  • On Cryptography for CA select SHA256. Click Next
  • On CA Name, for development environment, I recommend to rename it to something simple like MY-CA or you can leave as is (You’ll need to remember this much later). Click Next.
  • On Validity Period, you can change the number of years if you wish. I would imagine in 5 years SharePoint 2016 will be old hat, and be using SharePoint 2020. Click Next.
  • Accept the default locations of the CA Database. Click Next.
  • On the final screen, Confirmation, click Configure. You will be presented with a succeeded screen. Click Close. You will be prompted with a Do you want to configure additional role services? Dialog. Click Yes.
  • After clicking yes, you will be presented back with the Credentials screen. Click Next
  • On the Role Services screen, now select both Certificate Enrollment Web Service and Certificate Enrollment Policy Web Service. Click Next.
  • On the CA for CES screen, leave as is and click Next. This will allow your target CA to issue web certificates to SharePoint and other web servers. Click Next.
  • The Authentication Type for CES keep as the default Windows integrated authentication click Next.
  • On Service Account for CES switch the radio button to use Use the built-in application pool identity. Click Next
  • The Authentication Type for CEP leave as Windows integrated authentication. Click Next.
  • On the Server Certificate screen, select your existing self-signed certificate. Click Next
  • On the last screen, click Configure.
  • Finally, you are presented with success messages. Click Close.

Your Certificate Authority is now complete and read to give our certs to your SharePoint farm. This will be configured later after we have at least installed SharePoint.

Setting up a Global Policy for Certificate Enrollment.

Here we are going to change a global policy for all machines added to the domain. This is so Auto enrollment of certificate policies is allowed.

  1. Open up the Group Policy Management console, by typing gpmc.msc in a run window.
  2. Expand the Forest down to our domain.
  3. Right click the domain and select Create a GPO in this domain, and Link it here…
  4. In the New GPO dialog, give it the name of Cert Enrollment Policy, and click OK.
  5. In the left pane of Group Policy Management expand your domain and at the top you should see Cert Enrollment Policy, right click it and select edit.
  6. Navigate down to Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies and double click Certificate Services Client – Auto Enrollment
  7. In the dialog, set the Configuration Model to Enabled. Click OK.

We have reached the end of this blog post. It again could be a good idea, to shut the machine down and create a new checkpoint.

Upgrading to Windows 10, step by step

Posted on by

It’s has been a very long while since I have written a blog, and this one is an easy one, hopefully there will be enough screenshots and walkthrough steps that it will help even the most basic user who never heard of Azure/SharePoint (which is what I’m normally talking about). Today I upgraded my Mums PC from Windows 7 to Windows 10. At the same time I also upgraded a Windows 8 PC to Windows 10 and the steps were exactly the same. Here I am going to walk through the simple steps, with lots of screen shots that I took on my phone. I do state many times in this blog that you are waiting, or things go slowly, this can be true if you have an old spec pc that you are upgrading. Like I said, I was using my Mum’s PC, which used to be an XP machine that I brought a copy of Windows 7 for, and now upgrading it to Windows 10.

Windows 10 is FREE to anyone who owns a legitimate copy of Windows 7, Windows 8 or Windows 8.1 for the first year of Windows 10 release. Once you have upgraded, that machine will be able to re-install Windows 10 at any point in the future. This isn’t a trial period of a year, this is a completely, free legitimate upgrade to Windows 10 that is yours to keep for now until… well… Windows 11 I suppose (Or you buy a new PC).

If you do have a legitimate copy of Windows 7, 8 or 8.1, you should see a Windows symbol in your notification area on your task bar, which if you double click on it, you can reserve your free copy of Windows 10.

Now before you can install Windows 10, it needs to be downloaded on your pc. This is supposed to happen through Windows update, as Microsoft is releasing Windows 10 to people globally in waves and you will be notified when it’s ready on your PC. (See Image below), however you can download it today without waiting for a notification.

There are places on the internet that shows you how to force the download of Windows 10. The steps are below (but they didn’t work for me!)

  1. Navigation to c:\Windows\SoftwareDistribution\Download
  2. Delete everything in this folder. This will give Windows Update a clean slate.
  3. Open up the command prompt by hitting the Windows key and typing in Cmd, right click and choose “Run as administrator”
  4. In the command prompt type ‘wuauclt.exe /updatenow
  5. This will kick off Windows Update, and have a Windows Update saying that it is downloading Windows 10.

As I said this didn’t work for me. I tried on 2 PC’s. One of them did state in the Windows Update history that Windows 10 was attempted and failed to download.

What worked for me.

Microsoft has a Windows 10 download page. https://www.microsoft.com/en-us/software-download/windows10  Head to this page and at the bottom of the page, you can click either download button. Either the 32 or 64 bit version. You have to use the version that matches your current Windows version. You can find this out by opening File Explorer. Right clicking on This PC, and selecting Properties.


On the System window that opens, it will state your current Windows version (Windows 10 will be the equivent version of your current Windows version), and under System it will state if your system is running 32 bit windows or 64 bit windows.

Back to the Windows 10 Download page, click the correct version of the Download tool.

Once downloaded, run the tool. A Windows 10 Setup dialog will pop up asking if you want to ‘Upgrade this PC now‘ or ‘Create installation media for another PC‘. I am not going to talk about Create installation media for another PC, this just allows you to copy the Windows 10 files onto a DVD or USB stick so that you can install on other machine (that are also entitled to the free upgrade). Leave Upgrade this PC now selected and click Next

Windows 10 will start downloading.

Once it has downloaded the files it requires, it will then start preparing your PC for Windows 10. (Following pictures are now all taken by my phone)

Then it checks for updates.

Gets a few things ready, not sure what!

Then you need to read and agree to the Licence terms, well at least click Accept.


The screen will then indicate to you what you needs to be done if you contine. On my surface, I had to reboot at this point to upgrade the firmware before I could continue. With the message below, I just need to click the OK button to accept that I understand that my English language could turn back to American English, and that I will need to re-install language packs.

Finally! I’m ready to install. Click Install.

After I clicked Install, the screen went completely blue, no longer in the dialog, and Windows 10 started installing. The PC does reboot several times, and it does take a while.

Then the screen went black and I got an Upgrading Windows message, with a large circle that pulses and a percentage slowly, very slowly creeps up.

Eventually it got there to 100% and I was welcomed. (Well my Mum was, being her PC).

Next you get to Customise settings or Use Express settings. I always like to customise, but you could just hit Use Express settings and skip the next 3 screenshots.

I went through the setting and turn on or off what I felt suited.


Then you are told about the new apps that comes with, (sorry, built for) Windows 10.

At this point, if you have a password, you will be asked to sign in, or you will logged in automatically.

Then I’m told, ‘This won’t take long‘, which means it probably will. At this point it is just setting up your apps, settings, configuration etc.

Windows 10 has it all handled, don’t you worry.

Apparently tweaking is involved.

Told you it was going to take a bit of time.

Then I got a blank screen!!!! Just a cursor moving about. Argh!

Don’t panic, I searched the internet and found out why. It appears to be happening on some Dell machines and read my next blog quickly to solve your issue.

If you don’t see a blank screen, you will see your new shiny, Windows 10 desktop. And in my Mum’s case a picture of a very young me, with my late Grandad and sister.

I hope these screenshots were simple enough for you to follow, or read through first and realise it’s not going to be that bad. Enjoy your Windows 10.

Windows 8/ Windows Server 2012 basic help getting around.

Posted on by

Windows 8 / Windows 2012 are interesting OSs. There are new features that take a while to get used to.

  • There is no Start Menu. There is now a start screen. To access it, move the mouse towards the left hand corner of the screen, a small start square will appear. Click it to display the start screen. Or press the key.
  • Apps – When you click on an app, it opens full screen. You cannot re-size or minimize. There is no close button. To close them put the mouse at the top of the screen. The mouse pointer will change to a hand. Click and drag the page to the bottom of the screen, as if you are throwing the application away. This is how you close it.
  • Charms – By moving your mouse to the right of the screen, (near the top right or near the bottom right) icons will pop out from the side. Search, Share, Start, Devices, Settings. Or ( + C)
    • Search – Clicking search will allow you to search for apps, settings, or file.
    • Share – I’m assuming you can share stuff by clicking on this, so far I get the message saying I’m unable to share anything.
    • Start- This toggles the start screen menu and the desk top.
    • Devices – If you have dual screens, selecting this will allow you to share your screen differently to a second screen.
    • Settings – Here you can configure how the pc is setup. Also it gives you information about network, sound, brightness, notifications, power and keyboard
  • How do you shut down? Using the Settings Charm ( + C), click Power. You then get the option to Sleep, Shut Down, Restart.

Creating your Hyper V Windows Server 2012 machine from a differencing disk

Posted on by

Differencing disks are a way to save space, but still deploy the same amount of virtual machines. This solution allows you to create one parent image with a base Windows installation (including common patches/updates and software) and then set up all other VM’s based on that one parent image. So, you’d create one parent image, 30GB in size, with Windows Server 2012 plus all the latest updates, and then create child images for each other VM, only the changes between the parent and child are stored in the child disk.

As you can see above, there is a Windows Server 2012 virtual disk of 30GB. By using it as a differential disk, I can create 4 virtual machines (SharePoint 2012, Azure, Office WebApps, MetaStorm Server) which once booted will already have Windows Server 2012 on it, they then get the relevant software installed for that server. The child disks will grow with the difference between parent and child. If you built each machine from scratch without a differencing disk they would take up over 156GB of hard drive space. By using differencing disks you only use up 66GB of space.  Create your base Windows 2012 vhdx file, and get it to a state that has all that you need on all machines, and then sysprep it. This puts it in a state ready to be activated for the first time. This will allow you to re-use this Virtual Disk multiple times for multiple Hyper V machines if you set up the Hyper V machine with a differencing disk, as shown in the diagram above. Steps to create your first differencing using Windows 2012.vhdx as your parent disk.

  1. Open up Hyper-V manager, in the actions panel (top right) click New -> Hard Disk. On the Wizard click Next.
  2. Choose the disk format as VHDX. Click Next.
  3. Select Differencing. Click Next.
  4. Specify the Name for your child virtual disk. So in my example SharePoint2013. Set the location on a different physical drive. This will give better performance. E.g. D:\Virtual Machines\HardDisk\SharePoint2013\. Click Next.
  5. Specify the location of the parent disk. E.g. C:\virtual Machines\Hard Disk\Windows 2012.vhdx. Click Next
  6. Click Finish.

Steps to create your virtual machine using your differencing disk.

  1. Open up Hyper-V manager, in the actions panel (top right) click New -> Virtual Machine. On the Wizard click Next.
  2. Name your virtual machine (e.g Sharepoint 2013). Tick “Store the virtual machine in a different location”. Set the location as for example d:\Virtual Machines\. Click Next.
  3. Set your start up memory. My Sharepoint machine will use 10GB of memory therefore I’ll type in 10240. Do not use Dynamic Memory for SharePoint I have been informed.
  4. (Assuming you have followed this blog and done steps 2 and 3 from sub heading Creating a new Hyper V machine from your VHD files) Configure networking to use the connection External Switch. Click Next
  5. Select Use an existing virtual hard disk, then select the child hard disk, for example d:\virtual machines\Hard disk\SharePoint2013\SharePoint2013.vhdx. Click Next.
  6. Click Finish.

     You can now start your virtual machine.