Tag Archives: Dev Machine

Building SharePoint 2016 development environment – Part 16 – Installing and setting up Visual Studio

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

The last part of the 16-part series is to install and set up visual studio so you can start developing on your machine.

I’m going to use Visual Studio 2015 Community edition, this might not be suitable for you, you might have access to Visual Studio 2015 Enterprise/Professional edition. Also there is Usage agreements to the Visual Studio 2015 Community edition, which if in an organisation you might be breaking the licensing agreement.

Downloading Visual Studio Community

  1. Open a browser, and go to URL https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx
  2. Click Download Community 2015 button
  3. Run or Save then run, the download file.
  4. Once the installer has started, select Custom then click Next
  5. On the Select Features screen, I didn’t need to select anything and clicked Next. However, you might want extra programming languages, maybe the common tools such as the Git for Windows extension.
  6. Click Install.
  7. When finished, you will be asked to reboot your machine. Click Restart Now.

Configuring Visual Studio

  1. After your server has rebooted, Sign in and open Visual Studio
  2. You will be presented with a screen to connect to your developer services, if you have any sign in now. It is worth looking into if you are planning on doing some Azure, as you can get some free credits by signing up to Visual Studio Dev Essentials https://www.visualstudio.com/en-us/products/free-developer-offers-vs.aspx. Either sign in, or click Not now, Maybe later.
  3. It will prepare Visual Studio for you on your machine as it is the first time it has been opened.
  4. First thing to do once open is check if there are any updates required. From the Visual Studio menu click Tools > Extensions and Updates… Update anything that needs updating.

Installing Office and SharePoint 2016 Developer Tools

After installing all your updates for Visual Studio, if you go and try to create a new project, you will find that there is no Office/SharePoint templates.

You will need to install this. Note: If you have already installed Microsoft Office Developer Tools for Visual Studio 2015 and Microsoft Office Developer Tools Preview for Visual Studio 2015, you will need to uninstall these first otherwise SharePoint 2016 projects will not show up in Visual Studio.

  1. In a browser go to the URL https://www.microsoft.com/en-us/download/details.aspx?id=51683 and click Download to download Microsoft Office Developer Tools Preview 2 for Visual Studio 2015
  2. Select 14.0.23930\enu\cba_bundle.exe. Once downloaded, run.
  3. Click Install
  4. After it has successfully installed, you can click Close
  5. Open Visual Studio 2015 (Don’t forget to run as Administrator)
  6. Click File > New > Project
  7. Under Templates > Visual C# > Office/SharePoint > SharePoint Solutions and you should see the SharePoint 2016 templates.

Getting around the cannot connect to the target site message.

If you continued from the last part to create a SharePoint project and tried to connect to SharePoint, you would have got the following message about SharePoint solutions only work with locally-installed version of SharePoint Foundation or SharePoint Server.

To get around this problem you have to add the URL’s to your host file.

  1. Open Notepad as administrator
  2. Open the file C:\Windows\System32\drivers\etc\hosts. (You will need to look at all files, not .txt files to see it)
  3. Add the following lines and then save the hosts file.
    127.0.0.1 dev.cfcode2016.com

    127.0.0.1 intranet.cfcode2016.com

  4. Now when you click the Validate button in Visual Studio – SharePoint Customization Wizard you will get a connection successful message.

Other programs to install

You might decide not to use Visual Studio 2015, and use Visual Studio Code as I’m aware some developers are now doing, mainly because it is a lot faster to run on the machine. You might also want to install Office products such as Word/Excel.

Removing old Checkpoints.

Now your machines are complete, you probably don’t have a reason to go back re-apply an old checkpoint. Therefore it make sense to clean them up. After all every time you take a checkpoint a new file is created on your host, and the difference between your original or previous checkpoint file is stored within this new file. If you take a look at where your Virtual Machine stores it’s hard drive, there will be multiple files, all quite large in size. Not including the folders, this takes up over 85GB of space on my host machine.

  1. Ensure that your Hyper V virtual machines are shut down.
  2. Here you can either delete just the CheckPoints you want, or delete the whole subtree. As I don’t need to keep any of my checkpoints, I’m going to select the top checkpoint and then click Delete Checkpoint subtree from the right pane.
  3. Click Delete on the confirmation dialog box.
  4. If you look back where you store your Virtual Machines its hard drive, it looks a lot less messy, and uses up less space. (Total over 47GB)

Thank you for reading this series, hopefully you found it useful.

Building SharePoint 2016 development environment – Part 15 – Configuring Workflow

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

The configuration of the Workflow Manager for SharePoint 2016 is the same as it was for SharePoint 2013. Not only do you need to install the separate Workflow Manager components, once installed SharePoint designer will show SharePoint 2013 Workflow in a dropdown when deciding which platform to build the workflow on.

We will be installing Workflow Manager 1.0 CU3. Although my instructions add all this to the SharePoint Machine, the reason why Microsoft have made the Workflow manager separate is for scaling. There is no need for this to be installed on the SharePoint box. You could create another Windows Server 2012 R2 and add that to the domain and run the Workflow manager on that. There are probably a few more steps required in configuring. Here is a full walkthrough provided by Microsoft Technet https://gallery.technet.microsoft.com/SharePoint-2016-Workflow-acd5ba2a if you wish to delve in deeper.

Installing SharePoint Designer 2013

Wait! SharePoint Designer 2013? Yes.

There is no SharePoint Designer 2016, there is no plan to release one either. Microsoft have stated that they will support SPD 2013 with SharePoint 2016. We are installing SharePoint Designer here because I can use it to prove if you have correctly configured Workflow Manager with SharePoint 2016 correctly.

SharePoint Designer 2013 is a free tool from Microsoft.

  1. Download SharePoint Designer 2013 32bit from the Microsoft Site.
    https://www.microsoft.com/en-GB/download/details.aspx?id=35491
  2. Once downloaded run the file sharepointdesigner_32bit.exe
  3. Accept the License terms and click Continue.
  4. Click Install Now, (Unless you wish to customise and change file location, user information etc)
  5. Once installed, I’d recommend performing a Windows Update. From the Start Menu, type Windows Update, open the application and run any updates required. Reboot if necessary.

Check to see Workflow settings in SharePoint Designer

  1. From the start menu, type SPD and open SharePoint Designer 2013.
  2. Once it has loaded up, click Open Site
  3. Type the URL https://dev.cfcode2016.com click Open
  4. If prompted, enter your credentials
    User: cfcode2016\SP_SetupPassword: Pa55w0rd
  5. From the Navigation menu, select Workflows

  6. On the ribbon menu, select List Workflows > Documents

  7. In the Create List Workflow dialog, at the bottom you will see a dropdown box for Choose the platform to build your workflow on. Only SharePoint 2010 will be listed.

  8. When we come back to this later, we will see SharePoint 2013 Workflow. Close SharePoint Designer for now.

Configuring Workflow Manger accounts

The Workflow Manager will run under new accounts that we haven’t created yet.

  1. On the Domain Controller machine, in the start menu, type Active Directory Users and Computers and open it.
  2. Expand the tree in the left hand pane to see the Managed Service Accounts OU. Select the Managed Service Accounts OU.
  3. Right click in the right hand pane, and select New > User.
  4. Create a user called SP_Workflow. Set the full name and log on name to SP_Workflow. Click Next.
  5. In the password dialog screen, enter the following and click Next
    1. Password and Confirm Password as: Pa55w0rd
    2. Untick User must change password at next logon.
    3. Leave User cannot change password as unticked
    4. Tick Password never expires
    5. Leave Account is disabled as unticked
    6. Click Next. Then click Finished.

Setting up SQL with the correct Security Accounts

  1. On the SharePoint Machine, from the start menu, type SQL Server Management Studio and open up the application
  2. In SQL Server click Connect. (This should be to SQL2016 database instance).
  3. In the left hand menu expand Security. Right click Logins. And select New Login…
  4. In the Login – New dialog box, click the Search button.
  5. Click the Locations button and select Entire Directory.
  6. Type SP_Workflow in the Enter the object name to select, and click Check Names. This will resolve the name. Click OK.
  7. In the left hand panel select Server Roles.
  8. Tick both securityadmin and dbcreator then click OK.
  9. Close down SQL Server Management Studio

Giving SP_Workflow administrative rights on the SharePoint machine.

  1. From the start menu, type Edit local users and groups and open up the application.
  2. In the left hand panel, select Groups
  3. In the right hand pane, double click Administrators
  4. On the Administrators Properties dialog box, click Add
  5. Type SP_Workflow in the Enter the object name to select, and click Check Names. This will resolve the name. Click OK.
  6. Close Edit local users and groups.

Install the Microsoft Web Platform Installer 5.0

  1. Go to the URL https://www.microsoft.com/web/downloads/platform.aspx and download the latest Microsoft Web Platform Installer
  2. Once downloaded run the file wpilauncher.exe
  3. If like my machine it is already on there, it will just open the Web Platform Installer 5.0 else it will install it for you. Accept the License Agreement and click Install. Then click Finish when complete.

Install Workflow manager

  1. From the Start menu, type Web Platform Installer and open the application

  2. In the search box in the top right of the screen, type Workflow Manager and press Enter.
  3. Click Add on the Workflow manager 1.0 Refresh (CU2) and click Install at the bottom.

  4. Click I Accept

  5. When complete, click Continue.

  6. Click Finish.

  7. Close the Workflow Manger Configuration Wizard that has popped up.

Apply Cumulative Update 3.0 for Workflow Manager 1.0

  1. Close and re-open the Web Platform Installer 5.0 we are going to install the CU 3. (You need to close and re-open otherwise the installer thinks Workflow Manger 1.0 hasn’t been installed)
  2. Type Workflow Manger and press Enter in the top right search box.
  3. Click Add for Workflow Manager 1.0 Cumulative Update 3, then click Install at the bottom.
  4. Click I Accept. Once installed click Finish. Click Exit on the Web Platform Installer.

Configure the Workflow manager

  1. From the start menu, type Workflow Manager Configuration
  2. Click on Configure Workflow Manger with Custom Settings
  3. In the Configure Farm Management Database,
    1. Enter your SQL Server Instance: sql2016.cfcode2016.com
    2. Tick Use the above SQL Server Instance and Settings for all Databases
    3. Enter the Database Name: WF_ManagementDB
    4. Click Test Connection button to ensure all working OK.
  4. In the Configure Instance Management Database
    1. Enter the Database Name: WF_InstanceManagementDB
    2. Click Test Connection button to ensure all working OK.
  5. In the Configure Resource Management Database
    1. Enter the Database Name: WF_ResourceManagementDB
    2. Click Test Connection button to ensure all working OK.
  6. In the Configure Service Account
    1. Enter the User ID: CFCODE2016\SP_Workflow
    2. Enter the Password: Pa55w0rd
  7. In Configure Certificates
    1. Leave Auto-generate ticked
    2. Certificate Generation Key: Pa55w0rd
    3. Confirm Certificate Generation Key: Pa55w0rd
  8. In Configure Ports leave default port numbers
    1. https: 12290
    2. http: 12291
    3. Leave Allow Workflow management over HTTP on this Computer unticked
    4. Leave Enable firewall rules on this compute unticked (As we have disabled our firewall)
  9. In Configure Admin Group
    1. Leave BUILTIN\Administrators
  10. Click Next button
  11. On the Service Bus Configuration page, please provide the following
  12. In Configure Farm Management Database
    1. Enter the Database Name: Sb_ManagementDB
    2. Click Test Connection button to ensure all working OK
  13. In Configure Gateway Database
    1. Enter the Database Name: Sb_GatewayDB
    2. Click Test Connection button to ensure all working OK
  14. In Configure Message Container Database
    1. Enter the Database Name: Sb_MessageContainerDB
    2. Click Test Connection button to ensure all working OK
  15. In Configure Service Account
    1. Tick Use the same service account credentials as provided for Workflow Manager
  16. In Configure Certificate
    1. Tick Auto-generate
    2. Tick Use the same certificate generation key as provided for Workflow Manager
  17. In Configure Ports
    1. https: 9355
    2. tcp: 9354
    3. Message Broker Port: 9356
    4. Internal communication Port Range: 9000
    5. Untick Enable firewall rules on this computer (as we have disabled out firewall)
  18. In Configure Admin Group
    1. Leave BUILTIN\Administrators
  19. Click Next button
  20. On the Summary page, click the Tick button at the bottom right of the screen to start installation.
  21. The configuration process can take up to 10 minutes to complete. Once complete, you will see a success pag

Add Workflow Manager Certificate into SharePoint

  1. In Start Menu, type IIS and open Internet Information Services (IIS) Manager
  2. Expand your server name, and Sites. You will now see a site called Workflow Management Site

  3. Click on Workflow Management Site, then on the right hand pane, click Bindings
  4. Select https and click edit.

  5. On the Edit Site Binding, under SSL certificate you will see a Certificate that matches your Server Name. Click the View button.

  6. On the Certificate dialog, click on the Details tab.
  7. Then click Copy to File button.
  8. On the Certificate Export Wizard click Next.
  9. On the Export Private Key page, select No, do not export the private key, click Next

  10. On Export File Format page, select DER encoded binary X.509 (.CER) Click Next
  11. On File to Export page, select a path and filename on your machine. Click Next.

  12. Click Finish. You will receive a successful export message.

Import Certificate into SharePoint Trust

  1. Open SharePoint 2016 central administration
  2. Under Security > General Security click Manage Trust
  3. Click the New button in the ribbon.
  4. On the Establish Trust Relationship page, enter following information:
    1. Name: Workflow Manager
    2. Root Authority Certificate: <Select your file from previous steps>
  5. Click OK.
  6. You will see your certificate in the store.

Register Workflow Service Proxy

  1. In Start Menu, type SharePoint 2016 management Shell (run as administrator) and open the application
  2. In the console type:
    Register-SPWorkflowService -SPSite "https://intranet.cfcode2016.com&quot; -WorkflowHostUri "https://cfsp2016.cfcode2016.com:12290&quot;
    view raw RegisterWorkflow.ps1 hosted with ❤ by GitHub

Verify the Configuration of Workflow Manager.

  1. Open SharePoint 2016 central administration
  2. Click Application Management
    > Manage services applications
  3. At the bottom of the Manage Services Applications page, there will be Workflow Service Application Proxy

  4. If you click on Workflow Service Application Proxy it will take you a status page that will show you that workflow is now connected.

Check to see Workflow Settings are working in SharePoint Designer

  1. From the start menu, type SharePoint Designer and open the application
  2. Once SharePoint designer has opened, click Open Site.
  3. Type the URL https://dev.cfcode2016.com click Open.
  4. If prompted, enter your credentials
    User: CFCode2016\SP_Setup
    Password: Pa55w0rd
  5. From the Navigation menu, select Workflows
  6. On the ribbon menu, select List Workflow > Documents
  7. In the Create List Workflow dialog, at the bottom you will see a dropdown box for Choose the platform to build your workflow on. Both SharePoint 2010 and SharePoint 2013 should be listed if the Workflow is set up correctly.

We are almost at the end. You SharePoint farm is configured to give you a good start as a development machine. Only thing left now is actual development tools. That will be covered in my final post of the series. Shut down your machines, take a checkpoint. (We will remove checkpoints in the last post)

Building SharePoint 2016 development environment – Part 14 – Enterprise Search Centre

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Creating a vanity name

  • Log into your domain controller. In Start type DNS and open the DNS Manager.
  • In the left hand pane, expand Forward Lookup Zones and click on cfcode2016.com
  • Right click on cfcode2016.com and select New Host (A or AAAA)…
  • Put in the name search, put the IP address point to the SharePoint Server. 192.168.137.200. Click Add Host

Search Centre Web application

We are now going to create a new Web Application for our Search center site. We are going to create a path-based site collection.

  1. From the start menu, type SharePoint 2016 Central Administration and open the site.
  2. Select Application Management > Manage Web Applications.
  3. In the ribbon click the New icon
  4. In the Create New Web Application dialog leave Create a new IIS web site selected and set up the following
    1. Name: SharePoint Search – 33333,
    2. Port:33333
    3. Host Header: <Leave Blank>
    4. Path: <Leave as default>
    5. Allow Anonymous: No
    6. Use Secure Sockets Layer (SSL): Yes
    7. Claims authentication Types: Leave as is, enabled, integrated, NTLM
    8. Application Pool: Search – 33333
    9. Select Security Account: CFCODE2016\SP_Search
    10. Database Name: SP_SearchDB
  5. Click OK.
  6. After Web Application created, click OK.

IIS Bindings and AAMs.

  • . In Start type IIS and open IIS Manager
  • Navigate to SharePoint Search -33333 and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the bindings for port 33333 and click Edit
  • Leave the host name blank, but select your certificate. Click Ok
  • Click Add
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Ensure you tick Require Server Name Indication. Enter the Host name as search.cfcode2016.com then select your certificate. Click OK
  • Open SharePoint 2016 Central Administration and select Application Management then Configure alternative access mappings.
  • On the right of the screen, change the Alternate Access Mapping Collection to SharePoint Search -33333
  • Click on the only entry https://cfsp2016:33333 and edit it to say https://search.cfcode2016.com, click OK.
  • Click Add Internal URLs enter https://cfsp2016:33333 click Save.
  • Click Add Internal URLs enter https://cfsp2016.cfcode2016.com:33333 click Save.

Create Search Centre Site Collection

  1. From Central Administration landing page, select Application Management then select Create site collections
  2. Ensure the Web Application is https://search.cfcode2016.com then enter the following information:
    1. Title: Enterprise Search
    2. URL: /
    3. Template Selection: Enterprise > Enterprise Search Center
    4. Primary Site Collection Admin: SP_Setup
  3. Click OK.
  4. Once site is created, just click OK.

Give All users visitors access to Search.

  1. Once the site has been created, navigate to https://search.cfcode2016.com
  2. Go to Site Settings. Click the Cog icon at the top right of the page, then select Site Settings.
  3. Under Users and Permissions, click Site Permissions
  4. Click on Enterprise Search Visitors.
  5. On the menu bar, click New > Add Users
  6. Type and select Everyone. Click Share.

Configure Search Service Settings

  1. Back in Central Administration, select Application Management then Manage service applications.
  2. Click on Search Service Application.
  3. On the Search Service Application page, the top of the screen is already asking you Where should user’s searches go? Click on the location link.
  4. Enter the URL as https://search.cfcode2016.com. Click OK.

Note: At this point I uploaded a document to my intranet.cfcode2016.com site.

Search Content Sources

Here we are going to configure the Content Sources so that it searches and brings back the correct content.

  1. Open SharePoint 2016 Central Administration.
  2. Open Application Management > Manage Service application > Search Service Application
  3. In the Quick Launch menu on the left, under Crawling click Content Sources
  4. Click on Local SharePoint Sites.
  5. In the Start Address remove everything apart from the following :
    1. https://hnsc.cfcode2016.com
    2. https://hnsc.cfcode2016.com:11111
  6. Under Crawl Schedules we are going to set it up to run full crawl once a week and incremental once day. You may configure this differently or not at all for you environment. It really depends how much you need search to be up to date. It is quite an intensive resource process, and we are running everything on one box. Under Incremental Crawl,
    click on Create Schedule
  7. Set the Type as Daily. Accept the defaults and click OK.
  8. Under Full Crawl, click on Edit schedule. Set the Type as Weekly. Accept the defaults and click OK.
  9. Click OK
  10. Back on the Manage Content Source page, click New Content Source in the menu and fill out the following:
    1. Name: People
    2. Content Source Type: SharePoint Sites
    3. Start Addresses: https://my.cfcode2016.com
      sps3s://my.cfcode2016.com
    4. Crawl Settings: Crawl everything under the hostname for each start address
    5. Crawl Schedule: (Same as Local SharePoint Sites, use the dropdown)

Setting the Super User and Super Reader account

  1. Back in SharePoint 2016 Central Administration, select Application Management > Manage Web Applications.
  2. Select SharePoint HNSC Web Application and then click User Policy from the ribbon.
  3. On the Policy for Web Application dialog, click the Add Users on the menu.
  4. Accept (All Zones) then click Next.
  5. Add the user cfcode2016\SP_SuperUser and tick Full Control. Click Finish
  6. Repeat steps 3-5 for cfcode2016\SP_SuperReader and give Full Read rights.
  7. Click OK and close Policy for Web Application.

Kick off a full crawl

  1. Head back to the Search Service Application Service (Application Management > Manage Service Applications > Search Service Application.
  2. On the quick launch menu area, look for Content Sources under Crawling and click it.
  3. On the Manage Content Source page, click Start all crawls. This will kick of search crawling on your server.
  4. After crawling had finished, I headed to https://search.cfcode2016.com and searched for my document I uploaded earlier called “typescript”

Issue with People Search.

If you go to your People Search and type * but find no results come back, and you have followed everything correctly, I would ask you to check one thing.

  1. In SharePoint 2016 Central Administration, go to Application Management > Manage Service Applications. Then highlight the SharePoint User Profile Service Application.
  2. Click Administrator from the ribbon. Ensure that SP_Search is in there and has the permission Retrieve People Data for Search Crawlers, and ensure that SP_Farm is in there with Full Control.
  3. After updating this, run another full crawl, then try People search again.

We are almost at the end of the blog series on building a SharePoint 2016 development machine. Two more posts to go. Setting up workflows and setting up Visual Studio. Shut down your machines, take a checkpoint.

 

Building SharePoint 2016 development environment – Part 13 – Configuring My Sites and User Profiles

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

My Sites

We are now going to create a new Web Application for our My Site site. However, we are not going to create a HNSC like we did for the other sites, here we are going to create path-based site collection.

Creating a Web Application for MySites

  1. From the start menu, type SharePoint 2016 Central Administration and open the site.
  2. Select Application Management > Manage Web Applications.
  3. In the ribbon click the New icon
  4. In the Create New Web Application dialog leave Create a new IIS web site selected and set up the following
    1. Name: SharePoint My Site Host – 22222,
    2. Port:22222
    3. Host Header: <Leave Blank>
    4. Path: <Leave as default>
    5. Allow Anonymous: No
    6. Use Secure Sockets Layer (SSL): Yes
    7. Claims authentication Types: Leave as is, enabled, integrated, NTLM
    8. Application Pool: MySites – 22222
    9. Select Security Account: CFCODE2016\SP_Content
    10. Database Name: SP_MySitesDB
  5. Click OK.
  6. After Web Application created, click OK.
  7. After you have created your Web Application, you should be returned to the Manage Web Application page. Select SharePoint My Site Host by clicking on it. This will highlight the line and items in the ribbon will become available to you.
  8. In the ribbon click the button Managed Paths
  9. In the Define Managed Paths dialog, tick Sites. Then click the link Delete Selected Paths.
  10. Now add a new path called personal and make it Wildcard inclusion
  11. Click OK.

IIS Bindings and AAMs.

  • . In Start type IIS and open IIS Manager
  • Navigate to SharePoint My Site Host -22222 and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the bindings for port 22222 and click Edit
  • Leave the host name blank, but select your certificate. Click Ok
  • Click Add
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Ensure you tick Require Server Name Indication.
    Enter the Host name as my.cfcode2016.com then select your certificate. Click OK
  • Open SharePoint 2016 Central Administration and select Application Management then Configure alternative access mappings.
  • On the right of the screen, change the Alternate Access Mapping Collection to SharePoint My Site Host -22222
  • Click on the only entry https://cfsp2016:22222 and edit it to say https://my.cfcode2016.com, click OK.
  • Click Add Internal URLs enter https://cfsp2016:22222 click Save.
  • Click Add Internal URLs enter https://cfsp2016.cfcode2016.com:22222 click Save.

Create My Site Hub

  1. From Central Administration landing page, select Application Management then select Create site collections
  2. Ensure the Web Application is https://my.cfcode2016.com then enter the following information:
    1. Title: My Site Hub
    2. URL: /
    3. Template Selection: Enterprise > My Site Host
    4. Primary Site Collection Admin: SP_Setup
  3. Click OK.
  4. Once site is created, just click OK.

Configuring SP_UserProfile account Active Directory Access

  1. On the Domain controller, log in as Domain Administrator
  2. Using Run, type adsiedit.msc
  3. Right click ADSI Edit and then select Connect To.
  4. On the Connection Settings dialog just click OK
  5. Expand the Default naming context.
  6. Right click on the folder underneath Default naming context and select Properties
  7. Select the Security tab, and add SP_UserProfile, giving the account “Read” and “Replicating Directory Changes” permissions.
  8. Click OK.

User Profile Service Application

  1. Back on the SharePoint box. From Central Administration landing page, select Application Management then select Manage Service applications
  2. Click New in the ribbon, and select User Profile Service Application put the following information (leave as, if I haven’t mentioned it).
    1. Name: User Profile Service Application
    2. Application Pool: Create New – SharePoint User Profile Service Application
    3. Account: CFCODE2016\SP_UserProfileWill need to register this account
    4. Profile Database Name: SP_ProfileDB
    5. Social Tagging Database: SP_SocialDB
    6. My Site Host url: https://my.cfcode2016.com
    7. My Site Managed Path: /personal
  3. Click Create, you will get a success message if created correctly.
  4. Back on the Manage Service Application page click the User Profile Service Application. (You might need to refresh the page first)

Configuring User Profile Service

  1. From within the Manage Profile Service screen underneath Synchronization click Configure Synchronization Connections
  2. Click Create New Connection
  3. Enter the following information:
    1. Connection Name: CFCode2016 AD import
    2. Type: Active Directory Import
    3. Connection Settings:
      1. FQDN: cfcode2016.com
      2. Account Name: CFCODE2016\SP_UserProfile
      3. Password: Pa55w0rd
      4. Port: 636 use SSL and filter out disabled user.
  4. Click Populate Containers
  5. Select Managed Service Accounts and Users.
  6. Click OK
  7. Click back on Application Management > Manage Service Applications > SharePoint User Profile Service Application to get back to Manage Profile Service screen.
  8. Click Start Profile Synchronization.
  9. Select Full Synchronization, then click OK.

After this has completed you will see the number of User Profiles gone up from 0 to a higher number (depending on how many accounts you have within your AD, apparently mine is at 12)


If I navigate to https://my.cfcode2012.com, after a bit of processing, I am able to see my One Drive for Business. Or if I navigate to https://my.cfcode2012.com/person.aspx I can see my profile information.

User Profile has changed for SharePoint 2016

The configuration I have set up above was pretty similar to what you would do in SharePoint 2013. However, things like user profile pictures don’t get imported. With SharePoint 2013 this was taken care of with some headbanging against a wall and using the FIM service. This has been removed in SharePoint 2016, and things don’t seem to be any easier. You now need to use the Microsoft Identity Manager Series, I won’t be configuring any of that here, but if you are interesting in learning about this please check out the following links

https://technet.microsoft.com/EN-US/library/mt627723(v=office.16).aspx

https://blogs.msdn.microsoft.com/spses/2016/07/19/overview-setup-of-mim-configuration-as-external-identity-manager-in-sharepoint-2016/

https://thesharepointfarm.com/2016/03/automating-mim-user-profile-synchronization-with-sharepoint-2016/

http://krossfarm.com/?p=145

My next blog post I will talk about setting up SharePoint Search. Time to check point your machines.

Building SharePoint 2016 development environment – Part 12 – Configuring Hosting Apps and HNSC

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Before I create the App Management Service, I’m going to create a separate Domain for the Apps. By creating a separate domain, it helps you write apps that won’t allow cross-site scripting between apps and SharePoint site.

Configuring Hosting Apps

First we need to configure DNS

  1. Go to you Domain Controller and from the Start Menu type DNS, and open the application.
  2. In the Left Hand panel, right click Forward Lookup Zones and select New Zone… Click Next
  3. Keep the Primary zone selected and Store the zone in Active Directory ticked.
    Click Next
  4. Leave the option To all DNS servers running on domain controllers in this domain: cfcode2016.com. Click Next
  5. Here you enter the domain name, type cfapps.com. Click Next
  6. Leave the top option selected and click Next
  7. Click Finish. You will see your new domain showing in the Forward Lookup Zones in DNS.
  8. Now right click on cfapps.com and select New Alias (CNAME) …
  9. Type * for Name
  10. Set the FQDN of the server that hosts the SharePoint sites, CFSP2016.cfcode2016.com in my case. Click OK.

    If you are using more than one server, you should be pointing to the DNS record of the web server in here. This is either the DNS A record for the web server, or the DNS record of the primary cluster address for NLB environments.

    Now if you open a command window and type in nslookup something.cfapps.com it will resolve to your SharePoint server.

Configuring SharePoint 2016 for Hosting Apps

I would recommend to copy the following powershell script and running it as a ps1 file (CreateAppService.ps1 from my one drive). Change the Change any of the variables to match your environments.

  1. On the SharePoint box, logged in as SP_Setup, from the Start Menu, type SharePoint 2016 Management Shell.
  2. Run the Script
    if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null)
    {
    #Add SharePoint PowerShell Commands
    Add-PSSnapin "Microsoft.SharePoint.PowerShell"
    }
    $DatabaseServerName = "SQL2016"
    $AppPoolName = "Default SharePoint Service App Pool"
    $AppPoolUserName = "CFCODE2016\SP_Services"
    $AppDomain = "cfapps.com"
    $SubSettingsName = “Subscription Settings Service”
    $SubSettingsDB = “SP_SubscriptionSettingsDB”
    $AppManagementName = “App Management Service”
    $AppManagementNameProxy = "App Management Service Proxy"
    $AppManagementDB = “SP_AppManagementDB”
    $SubSvc = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $AppPoolName –Name $SubSettingsName –DatabaseName $SubSettingsDB
    $SubSvcProxy = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $SubSvc
    Get-SPServiceInstance | where-object {$_.TypeName -eq $SubSettingsName} | Start-SPServiceInstance > $null
    $AppManagement = New-SPAppManagementServiceApplication -Name $AppManagementName -DatabaseServer $DatabaseServerName -DatabaseName $AppManagementDB –ApplicationPool $AppPoolName
    $AppManagementProxy = New-SPAppManagementServiceApplicationProxy -ServiceApplication $AppManagement -Name $AppManagementNameProxy
    Get-SPServiceInstance | where-object {$_.TypeName -eq $AppManagementName} | Start-SPServiceInstance > $null
    Set-SPAppDomain $AppDomain
    Set-SPAppSiteSubscriptionName -Name “apps” -Confirm:$false
    view raw CreateAppService.ps1 hosted with ❤ by GitHub
  3. To verify the script configured SharePoint 2016 correctly open Central Administration
    1. Under Application Management click Manage Service Application.
    2. You should now have two new service application created
      1. App Management Service Application
      2. Subscription Settings Service Application
    3. Now Navigate to System Settings by clicking the link on the left menu
    4. Under Servers
      click the link Manage Services on Server.
    5. Check that the following services have started
      1. App Management Service
      2. Microsoft SharePoint Foundation Subscription Setting Service
    6. On the left hand menu, click on Apps
    7. Under App Management, click the link Configure App URLs
    8. Verify that:
      1. App Domain: cfapps.com
      2. App Prefix: app

Configuring SharePoint Server 2013 for Host-Named Site Collection and create Initial Site Collections.

Here we are going to create Host Named Site Collection (HNSC) for testing and hosting our apps. Microsoft recommends this because the Office 365 environment uses host-named site collections, new features are optimized for these site collections and they are expected to be more reliable. More can be found out directly from the technet article: http://technet.microsoft.com/en-us/library/cc424952.aspx . The only sites within your environment you should use Path Based Site Collections (PBSC) are Search Center and MySites. HNSC aren’t really needed for Search Center. The only way you can create HNSC is via powershell. So this is what we are going to do.

Register SP_Content

  1. Open SharePoint Central Administration
  2. Select Security > Configure managed Accounts.
  3. Click Register Managed Account
  4. Type Username as cfcode2016\SP_Content and the password as Pa55w0rd. Then click OK.

Create a new Web Application

Open up a PowerShell window and put the following: (change the port number if you wish) (CreateHNSC.ps1)

$applicationPool = "SharePoint - HNSC - 11111"
$ServiceAcct = "cfcode2016\SP_Content"
$WebApp = "SharePoint HNSC Web Application"
$contentDB = "SP_HNSC_ContentDB"
New-SPWebApplication -ApplicationPool $applicationPool -ApplicationPoolAccount $serviceAcct -Name $WebApp -Port 11111 -AuthenticationProvider (new-spauthenticationprovider) -databaseName $contentDB -secureSocketsLayer
view raw CreateHNSC-1.ps1 hosted with ❤ by GitHub

Configuring the Alternative Access Mapping

  • From the Start Menu
    open SharePoint 2016 Central Administration, this ensures it runs as Administrator.
  • Click Application Management, then under Web applications,
    click Configure alternative mappings.
  • On the right hand side of the screen, Change the Alternate Access Mapping Collection to point to SharePoint HNSC Web Application.
  • Click the internal URL for https://cfsp2016:11111 so that you can edit it. Change the URL protocol, host to https://hnsc.cfcode2016.com
  • Click OK.
  • Back on the Alternate Access Mapping Screen, click Add Internal URLs and add a new Internal URL for each of the following listed below. Screenshot below

Add certificates to IIS

  • In Start type IIS and open IIS Manager
  • Navigate to SharePoint HNSC Web Application and then on the right hand panel, click Bindings…
  • On the Bindings dialog, click Add…
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Enter the Host name as hnsc.cfcode2016.com,
    and tick Require Server Name Indication then select your certificate you created earlier. Click OK
  • Add the binding for host names dev.cfcode2016.com and intranet.cfcode2016.com, ensure the Type is https, you have ticked Require Server Name Indication and you have selected your certificate.

Creating the Top level Site

Because the top-level site is an HNSC is not going to be used by anyone in the site. Therefore, this PowerShell script will create a blank site. (CreateHNSC.ps1)

  1. In PowerShell run the following script:

    New-SPSite -Url "https://hnsc.cfcode2016.com:11111&quot; -OwnerAlias "cfcode2016\SP_Setup" -Template STS#1
    view raw CreateHNSC-2.ps1 hosted with ❤ by GitHub

Site Collections

Here we are going to create a TeamSite called Intranet.cfcode2016.com and a developer site called dev.cfcode2016.com. Please note you can only create, debug and test apps using a developer site. You could type the PowerShell into notepad, save the file as PS1 and run it from SharePoint 2016 Management Shell, instead of typing each row directly. We are first going to create 2 databases, one for each Site collection. This is good practice for backups and restore purposes.

  1. From the Start Menu, type SharePoint 2016 Management Shell, and open the application. (CreateHNSC.ps1)
  2. Type
    $devdb = “SP_DEVDB”
    $intranetdb = “SP_IntranetDB”
    $webApp = “SharePoint HNSC Web Application”
    #Build Databases
    new-SPContentDatabase -Name $devdb -WebApplication $WebApp -WarningSiteCount 0 -MaxSiteCount 1
    new-SPContentDatabase -Name $intranetdb -WebApplication $WebApp -WarningSiteCount 0 -MaxSiteCount 1
    $hnsc = Get-SPWebApplication | Where-Object {$_.DisplayName -eq $webApp}
    New-SPSite -Name “CF Development” -Url https://dev.cfcode2016.com –HostHeaderWebApplication $hnsc -OwnerAlias “cfcode2016\SP_Setup” -Template “DEV#0” -contentDatabase $devdb
    New-SPSite -Name “CF Intranet” -Url https://intranet.cfcode2016.com –HostHeaderWebApplication $hnsc -OwnerAlias “cfcode2016\SP_Setup” -Template “STS#0” -contentDatabase $intranetdb
    view raw CreateHNSC-3.ps1 hosted with ❤ by GitHub

To verify that the host-name site collections are created:

  1. Open up SharePoint 2016 Central Administration
  2. Under Application Management click View all Site Collections
  3. Ensure the Web Application is pointing to the HNSC web and you should see the two site collections plus the root site.
  4. By clicking on the different site collections, you will also see that the Database Name is assigned correctly to the correct database as set up in our PowerShell script.
  5. You can also navigate in a browser to https://dev.cfcode2016.com or https://intranet.cfcode2016.com. Notice that the SSL certificate is valid.

Configuring SSL for Apps

As our App domain is on a different domain to our SharePoint domain, we should create a different SSL certificate for it.

  • Ensure you are on the SharePoint box with a Domain Admin Account. (cfcode2016\Administrator)
  • We have already configured the Certificate Authority earlier on the Domain Controller. Here we are going to request the certificate using Internet Information Services on the SharePoint Server. From the Start Menu, type IIS and open Internet Information Services (IIS) Manager
  • Once IIS opens, click on the Server Name. (CFSP2016) You will be prompted with a dialog asking to get started with Microsoft Web Platform, click do not show this message and then click No.
  • From the IIS section, double click Server Certificates

  • From the right hand side of the screen, click Create Domain Certificate

  • Complete the form for the Domain Certificate as follows (Change to match your environment if not following exactly along)
    • Common Name : *.cfapps.com
    • Organisation: CF Code
    • Organizational Unit: Computers
    • City/Locality: London
    • State/Province: London
    • Country/Region: GB


  • Click Next
  • On the Online Certification Authority enter the common name you gave your Authority Name\Server Name. (For example mine is MY-CA\CFAD.cfcode2016.com), You can also use the select button if you have configured everything correctly. You can put anything in the friendly name box, ensure it is different from your other certificate friendly name, and easy identifiable as the Apps certificate. Click Finish.

  • You should now see the certificate in the Server certificates window.

  • If there were other servers in your farm, you would need to export the .pfx file so that it can be imported into the other servers.

Configure SharePoint for Apps

We need to configure our SharePoint and IIS to use a different certificate for Apps, and also our Web Application needs to know to use our App Domain.

  1. Sign back into the SharePoint machine as SP_Setup.
  2. Run as administrator, SharePoint 2016 Management Shell

  3. Run the following PowerShell Script

    New-SPWebApplicationAppDomain -AppDomain "cfapps.com" -WebApplication "https://intranet.cfcode2016.com&quot; -Zone Default -Port 11111 -SecureSocketsLayer
    view raw CreateAppWebDomain.ps1 hosted with ❤ by GitHub
  4. Next we need run the following command:
    $contentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
    $contentService.SupportMultipleAppDomains = $true
    $contentService.Update();
    IIsreset
    view raw AppMultiDomains.ps1 hosted with ❤ by GitHub
  5. In Start type IIS and open IIS Manager
  • Navigate to SharePoint HNSC Web Application and then on the right hand panel, click Bindings…
  • On the Bindings dialog, select the one without the Host Name on Port 11111 and click Edit
  • Change the Port to 443, and select the SSL Certificate as your App Certificate.
  • Click OK.


Add Apps to your Intranet Zone.

To prevent getting prompted for your login, configure the intranet zone in IE.

  • Open up Internet explorer
  • Click on the cog symbol, and select Intranet Options
  • Select the Security tab, and then click on Local Intranet. Then click on the Sites button.
  • On the Local intranet dialog, click the Advanced button.
  • Type *.cfapps.com and click Add. (You might need to untick Require server verification (https) for all sites in this zone )
  • Then click Close, OK, and OK

Checking that Apps are new set up for your farm

  1. Open up your intranet site https://intranet.cfcode2016.com
  2. At the top right of the screen click the cog icon.
  3. From the drop down, click Add an app
  4. On the App page, in the quick launch menu area, click on SharePoint Store
  5. If you have connected up correctly you will now see Apps that you can download from the SharePoint store.
  6. Pick a free one to install. I’m selecting Bright Banner. (Have no idea if it’s any good, so not endorsing, just using for testing purposes)
  7. Click Add it.
  8. Confirm that you wish to add the app. Click Continue
  9. A page will state that you have just go this app for everyone in your organization. Click Return to Site
  10. A prompt will appear, asking if you trust the application. Click Trust It.
  11. After a moment you will be returned to your Site Contents. You will also note that your app that you downloaded is currently being added to your site. Once complete the adding text will disappear.

  12. Click on the App. It will load. Take note of the URL. It is being called from the domain you created earlier cfapps.com. Congratulations you have got Apps working!

So glad I finally got Apps certificates to work. Took me a couple of attempts. Thank you to Anupam Shrivastava and his blog post http://akforsharepoint.blogspot.co.uk/2015/05/sharepoint-hosted-apps-in-aam-or-host.html for helping finally cracking it.

I recommend shutting down and taking checkpoints again.

Building SharePoint 2016 development environment – Part 11 – Configuring Services

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

In this blog I will talk about setting up your environment, by setting up the services. I will be doing majority of this using PowerShell scripts. The scripts will be within this post, but at the end there is a link to my one drive that will contain the PowerShell scripts.

Setting up Services

At the end of the last blog post we Installed SharePoint 2016, however we told the wizard that we would configure the services ourselves. These steps will configure the following services:

  • Managed Metadata Service
  • Word Automation Service
  • BDC
  • Secure Store
  • Usage and Health Data Collection Service
  • Create Machine Translation Service

We are doing this as a script so that Application and Database names are friendly names instead of GUIDs. Before you run the script, on your SharePoint machine, please make sure there is a folder at D:\SPLogs\ULS. This is the folder required for Usage and Health Data Collection Service.

When you run the script there will be a prompt for the SP_Services password. Pa55w0rd. Lastly ensure that your PowerShell window is running in Administrator mode. (CreateSPServices.ps1)

if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null)
{
#Add SharePoint PowerShell Commands
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}
#Variables
$DatabaseServerName = "SQL2016"
$AppPoolName = "Default SharePoint Service App Pool"
$AppPoolUserName = "CFCODE2016\SP_Services"
$MetaDataName = "Manage Metadata Service"
$MetaDataDBName = "SP_MetadataDB"
$WordASName = "Word Automation Service Application"
$WordAutomationDatabaseName = "SP_WordAutoDB"
$BDCServiceName = “Business Data Connection Service Application”
$BDCDB = “SP_BusinessDataConnectionDB“
$SecureStoreName = “Secure Store Service Application”
$SecureStoreProxyName =“Secure Store Service Application Proxy”
$SecureStoreDB = “SP_SecureStoreDB”
$usageName = “Usage and Health Data Collection Service”
$usageServiceDB = “SP_Usage_HealthDB”
$usageLogLocationOnDisk = “D:\SPLogs\ULS\”
$stateName = “State Service”
$stateServiceDB = “SP_StateServiceDB”
$MTSInst = “Machine Translation Service”
$MTSName = “Translation Service”
$MTSDB = “SP_MachineTranslationDB”
#Script
#Check if Service account exist and Create.
Write-Host "Getting Service Account / Creating Service Account"
$SAAppPool = Get-SPServiceApplicationPool -Identity $AppPoolName -EA 0
if($SAAppPool -eq $null)
{
#Get App Pool account
$AppPoolAccount = Get-SPManagedAccount -Identity $AppPoolUserName -ErrorAction Continue
if($AppPoolAccount -eq $null)
{
$AppPoolCred = Get-Credential $AppPoolUserName
$AppPoolAccount = New-SPManagedAccount -Credential $AppPoolCred -ErrorAction Continue
}
$AppPoolAccount = Get-SPManagedAccount -Identity $AppPoolUserName -EA 0
if($AppPoolAccount -eq $null)
{
Write-Host “Cannot create or find the managed account $appPoolUserName, please ensure the account exists.”
Exit -1
}
New-SPServiceApplicationPool -Name $AppPoolName -Account $AppPoolAccount -ErrorAction Continue > $null
}
#Create Manage Metadata Service
Write-host "Creating Manage Metadata Service"
$mmsApp = New-SPMetadataServiceApplication -Name $MetaDataName –ApplicationPool $AppPoolName -DatabaseServer $DatabaseServerName -DatabaseName $MetaDataDBName > $null
New-SPMetadataServiceApplicationProxy -Name “$MetaDataName Proxy” -DefaultProxyGroup -ServiceApplication $MetaDataName > $null
#Start MMS
Get-SPServiceInstance | where-object {$_.TypeName -eq “Managed Metadata Web Service”} | Start-SPServiceInstance > $null
#Word Automation Service
Write-Host "Create Word Automation Service"
Get-SPServiceApplicationPool –Identity $AppPoolName | New-SPWordConversionServiceApplication -Name $WordASName -DatabaseName $WordAutomationDatabaseName
#BDC
write-Host "Create BDC"
New-SPBusinessDataCatalogServiceApplication –ApplicationPool $AppPoolName –DatabaseName $BDCDB –DatabaseServer $DatabaseServerName –Name $BDCServiceName
#Secure Store and Proxy
write-Host "Create Store and Proxy"
$SecureStoreServiceApp = New-SPSecureStoreServiceApplication –ApplicationPool $AppPoolName –AuditingEnabled:$false –DatabaseServer $DatabaseServerName –DatabaseName $SecureStoreDB –Name $SecureStoreName
New-SPSecureStoreServiceApplicationProxy –Name $SecureStoreProxyName –ServiceApplication $SecureStoreServiceApp -DefaultProxyGroup
#Usage and HEalth Data Collection service
## Begin Variables for usage and health data collection and state service, make sure the C:\Logs\ULS location exists first ##
write-host "Create Usage and Health"
#Change location
Set-SPUsageService -LoggingEnabled 1 -UsageLogLocation $usageLogLocationOnDisk -UsageLogMaxSpaceGB 2
$serviceInstance = Get-SPUsageService
New-SPUsageApplication -Name $usageName -DatabaseServer $DatabaseServerName -DatabaseName $usageServiceDB -UsageService $serviceInstance > $null
$stateServiceDatabase = New-SPStateServiceDatabase -Name $stateServiceDB
$stateSA = New-SPStateServiceApplication -Name $stateName -Database $stateServiceDatabase
New-SPStateServiceApplicationProxy -ServiceApplication $stateSA -Name “$stateName Proxy” -DefaultProxyGroup
$sap = Get-SPServiceApplicationProxy | where-object {$_.TypeName -eq “Usage and Health Data Collection Proxy”}
$sap.Provision()
#ChangeLocation and create new files.
Set-SPDiagnosticConfig -LogLocation $usageLogLocationOnDisk
New-SPLogFile
New-SPUsageLogFile
#Machine Translation Service + Proxy
write-host "Create Machine Translation Service and Proxy"
$AppPool = Get-SPServiceApplicationPool $AppPoolName
Get-SPServiceInstance | ? {$_.GetType().Name -eq $MTSInst} | Start-SPServiceInstance
$MTS = New-SPTranslationServiceApplication -Name $MTSName -ApplicationPool $AppPool -DatabaseName $MTSDB
$MTSProxy = New-SPTranslationServiceApplicationProxy –Name “$MTSName Proxy” –ServiceApplication $MTS –DefaultProxyGroup
write-host "DONE"
view raw CreateSPServices.ps1 hosted with ❤ by GitHub

Once this code is done, if you head to Central Administration > Application Management then under Service Applications click Manage Service Applications you will see all your new services created.

Also now note, if you open explorer and navigate to D\:SPLogs\ULS you will see your SharePoint logs being displayed there instead of the default location of c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\Logs


Configuring Created Services – Secure Store Service Application

Now we have created the services, they all should be working apart from the Secure Store. It requires a little configuration before it can be used.

  1. Open SharePoint 2016 Central Administration (run
    as administrator) and navigate to Application Management > Manage service applications (Under Service Applications)
  2. Click on Secure Store Service Application. You will see an error message saying you must generate a new key for this Secure Store Service Application. Click on Generate New Key in the ribbon.
  3. On the dialog that appears, put in a Pass Phrase and Confirm Pass Phase. I’m using Pa55w0rd. Click OK.

Creating a Search Service Application

This could also be configured using a PowerShell script, but at times I prefer to do point and click.

  • Open the Manage Service Applications screen again.
  • From the ribbon, click on New and select Search Service Application.
  • This will show you a dialog called Create New Search Service Application. Enter the following information:
    • Service Application Name: Search Service Application
    • Search Service Application Type: Leave unticked. (Out of scope of this blog post for hybrid)
    • Search Service Account: Click on Register new managed account.
      • Service Account UserName : CFCODE2016\SP_Search
      • Service Account Password: Pa55w0rd
      • Click OK.
    • Search Service Account: CFCODE2016\SP_Search
    • Application Pool for Search Admin Web Service: Use existing application pool – Default SharePoint Service App Pool
    • Application Pool for Search Query: Use existing application pool – Default SharePoint Service App Pool
  • Click OK
  • You get messages displayed to you as the service is created.
  • You will get a success message when completed.

We will configure it further in a later blog post where we create the Enterprise Search center. You might want to shut down your machines and take a checkpoint before continuing.

Onedrive link to PowerShell scripts

Building SharePoint 2016 development environment – Part 10 – Configuring Central Administration for SSL

Posted on by

A few years ago I wrote “Build You SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

At this point Central Administration is still running on non-secure HTTP. Let’s make central admin accessible from a vanity URL over SSL.

  • Ensure you are on the SharePoint box with a Domain Admin Account. (cfcode2016\Administrator)
  • We have already configured the Certificate Authority earlier on the Domain Controller. Here we are going to request the certificate using Internet Information Services on the SharePoint Server. From the Start Menu, type IIS and open Internet Information Services (IIS) Manager
  • Once IIS opens, click on the Server Name. (CFSP2016) You will be prompted with a dialog asking to get started with Microsoft Web Platform, click do not show this message and then click No.
  • From the IIS section, double click Server Certificates

  • From the right hand side of the screen, click Create Domain Certificate

  • Complete the form for the Domain Certificate as follows (Change to match your environment if not following exactly along)
    • Common Name : *.cfcode2016.com
    • Organisation: CFCode
    • Organizational Unit: Computers
    • City/Locality: London
    • State/Province: London
    • Country/Region: GB


  • Click Next
  • On the Online Certification Authority enter the common name you gave your Authority Name\Server Name. (For example mine is MY-CA\CFAD.cfcode2016.com), You can also use the select button if you have configured everything correctly. You can put anything in the friendly name box. Click Finish.

  • You should now see the certificate in the Server certificates window.

  • If there were other servers in your farm, you would need to export the .pfx file so that it can be imported into the other servers.

Set Central Admin to Run on SSL with Vanity URL

  • Log into your domain controller. In Start type DNS and open the DNS Manager.
  • In the left hand pane, expand Forward Lookup Zones and click on cfcode2016.com
  • Right click on cfcode2016.com and select New Host (A or AAAA)…
  • Put in the name you wish to call your Central Administration as an Alias. For example CAdmin, put the IP address point to the SharePoint Server. 192.168.137.200. Click Add Host

  • Log back into the SharePoint server as the SP_Setup account. In Start type IIS and open IIS Manager
  • Navigate to SharePoint Central Administration v4 and then on the right hand panel, click Bindings…
  • On the Bindings dialog, click Add…
  • In the Add Site Binding page, select https from the Type dropdown, leave the IP address as All Unassigned, the Port should say 443. Enter the Host name as cadmin.cfcode2016.com (or whatever your alias is), tick Require Server Name Indication,
    then select your certificate you created earlier. Click OK
  • From the Start Menu
    open SharePoint 2016 Central Administration, this ensures it runs as Administrator.
  • Click Application Management, then under Web applications,
    click Configure alternative mappings.
  • Take note of the internal URL shown in the default zone for central admin. Click the internal URL for http://cfsp2016:2016 so that you can edit it. Change the URL protocol, host and port to https://cadmin.cfcode2016.com
  • Click OK.
  • Back on the Alternate Access Mapping Screen, click Add Internal URLs and add a new Internal URL for each of the following listed below. Screenshot below

  • Open the SharePoint Management Shell
    run as administrator. Type the following and run. Press A when prompted.

    Set-SPCentralAdministration -SecureSocketsLayer -Port 443

Add Central Administration to your Intranet Zone.

To prevent getting prompted for your login, configure the intranet zone in IE.

  • Open up Internet explorer
  • Click on the cog symbol, and select Intranet Options
  • Select the Security tab, and then click on Local Intranet. Then click on the Sites button.
  • On the Local intranet dialog, click the Advanced button.
  • Add your Central Administration to the Local Intranet Zone. (e.g., https://cadmin.cfcode2016.com)
  • Close Central Administration and then re-open it from the Start Menu SharePoint 2016 Central Administration.
  • Say Yes to any warnings if the site already exists in Trusted sites zone.
  • While here also add *.cfcode2016.com and https://cfsp2016:2016.
  • Tick Require server verification (https:) for all sites in this zone.
  • Then click Close, OK, and OK

Now if you go to Start Menu and open SharePoint 2016 Central Administration, it will open using the https://cadmin.cfcode2016.com URL and the certificate will be valid.

Next step will be getting the bulk of SharePoint working. This will be creating sites, getting services up and running, and ensure you can do SharePoint app development. Recommend shutting down and taking checkpoints again. (Don’t worry when you are happy with your build, you can go back and delete all the checkpoints.)

Building SharePoint 2016 development environment – Part 9 – Installing SharePoint 2016

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Giving SP_Setup Account administrative privilege on your SQL/SharePoint Virtual Machine

Before we can start installing SharePoint 2016, we want to install it using a Setup account. In Part 6 we created the SP_Setup account, now we need to add this to the administrators group of the local machine.

  1. On the start menu, type Edit local users and groups and select the application

In the left hand pane, click Groups. Then double click Administrators group to open it up.

  1. Click on Add… and enter SP_Setup. Click on OK, and then OK again to close the Administrators property box.
  2. Sign out of the SQL/SharePoint Virtual Machine as Adminstrator, and sign back in as SP_Setup

Insert SharePoint Server 2016 disk

  1. From the Hyper V Manager on your host machine, right click and select Settings…
  2. Under the DVD Drive, change the image file from SQL 2016 to SharePoint 2016. Click OK.

Install SharePoint 2016 prerequisites.

  1. Go back within the Virtual Machine, and double click the D drive, or run splash.hta
  2. Click the Install Software Prerequisites link.
  3. In the Microsoft SharePoint 2016 Products Preparation Tool dialog, click Next
  4. Accept the License Terms. Click Next.
  5. The prerequisites for SharePoint 2016 will be installed and set up. When it has completed, will be asked to reboot. Click Finish
  6. After a reboot and logged back in as SP_Setup, the installer continued. The prerequisites finally completed. Click Finish

Installing SharePoint 2016

  1. Double click the D drive, or run splash.hta
  2. Click Install SharePoint Server
  3. When prompted Enter your Product key. Click Continue.
  4. Tick I accept the terms of this agreement. Click Continue.
  5. Accept the default file location (Unless you have a reason not to). Click Install Now.
  6. When it has finished. Run the configuration wizard by clicking Close.
  7. On the Welcome to SharePoint Products click Next >
  8. Accept the dialog warning that services may have to be started or reset during configuration. Click Yes.
  9. On Connect to a server farm, select Create a new server farm. Click Next >
  10. On the Specify Configuration Database settings
    1. Database Server: SQL2016
    2. Database Name: SharePoint_Config
    3. UserName: cfcode2016\SP_Farm
    4. Password: Pa55w0rd
      Click Next >
  11. On Specify Farm Security Settings put the Passphrase as Pa55w0rd. Click Next >
  12. On Specify Server Role as this is a development environment, select Single Server Farm. Then click Next >
  13. On Configure SharePoint Central Administration Web Application tick Specify port number. Type in the number 2016. Select NTLM for security settings. Click Next >.
  14. On the final page Completing the SharePoint Products Configuration Wizard it will display a summary of what you have selected. Click Next >
  15. When the installer has finished, you will be presented with Configuration Successful. Click Finish. Internet explorer will open Central Administration allowing you to complete the installation. Click Cancel to Configure your SharePoint Farm. There is no need to run the wizard and better doing each service separately as you need it.

Next post will show you how to configure Central Administration for SSL. Again, now is a good place to shut down machines take checkpoints before continuing.

Building SharePoint 2016 development environment – Part 8 – Installing SQL 2016 ready for SharePoint 2016.

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Setting up directories for SQL.

We are going to set up following directories on the d: drive.

  • Bring up Explorer by click on Windows Key + E
  • Double click on the D drive.
  • Create the following directories.
    • D:\SQL
    • D:\SQL\Data
    • D:\SQL\Logs
    • D:\SQL\Temp\Data
    • D:\SQL\Temp\Logs
    • D:\SQL\Backup

Installing SQL Server 2016 Standard Edition 64 bit

From the part 5 of these blogs we have already inserted the ISO file into the virtual machine. By opening Explorer inside the virtual machine, you should see DVD Drive with the SQL disk inserted.

  • Double click on the DVD drive, or run Setup.exe
  • The SQL Server Installation Center will open up. On the left hand side, click Installation.
  • Click on New SQL Server stand-alone installation or add features to an existing installation
  • The product key should already be entered, click Next, accept the License Terms. Click Next.
  • Tick Use Microsoft Update to check for updates (Recommended). Click Next.
  • Setup install rules will identify any problems that might occur when installing SQL Server Setup support files. They should all passes. (Ignore warnings) Click Next.
  • On the Feature Selection Page. Select Database Engine Services, Full-Text and Semantic Extractions for Search. Click Next.
  • On the Installation Rules page click Next.
  • On the Instance Configuration page click Next.
  • On the Server Configuration page, change the SQL Server Agent Start Up Type to Automatic. Also change the SQL Server Database Engine to use your SP_SQL account, and enter the password. Pa55w0rd
  • Click Next
  • On the Database Engine Configuration page, select Mixed Mode and enter the password and confirm password as Pa55w0rd. And Click Add Current User.
  • On the Data Directories tab, change the location of the directories.
    • Data Root Directory – d:\SQL
    • User Database Directory – d:\SQL\Data
    • User Database Log Directory – d:\SQL\Logs
    • Backup Direcotory – d:\SQL\BackUp
  • On the TempDB tab
    • Data Directories – d:\SQL\Temp\Data
    • Log Directory – d:\Sql\Temp\Logs
  • On the FILESTREAM tab, tick Enable FileStream for Transact-SQL access and Enable FILESTREAM for file I/O access. Click Next.
  • On the Ready to Install page, click Install
  • After installation your SQL Server 2016 is installed. You may be asked to reboot.

Installing SQL Server Management Tools

It seems that SQL 2016 have now separated out the SQL Server and SQL Server Management Tools. So this is an additional step to carry out.

  1. Back on the SQL Server Installation Center (run setup.exe from DVD drive if not showing), click on Install SQL Server Management Tools
  2. This takes you off to a website address https://msdn.microsoft.com/en-us/library/mt238290.aspx to download the SQL Server Management Studio (SSMS) seperately.
  3. Click the download link, and run it. (Or Save and run it afterwards) Over 800MB in size.
  4. Click Install.
  5. Once installed, you will get a success message. Close this screen.

Configuring SQL Server 2016

  1. From the start screen type SQL Server Configuration Manager and select the application.
  2. Click to expand SQL Server Network Configuration (not the 32 bit), and choose Protocols for MSSSQLServer, and ensure TCP/IP and Named Pipes are enabled. To enable them right click them and select Enable. Click OK at the warning.
  3. Close the SQL Server Configuration Manager.

Apply the DisableLoopbackCheck Registry Fix

  1. Click the Windows PowerShell icon in the Taskbar.
  2. Run the following PowerShell commands, pressing [Enter] after each one:
    $regKeyPath = "HKLM:\System\CurrentControlSet\Control\Lsa"
    $key = "DisableLoopbackCheck"
    New-ItemProperty –Path $regKeyPath –Name $key –Value "1" –PropertyType dword
    view raw DisableLoopBackCheck.ps1 hosted with ❤ by GitHub

Giving SP_Setup account access

Note: If you continue without doing the DisableLoopback Check registry you will get an error message saying “Login Failed. The login is from an untrusted domain and connot be used with Windows authentication”

  1. From the start screen type SQL Server 2016 Management Studio and open the application.
  2. Change the server name to SQL2016 (we set a host name in an earlier post)
    and logon as Windows authentication.
  3. Expand Security from the object explorer and right click Logins and select New Login…
  4. Next to the Login Name click Search
  5. Ensure the Location is set for Entire Directory, and then type SP_Setup and click Check Names.
  6. Click OK.
  7. On the left hand panel, select the Server Roles page, and tick dbcreator, securityadmin and sysadmin. Then click OK.

Now we can think about Installing SharePoint 2016.

Now is another good time to shut down both Domain Controller, and the SharePoint machine and take a checkpoint/snapshot before continuing.

Building SharePoint 2016 development environment – Part 7 – Adding AD accounts.

Posted on by

A few years ago I wrote “Build your SharePoint 2013 development machine on Windows Server 2012” series, I mainly work in the cloud now, but as the blogs was so popular, I thought I would create a new series for the newer version of SharePoint.

You can access other parts of this post below.

Creating the Accounts required

Please note that the following setup is just for a simple development environment. You should read the Microsoft SharePoint Server 2016 Prepare for Installation section.

First we need to create 9 different accounts.

SP_Farm – SharePoint Farm account

SP_Setup – SharePoint Setup Account

SP_Content – SharePoint Content account for the Content Databases

SP_Services – SharePoint account for the Shared Services within SharePoint

SP_SQL – The account to run SQL with.

SP_Search – The account used for SharePoint Search Crawler

SP_UserProfile – The account used for User Profile service

SP_SuperUser – SharePoint publishing infrastructure super user account

SP_SuperReader -SharePoint publishing infrastructure super reader account

  1. Log into the Domain Controller.
  2. In the Start Menu, type Active Directory Users and Computers. Select the application.
  3. Expand the tree in the left hand pane to see the Managed Service Accounts OU. Select the Managed Service Accounts OU.
  4. Right click on Managed Service Accounts and select New > User. Create a new user called SP_Farm. Set the Full Name and Log on name to SP_Farm. Click Next.
  5. In the password dialog screen, enter the following and click Next.
    1. Password and Confirm Password: Pa55w0rd
    2. Untick User must change password at next logon.
    3. Leave User cannot change password as unticked.
    4. Tick Password never expires
    5. Leave Account is disabled as unticked
    6. Click Next. Then Finish

Repeat the steps 1-4 for the remaining accounts (SP_Setup,
SP_Content, SP_Services, SP_SQL, SP_Search, SP_UserProfile, SP_SuperUser, SP_SuperReader, and SP_Unattended)

You could add any users here, but when creating their accounts, add them to User OU not the Managed Service Accounts

Setting up Host names (SQL2016, Intranet, Dev, HNSC, my)

  1. On your Domain controller, in the start menu, type DNS. Open the application to the DNS Manager
  2. Expand the forward lookup zones contained in the left panel.
  3. Right click on the zone cfcode2016.com and click on a New Host
    (A or AAAA)
  4. Type in the name of the record. In this case we are going to name our SQL Server SQL2016. Set the IP address as the IP address where we are installing SQL. This was configured in our previous post as 192.168.137.200. Click on Add Host.
  5. You will then get a verification dialog, and after click OK. You will see the record has been created in the right pane of the DNS manager.
  6. To Check that this is all working, open a command prompt, and type
    ipconfig -flushdns
    Then type
    ping SQL2016


    Note: If it’s unable to ping, you might have the firewall switched on for domains on your VM’s. You can turn this off. (Remember this is development machine only)

    Repeat the above steps 1-6 for Dev and Intranet, HNSC and my