iis & sharepoint

80
> Microsoft SharePoint is a web application framework and business collaboration platform developed by Microsoft for the enterprise and the web. > First launched in 2001, SharePoint integrates intranet, content management and document management, but recent versions have broader capabilities. > Platform - ASP. Net > Type of web sites we can built: Intranet, Internet and Extranet > Framework SP 2010 - Max supports .Net Framework 3.5 with SP1 (Even though you have 4.0) > Authentication Claims based Claims-based identity can greatly simplify the authentication process for the user because he or she doesn't have to sign in multiple times to multiple applications. A single sign in creates the token which is then used to authenticate against multiple applications, or web sites. Name & Value Pairs. Supports -> Microsoft SharePoint 2010 and 2013, ADFS (Active Directory Federation Services 1.0 & 2.0) Classic based

Upload: satya-angada

Post on 01-Sep-2015

256 views

Category:

Documents


1 download

DESCRIPTION

IIS

TRANSCRIPT

PowerPoint Presentation

> Microsoft SharePoint is a web application framework and business collaboration platform developed by Microsoft for the enterprise and the web.> First launched in 2001, SharePoint integrates intranet, content management and document management, but recent versions have broader capabilities.> Platform - ASP. Net> Type of web sites we can built: Intranet, Internet and Extranet> Framework SP 2010 - Max supports .Net Framework 3.5 with SP1 (Even though you have 4.0)> Authentication Claims based Claims-based identity can greatly simplify the authentication process for the user because he or she doesn't have to sign in multiple times to multiple applications. A single sign in creates the token which is then used to authenticate against multiple applications, or web sites. Name & Value Pairs.Supports -> Microsoft SharePoint 2010 and 2013, ADFS (Active Directory Federation Services 1.0 & 2.0)Classic based NTLM (Network LAN Manager - Suite of Microsoft Security protocols that provides authentication, Integrity and Confidentiality to users.Kerberos - Computer network authentication protocol which works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.Form based AuthenticationIIS 7.0Web Browserweb browser is a http clientweb browser - Initiate http and consume http response in the form of HTMLWeb SiteCollection of resources - web pages, css, multimedia files which access through Web pages (ex: sample.aspx)Physical directory - Inetpub> wwwroot > WSS > virtual directoriesDefault web site - bindingsIP Address & Port No Web ServerDNS - Domain Name Server > Return IP address IIS - Web server (Microsoft), Tomcat, Apache- Host web site- Web server is an application hosted on an high configuration machinehttp protocol - received by web server ->http response. Web Application Multiple Web applications under one Web Site.

Multiple Websites on Port 80 -> c:\windows\system32\drivers\etc\hosts(local DNS) > IP Address & Port Nowhat is Application pool -> Which serves the URL -> Worker Process - w3wp.exeAppDomain -> Virtual boundary with in the process thread for particular web applicationThread - light weight processISAPI Filter (Internet server application programming interface)Web Farm Collection of ServersWeb Garden Single Server represent in various server rolesHTTPS and SSL (Secure Socket Layer)Trusted Authority -> Verisign, Windows certificate authority, Public Key + Private Key Control panel> add remove programs> windows components > select certificatesPublic key + all data > encrypted > through socket on the network layer > through socket on the server > packet Encoded > decrypted using private key> SharePointHardware requirements -> Windows server 2008 R2, 8 GB RAM, 80 GB HDD, SQL Server 2008 R2 64 bitFully Functional Supported browsers -> IE Explorer 7 32-bit and IE Explorer 8 32-bitSharePoint Server Type -> Complete, Standalone Planning -> Type of installation -> Standalone (Web Garden), Simple Shared Farm, Medium Shared Farm, Large Shared FarmSoftware's to be installed -> Windows server 2008 R2, Active Directory Domain Services, Internet Information Services, Application Server, SQL Server 2008 R2 (64 bit), SharePoint Server 2010, SharePoint Designer 2010, Search server 2010 Express, MS-Office 2010, InfoPath 2010, Visual Studio 2010, Visual studio extensions for SharePoint 2010 (Programming).Central administration site Admin SiteManaged accounts (New Concept in SP 2010)

Type Of InstallationMaximum User Base SupportedDetailsStand Alone Installation(Web Garden)10001 Server act as a Application ServerWFE ServerCentral Admin ServerIndex ServerDatabase ServerServer Farm10,0001 WFE Server1 Application Server1 Database ServerServer Farm5,00,0002 WFE Severs2 Application Servers1 Database ServerServer Farm10,00,0004 WFE Servers4 Application Servers (1 Central Admin Server, 1 Index Server, 1 Search Server, 1 Web Service)1 Database Server> Windows Server 2008 R2> Adding Server Roles and RolesServices- Application Server - Web ServerOn the Initial configuration task windows, click "Add Roles"The "Add Roles" Wizard is opening.Check the check box for Application Server.The wizard opens a modal dialog for the Required Features

Just click the "Add Required Features" button.You are taken to and intermediate dialog. Click "Next" to go to the "Role Services" dialogs.Click "Next"

On the "Role Services" dialog, select the followings :.Net Framework 3.5.1Web Server (IIS) SupportTCP Port SharingHTTP ActivationTCP ActivationNamed Pipes ActivationThen Click "Next"You are taken to an the intermediate page for the Web Server (IIS) Role

Click "Next"The Select Role Services for Web Server (IIS) Role is displaying, but just let the default options.

Click "Next" to access the confirmation dialog

Then click "Install" and the Roles and Features are being installed

Check the "Installation Result" dialog and close it.

Check the "Installation Result" dialog and close it.

Adding Desktop Experience FeatureIt would be interesting for a development machine to be able to use the Windows Photo Viewer in order to check some screenshots taken during configuration phases, or when wanting to report an issue. To be able to use this feature of Windows server 2008 R2 you have to activate the Desktop Experience feature.

Go back to the "Initial Configuration tasks" window and click "Add feature", then locate "Desktop Experience" check box and check it.

> Downloading and installing SQL Server 2008 SP1First, we have to update the previously installed SQL Server with the SP1 Do not forget to choose the x64 package

Here is the package after the download

and the first installation screenshot

> Downloading and installing Cumulative update package 2 for SQL Server 2008 Service Pack 1

Follow the registration process. You will be provided an auto extractable package that needs a password and the appropriate password. Here is the screenshot after all the process

Here is the screenshot after the download.

the first screenshot

Microsoft SharePoint Server 2010 InstallationInstalling the SharePoint PrerequisitesDouble click the installation package to launch the installation of Microsoft SharePoint Server 2010

The SharePoint 2010 installation Wizard is openedClick the "Install Software Prerequisites" in order to update and complete in Windows server 2008 R2. The Microsoft SharePoint Product and technologies 2010 Preparation Tool is opening

Accept the licence agreement

The prerequisites are being installed

You should obtain this screen if you followed the operations previously described in this post.

Installing the SharePoint FilesBack to the SharePoint 2010 Installation wizard, click the "Install SharePoint Server" link. The launched wizard requires the product key.

Then, accept the terms of the licence agreement.

Choose the complete installation/ Stand-alone ???

While SharePoint is being installed, notice that a 14 repository is now created where we had the 12 for the 2007 version.

The wpressources repository is created beside the 14.

When the installation of the SharePoint files is finished you are asked to continue with the SharePoint Products Configuration Wizard.

Do not continue with the Wizard but cancel it otherwise you will have an issue due to the current installation described in this post.In the SharePoint 2010 version, you are not allowed as before to mount a Farm installation on a single machine using local accounts. If you had continued with the wizard you would have been stopped in the configuration by the following issue:

the specified user Administrator is a local account. Local accounts should only be used in stand alone mode

Basic Installation AccountsRequired AccountExampleSQL Server Service AccountsqlSvcAccSharePoint Setup AdministratorspAdminSharePoint Farm AccountSPS_FARM (Farm Administrator Account)It is strongly recommended to create domain accounts and use them as service accounts. You need to create at least the following accounts in Active Directory:SQL Server service accountYou dont need to assign permissions since they are assigned during installation of SQL Server 2008 R2.The SQL Server service account is used to run SQL Server and should be a domain account.Setup administratorYou need to manually assign permissions.The setup administrator is used to install SharePoint 2010.The SharePoint 2010 setup administrator has to be a member of the administrators group on every server SharePoint should be installed.Farm accountYou dont need to assign permissions since they are automatically assigned by the SharePoint 2010 setup administratorThe farm account is used for the following things:"Configure and manage the Entire SharePoint server farm.""Act as the application pool identity for the SharePoint Central Administration Web site.""Run the Microsoft SharePoint Foundation Workflow Timer Service."

The SharePoint 2010 setup administrator needs to have the securityadmin and dbcreator role. The sysadmin role is assigned if you decide during SQL Server 2008 installation that your SharePoint 2010 setup administrator should be the SQL admin.Creating several service accountsThis is for the process of the IIS Application Pool of the central administration. Assume we call it SPS_Farm

This will be used for the process of the IIS Application Pool ofthe first Web Application if it is isolated in its own Application Pool. Assume we call the first Web Application WebApp-80 because it will use the 80 port, let us call this account SPS_WebApp-80. So let us create these two accounts and configuring them in order password never expires.

Using SharePoint 2010 Management Shell to create the SharePoint 2010Configuration databases

Type the following command New-SPConfigurationDatabaserunthe command by pressing the Carriage Return Key

The Shell willl ask you for:The database name --> choose any name, for example SharePoint_ConfigThe database Server name --> type the name of your Virtual Machine in my case VMDEV-012

You will be then prompt for the system account credential. It is now the time to pass the credential of the SPS_FARM service account. Don't forget the machine (domain) name otherwise you will get an exception of the SharePoint shell.

Then you are asked for a passphrase. You can use P@ssw0rd that matches the security policies required.(This passphrase will be asked when you will add a new server to the SharePoint Farm)

At this step of the installation you can check that two operations has been performed behind the scene.

Two databases has been created in the database server referenced in the shell window.

web services has been created in IIS with 3 distinct application pools for each. That is a new feature of SharePoint 2010.

Running the SharePoint Products Configuration WizardThis time you can open the SharePoint Products Configuration Wizard.

Let the option "Do not disconnect from this server farm" checked.

Then you will be prompted to chose the Central Administration Site port number. I personally always use 55555 for the configuration of all my development environments in order to type the same Url on all my Virtual Machines. Let the default NTLM value for the "Authentication provider", Kerberos requires network configuration we cannot perform in the current environment anyway.

The wizard, then, summarize your choices.

Then the 9 main configuration operations are performed.

Finally, the "configuration Successful" dialog summarizes your configuration again and informs you that the central Administration of SharePoint 2010 will be launched when you close it. When you click "Finish" to close the wizard, the Central Administration Site is opening, and you are prompted for credentials

Then you are asked to sign up to User Experience Improvement Program.

Another page let you choose between configuring your farm yourself or by using a wizard. ????

When this choice is made, you display for the first time the brand new Welcome Page of SharePoint 2010 Central Administration.

As there is sometimes concern with the SharePoint Services installation with Windows 2008 Server R2, you should check that the services installation has completed successfully. On SharePoint 2010 Central Administration Home Page under the System Settings section click Manage services on server.

You should see this screen that confirms that SharePoint Services installation has completed successfully.

Creating a managed local account for SharePoint 2010Now we have to perform operations in order the previously created local account SPS_WebApp-80 be referenced as a managed account by SharePoint 2010. So reopen the SharePoint 2010 shell windows and type the following:

$myWebAppServiceAccount = Get-Credential VMDEV-012\SPS_WebApp-80You will be prompt for this account credentials:

Then, type the following

New-SPManagedAccount -Credential $myWebAppServiceAccountThe SharePoint 2010 Managemant Shell warns you that the managed account should be use in stand alone environement since it is a local account.

> Creating your first Web Application for SharePoint 2010On the default page of the SharePoint 2010 Central Administration, click the "Manage Web Application" link in the "Application Management" section

I have personally chosen to create it on the default IIS web site, and as a personal usage named it "Web App - 80"let the Application pool default settingsnamed the content database "WSS_Content_WebAppp-80"

You notice then that you have the previously service account available as a SharePoint 2010 managed account to be the account under the which the process of the new Application Pool will run .

and finally that the SharePoint 2010 Web Application is created. Click "OK" to close the wizard and to be taken back to the Web Application Management Pagewhere you can see the new SharePoint 2010 Web Application.

Now, if we go to check what have been done behind the scene in ISS we will notice that we can retrieve a trace for our SharePoint 2010 managed local accounts

And the same in the Services of our machine:

Last, if now you use the SPS_FARM SharePoint 2010 managed local account to sign in to the Central Administration:

You will notice that you are not connected as SPS_Farm, but as System Account.

This account is a Farm administraor account used ONLY to administrate the Farm using the Central Administration Web site. As it is not a local administrator of the server it cannot be used to run the SharePoint 2010 Configurqtion wizard, neither the obsolete stsadm or psconfig tools, nor the SharePoint 2010 management shell. And there are operations that are no more available from the central administration web site when you are logged in with this account, as "Manage Services on Server"

Creating your first Site Collection for SharePoint 2010From the Central Administration Home Page, click on "Create site collections" in order to proceed to the creation of your first SharePoint 2010 Site Collection

Then, click the "Create site collections" link under the "Site Collections" section. You are taken to the "Create Site Collection" page.I have personally chosen to create a team site called "SharePoint 2010" team site"

When launching the creation, youare prompted the changes are processed

then prompted on that the site was created successfully.When clicking on this site link, you can display your first SharePoint 2010 site.