Launched in 2001 by Microsoft, since then this platform is widely popular among organizations to increase the efficiency of their business and productive volume. As we all know the importance of communication mode in every organization and by keeping in the mind this fact, Microsoft SharePoint communicates over all barriers and spread the required information within a company.
Microsoft SharePoint is an ideal solution for companies who have multiple offices and staff members who are on the move. Using SharePoint, documents and other materials can be easily shared with both colleagues and managers. Other features include advanced document management, which allows users to virtually check out a document, modify it or just read it, then check in the document again. This allows managers/company owners to see exactly when their staff members are working and just what they are doing. When combined with a highly customizable workflow management system and group calendars, SharePoint can improve the way in which your company functions and operates.
However, many organizations are observed to be failing with SharePoint implementation. So with this article, we are trying to make it simpler for organizations in-house IT administrators to help implement SharePoint over a virtual server environment.
Here we are going to see following key points:
- Setting up the IPSEC tunnel/Firewall
- VPS server
- SQL server
- Setting up the SQL users
- Preparation of the VPS for SharePoint
- Installation of AD
- Installation of SharePoint
- SharePoint installer
- Configuration of the SharePoint server by using PowerShell
- Creation of an FTP user
- User Accounts
For this tutorial we have taken 2 high speed dedicated SharePoint SQL 2008 servers each with redundant hardware (power, raid, etc.). Each SharePoint VPS connects to the SQL server via a 128bit encrypted IPSEC tunnel (using a pre-shared key).
Our SQL servers are backed up on a daily basis to each other and in the event of failure either server can be quickly configured to replace the other, until the failed server is replaced.
The VPS runs on our Hyper-V cloud product.
Currently to make the product compatible with our current range of cloud server, the SQL data have to communicate with the servers via the internet.
In future implementations of this product we might wish to consider connecting the SQL servers to the clusters on an internal network.
This installation guide assumes that you are using a standard Hyper-V cloud VPS.
Setting up the IPSEC tunnel/Firewall
1) Login to the VPS Server (In server manager expand configuration and then windows firewall.)
2) Select Connection Security and then select New Rule. You will now be presented with a security rule wizard.
3) From this wizard select Server-to-server and click next
4) Select the bottom option “require authentication for inbound and outbound connections” and click next
5) Make sure you put the IP address of the SQL server you wish to make the tunnel to in the endpoint 2 section.
6) Select Advanced and then click Customize.
7) You should now have the Customized Advanced Authentication Methods window. From here select Add in the First authentication side.
8) Now select Pre-shared key.
9) Now you need to enter a Pre-shared key in the box provided. Make a note of this Key as you will need it when setting up the SQL server side of this connection.
Note: This key should be at least 20 characters long and be random with characters, numbers and symbols.
1) Click ok, then next, and next again.
2) Call the rule “SharePoint SQL connection – DO NOT DELETE”
3) Click finish.
1) Now log into the SQL server.
2) In server manager expand configuration and then windows firewall.
3) Select Connection Security and then select New Rule. You will now be presented with a security rule wizard.
4) From this wizard select Server-to-server and click next
5) Now put the IP address of the VPS as endpoint2
6) Select the bottom option “require authentication for inbound and outbound connections” and click next
7) Select Advanced and then click Customize.
8) You should now have the Customized Advanced Authentication Methods window. From here select Add in the First authentication side.
9) Now select Pre-shared key.
10) Now enter the same Pre-shared key you previously entered on the VPS server.
11) Click ok, then next and next again.
12) Use the customer ID, and hosting company to name this rule. (For example, bodHOST12345)
13) And click finish.
Open a command prompt and ping –t the VPS IP address.
While this ping is still running you need to go to the server manager, expand configuration and then windows firewall, then monitoring and Security Association. From here select Main Mode.
Here you should see the connection. Ensure that encryption shows AES-CBC 128.
You will also need to create a standard firewall rule that allows all traffic between the SharePoint server and the SQL server you are using.
Setting up the SQL users
1) In SQL manager go to logins and create a new login.
2) Use the customer number and company to create the user name (For example, bodHOST21365)
3) The user needs the following permissions:-
4) Please make sure you do not give any other permission to this user.
Prepare the VPS for SharePoint
1) Install Active directory using 2008 R2 Functional level. Use the Customer number and hosting company name for the domain name. (For example, bodHOST12345)
2) Create 2 new users in AD
3) Make sure the passwords are secure.
1) On the VPS download the SharePoint installation from here
3) Run the installation.
4) From the list select install software prerequisites.
5) Now follow the installation prompts accepting all the defaults.
6) When this is finished the server will need to restart.
7) When the server restarts run the Prerequisites installer again.
8) Once this completes run the install SharePoint server.
1) Run the SharePoint installer and click Install SharePoint server.
2) Now enter the Product key.
3) And click next, then tick the box and click continue.
4) Use the default install location and click install now.
5) Now install the SharePoint framework to the server.
6) Once the installation is complete un-tick the box and click close.
7) Do not run the SharePoint Configurator; configure the server manually in PowerShell.
Configure the SharePoint server using PowerShell
1) On the VPS go to server manager and select features then click add new feature.
2) From the list select “Windows PowerShell Integration Scripting Environment” and click install.
Once this is complete launch the ISE (windows PowerShell integration scripting Environment) by typing ISE in the windows run box. From here you can run the PowerShell scripts that will set up the server.
1) First you need to run the SharePoint snapins.
2) Type the following into the box
a) Add-PSSnapinMicrosoft.SharePoint.PowerShell-EA 0
3) Once this command has completed you should receive the following message
b) The local farm is not accessible .Cmdlets with FeatureDependencyId are not registered.
If you do not receive this message then it means the Snapins have not run and there is an issue with either the SharePoint installation or the command.
Now you can run the command to set up the farm. But you will need several variables to do this:-
1) <SQL server> - the IP address of the SQL server you intend to use for the installation.
2) <Conf database name> - The name of the central configuration database for this server, this should be made from the customer number and company name and the word conf (e.g. BOD12545_Conf). If you have more than one SharePoint installation add a numeric to the end of this in order to separate it from other installations (e.g. BOD12545_Conf_01)
3) <dbuser> - the username of the account you set on the SQL server in previous steps.
4) <dbpassword> - the password you set for this user
5) <Passphrase> - this is the farm passphrase. If you need to add additional servers to the farm you need this passphrase. This should always be set to “P@ssword#01” unless you specifically want it to be something else.
6) <Admin database> - this is the name of the content database for the web admin application and should be named by using the customer number and the company name followed by CA (e.g. bodHOST365214_CA). Again if the customer has more than one account use an _01 at the end of this name (e.g. bodHOST365214_CA_01)
7) <ADuser> The ad user SPAdmin that you created in the previous steps.
8) <ADpassword> The password for this account.
Once you have all this information you can run the following command:-
PSConfig.exe –cmd –configdb –create –server <SQL server> -Database <Conf database name> -dbuser<dbuser> -dbpassword<dbpassword> -passphrase <Passphrase> -admincontentdatabase<Admin database> -user <ADuser> -password <ADpassword>
This will now set up the SharePoint farm and create the required connections/databases to the SQL server.
If you have done this right you will see the following:-
SharePoint Products Configuration Wizard version
Copyright (C) Microsoft Corporation 2013. All rights reserved.
Performing configuration task 1 of 3
Initializing SharePoint Products configuration...
Successfully initialized the SharePoint Products configuration
Performing configuration task 2 of 3
Creating the configuration database...
Successfully created the configuration database
Performing configuration task 3 of 3
Finalizing the SharePoint Products configuration...
Successfully completed the SharePoint Products configuration
Total number of configuration settings run: 3
Total number of successful configuration settings: 3
Total number of unsuccessful configuration settings: 0
Successfully stopped the configuration of SharePoint Products
Configuration of the SharePoint Products has succeeded.
Now you need to generate the Administration pages. These are required in order to allow the customers to manage their SharePoint installation.
Now go to start and click “Configure SharePoint Farm”. You should see that the database fields are already entered. Follow the wizard.
Create an FTP user
1) In server manager add the FTP service to IIS7.
2) Set up a new FTP site using FTP User.
These user accounts apply to the SQL servers and its domain.
SQL SA password
The Active directory recovers password for the domain.