Deployment - PowerPoint Presentation

Slide1
Slide2

Deployment WizardSharePoint 2013 Installation Tips, Tricks and Scripts

Dan Holmedan.holme@intelliem.com

SPC083Slide3

Consultant

Dan Holme

Dan Holme

INTELLIEM

Author

MAUI, HAWAII

AvePoint

danholme

http://tiny.cc/danholmespc2012 dan.holme@intelliem.comSlide4

Agenda

Architecture in a nutshellHardware requirementsSQL deploymentSharePoint deployment

Prerequisites

SetupConfigurationAutomated deploymentTurbocharged DeploymentSlide5

About this session

Setup hasn’t changed muchSlick-nessScriptedTested

Wonky-ness

Under-documentedMisdocumentedConflicting documentation

Simply not workingDemosSharePoint 2013 on Windows Server 2008 R2Pseudo-DemosSlide6

SharePoint ArchitectureSlide7

http://www.microsoft.com/en-us/download/details.aspx?id=30377Slide8

Server Roles

Web serverUser requestsDedicated for crawlingApplication server

Query and Index

Other search componentsOther service applicationsDatabase server

ContentSearchConfigurationAll othersSlide9

Single Server

All elements on one serverPerformance will be constrainedNo fault tolerance

Development

EvaluationLimited deployment100 usersSlide10

Minimal Fault-Tolerant Farm

Two SharePoint ServersBoth are web servers (load balanced)All service application service instances are on both servers

Central Administration on both servers

Redundant SQL tierClusteringMirroring

AlwaysOn (SQL Server 2012)Slide11

Load balancer

Architectural elements

Load Balancer

No longer necessary to configure stickiness

Request ManagementRuns on web servers by defaultDoes not replace load balancerFault tolerance: 2+ web serversScale: Dedicated request management farmWeb Tier

Web tier

Application tier

Database tierSlide12

Load balancer

Architectural elements

Web Tier

100 users on a single server limited deployment

10,000 users per web server in a 3-tier farmRedundancy: 2+ web servers with load balancingScale: Additional serversDistributed CacheSocial data (activity feeds) and authentication tokensRuns on all web and application servers by defaultRedundancy: “It’s complicated”Scale: Dedicated servers

Application Tier

Web tier

Application tier

Database tierSlide13

Load balancer

Architectural elements

Application Tier

Redundancy: Service instances on 2+ servers

Scale: Additional servers, dedicated workloadsQuery ComponentSignificantly greater requirementsDecreased burden on SQLRedundancy: 2+ servers with query componentIndex fault tolerance: Index partition replicasScale: Dedicated server(s) with indexingOffice Web Apps

Separate farmRedundancy: 2+ serversScale: Additional servers

Web tier

Application tier

Database tierSlide14

Load balancer

Architectural elements

Database Tier

Redundancy: clustering, mirroring,

AlwaysOn (2012)Scale: Additional servers hosting workloadsContent databases & configuration databasesSearch databases

Web tier

Application tier

Database tierSlide15

Physical vs. virtual

Performance, performance, performanceResources: RAM, cores, I/O, networkVirtualizationReduced cost of hardware

Manageability

Windows Server 2012 & Hyper-V 3.0PerformanceManageabilitySlide16

Architecture in a nutshell

Business needsTechnical considerationsPerformanceScalability

Redundancy

ManageabilityCost

Architecture = (Technical Expertise, Process, Compromise!)

ArchitectureSlide17

Hardware RequirementsSlide18

Development or Evaluation | Single-Server

Minimum RequirementsProcessor64-bit, 4 cores

RAM

8 GB SharePoint Foundation24 GB SharePoint ServerHard disk80 GB free for system driveSlide19

Web tier

Application tier

Database tier

Farm | Web & Application Servers

Minimum Requirements

Processor

64-bit, 4 cores

RAM

12 GB

Hard disk

80 GB free for system drive

Maintain free space = 2 x RAM

Database server with:

Farm configuration database

Content

database

Service application databases

Load balanced or routed requestsSlide20

Farm | Database Servers

Minimum Requirements

Processor

64-bit, 4 cores for “small” deployments

64-bit, 8 cores for “medium” deployments

RAM

8 GB for “small” deployments

16 GB for “medium” deployments

Hard disk

80 GB free for system drive

Storage size and architecture dependent on corpus, performance requirements, etc.

Web tier

Application tier

Database tier

Load balanced or routed requestsSlide21

Hardware RequirementsHardware and software requirements

http://technet.microsoft.com/en-us/library/cc262485.aspxHardware and software requirements (Project Server)

http://

technet.microsoft.com/en-us/library/ee683978.aspxCapacity management and sizing (2010/2013)http://go.microsoft.com/fwlink/p/?

LinkID=95812Storage and SQL Server capacity planning (2010/2013)http://go.microsoft.com/fwlink/p/?LinkID=119416Slide22

Service AccountsSlide23

Directory Services PrerequisitesResources

Initial deployment administrative and service accounts in SharePoint 2013http://

technet.microsoft.com/en-us/library/ee662513.aspx

Account permissions and security settings in SharePoint 2013http://

technet.microsoft.com/en-us/library/cc678863.aspxSlide24

Service Accounts

SQL Server service: SQL_Service

SQL

administrator: SQL_AdminSharePoint Administrator and Setup User:

SP_AdminSharePoint Farm Service: SP_FarmApplication pool accountsUser-facing web application app pool: SP_WebApps Service application app pool:

SP_ServiceAppsDefault content access (crawl) account:

SP_CrawlUser Profile Synchronization account:

SP_UserSyncSlide25

SP_Admin

SharePoint Administrator and Setup UserUsed by a service admin to perform bit-level changesInstall SharePoint prerequisites

Install SharePoint products

Configure SharePoint (SharePoint Products Configuration Wizard)Update, patch, add/remove servers, etc.Unique, “generic” SharePoint administrative account

Not your “normal” user or admin accountRepresents enterprise service administrationCan be locked down (password, disabled) after installation, until neededDelegate service to administratorsAfter setup, add your admin user accounts to Farm AdministratorsSlide26

Über Admin Account

SharePoint Enterprise Administrator: SP_EnterpriseAdminLeast privilege not always possible

Delegate to administrators privilege to use PowerShell

Patch/updateUpgrade

SQL Administrator or db_owner of all SharePoint databasesLocal Administrators group of all SharePoint serversFarm Administrators groupDisabled until neededSlide27

Accounts for Multiple Farms

Each farm…Dev, test, QA, production… needs its own “set” of accounts

Consider multiple farms in your

naming conventionSP_Farm

– ProductionSP_Farm_DevSP_Farm_TestWhy?Least privilegeMonitoring & auditingAutomatic password managementSlide28

Deploy SQL ServerSlide29

Install SQL Server 2012 | Prepare

SQL Server 2012 with SP1 released 8 Nov 2012Log on as SQL service administrator

(SQL_Admin)Owns the bits and the default roles & permissions

Represents the enterprise ownership of the serviceMust be a member of the local Administrators group on the serverInstall .NET Framework 3.5.1Server Manager – Add FeaturesImport-Module ServerManagerAdd-

WindowsFeature NET-FRAMEWORK

ResourcesInstallation for SQL 2012http://technet.microsoft.com/en-us/library/bb500469.aspx

Slide30

Install SQL Server 2012 | Features

Run SETUP.EXECore featuresDatabase Engine

Management Tools – Basic

Management Tools – CompleteAdditional features based on workloads*

Full-Text and Semantic ExtractionsClient Tools ConnectivityData Quality ServicesSlide31

Install SQL Server 2012 | Service Accounts

Least PrivilegeSingle serverVirtual Accounts (defaults) or Managed Service Accounts (MSAs) if virtual account not possible

Cluster

Domain accounts for Database Engine, SQL Server Agent, SSASReferencesGuidelines

on choosing Service Accounts for SQL Server Serviceshttp://support.microsoft.com/kb/2160720Configure Windows Service Accounts and Permissionshttp://technet.microsoft.com/en-us/library/ms143504.aspxSlide32

Install SQL Server 2012 | Automated

Setup configuration fileCreated by SETUP.EXEProceed through wizard then click Cancel at the “Install” step

Locate file

C:\Program Files\Microsoft SQL Server\110\Setup Bootstrap\Log\<DATE>\ConfigurationFile.ini

ModifyADD IAcceptSQLServerLicenseTerms="True“ADD PID="<your product key>"COMMENT OUT ; UIMODE="Normal"CHANGE QUIET=“TRUE"Run Setup with configuration fileSETUP.EXE /ConfigurationFile="<Path to ConfigurationFile.ini>" Slide33

Install SQL Server 2012 | Firewall

Allow Network Access to SQL Server Windows Firewall

netsh

firewall set portopening protocol=TCP port=1433 name=SQLPort mode=ENABLE scope=SUBNET profile=CURRENTNETSH FIREWALL is deprecated but still works. NETSH ADVFIREWALL can be used.

ResourcesConfigure the Windows Firewall to Allow SQL Server Access

http://msdn.microsoft.com/en-us/library/cc646023.aspxSlide34

Install SQL Server 2012 | Security

Security Considerations for a SQL Server Installationhttp

://

technet.microsoft.com/en-us/library/ms144228.aspxSQL Server 2012 Security Best Practice Whitepaperhttp://download.microsoft.com/download/8/F/A/8FABACD7-803E-40FC-ADF8-355E7D218F4C/SQL_Server_2012_Security_Best_Practice_Whitepaper_Apr2012.docx

Slide35

Install SQL Server 2012 | Max Degrees of Parallelism

SQL resource utilizationCoresQueriesDefault is 0

SharePoint 2010: Should be set to 1

Is your SQL Server configured correctly now?SharePoint 2013: Required

SharePoint Products Configuration Wizard (PSCONFIG / PSCONFIGUI) fails if MDOP is 0Slide36

Script max degrees of parallelismPowerShell script

Run As Administrator. Set-ExecutionPolicy to allow local script (e.g. RemoteSigned

).

####

Set MDOP to 1Import-Module "sqlps" -DisableNameChecking

$

sql = "EXEC sys.sp_configure N'show advanced options', N'1'  RECONFIGURE WITH OVERRIDE

GOEXEC

sys.sp_configure

N'max degree of parallelism', N'

1'GO

RECONFIGURE WITH OVERRIDEGOEXEC

sys.sp_configure N'show advanced options', N'0'  RECONFIGURE WITH OVERRIDEGO"

Invoke-Sqlcmd –Query $sql

[-ServerInstance “SERVER\instance“]Slide37

Delegate permissions

Create SQL login for SP_AdminSharePoint administrator and setup user accountAssign server roles

dbcreator

securityadminSlide38

Install SharePointSlide39

Get Ready

Log on to SharePoint server as SharePoint service administrator (SP_Admin)

Administrators group on the SharePoint server

dbcreator and securityadmin server roles on SQL serverSlide40

Installing and Configuring SharePoint

Install prerequisitesInstall SharePoint Prerequisites: PrerequisiteInstaller.exeCommand-line switches or PrerequisiteInstaller.Arguments.txt file

Post Prerequisite Installer prerequisites

Install SharePoint binariesSetup: setup.execonfig.xml

Configure SharePointSharePoint Products Configuration Wizard: psconfig.exeWindows PowerShellConfigure FarmFarm configuration wizard or Central AdministrationWindows PowerShellSlide41

Install SharePoint PrerequisitesSlide42

PrerequisitesPrereqs

Web Server (IIS) roleApplication Server roleMicrosoft

.NET Framework version 4.5

SQL Server 2008 R2 SP1 Native ClientMicrosoft WCF Data Services 5.0Microsoft Information Protection and Control Client (MSIPC)

Microsoft Sync Framework Runtime v1.0 SP1 (x64)Windows Management Framework 3.0 which includes Windows PowerShell 3.0Windows Identity Foundation (WIF) 1.0Microsoft Identity Extensions (previously named WIF 1.1)Windows Server AppFabricCumulative Update Package 1 for Microsoft AppFabric 1.1 for Windows Server (KB 2671763)PrerequisiteInstaller.exeSlide43

Pseudo-DemoSlide44
Slide45
Slide46
Slide47
Slide48
Slide49
Slide50
Slide51
Slide52

Scripted Installation of Prerequisites

PrerequisiteInstaller.exe switches/unattended

/

NETFX:<path>\SP2013_Prereqs\dotnetfx45_full_x86_x64.exe

/PowerShell:<path>\SP2013_Prereqs\Windows6.1-KB2506143-x64.msu /SQLNCli:<path>\SP2013_Prereqs\sqlncli.msi /IDFX:<path>\SP2013_Prereqs\Windows6.1-KB974405-x64.msu /Sync:<path>\SP2013_Prereqs\Synchronization.msi /

AppFabric:<path>\SP2013_Prereqs\WindowsServerAppFabricSetup_x64.exe /IDFX11:<path>\SP2013_Prereqs\MicrosoftIdentityExtensions-64.msi

/MSIPCClient:<path>\SP2013_Prereqs\setup_msipc_x64.msi

/WCFDataServices:<path>\SP2013_Prereqs\WcfDataServices.exe /KB2671763:<path>\SP2013_Prereqs\AppFabric1.1-RTM-KB2671763-x64-ENU.exeAdd to command line orSlide53

Scripted Installation of Prerequisites

Create a PrequisiteInstaller.Arguments.txt

file with all switches

Notes

All switches are on one line [example above has word wrap on]The file has two extensions: .Arguments.txtPut the file in the same folder as PrerequisiteInstaller.exe

/unattended /NETFX:<path>\SP2013_Prereqs\dotnetfx45_full_x86_x64.exe /PowerShell:<path>\SP2013_Prereqs\Windows6.1-KB2506143-x64.msu /

SQLNCli:<path>\SP2013_Prereqs\sqlncli.msi /IDFX:<path>\SP2013_Prereqs\Windows6.1-KB974405-x64.msu /Sync:<path>\SP2013_Prereqs\Synchronization.msi /

AppFabric:<path>\SP2013_Prereqs\WindowsServerAppFabricSetup_x64.exe /IDFX11:<path>\SP2013_Prereqs\MicrosoftIdentityExtensions-64.msi /MSIPCClient:<path>\SP2013_Prereqs\setup_msipc_x64.msi /WCFDataServices:<path>\SP2013_Prereqs\WcfDataServices.exe /KB2671763:<path>\SP2013_Prereqs\AppFabric1.1-RTM-KB2671763-x64-ENU.exeSlide54

Scripted Installation of PrerequisitesResources

Install prerequisites for SharePoint 2013 from a network sharehttp://technet.microsoft.com/en-us/library/ff686793.aspxSlide55

Problems*

Buggy restartIf prompted to restart:Click CANCEL instead of FINISH.

Delete startup task in %

ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup

Restart machine.Restart PrerequisiteInstaller.exe.WCF Data Services 5.0 certificate is badSecurity dialog prompts: BlockerServer must have Internet access to install it successfullySlide56

Post Prerequisite Installer prerequisites

Prereqs NOT INSTALLED by the prereq installer

The

SharePoint parsing process crashes in Windows Server 2008 R2 (KB 2554876)

FIX: IIS 7.5 configurations are not updated when you use the ServerManager class to commit configuration changes (KB 2708075) Hotfix: ASP.NET (SharePoint) race condition in .NET 4.5 RTM (KB 2759112) Must install after SharePoint Prerequisite Installer prerequisitesAutomated installationPowerShell (Run As Administrator. Set-

ExecutionPolicy appropriately.).\NDP45-KB2759112-x64.exe /passive /norestart

wusa.exe .\Windows6.1-KB2554876-v2-x64.msu /quiet /norestartwusa.exe .\Windows6.1-KB2708075-x64.msu /quiet /

norestart# Restart-ComputerSlide57

Disable Loopback

Explanationhttp://support.microsoft.com/kb/896861

Production: Method 1 only (more secure)

Development/Testing: Method 2 is OKScriptPowerShell

(Run as Administrator. Enter command on one line.)New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa -Name "DisableLoopbackCheck" -Value "1" -PropertyType DWORDSlide58

Install SharePoint BinariesSlide59

Pseudo-DemoSlide60
Slide61
Slide62
Slide63
Slide64
Slide65
Slide66
Slide67
Slide68
Slide69
Slide70
Slide71
Slide72

After Setup

Install the latest Cumulative UpdatesSlide73

Scripted Installation of SharePoint Server

Create or modify config.xmlSee samples in the FILES folder in the SharePoint distributionRemove comment tags (<!-- and -->) from the PIDKEY value

setup.exe /

config path\config.xml

Monitoring unattended installationMonitor %temp%\SharePoint Server Setup*.logTask Manager processes including msiexec.exe, setup.exe, mscorsvw.exe, psconfig.exeSlide74

Configure the ServerSlide75

Pseudo-DemoSlide76
Slide77
Slide78
Slide79
Slide80
Slide81
Slide82
Slide83

SQL AliasSlide84
Slide85
Slide86

Farm AccountSlide87
Slide88
Slide89
Slide90
Slide91
Slide92

Configure Kerberos laterSlide93
Slide94
Slide95
Slide96
Slide97

Automate Configure the Server (psconfig)

Windows PowerShell

New-

SPConfigurationDatabase

-DatabaseName $ConfigDB

-DatabaseServer

$

DatabaseServer -AdministrationContentDatabaseName $AdminContentDB -Passphrase $Passphrase -

FarmCredentials $FarmAcct

Initialize-

SPResourceSecurity

Install-SPService

Install-SPFeature -AllExistingFeatures

New-SPCentralAdministration -Port $CAPort -

WindowsAuthProvider $WinAuthProviderInstall-SPHelpCollection

-

AllInstall-SPApplicationContentScripthttp://tiny.cc/danholmespc2012Slide98

Configure the FarmSlide99

Configure service apps & web apps

SharePoint Conference SessionsPowerShell ResourcesGary

Lapointe’s

Bloghttp://blogs.falchionconsulting.comTodd

Klindt’s Bloghttp://www.toddklindt.com/blog AutoSPInstallerhttp://autospinstaller.codeplex.com/Slide100

Turbocharge DeploymentSlide101

Install SQL Server 2012 | SYSPREP SQL

From SETUP.EXE, click Advanced InstallationMust run SETUP from a location (e.g. a share) which will be accessible when you complete the image

Prepare installation

Limited features can be preinstalled: Database Engine, Full TextCan capture ConfigurationFile.iniSYSPREP

SYSPREP

DEPLOY IMAGE

MINI SETUP

SERVER CONFIG

COMPLETE SQL

PREPARE SQLSlide102

Deploying an Image

IMAGEX /CAPTURE the sysprepped imageUpload to Windows Deployment Services (WDS)PXE Boot (F12)

CAPTURE IMAGE

UPLOAD TO WDS

PXE BOOT (F12)

MINI SETUPSlide103

Tools to learn about

Windows Assessment and Deployment Kit (ADK)Microsoft Deployment Toolkit (MDT)Windows Deployment Services (WDS)Slide104

Mahalo!Thank you!Slide105

Shout Outs

Bill BaerRandy WilliamsJeremy ThakeGary Lapointe

Chris Givens

Andrew ConnellSpence HarbarJason HimmelsteinTodd Baginski

Scot HillierMatt McDermottEric ShuppsPaul SwiderShane YoungTodd KlindtWictor WilénAsif RehmaniRob BogueSlide106

A Hui Ho (‘til next time!)

http://tiny.cc/danholmespc2012http://bit.ly/danholmearticles

http://bit.ly/danholmebooks

dan.holme@intelliem.com

@danholmeSlide107

Evaluate this session now on

MySPC

using your laptop or mobile device:

http://myspc.sharepointconference.com

MySPCSlide108

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.