accessible content is available upon request. sharepoint on-premises – best practice installation...
TRANSCRIPT
Accessible content is available upon request.
SharePoint on-premises – Best PracticeInstallation and Configuration
@DHobmaier, MCSE SharePoint
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Dennis Hobmaier
Text/Icon/Pic
Sr. Technical Solutions
Professional
http://www.hobmaier.net
@DHobmaier
Klagenfurt am Wörthersee, AT
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Agenda
• Service Accounts• SQL• SharePoint• Patching
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SERVICE ACCOUNTS
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Konten• SQL Server Dienst: SQL_Service• SQL Server Admin: SQL_Admin• SharePoint Admin und Setup: SP_Admin• SharePoint Farm Service: SP_Farm• Application Pool Konten• Webanwendungen (z.B. Intranet): SP_WebApps• MySite: SP_MySite• Dienstanwendungen: SP_ServiceApps
• Standard Crawl Account: SP_Crawl• UPS: SP_UserSync
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SQL
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Disk Layout / I/O
•Data: RAID 10 oder 5• Log: RAID 10• Temp DB: RAID 10• Auf eigenen Disk Pool / LUN
• Programmdateien: RAID 1, 5 oder 10
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Installation
• Cluster oder Always-On Availability Group?• Benannte Instance• SQL Collation: Latin1_General_CI_AS_KS_WS • Kann später nicht geändert werden• Wichtig für Temp-DB und Standard für neue Datenbanken• Wirkt sich auf Sortierung / Views in SharePoint aus
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SQL 2012 Setup
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Konfiguration
• RAM: Min / Max•Datenbankeinstellungen• Default index fill factor: 80
• Erweitert• Max Degree of parallism = 1
•GPO: Lock Pages in memory•GPO: Perform volume maintenance tasks
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Datenbankdateien 1/2
• Intial size• Sinnvolle Anfangsgröße für jede Datenbank• Anhand von erwartendem Inhalt, Beispiel Content Datenbank 50 GB
• Autogrow• Performancekiller für SQL (bei Standard 10%)• Sinnvolle Größe z.B. 128 MB• Nicht von model vererbt
• Recovery Model Simple/Full• Abhängig von der Backup Strategie
• Jeweils für Model und tempdb• Model ist die Vorlage für jede neue Datenbank
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Datenbankdateien 2/2
• Per Script vorher anlegen• Small• Medium• Large
• Anzahl Datenbankdateien• Je nach CPU• Max. 8
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SHAREPOINT
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Vorbereitung
• Alias verwenden• System32\Cliconfg.exe• Syswow64\cliconfg.exe• DNS Name für SQL verwenden• Mehrere Tiers verwenden, wie CONTENT, SEARCH, SERVICES (Skalierbarkeit)
• Sprache Englisch• Bitte immer englisches Betriebssystem, engl. SharePoint = weniger Bugs,
leichteres Troubleshooting
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Schritte• Voraussetzungen installieren• PrerequisiteInstaller.exe• Unbeaufsichtigte Installation über PrerequisiteInstaller.Arguments.txt
• SharePoint Binaries• Setup.exe• Config.xml
• SharePoint Konfiguration• SharePoint Products and Configuration Wizard: psconfig.exe• PowerShell
• Farm Konfiguration• Farm Configuration Wizard• PowerShell
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Voraussetzungen – OS - Roles
•Windows Server 2012 R2 - PowerShellImport-Module ServerManagerAdd-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support, AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer –Source D:\sources\sxs
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Voraussetzungen - SharePoint
•Online per PrerequisiteInstaller.exe•Offline per Skript
$SharePoint2013Path = "c:\sharepoint2013bits"Start-Process "$SharePoint2013Path\PrerequisiteInstaller.exe" –ArgumentList "/SQLNCli:$SharePoint2013Path\PrerequisiteInstallerFiles\sqlncli.msi /IDFX:$SharePoint2013Path\PrerequisiteInstallerFiles\Windows6.1-KB974405-x64.msu /IDFX11:$SharePoint2013Path\PrerequisiteInstallerFiles\MicrosoftIdentityExtensions-64.msi /Sync:$SharePoint2013Path\PrerequisiteInstallerFiles\Synchronization.msi /AppFabric:$SharePoint2013Path\PrerequisiteInstallerFiles\WindowsServerAppFabricSetup_x64.exe /KB2671763:$SharePoint2013Path\PrerequisiteInstallerFiles\AppFabric1.1-RTM-KB2671763-x64-ENU.exe /MSIPCClient:$SharePoint2013Path\PrerequisiteInstallerFiles\setup_msipc_x64.msi• http://
social.technet.microsoft.com/wiki/contents/articles/14582.sharepoint-2013-install-prerequisites-offline-or-manually-on-windows-server-2012-a-comprehensive-guide.aspx#Solutions_Offline_and_Manual_Prerequisite_Procedures
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SharePoint Binaries• Setup.exe• AutoSPInstaller• https://autospinstaller.codeplex.com/
• UI für AutoSPInstaller • http://autospinstaller.com/ • Ehemals AutoSPInstallerGUI
• Farm Konfigurationsdatenbank – sauberen Namen vergeben, z.B. P_SP_Config• P = Produktion• SP = SharePoint• Config = Konfigurationsdatenbank
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Farm Konfiguration
• Nicht als Single Role installieren• Mit SP2016 MinRoles
• Nicht den Farm Configuration Wizard verwenden (Central Admin)• Nur benötigte Dienste provisionieren• Konfiguration per PowerShell• Auf saubere Datenbanknamen achten
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Konfiguration OS
•Disable Loopback• New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa
-Name "DisableLoopbackCheck" -Value "1" -PropertyType DWORD
•Warmup Skript (bis 2008 R2)• https://spbestwarmup.codeplex.com/
• Auto Warmup IIS ab 2012 R2
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Konfiguration Suche
• PowerShell / Datenbanknamen und Topologie
$spappPool = Get-SPServiceApplicationPool -ident "Service Applications" $search = New-SPEnterpriseSearchServiceApplication -Partitioned -Name "Search Service" -ApplicationPool $spappPool -Databasename "P_SP_Search_Admin" New-SPEnterpriseSearchServiceApplicationProxy -Partitioned -Name "Search Service Proxy" -SearchApplication $search $clone = $ServiceApplication.ActiveTopology.Clone() $SSI = Get-SPEnterpriseSearchServiceInstance -local New-SPEnterpriseSearchAdminComponent –SearchTopology $clone -SearchServiceInstance $SSI New-SPEnterpriseSearchContentProcessingComponent –SearchTopology $clone -SearchServiceInstance $SSI New-SPEnterpriseSearchAnalyticsProcessingComponent –SearchTopology $clone -SearchServiceInstance $SSI New-SPEnterpriseSearchCrawlComponent –SearchTopology $clone -SearchServiceInstance $SSI New-SPEnterpriseSearchIndexComponent –SearchTopology $clone -SearchServiceInstance $SSI -RootDirectory $IndexLocation New-SPEnterpriseSearchQueryProcessingComponent –SearchTopology $clone -SearchServiceInstance $SSI $clone.Activate() • http://blogs.technet.com/b/praveenh/archive/2013/02/07/create-a-new-search-service-application-in-
sharepoint-2013-using-powershell.aspx
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Dienstanwendungen hinzufügen
• User Profile Service• MySite
•Managed Metadata• Zentrale Metadaten
•Work Management Service• E-Mail Benachrichtigung
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Admin Content DB
• Falls SharePoint per Setup.exe installiert•Datenbanknamen ohne ID
New-SPContentDatabase P__SP_AdminContent http://lab-sp2013-prod:8000 Get-SPWebApplication -ident http://lab-sp2013-prod:8000 | Get-SPContentDatabase Get-SPSite -ContentDatabase <GUID> | Move-SPSite -DestinationDatabase <New GUID> iisreset
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Webanwendungen• Zugriff per DNS / FQDN• Auf AAM achten, veröffentlichung
• Authentifizierung• NTLM (Standard)• Kerberos• ADFS …
• Alles in eine Webanwendung• Inkl. MySite• Weniger Trusted Zone• Host-Header Websitesammlungen
• Pro Website / Managed Path anlegen• Abteilungen• Projekte
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Websitesammlungen
• Root Site Collection anlegen „/“• Search Center•My Site Host•Governance• Quota Templates• Berechtigungen
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
PATCHING
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Service Pack / CU
• CU bei Bedarf installieren• Abhängig von der Qualität des CU‘s
• Binaries auf allen Servern installieren• Products and Configuration Wizard auf allen Servern ausführen•WSUS: SharePoint ausnehmen• Per Skript• Sharepointupdates.com / Trevor Seward
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
FRAGEN?
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Ahsante
thank you