Aslam Latheef: 05/12/13

Installing SSL certificate on Window IIS 7 and Web interface

3:01 PM

The first step in ordering an SSL certificate is generating a Certificate Signing Request. This is very easy to do in IIS7 using the following instructions.

Click on the Start menu, go to Administrative Tools, and click on Internet Information Services (IIS) Manager.
Click on the name of the server in the Connections column on the left. Double-click on Server Certificates.
In the Actions column on the right, click on Create Certificate Request...
Enter all of the following information about your company and the domain you are securing and then click Next.
Name
Explanation
Examples
Common Name
The fully qualified domain name (FQDN) of your server. This must match exactly what you type in your web browser or you will receive a name mismatch error.
*.google.com
mail.google.com
Organization
The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC.
Google Inc.
Organizational Unit
The division of your organization handling the certificate. (Most CAs don't validate this field)
IT
Web
City/Locality
The city where your organization is located.
Mountain View
State/province
The state/region where your organization is located. This shouldn't be abbreviated.
California
Country/Region
The two-letter ISO code for the country where your organization is location.
US
GB
Leave the default Cryptographic Service Provider. Increase the Bit length to 2048 bit or higher. ClickNext.
Click the button with the three dots and enter a location and filename where you want to save the CSR file. Click Finish.

Once you have generated a CSR you can use it to order the certificate from a certificate authority. If you don't already have a favorite, you can compare SSL features from each provider using our SSL Wizard or by comparing cheap SSL certificates, Wildcard Certificates, or EV certificates. Once you paste the contents of the CSR and complete the ordering process, your order is validated, and you will receive the SSL certificate file.

Install the Certificate

To install your newly acquired SSL certificate in IIS 7, first copy the file somewhere on the server and then follow these instructions:

Click on the Start menu, go to Administrative Tools, and click on Internet Information Services (IIS) Manager.
Click on the name of the server in the Connections column on the left. Double-click on Server Certificates.
In the Actions column on the right, click on Complete Certificate Request...
Click the button with the three dots and select the server certificate that you received from the certificate authority. If the certificate doesn't have a .cer file extension, select to view all types. Enter any friendly name you want so you can keep track of the certificate on this server. Click OK.
If successful, you will see your newly installed certificate in the list. If you receive an error stating that the request or private key cannot be found, make sure you are using the correct certificate and that you are installing it to the same server that you generated the CSR on. If you are sure of those two things, you may just need to create a new Certificate Request and reissue/replace the certificate. Contact your certificate authority if you have problems with this.

STEP- 2

Bind the Certificate to a website

In the Connections column on the left, expand the sites folder and click on the website that you want to bind the certificate to. Click on Bindings... in the right column.
Click on the Add... button.
Change the Type to https and then select the SSL certificate that you just installed. Click OK.
You will now see the binding for port 443 listed. Click Close.

Install any Intermediate Certificates

STEP :3
if you Have multiple Web server then Please follow the below instructions
Exporting/Backing Up to a .pfx File

On the Start menu click Run and then type mmc.
Click File > Add/Remove Snap-in.
Click Certificates > Add.
Select Computer Account and then click Next. Select Local Computer and then click Finish. Then close the add standalone snap-in window and the add/remove snap-in window.
Click the + to expand the certificates (local computer) console tree and look for the personal directory/folder. Expand the certificates folder.
Right-click on the certificate you want to backup and select ALL TASKS > Export.
Choose Yes, export the private key and include all certificates in certificate path if possible.
Warning: Do not select the delete private key option.
Leave the default settings and then enter your password if required.
Choose to save the file and then click Finish. You should receive an "export successful" message. The .pfx file is now saved to the location you selected.

Importing from a .pfx File

On the Start menu click Run and then type mmc.
Click File > Add/Remove Snap-in.
Click Certificates > Add.
Select Computer Account and then click Next. Select Local Computer and then click Finish. Then close the add standalone snap-in window and the add/remove snap-in window.
Click the + to expand the certificates (local computer) console tree and look for the personal directory/folder. Expand the certificates folder.
Right-click on the certificate you want to backup and select ALL TASKS > Import.
Follow the certificate import wizard to import your primary certificate from the .pfx file. When prompted, choose to automatically place the certificates in the certificate stores based on the type of the certificate.

and RUN STEP –2

Note
Most SSL providers issue server certificates off of an Intermediate certificate so you will need to install this Intermediate certificate to the server as well or your visitors will receive a Certificate Not Trusted Error. You can install each Intermediate certificate (sometimes there is more than one) using these instructions:

Download the intermediate certificate to a folder on the server.
Double click the certificate to open the certificate details.
At the bottom of the General tab, click the Install Certificate button to start the certificate import wizard. Click Next.
Select Place all certificates in the following store and click Browse.
Check the Show physical stores checkbox, then expand the Intermediate Certification Authorities folder, select the Local Computer folder beneath it. Click OK. Click Next, then Finishto finish installing the intermediate certificate.

You may need to restart IIS so that it starts giving out the new certificate. You can verify that the certificate is installed correctly by visiting the site in your web browser using https instead of http or using our SSL Checker.

file services

File Server Capacity Tool

2:32 PM

flow charts

troubleshooting Session sharing in Citrix - Flowchart

2:30 PM

flow charts

Troubleshooting Citrix and windows server Performance - Flowchart

2:29 PM

flow charts

Troubleshooting ICA Session Performance - Flowchart

2:27 PM

1. Session Active - Start the Citrix Connection Center by double clicking on the ICA symbol in the notification area (clock). Check if ICA session is still active.
2. Reconnect Session - Reconnect the session by launching the application again or from the Citrix Web Interface with the reconnect button (if available).

3. Noticeable Traffic - Check the properties of the ICA session. Check if the session generates data to and from the Citrix server.
4. Network Active - Check if the network is still active. Refresh application on the Web Interface. Log off from the Web Interface and logon in the Web Interface again.
5. Normal Resource Usage - Application looks unresponsive. Check if application consumes too many resources like memory and CPU or causing the CPU queue to fill up. If abnormal resource usage is detected logoff or kill user process on Citrix server.
6. Force logoff after 15min- Disconnect the users session and try reconnecting. If the application is still unresponsive, let the application run for 15 minutes. Watch resource usage of the application during this period. If the application is still unresponsive, logoff the user session or kill the user process.
7. Fix Network - Take appropriate actions to repair the network.
8. Kill Application - Kill the application if it is using too many resources which can affect other users performance. Try logging of the user session first, otherwise kill the application or reset the session.
9. Launch new application - Launch a new application and watch if it is launched within the same session or a new session is created.
10. Original app unresponsive - If the original application is unresponsive a new session is created by launching a new application. Profile corruption, networking issues, database timeouts and macro’s (like VBA script) are often the cause of hanging or unresponsive applications.
11. Force logoff after 45 minutes - If normal resource usage is normal, let the unresponsive application run for least 45 minutes. Watch resource usage of the application during this period. If the application is still unresponsive, logoff the user session or kill the user process.
12. New App normal Speed - Is the new application running at expected or reasonable speed.
13. Original App problem - The original application is having a problem. The problem is often caused by networking issues, database timeouts or internal application faults. Make note of the last actions made in the application like selections and queries.
14. Contact application support - Contact application support to troubleshoot the application.
15. Other users affected - Do other users have the same problem ? If so, make note of the other users and contact Citrix administrators / Citrix support to troubleshoot server performance.
16. Shadow Session - If possible try to shadow the users session.
17. Expected behavior restored - Is the expected behavior of the application restored by shadowing the users session?
18. Reduce color quality - Does reducing the color quality (256 or 16 colors) on the users desktop increase the session performance?
19. Increase Session Memory / Update ICA Client - Increase session memory for the Citrix farm in the Citrix management console. If possible update the ICA client to at least a version 8 Client. If the problem happens often with the same application, the application is suffering on a GDI memory leak.

Windows

Troubleshooting Printers in Citrix - Flowchart

2:24 PM

1. Printers available on Client - Are the desired printers and drivers installed on the client.
2. Install Printers on Client - Install the printers and drivers on the client machine.
3. Client Printer Mapping Enabled - Check in the “Citrix Connection Configuration” Client Settings if the windows client printer mapping is enabled.
4. Enable Client Printer Mapping - Enable the Windows Client printer mapping in the “Citrix Connection Configuration” tool.
5. Events 1106 and 1107 in server Event Log - Check the Application Event Log on the Citrix servers for 1106 and 1107 errors from source MetaFrameEvents and category Printer Management. The event description will tell which printer failed for auto-creation and what driver should be used.

6. Printer Driver installed on Server - In the Citrix Management Console - Printer Management - Drivers, check whether the driver is available in the farm and installed on all servers.
7. Install Printer Driver on Server - If the Printer Driver is available in the Citrix Farm on a server select the server with the driver and replicate the driver to the servers with the missing driver. Depending on the load and number of servers this can take up a few hours before replication is completed.
If the driver is not in the Farm install the Windows 2000 version, NOT a version-2 (NT) driver, of the printer driver on a server and replicate the driver from that server to the other servers.
8. Create Printer Mapping - When driver names are not exactly the same on the client and the server, printer creation will fail. In the Citrix Management Console create a printer mapping with the client driver name with the corresponding server driver.

Open the 1106 and 1107 error in the application Event Log and copy the client driver name. Paste the client driver name in the Citrix management console and select the corresponding or compatible server driver.
Examples:
Client: HP Laserjet 4000 PCL Server: HP Laserjet 4000 Series PCL
Client: HP Laserjet 4/4M Server: HP Laserjet 4
Client: HP Laserjet 1100 Server: HP Laserjet Series II
Client: Lexmark 2205 Server: HP Laserjet 4
Note: If you are receiving a lot of 1106 and 1107 errors then you you need to look thirdparty tools like DABCC apm etc etc

flow charts

Troubleshooting Terminal services - Flowchart

2:22 PM

1. Logon Enabled - Check if logons are enabled by executing the command “change logon /query” or from the MetaFrame settings of the server properties within the Citrix management console.
2. Enable Logons - Enable logons by executing the command “change logon /enabled” or by checking the option “enable logons to this server” from the MetaFrame settings of the server properties within the Citrix management console.

3. User TS Enabled - Check if the user has the properties “Allow logon to terminal server” enabled in active directory.
4. Enable Allow TS logon - Enable the options “Allow logon to terminal server” for the user in Active Directory.
5. Application Mode Enabled - Launch the Terminal Services Configuration MMC and check if Terminal Server Mode is set to Application Server.
6. Enable Application Mode - Launch the add/remove software control panel. Click the Add/Remove Windows Components button and click next. Change the Terminal Services option to Application server mode.
7. TS Licenses Available - Check if a Terminal Server License Server is available, activated and licenses are installed.
8. Install Licenses - Install a Terminal Server License Server and install the Terminal Server Licenses.
9. Administrative Logon - Try to logon as a administrator using a RDP session
10. Debug usrlogon process Set the following registry key on the server to debug the logon process:
Key: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Value: UserEnvDebugLevel
Type: REG_DWORD
Data: 10002 (Hex)
The data value of 10002 will enable verbose logging to a file on the server. Once you set this value, reboot your server and check for a “userenv.log” file in the %System-Root%\Debug\UserMode\ folder.
Remember to turn this off when you’re done troubleshooting it, since each user logon can easily add 100KB to the size of this log file.
11. Check Event Log - Check the Event Log for warning or error messages. Lookup the Event ID’s to check if it’s a known error.
12. Fix errors - If the error message is a known error fix it according the given resolution.

flow charts

Citrix Services troubleshooting - Flowchart

2:20 PM

1. Application or server problem - Find out if it’s a server or application problem. If it’s a server problem no Citrix application will start. If it’s an application problem some applications can start with Citrix.
2. IMA Service running - Check with the services MMC if the service Independent Management Architecture is running and no errors for the IMA service exists in the server Event Log.
3. Restart IMA service - If the service Independent Management Architecture is not running start the service

4. IMA directory in path - Check the PATH environment to see if the directories
<ProgramFiles>\Citrix\System32
–and-
<ProgramFiles>\Citrix\System32\IMA\Subsystems are in the path
Set PATH
Change the path environment and add the directories <ProgramFiles>\Citrix\System32
-and-
<ProgramFiles>\Citrix\System32\IMA\Subsystems to the path environment

5. Datastore online - Check if the data store is online. Start the Citrix Management Console and on the Resource Manager Watcher Tab check if Data store Connection Failure is present and in error state. Or check this from the MS SQL Enterprise Manager and see if the CITRIXIMA database is online.
6. Bring data store online - Bring the data store online by restoring the database or rebuild the entire SQL server. As a temporary option fail over to the replicated database.
To use the replicated database edit <ProgramFiles>\Citrix\Independent Management Architecture\MF20.dsn and change the server entry to the server hosting the replicated database.
Execute the following command:
dsmaint config /user:sa /pwd:Citrix /dsn:”<ProgramFiles>\Citrix\Independent Management Architecture\MF20.dsn”
7. Datastore online - Clean the localhost cache by executing the command:
dsmaint /recreatelhc
Start the IMA service
8. Config IMA DSN - From within the ODBC administrator create a new file DSN with the connection to the CITRIXIMA database.
Execute the following command:
dsmaint config /user:sa /pwd:Citrix /dsn:”<path_to new_dsn_file>\<new_dsn_file>”

9. ICA Port enabled - Telnet to port 1494 on the server and check if the ICA port is enabled and has a listener on it.
10. Enable ICA Port - Start the Citrix connection configuration and enable the ICA-TPC protocol
11. DSCheck - Run dscheck.exe from the command prompt and watch for errors.
12. DSCheck /Clean - Run dscheck.exe /clean from the command prompt to clean the data store.
13. Restore data store - Restore the data store from backup

14. Check Published Application - Check if the published application is enabled and the application location and startup options are correct.
15. Install / Repair Application - From the add/remove software control panel repair the application. Or (re)install the application from within the Citrix Installation Manager
16. Check application client options - Check the application client options from within the Citrix management console. Check if the client options like screen, colors and encryption are correct and the same as the other applications.
17. Set application client options - Set the application client options according the standard 640x480@16bit with basic encryption and sound enabled.

flow charts

Citrix Server and Services Troubleshooting Flowchart

2:18 PM

flow charts

Basic Secure Gateway Troubleshooting – Flow chart

2:15 PM

1. CSG service running - The secure gateway runs as a service “Secure Gateway Service”. Launch the services MMC on the corresponding server and check if the “Secure Gateway Service” is running.
2. Start CSG service - Through the services MMC the “Secure Gateway Service” must be start.
3. Start CSG diagnostics - Launch the Citrix Secure Gateway diagnostics tool.
Watch the output to find the problem area.
4. Reinstall or renew certificates - When the CSG diagnostics identifies the SSL Certificates are invalid reinstall the certificates or renew the certificated when they are expired. In case private certificates are used verify the root certificate is installed and not expired.
5. Check if the IIS service is running - When the IIS service is not running the Web Interface is not accessible and the logon agent is not working. Launch the IIS manager MMC and check to see if the IIS service is running and if all the websites, particularly the Web Interface, are online.
6. Start IIS service - Start the IIS services if not running. Enable the websites of not running within IIS.
7. Check if the XML services are running - Check all the MetaFrame servers to see if the Citrix XML Service is running
8. Start XML Service - Start the Citrix XML Service if not running on the Citrix MetaFrame server. Start the IIS service and enable the website (default website) containing the Web Interface.
9. Launch the WIAdmin - By launching the Citrix Web Interface Console we can view and or change the secure gateway settings and Web Interface settings.
10. Consult IIS specialist - If you reach this state you have IIS running but the website is not functional. This could be caused by port conflicts or other faulty configured IIS setting. This document does not provide information for troubleshooting IIS. Consult Microsoft or IIS Specialist.
11. Reconfigure the Web Interface - Reconfigure the Web Interface farm settings and provide the correct Citrix servers for the farm. Reconfigure the Web Interface server side firewall settings and provide the correct secure gateway server and the STA servers.
12. Check if IIS is running on the STA servers - Launch the IIS manager MMC and check to see if the IIS service is running and if all the websites are online.
13. Start IIS Service - Start the IIS services if not running on the STA servers. Enable the websites if not running within IIS
14. Check if IIS Script path is accessible - Check if the default website containing the scripts path and if its accessible and has scripts only execute rights.
15. Set ACL’s - Set ACL’s on the scripts path and set scripts only execute permissions.
16. Consult Citrix specialist - Consult Citrix or a Citrix specialist for troubleshooting the secure gateway configuration.

Windows

Citrix Basic Troubleshooting

2:13 PM

file services

Folder Permissions

2:11 PM

Sharepoint

Installing Sharepoint 2013 on windows server 2012

12:49 PM

I setup another VMWare virtual machine for the SharePoint 2013 server. I plan to configure it as below. SharePoint 2013 Server

Windows Server 2012
SharePoint Server 2013
Memory: 8GB RAM <--- I am tempted to increase this to at least 12GB when running search!
CPU: 4
Drive: 1x80GB
IP Address: 192.168.67.13
Domain: contoso.com
Name: server2012sp
Target Drive: 2

Make sure that you select VMnet8 (NAT) for the Custom: Specific virtual network in Network connection in the Virtual Machine Settings. Make sure that you select “2012 Standard” and not “2012 Datacenter”.

Also, change the server name (server2012sp), domain (Contoso), and IP address (192.168.67.13) after installing the operating system. Note: I had a problem once with the server connecting to the domain controller. So I added the following entries to the hosts file in the C:\Windows\System32\Drivers\etc directory. I first had to give the Admin user account Full control access to the hosts file. 192.168.67.11 server2012dc
192.168.67.12 server2012sql I install the Windows 2012 operating system just as with the other two servers. I add the sp_install and sp_farm user accounts to the Administrators group on this server. I click on Tools \ Computer Management.

The Computer Management windows opens. I click on Local Users and Groups.

I double-click on Groups and the list of group accounts is displayed.

I double-click on the Administrators entry and the Administrators Properties screen opens.

I click on Add… and the Select Users, Computers, Service Accounts, or Groups screen displays. I enter the sp_install user account name and click Check Names.

The Windows Security screen appears. I enter the Administrator credentials and click OK to continue.

The Select Users … screen returns. I click OK to continue.

The Administrators Properties screen is updated. I click OK to close the screen.

IMPORTANT! Repeat the process for the contoso\sp_farm user account! I close the Computer Management screen. I want to logon as the sp_install user. I click on Local Server.

I click on Tasks and select Shut Down Local Server.

I select Switch User on the What do you want the computer to do? drop down list and click OK to continue.

The server restarts. I click Other user.

I enter the credentials for sp_install and click the arrow.

I am now logged in with the sp_install user account and have Administrator rights. I also have the appropriate rights on the SQL Server with this account.

Install Prerequisites

I click on VM \ Settings on the VMWare toolbar.

The Virtual Machine Settings screen appears.

I click on Add… and the Add Hardware Wizard screen appears. I click on CD\DVD Drive and click Next.

I select Use ISO image and click Next.

I browse to the ISO image (en_sharepoint_server_2013_x64_dvd_1121447.iso) that I have for SharePoint Server 2013. I click Finish to continue.

I click OK to close the Virtual Machine Settings screen. A message appears in the top right corner of the screen.

I tap on the message and another message appears.

I click on Open folder to view files. The Explorer window opens.

I scroll down and find prerequisiteinstaller and double-click on it. I click Yes on the User Account Control screen.

The Microsoft SharePoint 2013 Products Preparation Tool screen appears. I click Next to continue.

The License Terms for software products screen appears. I click on the I accept terms … and click Next.

The installation begins.

A restart message appears in the screen when the process completes. I click Finish to continue. Note: I did have a major problem at this stage once. I had no connection to the DNS server from this server. I disabled the network adapter, added a new network adapter in VM Tools, and configured it. I then deleted the old network adapter in VM Tools. The new network adapter had the same configuration as the old one. It connected to the DNS server and displayed an Internet connection.

Windows Server restarts.

Windows is configuring features.

I login to the server

A User Account Control screen is displayed. I click Yes to continue.

The Microsoft SharePoint 2013 Products Preparation Tool screen is displayed.

I wait for the prerequisites to be installed. Another restart message is displayed. I note that all tasks are completed successfully. I click Finish to continue.

Another restart and login. A User Account Control screen is displayed. I click Yes to continue.

The Microsoft SharePoint 2013 Products Preparation Tool screen is displayed.

The process runs quickly and is soon replaced by the Installation Complete screen. I click Finish to continue. I see that I have two additional roles displayed in the Dashboard: App Server and IIS.

Install SharePoint 2013

I click on the explorer icon on the task bar, expand Computer \ DVD Drive (E:) and find the setup file.

I double-click on the setup file to start the installation process. A SharePoint 2013 screen is displayed.

It is soon replaced with a larger screen that includes a menu.

I click on Install SharePoint Server and a User Account Control screen is displayed. I click Yes to continue.

The Enter your Product Key screen is displayed. I enter the product key and click Continue.

The Read the Microsoft Software License Terms screen is displayed. I click on I accept the terms of this agreement and click Continue to continue.

The Server Type screen appears. I keep Complete selected and click Install Now.

The Installation Progress screen appears.

Installation nears completion.

Installation completes. The Run Configuration Wizard screen appears. I uncheck the Run the SharePoint Products Configuration Wizard and click Close.

I click Exit on the SharePoint 2013 screen to close it.

Creating Content Databases without GUIDs in the Name

Click on the Windows button on your keyboard. Right-click on the SharePoint 2013 Management Shell on the Start workspace

Click on Run as administrator. Note: I read about the Run as administrator requirement here: http://tomresing.com/blog/Lists/Posts/Post.aspx?ID=57 Click on Yes in the User Account Control window.

The SharePoint Management Shell window opens in the workspace.

------------------------------------------------------------------------------------------------------- Note: I did run into an error on this step once. The Powershell script could not connect to the SQL server.

I tried pinging the server2012sql SQL server from a command prompt without success. So I added the following entries to the hosts file in the C:\Windows\System32\Drivers\etc directory.. 192.168.67.11 server2012dc
192.168.67.12 server2012sql I had to give Full Control permission to the sp_install user account to the hosts file before I was able to edit and save changes. Pinging will not work because of the firewall; but at least the IP address was available. So I tried running the script again. This time it worked! I also changed the hosts file at the beginning of this blog entry for a different reason. ------------------------------------------------------------------------------------------------------- Copy and paste the following text into the SharePoint Management Shell window. Check that the spaces appear correctly! I sometimes paste it into Notepad on the VM first. New-SPConfigurationDatabase –DatabaseName SharePoint_Config -DatabaseServer server2012sql –AdministrationContentDatabaseName SharePoint_Admin_Content

Press the Enter key on the keyboard. The Shell screen refreshed and requests credentials.

A Credentials screen appears. I enter the sp_farm credentials. I click OK to continue.

I’m still being asked to supply a passphrase for FarmCredentials. I enter the credentials passphrase and hit Enter on the keyboard.

I wait for something to happen … but I am impatient. I go to the server2012sql server and run the Microsoft SQL Server Management Studio. I expand the Object Explorer to see the Databases. I see that the databases are created!

I return to the server2012sp server and see that the prompt has returned in the Shell window.

The process has completed successfully! I close the Shell window.

Run Configuration Wizard

I click on the Windows key on the keyboard and then click on the SharePoint 2013 Products Configuration Wizard icon on the Start screen.

The User Account Control window appears. I click Yes to continue.

The SharePoint Products Configuration Wizard screen appears. I click Next to continue.

A prompt appears warning me about services being started or reset. I click Yes to continue.

The Modify server farm Settings screen appears. I review and accept the settings. I click Next to continue.

The Configure SharePoint Central Administration Web Application screen opens. I review and accept the settings. I record the port number 11747. I click Next to continue.

The Completing the SharePoint Products Configuration Wizard screen opens. I review and accept the settings. I click Next to continue.

The SharePoint product is configuring …

The Configuration Successful screen is displayed. I click Finish to close the screen.

Welcome Wizard

The Central Administration page begins to load. A Windows Security prompt appears. I login with the sp_install credentials. I leave Remember my credentials unchecked and click OK.

The web page continues to load. The Help Make SharePoint Better screen appears. I click No and OK to continue.

The Welcome page is displayed. I click Cancel. I can always restart the Welcome Wizard from the Central Administration screen later. The Central Administration webpage is displayed.

Creating Service Apps with PowerShell Scripts

I am going to run some PowerShell scripts to create the State Service Application and the Usage and Health Data Collection application. These came from a presentation that Todd Klindt made at the SharePoint Technical Conference in San Francisco. Click on the Windows button on your keyboard. Right-click on the SharePoint 2013 Management Shell on the Start workspace

Click on Run as administrator. Click on Yes in the User Account Control window.

The SharePoint Management Shell window opens in the workspace.

Copy and paste the following text into the SharePoint 2013 Management Shell window. Make sure to remove any empty lines. New-SPStateServiceApplication -Name "State Service Application" Get-SPStateServiceApplication| New-SPStateServiceApplicationProxy -defaultproxygroup Get-SPStateServiceApplication| New-SPStateServiceDatabase -Name "State_Service_DB" Get-spdatabase| where-object {$_.type -eq"Microsoft.Office.Server.Administration.StateDatabase"} | initialize-spstateservicedatabase New-SPUsageApplication -Name "Usage and Health Data Collection" $proxy = Get-SPServiceApplicationProxy| where {$_.TypeName-eq"Usage and Health Data Collection Proxy"} $proxy.Provision() You may have to click Enter on the keyboard to get the last command to run, too. It runs successfully as seen below.

You can validate that the applications are created by opening the Central Administration web page and clicking on Manage service applications in the Application Management section. You should see the new service applications listed by name.

The accounts that I use for the Search service (SP_Search), the Search Admin Web Service application pool (SP_Crawl), and the Search Query and Site Settings Web Service application pool (SP_Search) must be registered as managed accounts in SharePoint Server 2013 so that they are available when I create the Search service application. I used the procedure defined at this site (http://technet.microsoft.com/en-us/library/gg502597.aspx) to register each of these accounts as a managed account. I see the Managed Accounts screen displayed as below when completed.

Next, I will create the Search Service Application and topology. RHR (2012/04/25): I tried running a PowerShell script to do so that I downloaded the PowerShell script from http://melcher.it/2012/07/sharepoint-2013-create-a-search-service-application-and-topology-with-powershell/. I modified the applicable parameters. It worked once for me; but I have since received errors every time that I run it. I read a blog posting here that suggested installing Windows Updates. So I did so. But it still failed to run. So I decided to install using Central Administration. I click on New \ Search Service Application in Manage Service Applications.

The Create New Search Service Application screen appears. I update the Service Application name and validate that the contoso\sp_crawl user account is selected.

I scroll down and select Create new application pool and enter the Application pool name as seen below.

I select Configurable for the security account and select contoso\sp_crawl. I then selecting using an existing application pool and select the Search App Pool.

I select Configurable for the security account for the application pool and select contoso\sp_crawl.

I click OK to continue. The Create New Search Service Application screen appears.

Upon completion, a message appears stating “created successfully.

I validate a few items to ensure the actions completed successfully. I open the Microsoft SQL Server Management Studio application on server2012sql and expand the Object Explorer to see the Databases. I see four Search databases created. Sadly, they do not have the nice, clean names like I would be able to create if the PowerShell scripts worked.

I open Central Administration on the server2012sp server and click on Application Management. I then click on Manage Service Applications. I can see the Search Administration Web Service for Search SA and the Search SA service applications.

I open Central Administration on the server2012sp server and click on General Application Settings. I then click on Farm Search Administration.

I can see that the Search Service App service application is created.

I click on Search Service App to review the Administrative status. I see that it is not able to connect.

I scroll down and review the Search Application Topology and the list of databases. These match what I saw listed on the SQL Server.

I click on Central Administration \ Manage services on server.

I scroll down to see that all of the Search services are started.

Next I want configure crawling. I click on Content Sources on the left navigation.

The Search SA: Manage Content Sources screen appears.

I click on Local SharePoint sites and click on Edit in the drop down list.

The Edit Content Source screen appears. I enter http://server2012sp in the Type start addresses below field.

I click Create Schedule under Incremental Crawl.

I configure the schedule in the Manage Schedules screen as seen below. I click OK to continue.

I click Create Schedule under Full Crawl. I configure the schedule in the Manage Schedules screen as seen below. I click OK to continue.

The Crawl Schedules appear as seen below. I click OK to close the Edit Content Source screen.

I click on Local SharePoint sites and Start Full Crawl on the drop down list.

A Message from webpage appears. I click OK to accept and continue.

The crawling starts.

I refresh the screen by clicking on Refresh and see that the crawling process is still crawling. I can also see when the next full crawl is scheduled to run. I also have options to stop or pause all crawls.

I refresh the screen by clicking on Refresh and see that the crawling process is completing.

I refresh the screen by clicking on Refresh and see that the crawling process is idle.

I click on Crawl Log on the left side navigation and I can see the last crawl log entry. Note that there is a 1 under Successes. I conclude that my first full crawl was completed successfully.

Creating New Web Application with PowerShell Script

I am going to run a PowerShell script to create a new web application. The script came from the following site: http://blogs.msdn.com/b/rcormier/archive/2012/09/01/how-to-create-sharepoint-web-applications-with-powershell.aspx. The accounts (contoso\sp_webapp, contoso\sp_superreader, and contoso\sp_superuser) that I use for the web application must be registered as managed accounts in SharePoint Server 2013 so that they are available when I create the application. I used the procedure defined at this site (http://technet.microsoft.com/en-us/library/gg502597.aspx) to register each of these accounts as a managed account. I see the Managed Accounts screen displayed as below when completed.

Run the SharePoint 2013 Management Shell as administrator. Copy and paste the following text into a Notepad file on the server2012sp server. I modified the Script Variables for my SharePoint configuration.

   1:  $ver = $host | select version if ($ver.Version.Major -gt 1) {$Host.Runspace.ThreadOptions = "ReuseThread"}

   2:  Add-PsSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

   3:  Import-Module WebAdministration -ErrorAction SilentlyContinue

   4:  ##

   5:  #This Script Creates SharePoint Web Applications

   6:  ##

   7:  ##

   8:  #Load Script Variables

   9:  ##

  10:  Write-Progress -Activity "Creating Web Application" -Status "Creating Script Variables"

  11:  #This is the Web Application URL

  12:  $WebApplicationURL = "http://server2012sp"

  13:  #This is the Display Name for the SharePoint Web Application

  14:  $WebApplicationName = "Contoso Web Application"

  15:  #This is the Content Database for the Web Application

  16:  $ContentDatabase = "Contoso_ContentDB"

  17:  #This is the Display Name for the Application Pool

  18:  $ApplicationPoolDisplayName = "Contoso App Pool"

  19:  #This is identity of the Application Pool which will be used (Domain\User)

  20:  $ApplicationPoolIdentity = "contoso\sp_webapp"

  21:  #This is the password of the Application Pool account which will be used

  22:  $ApplicationPoolPassword = "pass@word1"

  23:  #This is the Account which will be used for the Portal Super Reader Account

  24:  $PortalSuperReader = "contoso\sp_superreader"

  25:  #This is the Account which will be used for the Portal Super User Account

  26:  $PortalSuperUser = "contoso\sp_superuser"

  27:  ##

  28:  #Begin Script

  29:  ##

  30:  $AppPoolStatus = $False

  31:  Write-Progress -Activity "Creating Web Application" -Status "Checking if Web Application Already Exists"

  32:  if(get-spwebapplication $WebApplicationURL -ErrorAction SilentlyContinue)

  33:  {

  34:  #If a web application with the specifid URL already exists, exit

  35:  Write-Progress -Activity "Aborting Web Application Creation" -Status "Web Application with URL $WebApplication Already Exists"

  36:  Write-Host "Aborting: Web Application $WebApplicationURL Already Exists" -ForegroundColor Red

  37:  sleep 5

  38:  }

  39:  else

  40:  {

  41:  Write-Progress -Activity "Creating Web Application" -Status "Checking if Application Pool Already Exists"

  42:  #Check to see if the specified application pool alrady exists. If it exists, use the existing app pool

  43:  if($AppPool = Get-SPServiceApplicationPool $ApplicationPoolDisplayName -ErrorAction SilentlyContinue)

  44:  {

  45:  Write-Progress -Activity "Creating Web Application" -Status "Re-Using Existing SharePoint Application Pool"

  46:  Set-Variable -Name AppPoolStatus -Value "IsSharePoint" -scope "script"

  47:  }

  48:  else

  49:  {

  50:  if((Test-Path IIS:\AppPools\$ApplicationPoolDisplayName).tostring() -eq "True")

  51:  {

  52:  Write-Progress -Activity "Creating Web Application" -Status "Application Pool with name $ApplicationPoolDisplayName exists and is not used by SharePoint"

  53:  Set-Variable -Name AppPoolStatus -Value "IsNotSharePoint" -scope "script"

  54:  }

  55:  }

  56:  if($AppPoolStatus -eq "IsNotSharePoint")

  57:  {

  58:  Write-Host "Aborting: Application Pool $ApplicationPoolDisplayName already exists on the server and is not a SharePoint Application Pool" -ForegroundColor Red

  59:  Write-Progress -Activity "Creating Web Application" -Status "Aborting: SharePoint Cannot use the specified Application Pool"

  60:  }

  61:  elseif($AppPoolStatus -eq "IsSharePoint")

  62:  {

  63:  #Check to see if the URL starts with HTTP or HTTPS. This can be used to determine the appropriate host header to assign

  64:  if($WebApplicationURL.StartsWith("http://"))

  65:  {

  66:  $HostHeader = $WebApplicationURL.Substring(7)

  67:  $HTTPPort = "80"

  68:  }

  69:  elseif($WebApplicationURL.StartsWith("https://"))

  70:  {

  71:  $HostHeader = $WebApplicationURL.Substring(8)

  72:  $HTTPPort = "443"

  73:  }

  74:  Write-Progress -Activity "Creating Web Application" -Status "Application Pool $ApplicationPoolDisplayName Already Exists, Using Existing Application Pool"

  75:  #Grab the existing application pool, assign it to the AppPool variable

  76:  Set-Variable -Name AppPool -Value (Get-SPServiceApplicationPool $ApplicationPoolDisplayName) -scope "script"

  77:  Write-Progress -Activity "Creating Web Application" -Status "Creating Web Application $WebapplicationURL"

  78:  #Create a new web application using the existing parameters, assign it to the WebApp variable such that object cache user accounts can be configured

  79:  $WebApp = New-SPWebApplication -ApplicationPool $ApplicationPoolDisplayName -Name $WebApplicationName -url $WebApplicationURL -port $HTTPPort -DatabaseName $ContentDatabase -HostHeader $hostHeader

  80:  Write-Progress -Activity "Creating Web Application" -Status "Configuring Object Cache Accounts"

  81:  #Assign Object Cache Accounts

  82:  $WebApp.Properties["portalsuperuseraccount"] = $PortalSuperUser

  83:  $WebApp.Properties["portalsuperreaderaccount"] = $PortalSuperReader

  84:  Write-Progress -Activity "Creating Web Application" -Status "Creating Object Cache User Policies for Web Application"

  85:  #Create a New Policy for the Super User

  86:  $SuperUserPolicy = $WebApp.Policies.Add($PortalSuperUser, "Portal Super User Account")

  87:  #Assign Full Control To the Super User

  88:  $SuperUserPolicy.PolicyRoleBindings.Add($WebApp.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullControl))

  89:  #Create a New Policy for the Super Reader

  90:  $SuperReaderPolicy = $WebApp.Policies.Add($PortalSuperReader, "Portal Super Reader Account")

  91:  #Assign Full Read to the Super Reader

  92:  $SuperReaderPolicy.PolicyRoleBindings.Add($WebApp.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullRead))

  93:  Write-Progress -Activity "Creating Web Application" -Status "Updating Web Application Properties"

  94:  #Commit changes to the web application

  95:  $WebApp.update()

  96:  }

  97:  else

  98:  {

  99:  Write-Progress -Activity "Creating Web Application" -Status "Creating Application Pool"

 100:  #Since we have to create a new application pool, check to see if the account specified is already a managed account

 101:  if(get-spmanagedaccount $ApplicationPoolIdentity)

 102:  {

 103:  #If the specified account is already a managed account, use that account when creating a new application pool

 104:  Set-Variable -Name AppPoolManagedAccount -Value (Get-SPManagedAccount $ApplicationPoolIdentity | select username) -scope "Script"

 105:  Set-Variable -Name AppPool -Value (New-SPServiceApplicationPool -Name $ApplicationPoolDisplayName -Account $ApplicationPoolIdentity) -scope "Script"

 106:  }

 107:  else

 108:  {

 109:  #If the specified account is not already a managd account create a managed account using the credentials provided

 110:  $AppPoolCredentials = New-Object System.Management.Automation.PSCredential $ApplicationPoolIdentity, (ConvertTo-SecureString $ApplicationPoolPassword -AsPlainText -Force)

 111:  Set-Variable -Name AppPoolManagedAccount -Value (New-SPManagedAccount -Credential $AppPoolCredentials) -scope "Script"

 112:  #Create an application pool using the new managed account

 113:  Set-Variable -Name AppPool -Value (New-SPServiceApplicationPool -Name $ApplicationPoolDisplayName -Account (get-spmanagedaccount $ApplicationPoolIdentity)) -scope "Script"

 114:  }

 115:  #Check to see if the URL starts with HTTP or HTTPS. This can be used to determine the appropriate host header to assign

 116:  if($WebApplicationURL.StartsWith("http://"))

 117:  {

 118:  $HostHeader = $WebApplicationURL.Substring(7)

 119:  $HTTPPort = "80"

 120:  }

 121:  elseif($WebApplicationURL.StartsWith("https://"))

 122:  {

 123:  $HostHeader = $WebApplicationURL.Substring(8)

 124:  $HTTPPort = "443"

 125:  }

 126:  Write-Progress -Activity "Creating Web Application" -Status "Creating Web Application $WebapplicationURL"

 127:  #Create a new web application using the existing parameters, assign it to the WebApp variable such that object cache user accounts can be configured

 128:  $WebApp = New-SPWebApplication -ApplicationPool $AppPool.Name -ApplicationPoolAccount $AppPoolManagedAccount.Username -Name $WebApplicationName -url $WebApplicationURL -port $HTTPPort -DatabaseName $ContentDatabase -HostHeader $hostHeader

 129:  Write-Progress -Activity "Creating Web Application" -Status "Configuring Object Cache Accounts"

 130:  #Assign Object Cache Accounts

 131:  $WebApp.Properties["portalsuperuseraccount"] = $PortalSuperUser

 132:  $WebApp.Properties["portalsuperreaderaccount"] = $PortalSuperReader

 133:  Write-Progress -Activity "Creating Web Application" -Status "Creating Object Cache User Policies for Web Application"

 134:  #Create a New Policy for the Super User

 135:  $SuperUserPolicy = $WebApp.Policies.Add($PortalSuperUser, "Portal Super User Account")

 136:  #Assign Full Control To the Super User

 137:  $SuperUserPolicy.PolicyRoleBindings.Add($WebApp.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullControl))

 138:  #Create a New Policy for the Super Reader

 139:  $SuperReaderPolicy = $WebApp.Policies.Add($PortalSuperReader, "Portal Super Reader Account")

 140:  #ASsign Full Read to the Super Reader

 141:  $SuperReaderPolicy.PolicyRoleBindings.Add($WebApp.PolicyRoles.GetSpecialRole([Microsoft.SharePoint.Administration.SPPolicyRoleType]::FullRead))

 142:  Write-Progress -Activity "Creating Web Application" -Status "Updating Web Application Properties"

 143:  #Commit changes to the web application

 144:  $WebApp.update()

 145:  }

 146:  }

.csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }
I save the file with the filename CreateWebApplication.ps1.
I right-clicked on the Windows PowerShell icon on the taskbar and clicked on Run ISE as Administrator.

The Administrator: Windows PowerShell ISE window opens. I click on File \ Open …

I click on the CreateWebApplication.ps1 file and click Open. The script opens in the workspace.

I click on the Run Script icon.

The script ran with a single warning displayed.

I validate that the web application was created by opening the Central Administration web page and clicking on Manage web applications in the Web Applications section. You should see the new web application listed by name.

I select the Contoso Web Application and click on User Policy. The Policy for Web Application screen is displayed. I review the displayed accounts and permissions. I click OK to close the screen.

I will validate that the database for the web application was created by opening the Central Administration web page and clicking on Manage content databases in the Databases section. You should see the new database listed by name.

I also check that the database is created in SQL Server Management Studio on my SQL Server.

Labels

Installing SSL certificate on Window IIS 7 and Web interface

Install the Certificate

STEP- 2

Bind the Certificate to a website

Install any Intermediate Certificates

File Server Capacity Tool

troubleshooting Session sharing in Citrix - Flowchart

Troubleshooting Citrix and windows server Performance - Flowchart

Troubleshooting ICA Session Performance - Flowchart

Troubleshooting Printers in Citrix - Flowchart

Troubleshooting Terminal services - Flowchart

Citrix Services troubleshooting - Flowchart

Citrix Server and Services Troubleshooting Flowchart

Basic Secure Gateway Troubleshooting – Flow chart

Citrix Basic Troubleshooting

Folder Permissions

Installing Sharepoint 2013 on windows server 2012

Install Prerequisites

Install SharePoint 2013

Creating Content Databases without GUIDs in the Name

Run Configuration Wizard

Welcome Wizard

Creating Service Apps with PowerShell Scripts

Creating New Web Application with PowerShell Script

Daily Views

About me

Search This Blog

Blog Archive

Popular Posts

Contact Form

Translate

Wikipedia