Deployment For Wss3
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Deployment For Wss3

on

  • 2,562 views

 

Statistics

Views

Total Views
2,562
Views on SlideShare
2,562
Embed Views
0

Actions

Likes
0
Downloads
37
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Deployment For Wss3 Document Transcript

  • 1. Deployment for Windows SharePoint Services 3.0 technology Microsoft Corporation Published: May 2007 Author: Windows SharePoint Services IT User Assistance (o12ITdx@microsoft.com) Abstract This book provides information and guidelines to lead a team through the steps of deploying a solution based on Microsoft Windows SharePoint Services 3.0. The audiences for this book are business application specialists, line-of-business specialists, information architects, IT generalists, program managers, and infrastructure specialists who are deploying a solution based on Windows SharePoint Services 3.0. You can find information about upgrading to Windows SharePoint Services 3.0 in the book Upgrading to (http://go.microsoft.com/fwlink/? LinkId=85554&clcid=0x409). The content in this book is a copy of selected content in the Windows SharePoint Services technical library (http://go.microsoft.com/fwlink/?LinkId=81199) as of the date above. For the most current content, see the technical library on the Web.
  • 2. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Access, Active Directory, Excel, Groove, InfoPath, Internet Explorer, OneNote, Outlook, PowerPoint, SharePoint, SQL Server, Visio, Windows, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
  • 3. Contents Deployment for Windows SharePoint Services 3.0 technology..........................................1 Abstract.......................................................................................................................1 Contents.............................................................................................................................3 Roadmap to Windows SharePoint Services 3.0 content....................................................8 Windows SharePoint Services 3.0 content by audience.................................................8 Windows SharePoint Services 3.0 IT professional content by stage of the IT life cycle ..................................................................................................................................10 Evaluate....................................................................................................................11 Plan...........................................................................................................................11 Deploy.......................................................................................................................13 Operate.....................................................................................................................14 Security and Protection.............................................................................................15 Technical Reference..................................................................................................15 Solutions....................................................................................................................16 I. End -to-end deployment scenarios (Windows SharePoint Services)...........................17 Chapter overview: End-to-end deployment scenarios (Windows SharePoint Services)...18 Install Windows SharePoint Services 3.0 on a stand-alone computer.............................19 Hardware and software requirements...........................................................................20 Configure the server as a Web server..........................................................................20 Install and configure IIS.............................................................................................20 Install the Microsoft .NET Framework version 3.0.....................................................21 Enable ASP.NET 2.0.................................................................................................21 Install and configure Windows SharePoint Services 3.0 with Windows Internal Database...................................................................................................................22 Post-installation steps...................................................................................................24 Deploy in a simple server farm (Windows SharePoint Services)......................................26 Deployment overview...................................................................................................26 Deploying Windows SharePoint Services 3.0 in a DBA environment.....................27 Suggested topologies................................................................................................27 Before you begin deployment....................................................................................27 Overview of the deployment process.........................................................................28 Phase 1: Deploy and configure the server infrastructure.......................................28 Phase 2: Deploy and configure SharePoint site collections and sites....................29 Deploy and configure the server infrastructure.............................................................29 Prepare the database server.....................................................................................29 SQL Server and database collation........................................................................29 Required accounts.................................................................................................30 Verify that servers meet hardware and software requirements.................................30 Install and configure IIS..........................................................................................31
  • 4. Install the Microsoft .NET Framework version 3.0..................................................31 Enable ASP.NET 2.0..............................................................................................32 Run Setup on all servers in the farm.........................................................................32 Run Setup on the first server.................................................................................32 Run the SharePoint Products and Technologies Configuration Wizard.................34 Add servers to the farm..........................................................................................36 Run the SharePoint Products and Technologies Configuration Wizard on additional servers................................................................................................................36 Start the Windows SharePoint Services Search service...........................................37 Perform additional configuration tasks..........................................................................38 Create a site collection and a SharePoint site..............................................................39 Configure the trace log..............................................................................................43 Deploy using DBA-created databases (Windows SharePoint Services)..........................45 About deploying by using DBA-created databases.......................................................45 Required database hardware and software..................................................................46 Required accounts........................................................................................................47 Create and configure the databases.............................................................................48 II. Deploy Windows SharePoint Services 3.0 in a server farm environment.....................51 A. Install Windows SharePoint Services 3.0 for a server farm environment....................52 Chapter overview: Install Windows SharePoint Services 3.0 for a server farm environment..................................................................................................................53 Suggested topologies...................................................................................................53 Before you begin deployment.......................................................................................54 Overview of the deployment process............................................................................55 Phase 1: Deploy and configure the server infrastructure...........................................55 Phase 2: Deploy and configure SharePoint site collections and sites.......................55 Prepare the database servers (Windows SharePoint Services).......................................56 SQL Server and database collation..............................................................................57 Required accounts........................................................................................................57 Preinstall databases (optional)......................................................................................57 Prepare the front-end Web servers (Windows SharePoint Services)...............................58 Install the Microsoft .NET Framework version 3.0........................................................58 Enable ASP.NET 2.0....................................................................................................59 Install Windows SharePoint Services 3.0 and run the SharePoint Products and Technologies configuration wizard................................................................................60 Run Setup on the first server........................................................................................60 Run the SharePoint Products and Technologies Configuration Wizard.....................61 Add servers to the farm.............................................................................................63 Run the SharePoint Products and Technologies Configuration Wizard on additional servers...................................................................................................................64 Start the Windows SharePoint Services Search service...............................................65 Deploy language packs (Windows SharePoint Services 3.0)...........................................66 About language IDs and language packs.....................................................................67
  • 5. Preparing your front-end Web servers for language packs...........................................68 Installing language packs on your front-end Web servers............................................70 Uninstalling language packs..................................................................................71 B. Perform additional configuration tasks........................................................................73 Chapter overview: Perform additional configuration tasks (Windows SharePoint Services) ......................................................................................................................................74 Configure additional administrative settings..................................................................74 Configure incoming e-mail settings (Windows SharePoint Services)...............................76 Install and configure the SMTP service.........................................................................77 Start the Windows SharePoint Services Web Application service.............................77 Install the SMTP service............................................................................................78 Configure the SMTP service......................................................................................78 Add an SMTP connector in Exchange Server...........................................................79 Configure Active Directory............................................................................................79 Configure permissions to the e-mail drop folder...........................................................81 Configure e-mail drop folder permissions for the logon account for the Windows SharePoint Services Timer service........................................................................81 Configure e-mail drop folder permissions for the application pool account for a Web application..............................................................................................................82 Configure DNS Manager...............................................................................................83 Configure attachments from Outlook 2003...................................................................84 Configure incoming e-mail settings...............................................................................84 Configuring incoming e-mail on SharePoint sites.........................................................86 Configure outgoing e-mail settings (Windows SharePoint Services)................................87 Install and configure the SMTP service.........................................................................87 Install the SMTP service............................................................................................87 Configure the SMTP service......................................................................................88 Configure outgoing e-mail settings...............................................................................89 Configure outgoing e-mail settings for a specific Web application (Windows SharePoint Services).......................................................................................................................90 Install and configure the SMTP service.........................................................................90 Install the SMTP service............................................................................................90 Configure the SMTP service......................................................................................91 Configure outgoing e-mail settings...............................................................................92 Configure workflow settings (Windows SharePoint Services)..........................................93 Configuring workflow settings.......................................................................................93 Configure diagnostic logging settings (Windows SharePoint Services)...........................95 Customer Experience Improvement Program...............................................................95 Error reports..................................................................................................................95 Event throttling..............................................................................................................96 Configuring diagnostic logging settings.........................................................................98 Configure anti-virus settings (Windows SharePoint Services)........................................100 Administrative credentials...........................................................................................100
  • 6. Configure Web SSO authentication by using ADFS (Windows SharePoint Services). . .102 About federated authentication systems.....................................................................102 Before you begin.........................................................................................................102 Configuring your extranet Web application to use Web SSO authentication..............103 Allowing users access to your extranet Web site........................................................105 About using Central Administration.........................................................................107 Working with the People Picker..................................................................................107 Working with groups and organizational group claims................................................108 Run the Best Practices Analyzer Tool (Windows SharePoint Services).........................111 C. Deploy and configure SharePoint sites ........................................................112 Chapter overview: Deploy and configure SharePoint sites (Windows SharePoint Services).....................................................................................................................113 Create or extend Web applications (Windows SharePoint Services).............................115 Create a new Web application....................................................................................115 Extend an existing Web application............................................................................118 Configure alternate access mapping (Windows SharePoint Services)...........................120 Manage alternate access mappings...........................................................................120 Add an internal URL...................................................................................................120 Edit or delete an internal URL.....................................................................................121 Edit public URLs.........................................................................................................121 Map to an external resource.......................................................................................121 Create zones for Web applications (Windows SharePoint Services).............................123 Create a new zone......................................................................................................123 View existing zones....................................................................................................123 Create quota templates (Windows SharePoint Services)...............................................125 Create a new quota template......................................................................................125 Edit an existing quota template...................................................................................126 Delete a quota template..............................................................................................126 Installing application templates for Windows SharePoint Services 3.0..........................128 Site Admin Templates.................................................................................................128 Server Admin Templates............................................................................................129 Create site collections (Windows SharePoint Services).................................................132 Prepare to crawl host-named sites that use Basic authentication..................................133 Solution prerequisites.................................................................................................133 High-level solution overview.......................................................................................134 High-level steps.......................................................................................................135 Deploy the solution.....................................................................................................136 Extend the Web application.....................................................................................137 Map site names to static IP addresses in DNS........................................................138 Grant user permissions...........................................................................................140 Prepare to crawl host-named sites that use forms authentication..................................141
  • 7. Solution prerequisites.................................................................................................141 High-level solution overview.......................................................................................143 High-level steps.......................................................................................................144 Deploy the solution.....................................................................................................144 Add configuration settings to the applicable Web.config files..................................146 Extend the Web application.....................................................................................148 Map site names to static IP addresses in DNS........................................................149 Grant user permissions...........................................................................................151 Add site content (Windows SharePoint Services)..........................................................152 Use Web site designers to design and add content....................................................152 Migrate content from another site...............................................................................153 Allow users to add content directly.............................................................................153 Enable access for end users (Windows SharePoint Services).......................................154 Add site collection administrators...............................................................................155 Add site owners or other users...................................................................................155 III. Pre-release versions (Windows SharePoint Services).............................................157 Installing Windows SharePoint Services 3.0 for Beta 2 Technical Refresh....................158 How to install the Beta 2 Technical Refresh update in a new installation...................158 How to upgrade an existing Beta 2 installation to Beta 2 Technical Refresh..............162 How to upgrade from Windows SharePoint Services 2.0 to Beta 2 Technical Refresh ................................................................................................................................165 Known issues..............................................................................................................169 Immediately after applying the update, browsing to the content site returns quot;Server error in / applicationquot;............................................................................................169 Incorrect or otherwise misleading instructions may be seen during Setup..............171 Resolving issues with custom site definitions..........................................................171 Resolve quot;error in Web Partquot; error message.............................................................172 Recover the SharePoint Search Service after upgrade...........................................172 Windows Workflow Foundation error.......................................................................173 Error message received after update is complete...................................................173 Appendixes.................................................................................................................173 Best practices for planning to update......................................................................173 Use Config.xml to customize update installation.....................................................175 Upgrade strategies for different server configurations.............................................176 Stand-alone server...............................................................................................176 Server farm..........................................................................................................176 What happens during update..................................................................................178 What happens during upgrade................................................................................179 How to detect upgrade completion..........................................................................179 Upgrading from Windows SharePoint Services 3.0 Beta 2 Technical Refresh to Release Version........................................................................................................................180 Prepare for upgrade....................................................................................................180 Uninstall Beta 2 Technical Refresh.............................................................................182 Install the release version of Windows SharePoint Services 3.0................................183 Uninstall and reinstall Microsoft .NET Framework 3.0................................................185
  • 8. 8 Roadmap to Windows SharePoint Services 3.0 content In this article: • Windows SharePoint Services 3.0 content by audience • Windows SharePoint Services 3.0 IT professional content by stage of the IT life cycle Windows SharePoint Services 3.0 content by audience Each audience for Microsoft Windows SharePoint Services 3.0 can go to a specific Web site for content that is tailored to that audience. The following table lists the audiences and provides links to the content for each audience.
  • 9. 9 Information Workers IT Professionals Developers Content available on Content available on: Content available on: Office Online TechNet MSDN • Home • TechCenter — a • Developer page — a central portal for IT Center — a central central portal for professional resources portal for Developer Information (http://go.microsoft.co resources Worker m/fwlink/? (http://go.microsoft.co resources (http:// LinkID=73953&clcid= m/fwlink/? go.microsoft.co 0x409) LinkId=88910&clcid=0 m/fwlink/? • Technical x409) LinkId=88898&c Library — an index for • MSDN Library — lcid=0x409) IT professional content an index for Developer • Help and (http://go.microsoft.co content How — an index m/fwlink/? (http://go.microsoft.co for Information LinkId=88902&clcid= m/fwlink/? Worker content 0x409) LinkID=86923&clcid= (http://go.micros • Newly published 0x409) oft.com/fwlink/? content — an article LinkId=88899&c that lists new or lcid=0x409) updated content in the Technical Library (http://go.microsoft.co m/fwlink/? LinkId=88906&clcid= 0x409) • Downloadable books — an article that lists the books available for download (http://go.microsoft.co m/fwlink/? LinkId=88907&clcid= 0x409)
  • 10. 10 Additionally, there is information for all users of SharePoint Products and Technologies at the community and blog sites listed in the following table. Community content and blogs • SharePoint Products and Technologies community portal — a central place for community information (blogs, newsgroups, etc.) about SharePoint Products and Technologies (http://go.microsoft.com/fwlink/? LinkId=88915&clcid=0x409) • SharePoint Products and Technologies team blog — a group blog from the teams who develop the SharePoint Products and Technologies (http://go.microsoft.com/fwlink/? LinkId=88916&clcid=0x409) • Support Center for Microsoft Windows SharePoint Services 3.0 — a central place for issues and solutions from Microsoft Help and Support (http://go.microsoft.com/fwlink/? LinkId=89561&clcid=0x409) Windows SharePoint Services 3.0 IT professional content by stage of the IT life cycle IT Professional content for Windows SharePoint Services 3.0 includes content appropriate for each stage of the IT life cycle — evaluate, plan, deploy, and operate — plus technical reference content. The following sections describe each stage in the IT life cycle and list the content available to assist IT professionals during that stage. The most up-to-date content is always available on the TechNet Web site. We also offer downloadable books that cover each stage of the IT life cycle, plus books that cover all stages of the life cycle for a specific solution. For an updated list, see Downloadable books for Windows SharePoint Services (http://go.microsoft.com/fwlink/?LinkId=88907&clcid=0x409).
  • 11. 11 Evaluate During the evaluation stage, IT professionals (including decision makers, solution architects, and system architects) focus on understanding a new technology and evaluate how it can help them address their business needs. The following table lists resources that are available to help you evaluate Windows SharePoint Services 3.0. Content Description Links Online Includes the most Evaluation for Windows SharePoint Services 3.0 content up-to-date content. technology (http://go.microsoft.com/fwlink/? The Technical LinkID=88902&clcid=0x409) Library on TechNet is continually refreshed with new and updated content. Evaluation Provides an Windows SharePoint Services 3.0 Evaluation Guide Guide overview, (http://go.microsoft.com/fwlink/? information about LinkId=86962&clcid=0x409) what's new, and conceptual information for understanding Windows SharePoint Services 3.0. Plan During the planning stage, IT professionals have different needs depending on their role within an organization. If you are focused on designing a solution, including determining the structure, capabilities, and information architecture for a site, you might want information that helps you to determine which capabilities of Windows SharePoint Services 3.0 you want to take advantage of, and that helps you to plan for those capabilities and to tailor the solution to your organization's needs. On the other hand, if you are focused on the hardware and network environment for your solution, you might want information that helps you to structure the server topology, plan authentication methods, and understand
  • 12. 12 system requirements for Windows SharePoint Services 3.0. We have planning content, including worksheets, to address both of these needs. The following table lists resources that are available to help you plan for using Windows SharePoint Services 3.0. Content Description Links Online Includes the most Planning and architecture for Windows SharePoint content up-to-date Services 3.0 (http://go.microsoft.com/fwlink/? content. The LinkId=88954&clcid=0x409) Technical Library on TechNet is continually refreshed with new and updated content. Planning Provides in-depth Planning and architecture for Guide, Part 1 planning (http://go.microsoft.com/fwlink/?LinkId=79600) information for application administrators who are designing a solution based on Windows SharePoint Services 3.0. Planning Provides in-depth Planning and architecture for Guide, Part 2 planning (http://go.microsoft.com/fwlink/?LinkId=85553) information for IT professionals who are designing the environment to host a solution based on Windows SharePoint Services 3.0.
  • 13. 13 Deploy During the deployment stage, you configure your environment, install Windows SharePoint Services 3.0, and then start creating SharePoint sites. Depending on your environment and your solution, you may have several configuration steps to perform for your servers, for your Shared Services Providers, and for your sites. Additionally, you may have templates, features, or other custom elements to deploy into your environment. The process of upgrading from a previous-version product, such as Microsoft Office SharePoint Portal Server 2003, Microsoft Content Management Server 2002, or Microsoft Windows SharePoint Services, is also part of the deployment stage of the IT life cycle. We have content that addresses planning for upgrade, performing the upgrade, and performing post-upgrade steps. The following table lists resources that are available to help you deploy or upgrade to Windows SharePoint Services 3.0. Content Description Links Online Includes the most Deployment for Windows SharePoint Services 3.0 content up-to-date (http://go.microsoft.com/fwlink/? content. The LinkID=80752&clcid=0x409) Technical Library on TechNet is continually refreshed with new and updated content. Deployment Provides in-depth Deployment for (http://go.microsoft.com/fwlink/? Guide deployment LinkID=79602) information for Windows SharePoint Services 3.0.
  • 14. 14 Content Description Links Upgrade Provides overview Upgrading to (http://go.microsoft.com/fwlink/? Guide and in-depth LinkId=85554) information for upgrading from a previous version product to Windows SharePoint Services 3.0. Migration Provides cross- Migration and Upgrade Information for SharePoint and Upgrade audience (IT and Developers for developer) SharePoint information for (http://go.microsoft.com/fwlink/? Developers migration and LinkId=89129&clcid=0x409) upgrade from a previous version product to Windows SharePoint Services 3.0. Operate After deployment, in which you install and configure your environment, you move to the operations stage. During this stage, you are focused on the day-to-day monitoring, maintenance, and tuning of your environment. The following table lists resources that are available to help with day-to-day operations for Windows SharePoint Services 3.0.
  • 15. 15 Content Description Links Online Includes the most Operations for Windows SharePoint Services 3.0 content up-to-date (http://go.microsoft.com/fwlink/? content. The LinkId=89152&clcid=0x409) Technical Library on TechNet is continually refreshed with new and updated content. Security and Protection Because security and protection are concerns during all phases of the IT life cycle, appropriate content for security and protection is included in the content for each life cycle stage. However, an aggregate view of this content is provided in a Security and Protection section of the documentation. The following table lists resources that are available to help you understand security and protection for Windows SharePoint Services 3.0. Content Description Links Online Includes the most Security and protection for Windows SharePoint Services content up-to-date 3.0 (http://go.microsoft.com/fwlink/? content. The LinkId=89154&clcid=0x409) Technical Library on TechNet is continually refreshed with new and updated content. Technical Reference Technical reference information supports the content for each of the IT life cycle stages by providing the technical information you need to work with Windows SharePoint Services 3.0. For example, the Technical Reference content has information about how permissions work, how to perform operations from the command line, and how to use Setup.exe from the command line.
  • 16. 16 The following table lists resources that are available to help you work with Windows SharePoint Services 3.0. Content Description Links Online Includes the most Technical Reference for Windows SharePoint Services 3.0 content up-to-date (http://go.microsoft.com/fwlink/? content. The LinkID=88902&clcid=0x409) Technical Library on TechNet is continually refreshed with new and updated content. Solutions In addition to these IT life cycle-specific resources, we also offer several solution guides that help you plan, deploy, and operate a specific type of solution based on Windows SharePoint Services 3.0. For a current list of solution guides for Windows SharePoint Services 3.0, see Downloadable books for Windows SharePoint Services 3.0 (http://go.microsoft.com/fwlink/?LinkId=89165&clcid=0x409).
  • 17. 17 I. End -to-end deployment scenarios (Windows SharePoint Services)
  • 18. 18 Chapter overview: End-to-end deployment scenarios (Windows SharePoint Services) This chapter provides information and directions for deploying Microsoft Windows SharePoint Services 3.0 as an end-to-end solution, whether on a single computer or in a simple server farm. This chapter does not discuss more complex deployments. For information about deploying Windows SharePoint Services 3.0 in a large server farm, see Deploy Windows SharePoint Services 3.0 in a server farm environment. The articles in this chapter include: • Install Windows SharePoint Services 3.0 on a stand-alone computer discusses how to install Windows SharePoint Services 3.0 on a single server computer. A stand-alone configuration is useful if you want to evaluate Windows SharePoint Services 3.0 features and capabilities, such as collaboration, document management, and search. A stand-alone configuration is also useful if you are deploying a small number of Web sites and you want to minimize administrative overhead. • Deploy in a simple server farm (Windows SharePoint Services) discusses how to do a clean installation of Windows SharePoint Services 3.0 in a server farm environment. You can deploy in a server farm environment if you are hosting a large number of sites, if you want the best possible performance, or if you want the scalability of a multi-tier topology. A server farm consists of one or more servers dedicated to running the Windows SharePoint Services 3.0 applications. • Deploy using DBA-created databases (Windows SharePoint Services) discusses how to deploy Windows SharePoint Services 3.0 in an environment in which database administrators create and manage databases. This article discusses how database administrators (DBAs) can create these databases and how farm administrators configure them. The deployment includes all the required databases and one portal site.
  • 19. 19 Install Windows SharePoint Services 3.0 on a stand-alone computer In this article: • Hardware and software requirements • Configure the server as a Web server • Install and configure Windows SharePoint Services 3.0 with Windows Internal Database • Post-installation steps Important This document discusses how to install Windows SharePoint Services 3.0 on a single computer as a stand-alone installation. It does not cover installing Windows SharePoint Services 3.0 in a farm environment, upgrading from previous releases of Windows SharePoint Services 3.0, or how to upgrade from SharePoint Portal Server 2003. For information about how to do this, see the following articles: • Deploy in a simple server farm (Windows SharePoint Services) • Upgrading to Windows SharePoint Services 3.0 You can quickly publish a SharePoint site by deploying Windows SharePoint Services 3.0 on a single server computer. A stand-alone configuration is useful if you want to evaluate Windows SharePoint Services 3.0 features and capabilities, such as collaboration, document management, and search. A stand-alone configuration is also useful if you are deploying a small number of Web sites and you want to minimize administrative overhead. When you deploy Windows SharePoint Services 3.0 on a single server using the default settings, the Setup program automatically installs the Windows internal Database uses it to create the configuration database and content database for your SharePoint sites. Windows Internal Database uses SQL Server technology as a relational data store for Windows roles and features only, such as Windows SharePoint Services, Active Directory Rights Management Services, UDDI Services, Windows Server Update Services, and Windows System Resources Manager.. In addition, Setup installs the SharePoint Central Administration Web site and creates your first SharePoint site collection and site.
  • 20. 20 Note There is no direct upgrade from a stand-alone installation to a farm installation. Hardware and software requirements Before you install and configure Windows SharePoint Services 3.0, be sure that your servers have the required hardware and software. For more information about these requirements, see Determine hardware and software requirements (Windows SharePoint Services). Configure the server as a Web server Before you install and configure Windows SharePoint Services 3.0, you must install and configure the required software. This includes installing and configuring Internet Information Services (IIS) so your computer acts as a Web server, installing the Microsoft .NET Framework version 3.0, and enabling ASP.NET 2.0. Install and configure IIS Internet Information Services (IIS) is not installed or enabled by default in the Microsoft Windows Server 2003 operating system. To make your server a Web server, you must install and enable IIS, and you must ensure that IIS is running in IIS 6.0 worker process isolation mode. Install and configure IIS 1. Click Start, point to All Programs, point to Administrative Tools, and then click Configure Your Server Wizard. 2. On the Welcome to the Configure Your Server Wizard page, click Next. 3. On the Preliminary Steps page, click Next. 4. On the Server Role page, click Application server (IIS, ASP.NET), and then click Next. 5. On the Application Server Options page, click Next. 6. On the Summary of Selections page, click Next. 7. Click Finish. 8. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 9. In the IIS Manager tree, click the plus sign (+) next to the server name, right- click the Web Sites folder, and then click Properties. 10. In the Web Sites Properties dialog box, click the Service tab.
  • 21. 21 11. In the Isolation mode section, clear the Run WWW service in IIS 5.0 isolation mode check box, and then click OK. Note The Run WWW in IIS 5.0 isolation mode check box is only selected if you have upgraded to IIS 6.0 on Windows Server 2003 from IIS 5.0 on Microsoft Windows 2000. New installations of IIS 6.0 use IIS 6.0 worker process isolation mode by default. Install the Microsoft .NET Framework version 3.0 Go to the Microsoft Download Center Web site (http://go.microsoft.com/fwlink/? LinkID=72322&clcid=0x409), and on the Microsoft .NET Framework 3.0 Redistributable Package page, follow the instructions for downloading and installing the .NET Framework version 3.0. There are separate downloads for x86-based computers and x64-based computers. Be sure to download and install the appropriate version for your computer. The .NET Framework version 3.0 download contains the Windows Workflow Foundation technology, which is required by workflow features. Enable ASP.NET 2.0 ASP.NET 2.0 is required for proper functioning of Web content, the Central Administration Web Site, and many other features and functions of Windows SharePoint Services 3.0. Enable ASP.NET 2.0 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In the Internet Information Services tree, click the plus sign (+) next to the server name, and then click the Web Service Extensions folder. 3. In the details pane, right-click ASP.NET v2.0.50727, and then click Allow.
  • 22. 22 Install and configure Windows SharePoint Services 3.0 with Windows Internal Database When you install Windows SharePoint Services 3.0 on a single server, run the Setup program using the Basic option. This option uses the Setup program's default parameters to install Windows SharePoint Services 3.0 and Windows Internal Database. Windows Internal Database uses SQL Server technology as a relational data store for Windows roles and features only, such as Windows SharePoint Services, Active Directory Rights Management Services, UDDI Services, Windows Server Update Services, and Windows System Resources Manager.. Note If you uninstall Windows SharePoint Services 3.0, and then later install Windows SharePoint Services 3.0 on the same computer, the Setup program could fail when creating the configuration database causing the entire installation process to fail. You can prevent this failure by either deleting all the existing Windows SharePoint Services 3.0 databases on the computer or by creating a new configuration database. You can create a new configuration database by running the following command: psconfig -cmd configdb -create -database <uniquename> Run Setup 1. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue. 2. On the Choose the installation you want page, click Basic to install to the default location. To install to a different location, click Advanced, and then on the Data Location tab, specify the location you want to install to and finish the installation. 3. When Setup finishes, a dialog box prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected. 4. Click Close to start the configuration wizard. Run the SharePoint Products and Technologies Configuration Wizard 1. On the Welcome to SharePoint Products and Technologies page, click Next. 2. In the dialog box that notifies you that some services might need to be restarted or reset during configuration, click Yes. 3. On the Configuration Successful page, click Finish. Your new SharePoint site opens. Note
  • 23. 23 If you are prompted for your user name and password, you might need to add the SharePoint site to the list of trusted sites and configure user authentication settings in Internet Explorer. Instructions for configuring these settings are provided in the following procedure. Note If you see a proxy server error message, you might need to configure your proxy server settings so that local addresses bypass the proxy server. Instructions for configuring proxy server settings are provided later in this section. Add the SharePoint site to the list of trusted sites 1. In Internet Explorer, on the Tools menu, click Internet Options. 2. On the Security tab, in the Select a Web content zone to specify its security settings box, click Trusted Sites, and then click Sites. 3. Clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL to your site, and then click Add. 5. Click Close to close the Trusted Sites dialog box. 6. Click OK to close the Internet Options dialog box. If you are using a proxy server in your organization, use the following steps to configure Internet Explorer to bypass the proxy server for local addresses. Configure proxy server settings to bypass the proxy server for local addresses 1. In Internet Explorer, on the Tools menu, click Internet Options. 2. On the Connections tab, in the Local Area Network (LAN) settings area, click LAN Settings. 3. In the Automatic configuration section, clear the Automatically detect settings check box. 4. In the Proxy Server section, select the Use a proxy server for your LAN check box. 5. Type the address of the proxy server in the Address box. 6. Type the port number of the proxy server in the Port box. 7. Select the Bypass proxy server for local addresses check box. 8. Click OK to close the Local Area Network (LAN) Settings dialog box. 9. Click OK to close the Internet Options dialog box.
  • 24. 24 Post-installation steps After Setup finishes, your browser window opens to the home page of your new SharePoint site. Although you can start adding content to the site or you can start customizing the site, we recommend that you perform the following administrative tasks by using the SharePoint Central Administration Web site. • Configure incoming e-mail settings You can configure incoming e- mail settings so that SharePoint sites accept and archive incoming e-mail. You can also configure incoming e-mail settings so that SharePoint sites can archive e-mail discussions as they happen, save e-mailed documents, and show e-mailed meetings on site calendars. In addition, you can configure the SharePoint Directory Management Service to provide support for e-mail distribution list creation and management. For more information, see Configure incoming e-mail settings (Windows SharePoint Services) • Configure outgoing e-mail settings You can configure outgoing e- mail settings so that your Simple Mail Transfer Protocol (SMTP) server sends e-mail alerts to site users and notifications to site administrators. You can configure both the quot;Fromquot; e-mail address and the quot;Replyquot; e-mail address that appear in outgoing alerts. For more information, see Configure outgoing e-mail settings (Windows SharePoint Services). • Configure diagnostic logging settings You can configure several diagnostic logging settings to help with troubleshooting. This includes enabling and configuring trace logs, event messages, user-mode error messages, and Customer Experience Improvement Program events. For more information, see Configure diagnostic logging settings (Windows SharePoint Services). • Configure antivirus protection settings You can configure several antivirus settings if you have an antivirus program that is designed for Windows SharePoint Services 3.0. Antivirus settings enable you to control whether documents are scanned on upload or download and whether users can download infected documents. You can also specify how long you want the antivirus program to run before it times out, and you can specify how many execution threads the antivirus program can use on the server. For more information, seeConfigure anti-virus settings (Windows SharePoint Services). • Create SharePoint sites When Setup finishes, you have a single Web application that contains a single SharePoint site collection that hosts a SharePoint site. You can create more SharePoint sites collections, sites, and Web applications if your site design requires multiple sites or multiple
  • 25. 25 Web applications. For more information, see Deploy and configure SharePoint sites [Windows SharePoint Services]. Perform administrator tasks by using the Central Administration site 1. Click Start, point to All Programs, point to Administrator Tools, and then click SharePoint 3.0 Central Administration. 2. On the Central Administration home page, under Administrator Tasks, click the task you want to perform. 3. On the Administrator Tasks page, next to Action, click the task.
  • 26. 26 Deploy in a simple server farm (Windows SharePoint Services) In this article: • Deployment overview • Deploy and configure the server infrastructure • Perform additional configuration tasks • Create a site collection and a SharePoint site • Configure the trace log Deployment overview Important This article discusses how to do a clean installation of Microsoft Windows SharePoint Services 3.0 in a server farm environment. It does not cover upgrading from previous releases of Windows SharePoint Services 3.0 or from previous releases of Microsoft Windows SharePoint Services. For more information about upgrading from a previous release of Windows SharePoint Services, see Upgrading to Windows SharePoint Services 3.0. Note This article does not cover installing Windows SharePoint Services 3.0 on a single computer as a stand-alone installation. For more information, see Install Windows SharePoint Services 3.0 on a stand-alone computer. You can deploy Windows SharePoint Services 3.0 in a server farm environment if you are hosting a large number of sites, if you want the best possible performance, or if you want the scalability of a multi-tier topology. A server farm consists of one or more servers dedicated to running the Windows SharePoint Services 3.0 application. Note There is no direct upgrade from a stand-alone installation to a farm installation. Because a server farm deployment of Windows SharePoint Services 3.0 is more complex than a stand-alone deployment, we recommend that you plan your deployment. Planning your deployment can help you to gather the information
  • 27. 27 you need and to make important decisions before beginning to deploy. For information about planning, see Planning and architecture for Windows SharePoint Services 3.0 technology. Deploying Windows SharePoint Services 3.0 in a DBA environment In many IT environments, database creation and management are handled by the database administrator (DBA). Security and other policies might require that the DBA create the databases required by Windows SharePoint Services 3.0. For more information about deploying using DBA-created databases, including detailed procedures that describe how the DBA can create these databases, see Deploy using DBA-created databases (Windows SharePoint Services). Suggested topologies Server farm environments can encompass a wide range of topologies and can include many servers or as few as two servers. A server farm typically consists of a database server running either Microsoft SQL Server 2005 or Microsoft SQL Server 2000 with the most recent service pack, and one or more servers running Internet Information Services (IIS) and Windows SharePoint Services 3.0. In this configuration, the front-end servers are configured as Web servers. The Web server role provides Web content and services such as search. A large server farm typically consists of two or more clustered database servers, several load-balanced front-end Web servers running IIS and Windows SharePoint Services 3.0, and two or more servers providing search services. Before you begin deployment This section provides information about actions that you must perform before you begin deployment. • To deploy Windows SharePoint Services 3.0 in a server farm environment, you must provide credentials for several different accounts. For information about these accounts, see Plan for administrative and service accounts (Windows SharePoint Services). • You must install Windows SharePoint Services 3.0 on the same drive on all load-balanced front-end Web servers.
  • 28. 28 • All the instances of Windows SharePoint Services 3.0 in the farm must be in the same language. For example, you cannot have both an English version of Windows SharePoint Services 3.0 and a Japanese version of Windows SharePoint Services 3.0 in the same farm. • You must install Windows SharePoint Services 3.0 on a clean installation of the Microsoft Windows Server 2003 operating system with the most recent service pack. If you uninstall a previous version of Windows SharePoint Services 3.0, and then install Windows SharePoint Services 3.0, Setup might fail to create the configuration database and the installation will fail. Note We recommend that you read the Known Issues/Readme documentation before you install Windows SharePoint Services 3.0 on a domain controller. Installing Windows SharePoint Services 3.0 on a domain controller requires additional configuration steps that are not discussed in this article. Overview of the deployment process The deployment process consists of two phases: deploying and configuring the server infrastructure, and deploying and configuring SharePoint site collections and sites. Phase 1: Deploy and configure the server infrastructure Deploying and configuring the server infrastructure consists of the following steps: • Preparing the database server. • Preinstalling databases (optional). • Verifying that the servers meet hardware and software requirements. • Running Setup on all servers you want to be in the farm, including running the SharePoint Products and Technologies Configuration Wizard. • Starting the Windows SharePoint Services Search service.
  • 29. 29 Phase 2: Deploy and configure SharePoint site collections and sites Deploying and configuring SharePoint site collections and sites consists of the following steps: • Creating site collections. • Creating SharePoint sites. Deploy and configure the server infrastructure Prepare the database server The database server computer must be running Microsoft SQL Server 2005 or Microsoft SQL Server 2000 with Service Pack 3a (SP3a) or later. The Windows SharePoint Services 3.0 Setup program automatically creates the necessary databases when you install and configure Windows SharePoint Services 3.0. Optionally, you can preinstall the required databases if your IT environment or policies require this. For more information about prerequisites, see Determine hardware and software requirements (Windows SharePoint Services). If you are using SQL Server 2005, you must also change the surface area settings. Configure surface area settings in SQL Server 2005 1. Click Start, point to All Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Surface Area Configuration. 2. In the SQL Server 2005 Surface Area Configuration dialog box, click Surface Area Configuration for Services and Connections. 3. In the tree view, expand the node for your instance of SQL Server, expand the Database Engine node, and then click Remote Connections. 4. Select Local and Remote Connections, select Using both TCP/IP and named pipes, and then click OK. SQL Server and database collation The SQL Server collation must be configured for case-insensitive. The SQL Server database collation must be configured for case-insensitive, accent- sensitive, Kana-sensitive, and width-sensitive. This is used to ensure file name
  • 30. 30 uniqueness consistent with the Windows operating system. For more information about collations, see quot;Selecting a SQL Collationquot; or quot;Collation Settings in Setupquot; in SQL Server Books Online. Required accounts The following table describes the accounts that are used to configure Microsoft SQL Server and to install Windows SharePoint Services 3.0. For more information about the required accounts, including specific privileges required for these accounts, see Plan for administrative and service accounts [Windows SharePoint Services]. Login Notes Setup user account The account that is used to run Setup on each server computer. Farm search service account The service account for the Windows SharePoint Services Search service. There is only one instance of this service in the server farm. Application pool process account Used to access content databases associated with the Web application. Verify that servers meet hardware and software requirements Before you install and configure Windows SharePoint Services 3.0, be sure that your servers have the recommended hardware and software. To deploy a server farm, you need at least one server computer acting as a Web server and an application server, and one server computer acting as a database server. For more information about these requirements, see Determine hardware and software requirements (Windows SharePoint Services).
  • 31. 31 Important Windows SharePoint Services 3.0 requires Active Directory directory services for farm deployments. Therefore Windows SharePoint Services 3.0 cannot be installed in a farm on a Microsoft Windows NT Server 4.0 domain. Install and configure IIS Internet Information Services (IIS) is not installed or enabled by default in the Microsoft Windows Server 2003 operating system. To make your server a Web server, you must install and enable IIS, and you must ensure that IIS is running in IIS 6.0 worker process isolation mode. Install and configure IIS 1. Click Start, point to All Programs, point to Administrative Tools, and then click Configure Your Server Wizard. 2. On the Welcome to the Configure Your Server Wizard page, click Next. 3. On the Preliminary Steps page, click Next. 4. On the Server Role page, click Application server (IIS, ASP.NET), and then click Next. 5. On the Application Server Options page, click Next. 6. On the Summary of Selections page, click Next. 7. Click Finish. 8. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 9. In the IIS Manager tree, click the plus sign (+) next to the server name, right- click the Web Sites folder, and then click Properties. 10. In the Web Sites Properties dialog box, click the Service tab. 11. In the Isolation mode section, clear the Run WWW service in IIS 5.0 isolation mode check box, and then click OK. Note The Run WWW in IIS 5.0 isolation mode check box is only selected if you have upgraded to IIS 6.0 on Windows Server 2003 from IIS 5.0 on Microsoft Windows 2000. New installations of IIS 6.0 use IIS 6.0 worker process isolation mode by default. Install the Microsoft .NET Framework version 3.0 Go to the Microsoft Download Center Web site (http://go.microsoft.com/fwlink/? LinkID=72322&clcid=0x409), and on the Microsoft .NET Framework 3.0 Redistributable Package page, follow the instructions for downloading and installing the Microsoft .NET Framework version 3.0. There are separate downloads for x86-based computers and x64-based computers. Be sure to download and install the appropriate version for your computer. The Microsoft
  • 32. 32 .NET Framework version 3.0 download contains the Windows Workflow Foundation technology, which is required by workflow features. Enable ASP.NET 2.0 You must enable ASP.NET 2.0 on all servers. Enable ASP.NET 2.0 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In the IIS Manager tree, click the plus sign (+) next to the server name, and then click the Web Service Extensions folder. 3. In the details pane, click ASP.NET v2.0.50727, and then click Allow. Run Setup on all servers in the farm Run Setup and then the SharePoint Products and Technologies Configuration Wizard on all your farm servers. Adding servers to the farm can be done at any time to add redundancy, such as additional load-balanced Web servers. Note We recommend that you run Setup on all the servers that will be in the farm before you configure the farm. When you install Windows SharePoint Services 3.0 on the first server, you establish the farm. Any additional servers that you add must be joined to this farm. Setting up the first server involves two steps: installing the Windows SharePoint Services 3.0 components on the server, and configuring the farm. After Setup finishes, you can use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The SharePoint Products and Technologies Configuration Wizard automates several configuration tasks, including: installing and configuring the configuration database, installing Windows SharePoint Services 3.0 services, and creating the Central Administration Web site. Run Setup on the first server We recommend that you install and configure Windows SharePoint Services 3.0 on all of your farm servers before you configure Windows SharePoint Services
  • 33. 33 3.0 services and create sites. You must have SQL Server running on at least one back-end database server before you install Windows SharePoint Services 3.0 on your farm servers. Note Setup installs the Central Administration Web site on the first server on which you run Setup. Therefore, we recommend that the first server on which you install Windows SharePoint Services 3.0 is a server from which you want to run the Central Administration Web site. Run Setup on the first server 1. From the product disc, run Setup.exe, or from the product download, run WSSv3.exe, on one of your Web server computers. 2. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue. 3. On the Choose the installation you want page, click Advanced. The Basic option is for stand-alone installations. 4. On the Server Type tab, click Web Front End. The Stand-alone option is for stand-alone installations. 5. Optionally, to install Windows SharePoint Services 3.0 at a custom location, select the Data Location tab, and then type the location name or Browse to the location. 6. Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information. 7. When you have chosen the correct options, click Install Now. 8. When Setup finishes, a dialog box appears that prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected. 9. Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the next set of steps.
  • 34. 34 Run the SharePoint Products and Technologies Configuration Wizard After Setup finishes, you can use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The configuration wizard automates several configuration tasks, including: installing and configuring the configuration database, installing Windows SharePoint Services 3.0 services, and creating the Central Administration Web site. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard. Run the SharePoint Products and Technologies Configuration Wizard 1. On the Welcome to SharePoint Products and Technologies page, click Next. 2. Click Yes in the dialog box that notifies you that some services might need to be restarted during configuration. 3. On the Connect to a server farm page, click No, I want to create a new server farm, and then click Next. 4. In the Specify Configuration Database Settings dialog box, in the Database server box, type the name of the computer that is running SQL Server. 5. Type a name for your configuration database in the Database name box, or use the default database name. The default name is quot;SharePoint_Configquot;. 6. In the User name box, type the user name of the server farm account. (Be sure to type the user name in the format DOMAINusername.) Important This account is the server farm account and is used to access your SharePoint configuration database. It also acts as the application pool identity for the SharePoint Central Administration application pool and it is the account under which the Windows SharePoint Services Timer service runs. The SharePoint Products and Technologies Configuration Wizard adds this account to the SQL Server Logins, the SQL Server Database Creator server role, and the SQL Server Security Administrators server role. The user account that you specify as the service account must be a domain user account, but it does not need to be a member of any specific security group on your Web servers or your back-end database servers. We recommend that you follow the principle of least privilege and specify a user account that is not a member of the Administrators group on your Web servers or your back-end servers. 7. In the Password box, type the user's password, and then click Next. 8. On the Configure SharePoint Central Administration Web Application page, select the Specify port number check box and type a port number if you want the SharePoint Central Administration Web application to use a specific port, or leave the Specify port number check box cleared if you do not care which port number the SharePoint Central Administration Web application uses. 9. On the Configure SharePoint Central Administration Web Application dialog box, do one of the following: • If you want to use NTLM authentication (the default), click Next. • If you want to use Kerberos authentication, click Negotiate (Kerberos), and then click Next.
  • 35. 35 Note In most cases, you should use the default setting (NTLM). Use Negotiate (Kerberos) only if Kerberos authentication is supported in your environment. Using the Negotiate (Kerberos) option requires you to configure a Service Principal Name (SPN) for the domain user account. To do this, you must be a member of the Domain Admins group. For more information, see How to configure a Windows SharePoint Services virtual server to use Kerberos authentication and how to switch from Kerberos authentication back to NTLM authentication (http://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409). 10. On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next. 11. On the Configuration Successful page, click Finish. The SharePoint Central Administration Web site home page opens. Note If you are prompted for your user name and password, you might need to add the SharePoint Central Administration site to the list of trusted sites and configure user authentication settings in Internet Explorer. Instructions for configuring these settings are provided in the next set of steps. Note If a proxy server error message appears, you might need to configure your proxy server settings so that local addresses bypass the proxy server. Instructions for configuring this setting are provided later in this section. Add the SharePoint Central Administration Web site to the list of trusted sites 1. In Internet Explorer, on the Tools menu, click Internet Options. 2. On the Security tab, in the Select a Web content zone to specify its security settings box, click Trusted sites, and then click Sites. 3. Clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL for the SharePoint Central Administration Web site, and then click Add. 5. Click Close to close the Trusted sites dialog box. 6. Click OK to close the Internet Options dialog box. Configure proxy server settings to bypass the proxy server for local addresses 1. In Internet Explorer, on the Tools menu, click Internet Options. 2. On the Connections tab, in the Local Area Network (LAN) settings area, click LAN Settings. 3. In the Automatic configuration section, clear the Automatically detect settings check box. 4. In the Proxy Server section, select the Use a proxy server for your LAN check box. 5. Type the address of the proxy server in the Address box.
  • 36. 36 6. Type the port number of the proxy server in the Port box. 7. Select the Bypass proxy server for local addresses check box. 8. Click OK to close the Local Area Network (LAN) Settings dialog box. 9. Click OK to close the Internet Options dialog box. Add servers to the farm We recommend that you install and configure Windows SharePoint Services 3.0 on all of your farm servers before you configure Windows SharePoint Services 3.0 services and create sites. You must have SQL Server running on at least one back-end database server before you install Windows SharePoint Services 3.0 on your farm servers. Important If you uninstall Windows SharePoint Services 3.0 from the first server on which you installed it, your farm might experience problems. Run Setup on additional servers 1. From the product disc, run Setup.exe, or from the product download, run WSSv3.exe, on one of your Web server computers. 2. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue. 3. On the Choose the installation you want page, click Advanced. The Basic option is for stand-alone installations. 4. On the Server Type tab, click Web Front End. The Stand-alone option is for stand-alone installations. 5. Optionally, to install Windows SharePoint Services 3.0 at a custom location, select the Data Location tab, and then type the location name or Browse to the location. 6. Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information. 7. When you have chosen the correct options, click Install Now. 8. When Setup finishes, a dialog box appears that prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected. 9. Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the next set of steps. Run the SharePoint Products and Technologies Configuration Wizard on additional servers After Setup finishes, use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The configuration wizard
  • 37. 37 automates several configuration tasks, including: installing and configuring the configuration database, and installing Windows SharePoint Services 3.0 services. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard. Run the SharePoint Products and Technologies Configuration Wizard 1. On the Welcome to SharePoint Products and Technologies page, click Next. 2. Click Yes in the dialog box that notifies you that some services might need to be restarted during configuration. 3. On the Connect to a server farm page, click Yes, I want to connect to an existing server farm, and then click Next. 4. In the Specify Configuration Database Settings dialog box, in the Database server box, type the name of the computer that is running SQL Server. 5. Click Retrieve Database Names, and then from the Database name list, select the database name that you created when you configured the first server in your server farm. 6. In the User name box, type the user name of the account used to connect to the computer running SQL Server. (Be sure to type the user name in the format DOMAINusername.) This must be the same user account you used when configuring the first server. 7. In the Password box, type the user's password, and then click Next. 8. On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next. 9. On the Configuration Successful page, click Finish. Start the Windows SharePoint Services Search service You must start the Windows SharePoint Services Search service on every computer that you want to search over content. You must start it on at least one of your servers. Start the Windows SharePoint Services Search service 1. On the SharePoint Central Administration home page, click the Operations tab on the top link bar. 2. On the Operations page, in the Topology and Services section, click Servers in farm. 3. On the Servers in Farm page, click the server on which you want to start the Windows SharePoint Services Search service. 4. Next to Window SharePoint Services Search, click Start. 5. On the Configure Windows SharePoint Services Search Service Settings page, in the Service Account section, specify the user name and password for the user account under which the search service will run. 6. In the Content Access Account section, specify the user name and password for the user account that the search service will use to search over content. This account must have read access to all the content you want it to search over. If you do not enter credentials, the same account used for the search service will be used.
  • 38. 38 7. In the Indexing Schedule section, either accept the default settings, or specify the schedule that you want the search service to use when searching over content. 8. After you have configured all the settings, click Start. Perform additional configuration tasks After Setup finishes, your browser window opens to the home page of your new SharePoint site. Although you can start adding content to the site or customizing the site, we recommend that you first perform the following administrative tasks by using the SharePoint Central Administration Web site. • Configure incoming e-mail settings You can configure incoming e- mail settings so that SharePoint sites accept and archive incoming e-mail. You can also configure incoming e-mail settings so that SharePoint sites archive e-mail discussions as they happen, save e-mailed documents, and show e-mailed meetings on site calendars. In addition, you can configure the SharePoint Directory Management Service to provide support for e- mail distribution list creation and management. For more information, see Configure incoming e-mail settings (Windows SharePoint Services). • Configure outgoing e-mail settings You can configure outgoing e- mail settings so that your Simple Mail Transfer Protocol (SMTP) server sends e-mail alerts to site users and notifications to site administrators. You can configure both the quot;Fromquot; e-mail address and the quot;Replyquot; e-mail address that appear in outgoing alerts. For more information, see Configure outgoing e-mail settings (Windows SharePoint Services). • Configure diagnostic logging settings You can configure several diagnostic logging settings to help with troubleshooting. This includes enabling and configuring trace logs, event messages, user-mode error messages, and Customer Experience Improvement Program events. For more information, see Configure diagnostic logging settings (Windows SharePoint Services). • Configure antivirus protection settings You can configure several antivirus settings if you have an antivirus program that is designed for Windows SharePoint Services 3.0. Antivirus settings enable you to control whether documents are scanned on upload or download, and whether users can download infected documents. You can also specify how long you want the antivirus program to run before it times out, and you can specify how many execution threads the antivirus program can use on the server. For more information, see Configure anti-virus settings (Windows SharePoint Services)
  • 39. 39 Perform administrator tasks by using the Central Administration site 1. Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration. 2. On the Central Administration home page, in the Administrator Tasks section, click the task you want to perform. 3. On the Administrator Tasks page, next to Action, click the task. Create a site collection and a SharePoint site This section guides you through the process of creating a single site collection containing a single SharePoint site. You can create many site collections and many sites under each site collection. For more information, see Chapter overview: Deploy and configure SharePoint sites (Windows SharePoint Services) You can create new portal sites or migrate pre-existing sites or content from a previous version of Windows SharePoint Services. For information about planning SharePoint sites and site collections, see Plan Web site structure and publishing (Windows SharePoint Services). For information about migrating content, see Deploy a new server farm, then migrate content databases. You can also migrate content from a pre-existing Microsoft Content Management Server 2002 source. For information, see Upgrading to Windows SharePoint Services 3.0. Before you can create a site or a site collection, you must first create a Web application. A Web application is comprised of an Internet Information Services (IIS) site with a unique application pool. When you create a new Web application, you also create a new database and define the authentication method used to connect to the database. If you are in an extranet environment where you want different users to access content by using different domains, you might also need to extend a Web application to another IIS Web site. This action exposes the same content to different sets of users by using an additional IIS Web site to host the same content. Create a new Web application 1. In the SharePoint Central Administration Web site, on the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 2. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Create a new Web application. 3. On the Create New Web Application page, in the IIS Web Site section, you can
  • 40. 40 configure the settings for your new Web application. a. To choose to use an existing Web site, select Use an existing Web site, and specify the Web site on which to install your new Web application by selecting it from the drop-down menu. b. To choose to create a new Web site, select Create a new IIS Web site, and type the name of the Web site in the Description box. c. In the Port box, type the port number you want to use to access the Web application. If you are creating a new Web site, this field is populated with a suggested port number. If you are using an existing Web site, this field is populated with the current port number. d. In the Host Header box, type the URL you want to use to access the Web application. This is an optional field. e. In the Path box, type the path to the site directory on the server. If you are creating a new Web site, this field is populated with a suggested path. If you are using an existing Web site, this field is populated with the current path. 4. In the Security Configuration section, configure authentication and encryption for your Web application. a. In the Authentication Provider section, choose either Negotiate (Kerberos) or NTLM. Note To enable Kerberos authentication, you must perform additional configuration. For more information about authentication methods, see Plan authentication methods (Windows SharePoint Services). b. In the Allow Anonymous section, choose Yes or No. If you choose to allow anonymous access, this enables anonymous access to the Web site by using the computer-specific anonymous access account (that is, IUSR_<computername>). Note If you want users to be able to access any site content anonymously, you must enable anonymous access for the entire Web application. Later, site owners can configure how anonymous access is used within their sites. For more information about anonymous access, see Choose which security groups to use (Windows SharePoint Services). c. In the Use Secure Sockets Layer (SSL) section, select Yes or No. If you choose to enable SSL for the Web site, you must configure SSL by requesting and installing an SSL certificate. Important If you use SSL, you must add the appropriate certificate on each server by using IIS administration tools. For more information about using SSL, see Plan for secure communication within a server farm (Windows SharePoint Services). 5. In the Load Balanced URL section, type the URL for the domain name for all sites that users will access in this Web application. This URL domain will be used in all links shown on pages within the Web application. By default, the box is populated with the current server name and port. The Zone box is automatically set to Default for a new Web application, and cannot be changed from this page. To change the zone for a Web application, see Create or extend
  • 41. 41 Web applications (Windows SharePoint Services). 6. In the Application Pool section, choose whether to use an existing application pool or create a new application pool for this Web application. To use an existing application pool, select Use existing application pool. Then select the application pool you want to use from the drop-down menu. a. To create a new application pool, select Create a new application pool. b. In the Application pool name box, type the name of the new application pool, or keep the default name. c. In the Select a security account for this application pool section, select Predefined to use an existing application pool security account, and then select the security account from the drop-down menu. d. Select Configurable to use an account that is not currently being used as a security account for an existing application pool. In the User name box, type the user name of the account you want to use, and type the password for the account in the Password box. 7. In the Reset Internet Information Services section, choose whether to allow Microsoft Windows SharePoint Services to restart IIS on other farm servers. The local server must be restarted manually for the process to finish. If this option is not selected and you have more than one server in the farm, you must wait until the IIS Web site is created on all servers and then run iisreset/noforce on each Web server. The new IIS site is not usable until that action is completed. The choices are unavailable if your farm only contains a single server. 8. In the Database Name and Authentication section, choose the database server, database name, and authentication method for your new Web application.
  • 42. 42 Item Action Database Server Type the name of the database server and Microsoft SQL Server instance you want to use in the format <SERVERNAMEinstance>. You can also use the default entry. Database Name Type the name of the database, or use the default entry. Database Authentication Choose whether to use Windows authentication (recommended) or SQL authentication. • If you want to use Windows authentication, leave this option selected. • If you want to use SQL authentication, select SQL authentication. In the Account box, type the name of the account you want the Web application to use to authenticate to the SQL Server database, and then type the password in the Password box. 9. Click OK to create the new Web application, or click Cancel to cancel the process and return to the Application Management page. Create a site collection 1. On the SharePoint Central Administration home page, click the Application Management tab on the top link bar. 2. On the Application Management page, in the SharePoint Site Management section, click Create site collection. 3. On the Create Site Collection page, in the Web Application section, select a Web application to host the site collection from the Web Application drop-down list. 4. In the Title and Description section, type a title and description for the site collection. 5. In the Web Site Address section, select a URL type (personal or sites), and then type a URL for the site collection. 6. In the Template Selection section, select a template from the tabbed template control. 7. In the Primary Site Collection Administrator section, specify the user account for the user you want to be the primary administrator for the site collection. You can also browse for the user account by clicking the Book icon to the right of the text box. You can check the user account by clicking the Check Names icon to the right of the text box. 8. Optionally, in the Secondary Site Collection Administrator section,
  • 43. 43 specify the user account for the user you want to be the secondary administrator for the site collection. You can also browse for the user account by clicking the Book icon to the right of the text box. You can check the user account by clicking the Check Names icon to the right of the text box. 9. Click Create to create the site collection. Create a SharePoint site 1. On the SharePoint Central Administration home page, click the Application Management tab on the top link bar. 2. On the Application Management page, in the SharePoint Site Management section, click Site collection list. 3. On the Site Collection List page, click the URL for the site collection to which you want to add a site, and then go to the homepage of the top-level site in the site collection you just created. 4. On the home page of the top-level site, on the Site Actions menu, click Create. 5. On the Create page, in the Web Pages section, click Sites and Workplaces. 6. On the New SharePoint Site page, in the Title and Description section, type a title and description for the site. 7. In the Web Site Address section, type a URL for the site. 8. In the Template Selection section, select a template from the tabbed template control. 9. Either change other settings, or click Create to create the site. 10. The new site opens. Configure the trace log The trace log can be useful for analyzing problems that might occur. You can use events that are written to the trace log to determine what configuration changes were made in Windows SharePoint Services 3.0 before the problem occurred. By default, Windows SharePoint Services 3.0 saves two days of events in the trace log files. This means that trace log files that contain events that are older than two days are deleted. When you are using the Windows SharePoint Services Search service, we recommend that you configure the trace log to save seven days of events. You can use the Diagnostic Logging page in Central Administration to configure the maximum number of trace log files to maintain and how long (in minutes) to capture events to each log file. By default, 96 log files are kept, each one containing 30 minutes of events. 96 log files * 30 minutes of events per file = 2880 minutes or two days of events.
  • 44. 44 You can also specify the location where the log files are written or accept the default path. Configure the trace log to save seven days of events 1. In Central Administration, on the Operations tab, in the Logging and Reporting section, click Diagnostic logging. 2. On the Diagnostic Logging page, in the Trace Log section, do the following: • In the Number of log files box, type 336. • In the Number of minutes to use a log file box, type 30. Tip To save 10,080 minutes (seven days) of events, you can use any combination of number of log files and minutes to store in each log file. 3. Ensure that the path specified in the Path box has enough room to store the extra log files, or change the path to another location. Tip We recommend that you store log files on a hard drive partition that is used to store log files only. 4. Click OK. Trace log files can help you to troubleshoot issues related to configuration changes of the Windows SharePoint Services Search service. Because problems related to configuration changes are not always immediately discovered, we recommend that you save all trace log files that the system creates on any day that you make any configuration changes related to either search service. Store these log files for an extended period of time in a safe location that will not be overwritten. See step 3 in the previous procedure to determine the location that the system stores trace log files for your system.
  • 45. 45 Deploy using DBA-created databases (Windows SharePoint Services) In this article: • About deploying by using DBA-created databases • Required database hardware and software • Required accounts • Create and configure the databases About deploying by using DBA-created databases In many IT environments, database administrators (DBAs) create and manage databases. Security policies and other policies in your organization might require that DBAs create the databases that Microsoft Windows SharePoint Services 3.0 requires. This article discusses how DBAs can create these databases and farm administrators can configure them. This article describes how to deploy Windows SharePoint Services 3.0 in an environment in which DBAs create and manage databases. The deployment includes all the required databases and one portal site. This article only applies to farms that use Microsoft SQL Server 2000 with the most recent service pack or Microsoft SQL Server 2005 database software. Some procedures in this article use the Psconfig and Stsadm command-line tools. These tools are both located in the following folder: Program FilesCommon FilesMicrosoft Sharedweb server extensions12BIN. Note This article does not cover using the Windows SharePoint Services 3.0 graphical user interface tools to create or configure databases. For information about creating and configuring databases by using the Windows SharePoint Services 3.0 graphical user interface tools, see Deploy in a simple server farm (Windows SharePoint Services). By using the procedures in this article, DBAs and farm administrators create and configure the following databases and components in the following order:
  • 46. 46 1. Configuration database (only one per farm). 2. Content database for Central Administration (only one per farm). 3. Central Administration Web application (only one per farm — created by Setup). 4. Windows SharePoint Services search database (only one per farm). 5. Web application content databases (optional). There is one content database for each Web application; extending a Web application does not require an additional content database. 6. Web applications (optional). Note When you create a Web application, the system creates an application pool and a Web site in Internet Information Services (IIS) for the Web application. Extending a Web application creates an additional Web site in IIS, but not an additional application pool. Required database hardware and software Before you install and configure the databases, be sure that your database servers have the recommended hardware and software. For more information about these requirements, see Determine hardware and software requirements (Windows SharePoint Services). If you are using SQL Server 2005 database software, the DBA must configure surface area settings so that local and remote connections use TCP/IP only. All of the databases required by Windows SharePoint Services 3.0 use the Latin1_General_CI_AS_KS_WS collation. All of the databases require that the Setup user account be assigned to them as the database owner (or dbo). For more information about the security requirements for these databases, see Plan for administrative and service accounts (Windows SharePoint Services).
  • 47. 47 Required accounts The DBA needs to create SQL Server logins for the accounts that are used to create and configure databases for Windows SharePoint Services 3.0 and add them to roles to create and configure the databases. For more information about required accounts, including specific permissions and user rights required for these accounts, see Plan for administrative and service accounts [Windows SharePoint Services]. The following table describes the accounts that are used to create and configure databases for Windows SharePoint Services 3.0. Login Notes Setup user account The account that is used to run Setup on each server computer and to run the SharePoint Products and Technologies Configuration Wizard, the Psconfig command-line tool, and the Stsadm command-line tool. Server farm account This account is also referred to as: • Database access account This account is: • The application pool identity for the SharePoint Central Administration Web application. • The service account for the Windows SharePoint Services Timer (SPTimer) service. Windows SharePoint Services Search service Used as the service account for the Windows account SharePoint Services Search service. Application pool process account Used to access content databases associated with the Web applications. We recommend that you use a separate application pool account for each Web application. This helps provide additional security.
  • 48. 48 Note If you are using the least-privilege principle for added security, use a different account for each service, process, and application pool identity for each Web application. Create and configure the databases Use the procedures in this section to create the required databases and give the appropriate accounts membership in the database security groups or roles. The procedures require action by the DBA and the Setup user account. Each step is labeled [DBA] or [Setup] to indicate which role performs the action. The farm only has one configuration database and one content database for Central Administration. The following procedure is performed once for each farm. Create and configure the configuration database, the Central Administration content database, and the Central Administration Web application 1. [DBA] Create the configuration database and the Central Administration content database using the correct collation and database owner (dbo). 2. [Setup] Run Setup on each of the server computers that run Windows SharePoint Services 3.0. You must run Setup on at least one of these computers by using the Web front end installation option. 3. [Setup] On the computer on which you used the Web front end installation option, do not run the SharePoint Products and Technologies Configuration Wizard after Setup. Instead, open the command line, and then run the following command to configure the databases: Psconfig –cmd configdb –create –server <SqlServerName> –database <SqlDatabaseName> –user <DomainNameUserName> –password <password> –admincontentdatabase <SqlAdminContentDatabaseName> Note SqlDatabaseName is the configuration database. user is the server farm account. SqlAdminContentDatabaseName is the Central Administration content database. 4. [Setup] After the command has completed, run the SharePoint Products and Technologies Configuration Wizard and complete the remainder of the configuration for your server. This creates the Central Administration Web application and performs other setup and configuration tasks. The following procedure will only have to be performed once for the farm. The farm only has one Windows SharePoint Services search database.
  • 49. 49 Create and configure the Windows SharePoint Services search database and start the Windows SharePoint Services Search service. 1. [DBA] Create a database for the Windows SharePoint Services Search database using the correct collation and database owner (dbo). 2. [Setup] Open the command line, and then run the following command to configure the database and start the Windows SharePoint Services Search service: stsadm -o spsearch -action start -farmserviceaccount <DomainNameUserName> -farmservicepassword <password> -farmcontentaccessaccount <DomainNameUserName> -farmcontentaccesspassword <password> -databaseserver <ServerInstance> -databasename <DatabaseName> Note farmserviceaccount is the server farm account. farmcontentaccessaccount is the Windows SharePoint Services Search service account. For databaseserver, if you are using the default instance of SQL Server, you only have to specify the name of the computer running SQL Server. The databasename is the Windows SharePoint Services Search database. The following procedure is performed once for each portal site in the farm. Create and configure the portal site Web application and content database 1. [DBA] Create the portal site Web application content database using the correct collation and database owner (dbo). 2. [DBA] Using SQL Server Management Studio, add the application pool process account to the Users group and the db_owner role for the Web application content database. 3. [Setup] Open the command line, and then run the following command to create the Web application and configure the portal site Web application content database: stsadm.exe -o extendvs -url <url> -donotcreatesite -exclusivelyusentlm -databaseserver <DatabaseServerName> -databasename <DatabaseName> -apidtype configurableid -description <IISWebSiteName> -apidname <AppPoolName> -apidlogin <DomainNameUserName> -apidpwd <password> Note url is the URL (in the form http://hostname:port) of the portal site Web application. databasename is the content database for the portal site Web application. description is the text name you give to the Web site in IIS. apidname is the text name that you give to the Web application pool in IIS. apidlogin is the identity for the application pool in IIS. This is the application pool process account. Important This command must be run on the same computer that is indicated in the url parameter. This is the same computer that will be running the portal site Web application. The host name and port combination must not describe a Web application that already exists or an error results and the Web application is not
  • 50. 50 created.
  • 51. 51 II. Deploy Windows SharePoint Services 3.0 in a server farm environment
  • 52. 52 A. Install Windows SharePoint Services 3.0 for a server farm environment
  • 53. 53 Chapter overview: Install Windows SharePoint Services 3.0 for a server farm environment Important This article discusses how to do a clean installation of Microsoft Windows SharePoint Services 3.0 in a server farm environment. It does not cover upgrading from previous releases of Windows SharePoint Services 3.0 or from previous releases of Microsoft Windows SharePoint Services. For more information about upgrading from a previous release of Windows SharePoint Services, see Upgrading to Windows SharePoint Services 3.0. Note This article does not cover installing Windows SharePoint Services 3.0 on a single computer as a stand-alone installation. For more information, see Install Windows SharePoint Services 3.0 on a stand-alone computer. You can deploy Windows SharePoint Services 3.0 in a server farm environment if you are hosting a large number of sites, if you want the best possible performance, or if you want the scalability of a multi-tier topology. A server farm consists of one or more servers dedicated to running the Windows SharePoint Services 3.0 application. Note There is no direct upgrade from a stand-alone installation to a farm installation. Because a server farm deployment of Windows SharePoint Services 3.0 is more complex than a stand-alone deployment, we recommend that you plan your deployment. Planning your deployment can help you to gather the information you need and to make important decisions before beginning to deploy. For information about planning, see Planning and architecture for Windows SharePoint Services 3.0 technology. Suggested topologies Server farm environments can encompass a wide range of topologies, and can include many servers or as few as two servers.
  • 54. 54 A server farm typically consists of a database server running either Microsoft SQL Server 2005 or Microsoft SQL Server 2000 with the most recent service pack, and one or more servers running Internet Information Services (IIS) and Windows SharePoint Services 3.0. In this configuration, the front-end servers are configured as Web servers. The Web server role provides Web content and services such as search. A large server farm typically consists of two or more clustered database servers, several load-balanced front-end Web servers running IIS and Windows SharePoint Services 3.0, and two or more servers providing search services. Before you begin deployment This section provides information about actions that you must perform before you begin deployment. • To deploy Windows SharePoint Services 3.0 in a server farm environment, you must provide credentials for several different accounts. For information about these accounts, see Plan for administrative and service accounts. • You must install Windows SharePoint Services 3.0 on the same drive on all load-balanced front-end Web servers. • All the instances of Windows SharePoint Services 3.0 in the farm must be in the same language. For example, you cannot have both an English version of Windows SharePoint Services 3.0 and a Japanese version of Windows SharePoint Services 3.0 in the same farm. • You must install Windows SharePoint Services 3.0 on a clean installation of the Microsoft Windows Server 2003 operating system with the most recent service pack. If you uninstall a previous version of Windows SharePoint Services 3.0, and then install Windows SharePoint Services 3.0, Setup might fail to create the configuration database and the installation will fail. Note We recommend that you read the Known Issues/Readme documentation before you install Windows SharePoint Services 3.0 on a domain controller. Installing Windows SharePoint Services 3.0 on a domain controller requires additional configuration steps that are not discussed in this article.
  • 55. 55 Overview of the deployment process The deployment process consists of two phases: deploying and configuring the server infrastructure, and deploying and configuring SharePoint site collections and sites. Phase 1: Deploy and configure the server infrastructure Deploying and configuring the server infrastructure consists of the following steps: • Preparing the database server. • Preinstalling the databases (optional). • Verifying that the servers meet hardware and software requirements. • Running Setup on all servers you want to be in the farm. • Installing available language template packs on front-end Web servers (optional). For more information about installing language template packs, see Deploy language packs (Windows SharePoint Services 3.0). • Running the SharePoint Products and Technologies Configuration Wizard. • Starting the Windows SharePoint Services Search service. Phase 2: Deploy and configure SharePoint site collections and sites Deploying and configuring SharePoint site collections and sites consists of the following steps: • Creating the site collections. • Creating the sites. For more information about creating site collections and sites, see Deploy and configure SharePoint sites.
  • 56. 56 Prepare the database servers (Windows SharePoint Services) In this article: • SQL Server and database collation • Required accounts • Preinstall databases (optional) Before installing Microsoft Windows SharePoint Services 3.0, you must prepare the database server. The database server must be running Microsoft SQL Server 2005 or Microsoft SQL Server 2000 with the most recent service pack. The Windows SharePoint Services 3.0 Setup program automatically creates the necessary databases when you install and configure Windows SharePoint Services 3.0. Optionally, you can preinstall the required databases if your IT environment or policies require this. For more information about prerequisites, see Determine hardware and software requirements. If you are using SQL Server 2005, you must also change the surface area settings. Configure surface area settings in SQL Server 2005 1. Click Start, point to All Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Surface Area Configuration. 2. In the SQL Server 2005 Surface Area Configuration dialog box, click Surface Area Configuration for Services and Connections. 3. In the tree view, expand the node for your instance of SQL Server, expand the Database Engine node, and then click Remote Connections. 4. Select Local and Remote Connections, select Using both TCP/IP and named pipes, and then click OK.
  • 57. 57 SQL Server and database collation The SQL Server collation must be configured for case-insensitive. The SQL Server database collation must be configured for case-insensitive, accent- sensitive, Kana-sensitive, and width-sensitive. This is to ensure file name uniqueness consistent with the Windows operating system. For more information about collations, see quot;Selecting a SQL Collationquot; or quot;Collation Settings in Setupquot; in SQL Server Books Online. Required accounts The following table describes the accounts that are used to configure Microsoft SQL Server and to install Windows SharePoint Services 3.0. For more information about the required accounts, including specific privileges required for these accounts, see Plan for administrative and service accounts (Windows SharePoint Services). Account Purpose Setup user account The account that is used to run Setup on each server. Farm search service account The service account for the Windows SharePoint Services Search service. There is only one instance of this service in the server farm. Application pool process account Used to access content databases associated with the Web application. Preinstall databases (optional) In many IT environments, database creation and management are handled by the database administrator (DBA). Security and other policies might require that the DBA create the databases required by Windows SharePoint Services 3.0. For more information about preinstalling databases, including detailed procedures that describe how the DBA can create these databases, see Deploy using DBA-created databases (Windows SharePoint Services).
  • 58. 58 Prepare the front-end Web servers (Windows SharePoint Services) In this article: • Install the Microsoft .NET Framework version 3.0 • Enable ASP.NET 2.0 Before you install and configure Microsoft Windows SharePoint Services 3.0, be sure that your servers have the recommended hardware and software. To deploy a server farm, you need at least one server acting as a Web server and an application server, and one server acting as a database server. For more information about these requirements, see Determine hardware and software requirements (Windows SharePoint Services). Install the Microsoft .NET Framework version 3.0 Go to the Microsoft Download Center Web site (http://go.microsoft.com/fwlink/? LinkID=72322&clcid=0x409), and on the Microsoft .NET Framework 3.0 Redistributable Package page, follow the instructions for downloading and installing the .NET Framework version 3.0. There are separate downloads for x86-based computers and x64-based computers; be sure to download and install the appropriate version for your computer. The .NET Framework version 3.0 download contains the Windows Workflow Foundation technology, which is required by workflow features.
  • 59. 59 Enable ASP.NET 2.0 You must enable ASP.NET 2.0 on all servers. Enable ASP.NET 2.0 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In the IIS Manager tree, click the plus sign (+) next to the server name, and then click the Web Service Extensions folder. 3. In the details pane, click ASP.NET v2.0.50727, and then click Allow.
  • 60. 60 Install Windows SharePoint Services 3.0 and run the SharePoint Products and Technologies configuration wizard In this article: • Run Setup on the first server • Start the Windows SharePoint Services Search service After preparing your database and the servers in your farm, run Setup and then run the SharePoint Products and Technologies Configuration Wizard on all your farm servers. Adding servers to the farm can be done at any time to add redundancy, such as additional load-balanced Web servers. Note We recommend that you run Setup on all the servers that will be in the farm before you configure the farm. When you install Microsoft Windows SharePoint Services 3.0 on the first server, you establish the farm. Any additional servers that you add must be joined to this farm. Setting up the first server involves two steps: installing the Windows SharePoint Services 3.0 components on the server, and configuring the farm. After Setup finishes, you can use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The SharePoint Products and Technologies Configuration Wizard automates several configuration tasks, including installing and configuring the configuration database, installing Windows SharePoint Services 3.0 services, and creating the Central Administration Web site. Run Setup on the first server We recommend that you install and configure Windows SharePoint Services 3.0 on all of your farm servers before you configure Windows SharePoint Services 3.0 services and create sites. You must have Microsoft SQL Server 2005 database software running on at least one back-end database server before you install Windows SharePoint Services 3.0 on your farm servers.
  • 61. 61 Note Setup installs the Central Administration Web site on the first server on which you run Setup. Therefore, we recommend that the first server on which you install Windows SharePoint Services 3.0 be a server from which you want to run the Central Administration Web site. Run Setup on the first server 1. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue. 2. On the Choose the installation you want page, click Advanced. The Basic option is for stand-alone installations. 3. On the Server Type tab, click Web Front End. The Stand-alone option is for stand-alone installations. 4. Optionally, to install Windows SharePoint Services 3.0 at a custom location, select the Data Location tab, and then type the location name or Browse to the location. 5. Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information. 6. When you have chosen the correct options, click Install Now. 7. When Setup finishes, a dialog box appears that prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected. 8. Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the next set of steps. Run the SharePoint Products and Technologies Configuration Wizard After Setup finishes, you can use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The configuration wizard automates several configuration tasks, including installing and configuring the configuration database, installing Windows SharePoint Services 3.0 services, and creating the Central Administration Web site. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard. Run the SharePoint Products and Technologies Configuration Wizard 1. On the Welcome to SharePoint Products and Technologies page, click Next. 2. In the dialog box that notifies you that some services might need to be restarted during configuration, click Yes. 3. On the Connect to a server farm page, click No, I want to create a new server farm, and then click Next.
  • 62. 62 4. In the Specify Configuration Database Settings dialog box, in the Database server box, type the name of the computer that is running SQL Server. 5. Type a name for your configuration database in the Database name box, or use the default database name. The default name is quot;SharePoint_Configquot;. 6. In the User name box, type the user name of the server farm account. (Be sure to type the user name in the format DOMAINusername.) Important This account is the server farm account and it is used to access your configuration database. It also acts as the application pool identity for the SharePoint Central Administration application pool, and it is the account under which the Windows SharePoint Services Timer service runs. The SharePoint Products and Technologies Configuration Wizard adds this account to the SQL Server Logins, the SQL Server Database Creator server role, and the SQL Server Security Administrators server role. The user account that you specify as the service account must be a domain user account, but it does not need to be a member of any specific security group on your Web servers or your back-end database servers. We recommend that you follow the principle of least privilege, and specify a user account that is not a member of the Administrators group on your Web servers or your back-end servers. 7. In the Password box, type the user's password, and then click Next. 8. On the Configure SharePoint Central Administration Web Application page, select the Specify port number check box; type a port number if you want the SharePoint Central Administration Web application to use a specific port, or leave the Specify port number check box cleared if you do not care which port number the SharePoint Central Administration Web application uses. 9. In the Configure SharePoint Central Administration Web Application dialog box, do one of the following: • If you want to use NTLM authentication (the default), click Next. • If you want to use Kerberos authentication, click Negotiate (Kerberos), and then click Next. Note In most cases, use the default setting (NTLM). Use Negotiate (Kerberos) only if Kerberos authentication is supported in your environment. Using the Negotiate (Kerberos) option requires you to configure a Service Principal Name (SPN) for the domain user account. To do this, you must be a member of the Domain Admins group. For more information, see How to configure a Windows SharePoint Services virtual server to use Kerberos authentication and how to switch from Kerberos authentication back to NTLM authentication (http://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409). 10. On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next. 11. On the Configuration Successful page, click Finish. The SharePoint Central Administration Web site home page opens. Note If you are prompted for your user name and password, you might need to add
  • 63. 63 the SharePoint Central Administration Web site to the list of trusted sites, and then configure user authentication settings in Internet Explorer. Instructions for configuring these settings are provided in the next set of steps. Note If a proxy server error message appears, you might need to configure your proxy server settings so that local addresses bypass the proxy server. Instructions for configuring this setting are provided later in this section. Add the SharePoint Central Administration Web site to the list of trusted sites 1. In Internet Explorer, on the Tools menu, click Internet Options. 2. On the Security tab, in the Select a Web content zone to specify its security settings box, click Trusted sites, and then click Sites. 3. Clear the Require server verification (https:) for all sites in this zone check box. 4. In the Add this Web site to the zone box, type the URL for the SharePoint Central Administration Web site, and then click Add. 5. Click Close to close the Trusted sites dialog box. 6. Click OK to close the Internet Options dialog box. Configure proxy server settings to bypass the proxy server for local addresses 1. In Internet Explorer, on the Tools menu, click Internet Options. 2. On the Connections tab, in the Local Area Network (LAN) settings area, click LAN Settings. 3. In the Automatic configuration section, clear the Automatically detect settings check box. 4. In the Proxy Server section, select the Use a proxy server for your LAN check box. 5. Type the address of the proxy server in the Address box. 6. Type the port number of the proxy server in the Port box. 7. Select the Bypass proxy server for local addresses check box. 8. Click OK to close the Local Area Network (LAN) Settings dialog box. 9. Click OK to close the Internet Options dialog box. Add servers to the farm We recommend that you install and configure Windows SharePoint Services 3.0 on all of your farm servers before you configure Windows SharePoint Services 3.0 services and create sites. You must have SQL Server 2005 running on at least one back-end database server before you install Windows SharePoint Services 3.0 on your farm servers.
  • 64. 64 Important If you uninstall Windows SharePoint Services 3.0 from the first server on which you installed it, your farm might experience problems. Run Setup on additional servers 1. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue. 2. On the Choose the installation you want page, click Advanced. The Basic option is for stand-alone installations. 3. On the Server Type tab, click Web Front End. The Stand-alone option is for stand-alone installations. 4. Optionally, to install Windows SharePoint Services 3.0 at a custom location, select the Data Location tab, and then type the location name or Browse to the location. 5. Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information. 6. When you have chosen the correct options, click Install Now. 7. When Setup finishes, a dialog box appears that prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected. 8. Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the next set of steps. Run the SharePoint Products and Technologies Configuration Wizard on additional servers After Setup finishes, use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The configuration wizard automates several configuration tasks, including installing and configuring the configuration database, and installing Windows SharePoint Services 3.0 services. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard. Run the SharePoint Products and Technologies Configuration Wizard 1. On the Welcome to SharePoint Products and Technologies page, click Next. 2. In the dialog box that notifies you that some services might need to be restarted during configuration, click Yes. 3. On the Connect to a server farm page, click Yes, I want to connect to an existing server farm, and then click Next. 4. In the Specify Configuration Database Settings dialog box, in the Database server box, type the name of the computer that is running SQL Server. 5. Click Retrieve Database Names, and then from the Database name list,
  • 65. 65 select the database name that you created when you configured the first server in your server farm. 6. In the User name box, type the user name of the account used to connect to the computer running SQL Server. (Be sure to type the user name in the format DOMAINusername.) This must be the same user account you used when you configured the first server. 7. In the Password box, type the user's password, and then click Next. 8. On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next. 9. On the Configuration Successful page, click Finish. Start the Windows SharePoint Services Search service You must start the Windows SharePoint Services Search service on every computer that you want to search over content. You must start it on at least one of your servers. Start the Windows SharePoint Services Search service 1. On the SharePoint Central Administration home page, click the Operations tab on the top link bar. 2. On the Operations page, in the Topology and Services section, click Servers in farm. 3. On the Servers in Farm page, click the server on which you want to start the Windows SharePoint Services Search service. 4. Next to Windows SharePoint Services Search, click Start. 5. On the Configure Windows SharePoint Services Search Service Settings page, in the Service Account section, specify the user name and password for the user account under which the Search service will run. 6. In the Content Access Account section, specify the user name and password for the user account that the Search service will use to search over content. This account must have read access to all the content you want it to search over. If you do not enter credentials, the same account used for the Search service will be used. 7. In the Indexing Schedule section, either accept the default settings, or specify the schedule that you want the Search service to use when searching over content. 8. After you have configured all the settings, click Start.
  • 66. 66 Deploy language packs (Windows SharePoint Services 3.0) In this article: • About language IDs and language packs • Preparing your front-end Web servers for language packs • Installing language packs on your front-end Web servers Language packs enable site owners and site collection administrators to create SharePoint sites and site collections in multiple languages without requiring separate installations of Microsoft Windows SharePoint Services 3.0. You install language packs, which contain language-specific site templates, on your front-end Web servers. When an administrator creates a site or a site collection based on a language-specific site template, the text that appears on the site or the site collection is displayed in the site template's language. Language packs are typically used in multinational deployments where a single server farm supports people in different locations or in situations where sites and Web pages must be duplicated in one or more languages. Note You cannot change an existing site, site collection, or Web page from one language to another by applying different language-specific site templates; once you choose a language-specific site template for a site or a site collection, the site or site collection will always display content in the language of the original site template. Word breakers and stemmers enable you to efficiently and effectively search across content on SharePoint sites and site collections in multiple languages without requiring separate installations of Windows SharePoint Services 3.0. Word breakers and stemmers are automatically installed on your front-end Web servers by Setup.
  • 67. 67 About language IDs and language packs When site owners or site collection administrators create sites or site collections, they can choose a language for the each site or site collection The language they choose represents the language identifier (ID), and the language ID determines the language that is used to display text and interpret text that is put on the site or site collection. For example, when a site administrator chooses to create a site in French, the site's toolbars, navigation bars, lists, and column headings appear in French. Likewise, if a site administrator chooses to create a site in Arabic, the site's toolbars, navigation bars, lists, and column headings appear in Arabic, and the default left-to-right orientation of the site changes to a right-to-left orientation to properly display Arabic text. The list of available languages that a site administrator can use to create a site or site collection is generated by the language packs that are installed on your front- end Web servers. By default, sites and site collections are created in the language in which Windows SharePoint Services 3.0 was installed. For example, if you install the Spanish version of Windows SharePoint Services 3.0, the default language for sites, site collections, and Web pages is Spanish. If a site administrator needs to create sites, site collections or Web pages in a language other than the default Windows SharePoint Services 3.0 language, you must install the language pack for that language on your front-end Web servers. For example, if you are running the French version of Windows SharePoint Services 3.0, and a site administrator wants to create sites in French, English, and Spanish, you must install the English and Spanish language packs on your front-end Web servers. Note By default, when a site administrator creates a new Web page within a site, the Web page uses the site's language ID to display text. Language packs for Windows SharePoint Services 3.0 are not bundled into multilingual installation packages. You must install a specific language pack for each language that you want to support. Also, language packs must be installed on each of your front-end Web servers to ensure that each Web server can render content in the specified language.
  • 68. 68 The following table lists the language packs that are available for Windows SharePoint Services 3.0. Language Country/Region Language ID German Germany 1031 English United States 1033 Japanese Japan 1041 Although a site administrator specifies a language ID for a site, some user interface elements such as error messages, notifications, and dialog boxes do not display in the language that was specified. This is because Windows SharePoint Services 3.0 relies on several supporting technologies — for example, the Microsoft .NET Framework, Microsoft Windows Workflow Foundation, Microsoft ASP.NET, and Microsoft SQL Server 2005 — some of which are localized into only a limited number of languages. If a user interface element is generated by any of the supporting technologies that is not localized into the language that the site administrator specified for the site, the user interface element appears in English. For example, if a site administrator creates a site in Hebrew, and the.NET Framework component displays a notification message, the notification message will not display in Hebrew because the .NET Framework is not localized into Hebrew. This situation can occur when sites are created in any language except the following: Chinese, French, German, Italian, Japanese, Korean, and Spanish. In some cases, some text might originate from the original installation language, which can create a mixed-language experience. This type of mixed-language experience is typically seen only by content creators or site administrators and is not seen by site users. Preparing your front-end Web servers for language packs Before you install language packs on your front-end Web servers, you must do the following: • Install the necessary language files on your front-end Web servers.
  • 69. 69 • Install Windows SharePoint Services 3.0 on each of your front-end Web servers. • Run the SharePoint Products and Technologies Configuration Wizard on each of your front-end Web servers. Language files are used by the operating system and provide support for displaying and entering text in multiple languages. Language files include: • Keyboard files • Input Method Editors (IMEs) • TrueType font files • Bitmap font files • Code page conversion tables • National Language Support (.nls) files • Script engines for rendering complex scripts Most language files are installed by default on the Microsoft Windows Server 2003 operating system. However, you must install supplemental language files for East Asian languages and languages that use complex script or require right-to- left orientations. The East Asian languages include Chinese, Japanese, and Korean; the complex script and right-to-left oriented languages include Arabic, Armenian, Georgian, Hebrew, the Indic languages, Thai, and Vietnamese. Instructions for installing these supplemental language files are provided in the following procedure. We recommend that you install these language files only if you need them. The East Asian files require about 230 megabytes of hard disk space. The complex script and right-to-left languages do not use much disk space, but installing either set of files might reduce performance when entering text. Note You must be a member of the Administrators group on the computer to install these language files. After the language files are installed, the languages are available to all users of the computer. Note You will need your Windows Server 2003 product disc to perform this procedure, or you will need to know the location of a shared folder that contains your operating system installation files. Note You must restart your computer after you install supplemental language files.
  • 70. 70 Install additional language files 1. On your front-end Web server, click Start, point to Settings and then Control Panel, and then click Regional and Language Options. 2. In the Regional and Language Options dialog box, on the Languages tab, in the Supplemental Language Support section, select one or both of the following checkboxes: • Install files for complex script and right-to-left languages • Install files for East Asian languages 3. Click OK in the dialog box that alerts you that additional disk space is required for the files. 4. Click OK to install the additional language files. 5. When prompted, insert your Windows Server 2003 product disc or provide the location of your Windows Server 2003 installation files. 6. When prompted to restart your computer, click Yes. After you install the necessary language files on your front-end servers, you need to install Windows SharePoint Services 3.0 and run the SharePoint Products and Technologies Configuration Wizard. The wizard creates and configures the configuration database and performs other configuration tasks that must be done before you install language packs. For more information about installing Windows SharePoint Services 3.0 and running the SharePoint Products and Technologies Configuration Wizard, see Deploy in a simple server farm (Windows SharePoint Services) and Install Windows SharePoint Services 3.0 on a stand-alone computer. Installing language packs on your front-end Web servers After you install the necessary language files on your front-end servers, you can install your language packs. Language packs are available as individual downloads (one download for each supported language). If you have a server farm environment, and you are installing language packs to support multiple languages, you must install the language packs on each of your front-end Web servers. Important The language pack installs in its native language, for example the Russian language pack executable file is localized into Russian. The procedure provided below is for the English language pack.
  • 71. 71 Install a language pack 1. Run setup.exe. 2. On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue. 3. On the Installation Types page, click Basic. 4. The setup wizard runs and installs the language pack. 5. Rerun the SharePoint Products and Technologies Configuration Wizard, using the default settings. If you do not run the SharePoint Products and Technologies Configuration Wizard after you install a language pack, the language pack will not be installed properly. Rerun the SharePoint Products and Technologies Configuration Wizard 1. Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint Products and Technologies Configuration Wizard. 2. On the Welcome to SharePoint Products and Technologies page, click Next. 3. Click Yes in the dialog box that alerts you that some services might need to be restarted during configuration. 4. On the Modify server farm settings page, click Do not disconnect from this server farm, and then click Next. 5. If the Modify SharePoint Central Administration Web Administration Settings page appears, do not modify any of the default settings, and then click Next. 6. On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next. 7. On the Configuration Successful page, click Finish. When you install language packs, the language-specific site templates are installed in the Program FilesCommon FilesMicrosoft Sharedweb server extensions12templatenumber directory, where number is the Language ID for the language that you are installing. For example, the US English language pack installs to the Program FilesCommon FilesMicrosoft Sharedweb server extensions12template1033 directory. After you install a language pack, site owners and site collection administrators can create sites and site collections based on the language-specific site templates by specifying a language when they are creating a new SharePoint site or site collection. Uninstalling language packs If you no longer need to support a language for which you have installed a language pack, you can remove the language pack by using Add/Remove Programs in Control Panel. Removing a language pack removes the language- specific site templates from your computer. All sites that were created with those language-specific site templates will no longer work (the URL will produce a HTTP 500 - Internal server error page). Reinstalling the language pack will make the site functional.
  • 72. 72 Note You cannot remove the language pack for the version of Windows SharePoint Services 3.0 that you have installed on your server. For example, if you are running the Japanese version of Windows SharePoint Services 3.0, you cannot uninstall the Japanese language support for Windows SharePoint Services 3.0.
  • 73. 73 B. Perform additional configuration tasks
  • 74. 74 Chapter overview: Perform additional configuration tasks (Windows SharePoint Services) After the initial installation and configuration of Microsoft Windows SharePoint Services 3.0, you can configure several additional settings. The configuration of additional settings is optional, but many key features are not available unless these settings are configured. Configure additional administrative settings To take full advantage of the administrative features and capabilities of Microsoft Windows SharePoint Services 3.0, perform the following optional administrative tasks by using SharePoint Central Administration: • Configure incoming e-mail settings You can configure incoming e- mail settings so that SharePoint sites accept and archive incoming e-mail. You can also configure incoming e-mail settings so that SharePoint sites can archive e-mail discussions as they happen, save e-mailed documents, and show e-mailed meetings on site calendars. In addition, you can configure the SharePoint Directory Management Service to provide support for e-mail distribution list creation and management. For more information, see Configure incoming e-mail settings (Windows SharePoint Services). • Configure outgoing e-mail settings You can configure outgoing e- mail settings so that your Simple Mail Transfer Protocol (SMTP) server sends e-mail alerts to site users and notifications to site administrators. You can configure both the quot;Fromquot; e-mail address and the quot;Replyquot; e-mail address that appear in outgoing alerts. You can also configure outgoing e- mail settings for all Web applications or for only one Web application. For more information, see Configure outgoing e-mail settings (Windows SharePoint Services) and Configure outgoing e-mail settings for a specific Web application (Windows SharePoint Services). • Create SharePoint sites When Setup finishes, you have a single Web application that hosts a single SharePoint site. If your site design requires multiple sites or multiple Web applications, you can create more
  • 75. 75 SharePoint sites and Web applications. For more information, see Deploy and configure SharePoint sites. • Configure workflow settings You can configure workflow settings to enable end users to create their own workflows by using code pre- generated by administrators. You can also configure whether internal users without site access can receive workflow alerts, and whether external users can participate in workflows by receiving copies of documents by e- mail. For more information, see Configure workflow settings (Windows SharePoint Services). • Configure diagnostic logging settings You can configure several diagnostic logging settings to help with troubleshooting. These include enabling and configuring trace logs, event messages, user-mode error messages, and Customer Experience Improvement Program events. For more information, see Configure diagnostic logging settings (Windows SharePoint Services). • Configure antivirus settings You can configure several antivirus settings if you have an antivirus program that is designed for Windows SharePoint Services 3.0. Antivirus settings allow you to control whether documents are scanned on upload or on download, and whether users can download infected documents. You can also specify how long you want the antivirus program to run before it times out, and you can specify how many execution threads the antivirus program can use on the server. For more information, see Configure anti-virus settings (Windows SharePoint Services). You can use the following procedure to configure optional administrative settings using SharePoint Central Administration. Configure administrative settings using SharePoint Central Administration 1. Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration. 2. On the SharePoint Central Administration home page, under Administrative Tasks, click the administrative task that you want to perform. 3. On the Administrative Tasks page, next to Action, click the task.
  • 76. 76 Configure incoming e-mail settings (Windows SharePoint Services) • Install and configure the SMTP service • Configure Active Directory • Configure permissions to the e-mail drop folder • Configure DNS Manager • Configure attachments from Outlook 2003 • Configure incoming e-mail settings • Configure incoming e-mail on SharePoint sites Use this procedure to configure the incoming e-mail settings for Microsoft Windows SharePoint Services 3.0. The features of Windows SharePoint Services 3.0 that use incoming e-mail are not available until these settings are configured. Before you configure incoming e-mail settings in Windows SharePoint Services 3.0, confirm that: • You have read the topic Plan incoming e-mail (Windows SharePoint Services). • One or more servers in your server farm are running the Internet Information Services (IIS) Simple Mail Transfer Protocol (SMTP) service, or you know the name of another server that is running the SMTP service. This server must be configured to accept relayed e-mail from the mail server for the domain. • One or more servers in your server farm are running the Microsoft SharePoint Directory Management Service, or you know the name of another server that is running the SharePoint Directory Management Web Service. • The application pool account for the SharePoint Central Administration Web site has the Create, delete, and manage user accounts right to the container in the Active Directory directory service. • The application pool account for Central Administration, the logon account for the Windows SharePoint Services Timer service, and the application pool accounts for your Web applications have the correct permissions to the e-mail drop folder.
  • 77. 77 • The domain controller running Active Directory has a Mail Exchanger (MX) entry in DNS Manager for the mail server that you plan to use for incoming e-mail. Note All of these configuration steps are described in detail in the following sections. Install and configure the SMTP service Incoming e-mail for Microsoft Windows SharePoint Services 3.0 uses the SMTP service. The SMTP service can be either installed on one or more servers in the farm, or administrators can provide an e-mail drop folder for e-mail forwarded from the service on another server. The drop folder option is not recommended because administrators of the other server can affect the availability of incoming e-mail by changing the configuration of SMTP, and because this requires the additional step of configuring permissions to the e-mail drop folder. If a drop folder is not used, the SMTP service must be installed on each server that is used to receive and process incoming e-mail. Typically, this includes every front-end Web server in the farm. Start the Windows SharePoint Services Web Application service Each server that is running the SMTP service must also be running the Windows SharePoint Services Web Application service. These servers are called front-end Web servers. In many cases, this service will have already been configured. Important Membership in the Administrators group of the Central Administration site is required to complete this procedure. Start the Windows SharePoint Services Web Application service 1. On the top navigation bar, click Operations. 2. On the Operations page, in the Topology and Services section, click Services on server. 3. On the Services on Server page, find Windows SharePoint Services Web Application in the list of services, and click Start.
  • 78. 78 Install the SMTP service The SMTP service is a component of IIS. It must be installed on every front-end Web server in the farm that you want to configure for incoming e-mail. Important Membership in the Administrators group on the local computer is required to complete this procedure. Install the SMTP service 1. In Control Panel, click Add or Remove Programs. 2. In Add or Remove Programs, click Add/Remove Windows Components. 3. In the Windows Components Wizard, in the Components box, click Application Server, and then click the Details button. 4. In the Application Server dialog box, in the Subcomponents of Application Server box, click Internet Information Services (IIS), and then click the Details button. 5. In the Internet Information Services (IIS) dialog box, select the SMTP Service check box. 6. Click OK to return to the Application Server dialog box. 7. Click OK to return to the main page of the Windows Components Wizard. 8. Click Next. 9. When Windows has finished installing the SMTP service, on the Completing the Windows Components Wizard page, click Finish. Configure the SMTP service After installing the SMTP service, you must configure the service to accept relayed e-mail from the mail server for the domain. You can decide to accept relayed e-mail from all servers except those you specifically exclude. Alternatively, you can block e-mail from all servers except those you specifically include. You can include servers individually, or in groups by subnet or domain. Important Membership in the Administrators group on the local computer is required to complete this procedure. Configure the SMTP service 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In IIS Manager, expand the server name that contains the SMTP server that you want to configure. 3. Right-click the SMTP virtual server that you want to configure, and then click
  • 79. 79 Properties. 4. On the Access tab, under Access control, click Authentication. 5. In the Authentication dialog box, under Select acceptable authentication methods for this resource, verify that Anonymous access is selected. 6. Click OK. 7. On the Access tab, under Relay restrictions, click Relay. 8. To enable relaying from any server, under Select which computer may relay through this virtual server, select All except the list below. 9. To accept relaying from one or more specific servers, follow these steps: a. Under Select which computer may relay through this virtual server, select Only the list below. b. Click Add, and then add servers one at a time by IP address, or in groups by using a subnet or domain. c. Click OK to close the Computer dialog box. 10. Click OK to close the Relay Restrictions dialog box. 11. Click OK to close the Properties dialog box. Add an SMTP connector in Exchange Server In some scenarios, mail from Microsoft Exchange Server computers might not be automatically relayed to the Windows SharePoint Services 3.0 servers that are running the SMTP service. In these scenarios, administrators of Exchange mail servers can add an SMTP connector so that all mail sent to the Windows SharePoint Services 3.0 domain uses the Windows SharePoint Services 3.0 servers that are running the SMTP service. For more information about SMTP connectors, see the Help documentation for Exchange Server. Configure Active Directory Incoming e-mail requires the Microsoft SharePoint Directory Management Service. This service connects SharePoint sites to the directory services used by your organization. If you enable the Microsoft SharePoint Directory Management Service, users can create and manage distribution groups from SharePoint sites. SharePoint lists that use e-mail can then be found in directory services, such as the Address Book. You must also select which distribution group requests from SharePoint lists require approval. The Microsoft SharePoint Directory Management Service can be installed on a server in the farm, or you can use a remote Microsoft SharePoint Directory Management Service.
  • 80. 80 If you install the Microsoft SharePoint Directory Management Service on this farm or this server, the Central Administration application pool account that is used by Windows SharePoint Services 3.0 must have the Create, delete, and manage user accounts right to the container that you specify in Active Directory. The preferred way to do this is by delegating the right to the Central Administration application pool account. An Active Directory administrator must set up the organizational unit (OU) and delegate the Create, delete, and manage user accounts right to the container. The advantage of using the Microsoft SharePoint Directory Management Service on a remote farm is that you do not have to install and configure Active Directory on every farm. The following procedures are performed on a domain controller that runs Microsoft Windows Server 2003 SP1 (with DNS Manager) and Microsoft Exchange Server 2003 SP1. Important Membership in the Domain Administrators group or delegated authority for domain administration is required to complete this procedure. Create an organizational unit in Active Directory 1. Click Start, point to Control Panel, point to Administrative Tools, and then click Active Directory Users and Computers. 2. In Active Directory Users and Computers, select the folder for the second-level domain that contains your server farm. 3. Right-click the folder, point to New, and then click Organizational Unit. 4. Type the name of the organizational unit, and then click OK. After creating the organization unit, it is recommended that you delegate the Create, delete, and manage user accounts right to the container. Important Membership in the Domain Administrators group or the Enterprise Administrators group in Active Directory, or delegated authority for administration, is required to complete this procedure. Delegate right to the application pool account 1. In Active Directory Users and Computers, select the organizational unit that you just created. 2. Right-click the organizational unit, and then click Delegate control. 3. On the Tasks to Delegate page of the Delegation of Control Wizard, select the Create, delete, and manage user accounts check box. 4. On the next page of the wizard, type the name of the application pool account. 5. On the last page of the Delegation of Control Wizard, click Finish to exit the wizard.
  • 81. 81 If you must add permissions for the Central Administration application pool account directly, complete the following procedure. Important Membership in the Account Operators group, Domain Administrators group, or the Enterprise Administrators group in Active Directory, or delegated authority for administration, is required to complete this procedure. Add permissions for the application pool account 1. In Active Directory Users and Computers, click the View menu, and then click Advanced Features. 2. Right-click the organizational unit that you just created, and then click Properties. 3. In the Properties dialog box, click the Security tab, and then click Advanced. 4. Click Add, and then type the name of the application pool account. 5. Click OK. If you decide instead to use the remote Microsoft SharePoint Directory Management Service, you must know the URL for the service. This URL is typically in the format http://server:adminport/_vti_bin/SharePointEmailWS.asmx. For more information about Active Directory, see the Help documentation for Active Directory. Configure permissions to the e-mail drop folder When incoming e-mail settings are set to advanced mode, you must ensure that certain accounts have the correct permissions to the e-mail drop folder. Configure e-mail drop folder permissions for the logon account for the Windows SharePoint Services Timer service Ensure that the logon account for the Windows SharePoint Services Timer service has the Modify permission on the e-mail drop folder. If the logon account for the service does not have the Modify permission, e-mail enabled document libraries will receive duplicate e-mail messages.
  • 82. 82 Important Membership in the Administrators group on the local computer that contains the e-mail drop folder is required to complete this procedure. Configure e-mail drop folder permissions 1. In Windows Explorer, right-click the drop folder, click Properties, and then click the Security tab. 2. On the Security tab, under the Group or user names box, click the Add button. 3. In the Select Users, Computers, or Groups dialog box, in the Enter objects to select box, type the name of the logon account for the Windows SharePoint Services Timer service, and then click OK. Note This account is listed on the Log On tab of the Properties dialog box for the service in the Services console. 4. In the Permissions for User or Group box, next to Modify, select the Allow check box. 5. Click OK. Configure e-mail drop folder permissions for the application pool account for a Web application If your deployment uses different application pool accounts for Central Administration and one or more Web applications for front-end Web servers, each application account must have permissions to the e-mail drop folder. If the application pool account for the Web application does not have the required permissions, e-mail will not be delivered to document libraries on that Web application. In most cases, when you configure incoming e-mail settings and select an e-mail drop folder, permissions are added for two worker process groups: • WSS_Admin_WPG, which includes the application pool account for Central Administration and the logon account for the Windows SharePoint Services Timer service, has Full Control permission. • WSS_WPG, which includes the application pool accounts for Web applications, has Read & Execute, List Folder Contents, and Read permissions. In some cases, these groups might not be configured automatically for the e-mail drop folder. For example, if Central Administration is running as the Network Service account, the groups or accounts needed for incoming e-mail will not be added when the e-mail drop folder is created. It is a good idea to check whether
  • 83. 83 these groups have been added automatically to the e-mail drop folder. If the groups have not been added automatically, you can add them or add the specific accounts that are required. Important Membership in the Administrators group on the local computer that contains the e-mail drop folder is required to complete this procedure. Configure e-mail drop folder permissions 1. In Windows Explorer, right-click the drop folder, click Properties, and then click the Security tab. 2. On the Security tab, under the Group or user names box, click the Add button. 3. In the Select Users, Computers, or Groups dialog box, in the Enter objects to select box, type the name of the worker process group or application pool account for the Web application, and then click OK. Note This account is listed on the Identity tab of the Properties dialog box for the application pool in IIS. 4. In the Permissions for User or Group box, next to Modify, select the Allow check box. 5. Click OK. Configure DNS Manager Incoming mail requires a Mail Exchanger (MX) resource record to be added in DNS Manager for the host or subdomain running Windows SharePoint Services 3.0. This is distinct from any existing MX records in the domain. Important Membership in the Administrators group on the local computer is required to complete this procedure. Add a Mail Exchanger (MX) resource record for the subdomain 1. In DNS Manager, select the forward lookup zone for the domain that contains the subdomain for Windows SharePoint Services 3.0. 2. Right-click the zone and then click New Mail Exchanger. 3. In the Host or domain text box, type the host or subdomain name for Windows SharePoint Services 3.0. 4. In the Fully qualified domain name (FQDN) of mail server text box, type the fully qualified domain name for the server that is running Windows SharePoint Services 3.0. This is typically in the format subdomain.domain.com. 5. Click OK.
  • 84. 84 Configure attachments from Outlook 2003 Attachments to messages sent from Microsoft Outlook 2003 must be encoded in UUEncode or Binhex format to appear separately in e-mail enabled document libraries. Attachments from Outlook 2003 that use different encoding will not be listed, but e-mail messages that contain attachments will be listed. Configure incoming e-mail settings Before you can enable incoming e-mail on the server that is running Windows SharePoint Services 3.0, you must have configured the SMTP service on front- end Web servers in the farm and the Active Directory and DNS Manager on the domain controller, or you must know the name of other servers that are running these services. This procedure configures the settings that are used for incoming e-mail. You can also configure options for safe e-mail servers and the incoming e-mail display address. Important Membership in the Administrators group of the Central Administration site is required to complete this procedure. Configure incoming e-mail settings 1. On the top navigation bar, click Operations. 2. On the Operations page, in the Topology and Services section, click Incoming e-mail settings. 3. If you want to enable sites on this server to receive e-mail, on the Incoming E- mail Settings page, in the Enable Incoming E-Mail section, click Yes. 4. Select either the Automatic or the Advanced settings mode. If you select Advanced, you can specify a drop folder instead of using an SMTP server. 5. If you want to connect to the SharePoint Directory Management Service, in the Directory Management Service section, click Yes. a. In the Active Directory container where new distribution groups and contacts will be created box, type the name of the container in the format OU=ContainerName, DC=domain, DC=com, where ContainerName is the name of the organizational unit in Active Directory, domain is the second-level domain, and com is the top-level domain. Note The Central Administration application pool account must be delegated the Create, delete, and manage user accounts task for the container. Access is configured in the properties for the organizational unit in Active
  • 85. 85 Directory. b. In the SMTP mail server for incoming mail box, type the name of the SMTP mail server. The server name must match the fully qualified domain name in the MX entry for the mail server in DNS Manager. c. To accept only messages from authenticated users, click Yes for Accept messages from authenticated users only. Otherwise, click No. d. To allow creation of distribution groups from SharePoint sites, click Yes for Allow creation of distribution groups from SharePoint sites. Otherwise, click No. e. Under Distribution group request approval settings, select the actions that will require approval. Actions include the following: • Create new distribution group • Change distribution group e-mail address • Change distribution group title and description • Delete distribution group 6. If you want to use a remote SharePoint Directory Management Web Service, select Use remote. a. In the Directory Management Service URL box, type the URL of the Microsoft SharePoint Directory Management Service that you want to use. b. In the SMTP mail server for incoming mail box, type the name of the SMTP mail server. The server name must match the fully qualified domain name in the MX entry for the mail server in DNS Manager on the domain server. c. To accept messages from authenticated users only, click Yes for Accept messages from authenticated users only. Otherwise, click No. d. To allow creation of distribution groups from SharePoint sites, click Yes for Allow creation of distribution groups from SharePoint sites. Otherwise, click No. 7. If you do not want to use the Microsoft SharePoint Directory Management Service, click No. 8. In the Incoming E-Mail Server Display Address section, type a display name for the e-mail server (for example, mail.fabrikam.com) in the E-mail server display address box. Tip You can specify the e-mail server address that is displayed when users create an incoming e-mail address for a list or group. Use this setting together with the Microsoft SharePoint Directory Management Service to provide an e-mail server address that is more user-friendly. 9. In the Safe E-Mail Servers section, select one of the following options: • Accept mail from all e-mail servers • Accept mail from these safe e-mail servers. If you select this option, type the IP addresses (one per line) of the e-mail servers that you want to specify as safe in the corresponding box. 10. In the E-mail Drop Folder section, in the E-mail drop folder box, type the
  • 86. 86 name of the folder in which Microsoft Windows SharePoint Services polls for incoming e-mail from the SMTP service. This option is available only if you selected advanced mode. 11. Click OK. Configuring incoming e-mail on SharePoint sites After configuring incoming e-mail settings, site administrators can configure e- mail enabled lists and document libraries. For more information about e-mail enabled document libraries, see the Help documentation for site administrators. Contact addresses created for these document libraries appear automatically in Active Directory Users and Computers under the organizational unit for Windows SharePoint Services 3.0, and must be managed by the administrator of Active Directory. The Active Directory administrator can add more e-mail addresses for each contact. For more information about how to manage contacts in Active Directory, see the Help documentation for Active Directory. Alternatively, the Exchange Server can be configured by adding a new Exchange Server Global recipient policy to automatically add external addresses that use the second-level domain name and not the subdomain or host for Windows SharePoint Services 3.0. For more information about how to manage Exchange Server, see the Help documentation for Exchange Server.
  • 87. 87 Configure outgoing e-mail settings (Windows SharePoint Services) In this article: • Install and configure the SMTP service • Configure outgoing e-mail settings Use this procedure to configure the default outgoing e-mail settings for all Web applications. You can override the default outgoing e-mail settings for specific Web applications by using the procedure that is described in Configure outgoing e- mail settings for a specific Web application (Windows SharePoint Services). Install and configure the SMTP service Before you can enable outgoing e-mail, you must install the Internet Information Services (IIS) Simple Mail Transfer Protocol (SMTP) service. After determining which SMTP server to use, the SMTP server must be configured to allow anonymous access and to allow e-mail messages to be relayed. Additionally, the SMTP server must have Internet access if you want the ability to send messages to external e-mail addresses, or it must be able to relay authenticated e-mail to a server that has Internet access. The SMTP server that you use can be a server in the farm, or another server. Install the SMTP service The SMTP service is a component of IIS. Important Membership in the Administrators group on the local computer is required to complete this procedure. Install the SMTP service 1. In Control Panel, click Add or Remove Programs. 2. In Add or Remove Programs, click Add/Remove Windows Components. 3. In the Windows Components Wizard, in the Components box, click Application Server, and then click the Details button. 4. In the Application Server dialog box, in the Subcomponents of
  • 88. 88 Application Server box, click Internet Information Services (IIS), and then click the Details button. 5. In the Internet Information Services (IIS) dialog box, select the SMTP Service check box. 6. Click OK to return to the Application Server dialog box. 7. Click OK to return to the main page of the Windows Components Wizard. 8. Click Next. 9. When Windows has finished installing the SMTP service, on the Completing the Windows Components Wizard page, click Finish. Configure the SMTP service After installing the SMTP service, configure the service to accept relayed e-mail from servers in your farm. You can decide to accept relayed e-mail from all servers except those you specifically exclude. Alternatively, you can block e-mail from all servers except those you specifically include. You can include servers individually, or in groups by subnet or domain. By enabling both anonymous access and e-mail relaying, you increase the possibility that the SMTP server will be used to relay unsolicited commercial e- mail (spam). It is important to limit this possibility by carefully configuring your mail servers to help protect against spam. One way that you can do this is by limiting relaying to a specific list of servers or domain, and preventing relaying from all other servers. Important Membership in the Administrators group on the local computer is required to complete this procedure. Configure the SMTP service 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In IIS Manager, expand the server name that contains the SMTP server that you want to configure. 3. Right-click the SMTP virtual server that you want to configure, and then click Properties. 4. On the Access tab, under Access control, click Authentication. 5. In the Authentication dialog box, under Select acceptable authentication methods for this resource, verify that Anonymous access is selected. 6. Click OK. 7. On the Access tab, under Relay restrictions, click Relay. 8. To enable relaying from any server, under Select which computer may
  • 89. 89 relay through this virtual server, select All except the list below. 9. To accept relaying from one or more specific servers, follow these steps: a. Under Select which computer may relay through this virtual server, select Only the list below. b. Click Add, and then add servers one at a time by IP address, or in groups by using a subnet or domain. c. Click OK to close the Computer dialog box. 10. Click OK to close the Relay Restrictions dialog box. 11. Click OK to close the Properties dialog box. Configure outgoing e-mail settings Important Membership in the Farm Administrators group of the Central Administration site is required to complete this procedure. Configure outgoing e-mail settings 1. On the top navigation bar of the SharePoint Central Administration Web site, click Operations. 2. On the Operations page, in the Topology and Services section, click Outgoing e-mail settings. 3. On the Outgoing E-Mail Settings page, in the Mail Settings section, type the SMTP server name for outgoing e-mail (for example, mail.example.com) in the Outbound SMTP server box. 4. In the From address box, type the e-mail friendly address as you want it to appear to e-mail recipients. 5. In the Reply-to address box, type the e-mail address to which you want e- mail recipients to reply. 6. In the Character set menu, select the character set that is appropriate for your language. 7. Click OK.
  • 90. 90 Configure outgoing e-mail settings for a specific Web application (Windows SharePoint Services) In this article: • Install and configure the SMTP service • Configure outgoing e-mail settings Use this procedure to configure the outgoing e-mail settings for a specific Web application. Before using this procedure, you must first configure the default outgoing e-mail settings for all Web applications by using the procedure described in Configure outgoing e-mail settings (Windows SharePoint Services). Install and configure the SMTP service Before you can enable outgoing e-mail, you must install the Internet Information Services (IIS) Simple Mail Transfer Protocol (SMTP) service. After determining which SMTP server to use, the SMTP server must be configured to allow anonymous access and to allow e-mail messages to be relayed. Additionally, the SMTP server must have Internet access if you want the ability to send messages to external e-mail addresses, or it must be able to relay authenticated e-mail to a server that has Internet access. The SMTP server that you use can be a server in the farm, or another server. Install the SMTP service The SMTP service is a component of IIS. Important Membership in the Administrators group on the local computer is required to complete this procedure. Install the SMTP service 1. In Control Panel, click Add or Remove Programs. 2. In Add or Remove Programs, click Add/Remove Windows Components. 3. In the Windows Components Wizard, in the Components box, click
  • 91. 91 Application Server, and then click the Details button. 4. In the Application Server dialog box, in the Subcomponents of Application Server box, click Internet Information Services (IIS), and then click the Details button. 5. In the Internet Information Services (IIS) dialog box, select the SMTP Service check box. 6. Click OK to return to the Application Server dialog box. 7. Click OK to return to the main page of the Windows Components Wizard. 8. Click Next. 9. When Windows has finished installing the SMTP service, on the Completing the Windows Components Wizard page, click Finish. Configure the SMTP service After installing the SMTP service, configure the service to accept relayed e-mail from servers in your farm. You can decide to accept relayed e-mail from all servers except those you specifically exclude. Alternatively, you can block e-mail from all servers except those you specifically include. You can include servers individually, or in groups by subnet or domain. By enabling both anonymous access and e-mail relaying, you increase the possibility that the SMTP server will be used to relay unsolicited commercial e- mail (spam). It is important to limit this possibility by carefully configuring your mail servers to help protect against spam. One way that you can do this is by limiting relaying to a specific list of servers or domain, and preventing relaying from all other servers. Important Membership in the Administrators group on the local computer is required to complete this procedure. Configure the SMTP service 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In IIS Manager, expand the server name that contains the SMTP server that you want to configure. 3. Right-click the SMTP virtual server that you want to configure, and then click Properties. 4. On the Access tab, under Access control, click Authentication. 5. In the Authentication dialog box, under Select acceptable authentication methods for this resource, verify that Anonymous access is selected. 6. Click OK.
  • 92. 92 7. On the Access tab, under Relay restrictions, click Relay. 8. To enable relaying from any server, under Select which computer may relay through this virtual server, select All except the list below. 9. To accept relaying from one or more specific servers, follow these steps: a. Under Select which computer may relay through this virtual server, select Only the list below. b. Click Add, and then add servers one at a time by IP address, or in groups by using a subnet or domain. c. Click OK to close the Computer dialog box. 10. Click OK to close the Relay Restrictions dialog box. 11. Click OK to close the Properties dialog box. Configure outgoing e-mail settings Important Membership in the Farm Administrators group of the Central Administration site is required to complete this procedure. Configure outgoing e-mail settings 1. On the top navigation bar of the SharePoint Central Administration Web site, click Application Management. 2. On the Application Management page, in the SharePoint Web Application Management section, click Web application outgoing e-mail settings. 3. On the Web Application E-Mail Settings page, select a Web application by using the Web Application menu in the Web Application section. 4. In the Mail Settings section, type the SMTP server name for outgoing e-mail (for example, type mail.fabrikam.com) in the Outbound SMTP server box. 5. In the From address box, type the e-mail friendly address as you want it to appear to e-mail recipients. 6. In the Reply-to address box, type the e-mail address to which you want e- mail recipients to reply. 7. On the Character set menu, click the character set that is appropriate for your language. 8. Click OK.
  • 93. 93 Configure workflow settings (Windows SharePoint Services) Use this procedure to configure the workflow settings for Microsoft Windows SharePoint Services 3.0. Workflow settings are configured at the Web application level, enabling you to configure different settings for different Web applications. When you configure workflow settings, you must first select the Web application to configure. Site administrators can create workflows from the Site Settings page for the site or site collection. By default, end users can create their own workflows by using code already deployed by an administrator. You can also choose to limit workflow creation to site administrators. By default, workflows can include users who do not have site access. Users without site access who attempt to complete the task assigned to them will be directed to the Request Permissions page. If you do not enable alerts for internal users without site access, workflows that include those users will not generate alerts for those users. By default, external users cannot participate in workflows, and external users included in workflows will not be alerted. You can choose to allow external users to participate in workflows by sending copies of documents to those users by e- mail. Configuring workflow settings Note Membership in the Administrators group of the Central Administration site is required to complete this procedure. Configure workflow settings 1. On the top navigation bar, click Application Management. 2. On the Application Management page, in the Workflow Management section, click Workflow settings. 3. On the Workflow Settings page, in the Web Application section, the current Web application is displayed in the Web Application menu. To configure the
  • 94. 94 settings for a different Web application, click Change Web Application, and then select a new Web application on the Select Web Application page. 4. In the User-Defined Workflows section, select Yes if you want to enable user-defined workflows, or select No if you do not want to enable user-defined workflows. 5. In the Workflow Task Notifications section, under Alert internal users who do not have site access when they are assigned a workflow task, select Yes if you want internal users without site access to be sent an e-mail alert when a task is assigned to them. Users attempting to complete the task by using the link in the alert will be directed to the Request Permissions page. If you do not want internal users without site access to be sent an e-mail alert when a task is assigned to them, select No. 6. Under Allow external users to participate in workflow by sending them a copy of the document, select Yes if you want documents to be sent to external users by e-mail when those users are part of the workflow but they do not have access permissions to the documents. If you do not want documents to be sent to external users who do not have access permissions, select No. Note If the object in the workflow is not a document but a list item, the list item properties are displayed in a table as part of the e-mail message. 7. Click OK.
  • 95. 95 Configure diagnostic logging settings (Windows SharePoint Services) In this article: • Customer Experience Improvement Program • Error reports • Event throttling • Configuring diagnostic logging settings Use this procedure to configure the diagnostic logging settings for Microsoft Windows SharePoint Services 3.0. You can configure how diagnostic events are logged according to their criticality. Additionally, you can set the maximum number of log files that can be maintained, and you can set how long to capture events to a single log file. You can also indicate whether or not to provide Microsoft with continuous improvement and Dr. Watson event data. Customer Experience Improvement Program The Customer Experience Improvement Program (CEIP) is designed to improve the quality, reliability, and performance of Microsoft® products and technologies. With your permission, anonymous information about your server will be sent to Microsoft to help us improve SharePoint® Products and Technologies. For more information, see the Customer Experience Improvement Program privacy statement (http://go.microsoft.com/fwlink/?LinkID=84784&clcid=0x409). Error reports Error reports are created when your system encounters hardware or software problems. Microsoft and its partners actively use these reports to improve the reliability of your software. Error reports include the following: information regarding the condition of the server when the problem occurs; the operating system version and computer hardware in use; and the Digital Product ID, which
  • 96. 96 can be used to identify your license. The IP address of your computer is also sent because you are connecting to an online service to send error reports; however, the IP address is used only to generate aggregate statistics. Microsoft does not intentionally collect any personal information. However, error reports could contain data from log files, such as user names, IP addresses, URLs, file or path names, and e-mail addresses. Although this information, if present, could potentially be used to determine your identity, the information will not be used in this way. The data that Microsoft collects will be used only to fix problems and to improve software and services. Error reports will be sent by using encryption technology to a database with limited access, and will not be used for marketing purposes. For more information, see the Microsoft Error Reporting Service privacy statement (http://go.microsoft.com/fwlink/?LinkId=85028&clcid=0x409). If you want to provide error reports to Microsoft and its partners, select the option to collect error reports. Base your decision on your organization's policies about sharing the information collected by error reports, and the potential impact of error collection on users and administrators. Two options are available for error reports: • You can choose to periodically download a file from Microsoft that can help identify system problems based on the error reports that you provide to Microsoft. • You can change the error collection policy to silently send all reports. This changes the computer's error reporting behavior to automatically send reports to Microsoft without prompting users when they log on. Event throttling You can configure the diagnostic options for event logging. Events can be logged in either the Windows® event log or the trace log. You can configure event throttling settings to control how many events are recorded in each log, according to the criticality of the events. To provide more control in event throttling, you can decide to throttle events for all events, or for any single category of events. Several categories of events are available, based on different services and features of SharePoint Products and Technologies.
  • 97. 97 Categories of events can be defined by individual services or by groupings of related events. Selected event categories include: • All • Categories defined by product, such as Office SharePoint Server 2007 and Microsoft Office Project Server 2007 • Administrative functions such as Administration, Backup and Recovery, Content Deployment, and Setup and Upgrade • Feature areas such as Document Management, E-Mail, Forms Services, Information Policy Management, Information Rights Management, Publishing, Records Center, Site Directory, Site Management, User Profiles, and Workflow • SharePoint Services and other services such as the Load Balancer Service • Shared services such as all Office Server Shared Services, Business Data, and Excel Calculation Services For the selected category, select the least-critical event to record, for both the Windows event log and the trace log. Events that are equally critical to or more critical than the selected event will be recorded in each log. The list entries are sorted in order from most-critical to least-critical. The levels of events for the Windows event log include: • None • Error • Warning • Audit Failure • Audit Success • Information The levels of events for the trace log include: • None • Unexpected • Monitorable • High • Medium • Verbose For more information about the Windows event log or the trace log, see the Windows documentation.
  • 98. 98 Configuring diagnostic logging settings Note Membership in the Administrators group of the Central Administration site is required to complete this procedure. Configure diagnostic logging settings 1. On the top navigation bar, click Operations. 2. On the Operations page, in the Logging and Reporting section, click Diagnostic logging. 3. On the Diagnostic Logging page, in the Customer Experience Improvement Program section, under Sign Up for the Customer Experience Improvement Program, select one of the following options: • Yes, I am willing to participate anonymously in the Customer Experience Improvement Program (Recommended). • No, I don't wish to participate. If you select Yes, users can decide whether they want to report Customer Experience Improvement Program events to Microsoft. 4. In the Error Reports section, under Error reporting, select one of the following: • Collect error reports. If you select this option, you can also select or clear two options to control how error reports are collected: • Periodically download a file that can help identify system problems. • Change this computer's error collection policy to silently send all reports. This changes the computer's error reporting behavior to automatically send reports to Microsoft without prompting users when they log on. • Ignore errors and don't collect information. 5. In the Event Throttling section, in the Select a category menu, select a category of events: a. In the Least critical event to report to the event log menu, select the least-critical event to report to the event log for the selected category. b. In the Least critical event to report to the trace log menu, select the least-critical event to report to the trace log for the selected category. 6. In the Trace Log section, in the Path text box, type the local path to use for the trace log on all servers in the farm. The location must exist on all servers in the farm. a. In the Number of log files text box, type the maximum number of files that you want to maintain. b. In the Number of minutes to use a log file text box, type the number of minutes to use each log file. 7. Click OK.
  • 99. 99
  • 100. 100 Configure anti-virus settings (Windows SharePoint Services) Use this procedure to configure the antivirus settings for Microsoft Windows SharePoint Services 3.0. You can activate antivirus measures only after installing a compatible antivirus scanner. In a server farm, you must install antivirus software on every front-end Web server in the server farm. You can configure four antivirus settings: • Scan documents on upload: Select this setting to scan uploaded documents. This helps prevent users with infected documents from distributing them to other users. • Scan documents on download: Select this setting to scan downloaded documents. This helps prevent users from downloading infected documents by warning them about infected files. Users can still choose to download infected files, unless the option to allow users to download infected documents is not selected. • Allow users to download infected documents: If this option is selected, users can download infected documents. In most cases, do not select this option. Unless you have a specific reason to download infected documents, such as troubleshooting a virus infection on your system, do not select this option. • Attempt to clean infected documents: Select this setting to automatically clean infected documents that were discovered during scanning. Administrative credentials Membership in the Administrators group of the Central Administration site is required to complete this procedure. Configure antivirus settings 1. On the top navigation bar, click Operations. 2. On the Operations page, in the Security Configuration section, click Antivirus. 3. On the Antivirus page, in the Antivirus Settings section, select one or all of the following:
  • 101. 101 • Scan documents on upload • Scan documents on download • Allow users to download infected documents • Attempt to clean infected documents 4. Click OK.
  • 102. 102 Configure Web SSO authentication by using ADFS (Windows SharePoint Services) In this article: • About federated authentication systems • Before you begin • Configuring your extranet Web application to use Web SSO authentication • Allowing users access to your extranet Web site • Working with the People Picker • Working with groups and organizational claims About federated authentication systems Microsoft Windows SharePoint Services 3.0 provides support for federated authentication scenarios where the authentication system is not local to the computer that hosts Windows SharePoint Services 3.0. Federated authentication systems are also known as Web single sign-on (SSO) systems. With Active Directory Federation Services (ADFS), people in one company can access servers hosted by a different company by using their existing Active Directory accounts. ADFS also establishes a trust relationship between the two companies and a seamless one-time logon experience for end users. ADFS relies on 302 redirects to authenticate end users. Users are issued an authentication token (cookie) after they are authenticated. Before you begin Before you use ADFS to configure Web SSO authentication for your extranet Web application, you should become familiar with the following resources: • Microsoft SharePoint Products and Technologies Team Blog entry about configuring multiple authentication providers (http://blogs.msdn.com/sharepoint/archive/2006/08/16/configuring- multiple-authentication-providers-for-sharepoint-2007.aspx). • Step-by-Step Guide for Active Directory Federation Services (http://www.microsoft.com/downloads/thankyou.aspx?
  • 103. 103 familyId=062F7382-A82F-4428-9BBD- A103B9F27654&displayLang=en). The server names and examples used in this article are based on this step-by-step guide, which describes setting up ADFS in a small lab environment. In this environment, a new server named Trey-SharePoint is joined to the Trey Research forest. Follow the steps in the step-by-step guide to configure your ADFS infrastructure. However, because this article describes how to configure Windows SharePoint Services 3.0 in a claims-aware application mode, you do not have to implement all the steps for building Windows NT token agent applications that are described in the step-by-step guide. Configuring your extranet Web application to use Web SSO authentication 1. Download and install the hot fix for ADFS described in The role provider and the membership provider cannot be called from Windows SharePoint Services 3.0 on a Windows Server 2003 R2-based computer that is running ADFS and Microsoft Windows SharePoint Services 3.0 (http://support.microsoft.com/kb/920764/en-us). This hot fix will be included in Windows Server 2003 Service Pack 2 (SP2). 2. Install Windows SharePoint Services 3.0, configure all the services and servers in the farm, and then create a new Web application. By default, this Web application will be configured to use Windows authentication, and it will be the entry point through which your intranet users will access the site. In the example used in this article, the site is named http://trey-moss. 3. Extend the Web application that you created in step 2 in another zone. On the Application Management page in the SharePoint Central Administration Web site, click Create or Extend Web Application, click Extend an existing Web Application, and then do the following: a. Add a host header. This is the DNS name by which the site will be known to users in the extranet. In this example, the name is extranet.treyresearch.net. b. Change the zone to Extranet. c. Give the site a host header name that you will configure in DNS for your extranet users to resolve against. d. Click Use Secure Sockets Layer (SSL), and change the port number to 443. ADFS requires that sites be configured to use SSL. e. In the Load Balanced URL box, delete the text string :443. Internet Information Services (IIS) will automatically use port 443 because you specified the port number in the previous step.
  • 104. 104 f. Complete the rest of the steps on the page to finish extending the Web application. 4. On the Alternate Access Mappings (AAM) page, verify that the URLs resemble the following table. Internal URL Zone Public URL for Zone http://trey-moss Default http://trey-moss https://extranet.treyresearch.net Extranet https://extranet.treyresearch.net 5. Add an SSL certificate to the Extranet Web Site in IIS. Make sure that this SSL certificate is issued to extranet.treyresearch.net, because this is the name that clients will use when they access the sites. 6. Configure the Authentication provider for the extranet zone on your Web application to use Web SSO by doing the following: a. On the Application Management page of your farm’s Central Administration site, click Authentication Providers. b. Click Change in the upper-right corner of the page, and then select the Web application on which you want to enable Web SSO. c. In the list of two zones that are mapped for this Web application (both of which should say Windows), click the Windows link for the Extranet zone. d. In the Authentication Type section, click Web Single Sign On. e. In the Membership provider name box, type SingleSignOnMembershipProvider2 Make a note of this value; you will be adding it to the name element of the <membership> section in the web.config files that you will edit later in this procedure. f. In the Role manager name box, type SingleSignOnRoleProvider2 Make a note of this value; you will be adding it to the name element of the <roleManager> section in the web.config files you will edit later in this procedure. g. Click Save. Your extranet Web application is now configured to use Web SSO. However, at this point, the site will be inaccessible because no one has permissions to it. The next step is to assign permissions to users so that they can access this site.
  • 105. 105 Allowing users access to your extranet Web site 1. Use a text editor to open the web.config file for the Web site on the default zone that is using Windows authentication. 2. Add the following entry anywhere in the <system.web> node. <membership> <providers> <add name=quot;SingleSignOnMembershipProvider2quot; type=quot;System.Web.Security.SingleSignOn.SingleSignOnMembershipProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35quot; fs=quot;https://fs- server/adfs/fs/federationserverservice.asmxquot; /> </providers> </membership> <roleManager enabled=quot;truequot; defaultProvider=quot;AspNetWindowsTokenRoleProviderquot;> <providers> <remove name=quot;AspNetSqlRoleProviderquot; /> <add name=quot;SingleSignOnRoleProvider2quot; type=quot;System.Web.Security.SingleSignOn.SingleSignOnRoleProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35quot; fs=quot;https://fs- server/adfs/fs/federationserverservice.asmxquot; /> </providers> </roleManager> 3. Change the value for fs-server to reflect your resource Federation Server (adfsresource.treyresearch.net). Ensure that you entered the correct membership provider and the role manager names on the Central Administration Authentication Providers page. When this entry is added to web.config, the People Picker on the default zone site that is using Windows authentication is able to know about the ADFS providers and, therefore, can resolve the ADFS claims. This enables you to grant permissions to the ADFS claims on your Web site. 4. Grant ADFS claims access to the site by doing the following: a. Navigate to the Web site on the default zone that uses Windows authentication as an administrator of the site. b. Click the Site Actions menu, point to Site Settings, and then click Advanced Permissions. c. Click New, and then click Add Users. d. To add a user claim, specify their e-mail address or User Principal Name in the Users/Groups section. e. To add a group claim, type the name of the claim you want the SharePoint site to use in the Users/Groups section. For example, create an organizational group claim named Adatum Contributers on the Federation Server. Add the claim name Adatum Contributers to the Sharepoint site as you would a Windows user or group. You can assign this claim Home Members [Contribute],
  • 106. 106 and then any user who accesses the SharePoint site by using this group claim will have Contributor access to the site. f. Select the appropriate permission level or SharePoint group. g. Click OK. 5. Use the text editor of your choice to open the web.config file for the extranet site, and add the following entry in the <configSections> node. <sectionGroup name=quot;system.webquot;> <section name=quot;webssoquot; type=quot;System.Web.Security.SingleSignOn.WebSsoConfigurationHandler, System.Web.Security.SingleSignOn, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, Custom=nullquot; /> </sectionGroup> 6. Add the following entry to the <httpModules> node <add name=quot;Identity Federation Services Application Authentication Modulequot; type=quot;System.Web.Security.SingleSignOn.WebSsoAuthenticationModule, System.Web.Security.SingleSignOn, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, Custom=nullquot; /> Note The ADFS authentication module should always be specified after the Sharepoint SPRequest module in the <httpModules> node of the web.config file. It is safest to add it as the last entry in that section. 7. Add the following entry anywhere under the <system.web> node. <membership defaultProvider=quot;SingleSignOnMembershipProvider2quot;> <providers> <add name=quot;SingleSignOnMembershipProvider2quot; type=quot;System.Web.Security.SingleSignOn.SingleSignOnMembershipProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35quot; fs=quot;https://fs- server/adfs/fs/federationserverservice.asmxquot; /> </providers> </membership> <roleManager enabled=quot;truequot; defaultProvider=quot;SingleSignOnRoleProvider2quot;> <providers> <add name=quot;SingleSignOnRoleProvider2quot; type=quot;System.Web.Security.SingleSignOn.SingleSignOnRoleProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35quot; fs=quot;https://fs- server/adfs/fs/federationserverservice.asmxquot; /> </providers> </roleManager> <websso> <authenticationrequired /> <auditlevel>55</auditlevel> <urls> <returnurl>https://your_application</returnurl> </urls> <fs>https://fs-server/adfs/fs/federationserverservice.asmx</fs> <isSharePoint /> </websso>
  • 107. 107 Note Change the value for fs-server to your Federation Server computer, and change the value of your_application to reflect the URL of your extranet Web application. 8. Browse to the https://extranet.treyresearch.net Web site as an ADFS user who has permissions to the extranet web site. About using Central Administration You can also use Central Adminstration policy to grant rights to ADFS users, but it is best not to use that method for the following reasons: • Granting rights by policy is a very coarse operation. It allows the user (or group) to have the same set of rights in every Web site, in every site collection on the whole Web application. It should be used very judiciously; in this particular scenario, we can grant access to ADFS users without using this method. • After the sites are being used in an extranet environment, it is very likely that the internal users will be responsible for granting access to sites and content. Because only the farm administrators have access to the Central Administration site, it makes the most sense that internal users can add ADFS claims from the default zone site that is using Windows authentication. • As you extend Web applications by using different providers, you can configure one or more of them to be able to find users and groups from various providers that you are using on that Web application. In this scenario, we configured our site that uses Windows authentication in a way that allows users of that site to select other Windows users, Windows groups, and ADFS claims, all from one site. Working with the People Picker The People Picker cannot perform wildcard searches for searching roles. If you have a Web SSO Role provider role named Readers, and you type Read in the People Picker search dialog box, it will not find your claim. If you type Readers, it will. This is not a bug, you just cannot perform wildcard searching by using the Role provider. Command-line executable files like stsadm.exe will not be able to resolve the ADFS claims by default. For example, you might want to add a new user to the extranet site by using the stsadm.exe –o adduser command. To enable Stsadm (or
  • 108. 108 other executable file) to resolve users, create a new config file by doing the following: • Create a new file named stsadm.exe.config in the same directory where stsadm.exe is located (%programfiles%Common FilesMicrosoft Shared DebugWeb Server Extensions12BIN). Add the following entry in the stsadm.exe.config file: <configuration> <system.web> <membership defaultProvider=quot;SingleSignOnMembershipProvider2quot;> <providers> <add name=quot;SingleSignOnMembershipProvider2quot; type=quot;System.Web.Security.SingleSignOn.SingleSignOnMembershipProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35quot; fs=quot;https://fs- server/adfs/fs/federationserverservice.asmxquot; /> </providers> </membership> <roleManager enabled=quot;truequot; defaultProvider=quot;SingleSignOnRoleProvider2quot;> <providers> <add name=quot;SingleSignOnRoleProvider2quot; type=quot;System.Web.Security.SingleSignOn.SingleSignOnRoleProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35quot; fs=quot;https://fs- server/adfs/fs/federationserverservice.asmxquot; /> </providers> </roleManager> </system.web> </configuration> Note Change the value of fs-server to your resource Federation Server (adfsresource.treyresearch.net). Working with groups and organizational group claims In Windows SharePoint Services 3.0, rights can be assigned to Active Directory groups by adding them to a SharePoint group or directly to a permission level . The level of permissions a given user has on a site is calculated based on the Active Directory groups the user is a member of, the SharePoint groups the user belongs to, and any permission levels that the user has been directlyadded to. When you use ADFS as a role provider in Windows SharePoint Services 3.0, the process is different. There is no way for the Web SSO provider to directly resolve an Active Directory group; instead, it resolves membership by using organizational group claims. When you use ADFS with Windows SharePoint Services 3.0, you must create a set of organizational group claims in ADFS. You
  • 109. 109 can then associate multiple Active Directory groups with an ADFS organizational group claim. In the Adatum (Account Forest), do the following: 1. Create an Active Directory group named Trey SharePoint Readers. 2. Create an Active Directory group named Trey SharePoint Contributors. 3. Add Alansh to the Readers group and Adamcar to the Contributors group. 4. Create an organizational group claim named Trey SharePoint Readers. 5. Create an organizational group claim named Trey SharePoint Contributors. 6. Right-click the Active Directory account store, and then click New Group Claim Extraction. a. Select the Trey SharePoint Readers organizational group claim, and then associate it with the Trey SharePoint Readers Active Directory group. b. Repeat step 6, and then associate the Trey SharePoint Contributors group claim with the Trey SharePoint Contributors Active Directory group. 7. Right-click the Trey Research Account Partner, and then create the outgoing claim mappings: a. Select the Trey SharePoint Reader claim, and then map to outgoing claim adatum-trey-readers. b. Select the Trey SharePoint Contributor claim, and then map to outgoing claim adatum-trey-contributors. Note The claim mapping names must be agreed on between the organizations, and they must match exactly. On the Trey Research side, start ADFS.MSC, and then do the following: 1. Create an organizational group claim named Adatum SharePoint Readers. 2. Create an organizational group claim named Adatum SharePoint Contributors. 3. Create incoming group mappings for your claims: a. Right-click the Adatum account partner, and then click Incoming Group Claim Mapping. b. Select Adatum SharePoint Readers, and then map it to the incoming claim name adatum-trey-readers.
  • 110. 110 c. Select Adatum SharePoint Contributors, and then map it to the incoming claim name adatum-trey-contributors. 4. Right-click the Windows SharePoint Services 3.0 Web application, and then click Enable on both the Reader and Contributor claims. Browse to the http://trey-moss site on the Trey Research side as the site administrator, and then do the following: 1. Click the Site Actions menu, point to Site Settings, and then click People and Groups. 2. If it is not already selected, click the Members group for your site. 3. Click New, and then click Add Users on the toolbar. 4. Click the address book icon next to the Users/Groups box. 5. In the Find box in the People Picker dialog box, type Adatum SharePoint Readers In the Give Permission section, select SharePoint group home Visitors [Readers]. 6. In the Find box, type Adatum SharePoint Contributors In the Give Permission section, select SharePoint group home Members [Contribute].
  • 111. 111 Run the Best Practices Analyzer Tool (Windows SharePoint Services) You can run the Best Practices Analyzer tool to check for common issues and best security practices. The tool generates a report that can help you optimize the configuration of your system. The tool can be run locally or from a server that is not attached to the server farm. To download the tool, click Microsoft Best Practices Analyzer for (http://go.microsoft.com/fwlink/?LinkID=83335&clcid=0x409).
  • 112. 112 C. Deploy and configure SharePoint sites
  • 113. 113 Chapter overview: Deploy and configure SharePoint sites (Windows SharePoint Services) After you have installed Microsoft Windows SharePoint Services 3.0 and performed the other configuration tasks for your servers, you are ready to begin creating SharePoint sites. In this chapter: • Create or extend Web applications (Windows SharePoint Services) SharePoint sites are hosted by Web applications, so you must create one or more Web applications before you can create any sites. This article covers how to create a Web application, or how to extend a Web application to host the same content as another Web application. • Create zones for Web applications (Windows SharePoint Services) Each Web application can have as many as five zones, and each zone can have a different authentication method. A default zone is automatically created when you create a Web application. This article helps you configure any additional zones you need. • Create quota templates (Windows SharePoint Services) Quota templates enable you to set a limit on how large a site collection can become. This article helps you configure the quota templates you want to use for any site collections you create. • Configure alternate access mapping (Windows SharePoint Services) Alternate access mapping enables you to assign different URLs to the same site (for example, you can configure access via the HTTP protocol for internal users and via the HTTPS protocol for external users). Alternate access mapping settings are configured per zone at the Web application level. Although the settings can be configured at any time, it is useful to configure alternate access mapping before you create your SharePoint sites. This article helps you configure alternate access mapping for a Web application. • Create site collections (Windows SharePoint Services) After you have configured the settings that the previous articles describe, you can create a site collection. This article helps you create a site collection from Central Administration and assign primary and secondary owners. If you want to allow users to create their own sites, you need to configure Self-Service
  • 114. 114 Site Management for the Web application. For more information about choosing a method to use for site creation, see Plan process for creating sites [Windows SharePoint Services]. • Prepare to crawl host-named sites that use forms authentication If you are using host-named sites with forms authentication, you need to configure additional settings for search. This article helps you configure host-named sites for search crawls. • Prepare to crawl host-named sites that use Basic authentication If you are using host-named sites with Basic authentication, you need to configure additional settings for search. This article helps you configure host-named sites for search crawls. • Add site content (Windows SharePoint Services) After you have created your site collection, you can begin adding site content. This article provides links to information that can help you add content to your sites. • Enable access for end users (Windows SharePoint Services) After you have created your site, you can add users and grant them access to the site. This article helps you add users to a site collection.
  • 115. 115 Create or extend Web applications (Windows SharePoint Services) Before you can create a site or a site collection, you must first create a Web application. A Web application is comprised of an Internet Information Services (IIS) site with a unique application pool. When you create a new Web application, you also create a new database and define the authentication method used to connect to the database. If you are in an extranet environment where you want different users to access content by using different domains, you might also need to extend a Web application to another IIS Web site. This action exposes the same content to different sets of users by using an additional IIS Web site to host the same content. In this article: • Create a new Web application • Extend an existing Web application Create a new Web application Create a new Web application 1. In the SharePoint Central Administration Web site, on the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 2. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Create a new Web application. 3. On the Create New Web Application page, in the IIS Web Site section, you can configure the settings for your new Web application. a. To choose to use an existing Web site, select Use an existing Web site, and specify the Web site on which to install your new Web application by selecting it from the drop-down menu. b. To choose to create a new Web site, select Create a new IIS Web site, and type the name of the Web site in the Description box. c. In the Port box, type the port number you want to use to access the Web application. If you are creating a new Web site, this field is populated with a suggested port number. If you are using an existing Web site, this field is populated with the current port number. d. In the Host Header box, type the URL you want to use to access the Web
  • 116. 116 application. This is an optional field. e. In the Path box, type the path to the site directory on the server. If you are creating a new Web site, this field is populated with a suggested path. If you are using an existing Web site, this field is populated with the current path. 4. In the Security Configuration section, configure authentication and encryption for your Web application. a. In the Authentication Provider section, choose either Negotiate (Kerberos) or NTLM. Note To enable Kerberos authentication, you must perform additional configuration. For more information about authentication methods, see Plan authentication methods (Windows SharePoint Services). b. In the Allow Anonymous section, choose Yes or No. If you choose to allow anonymous access, this enables anonymous access to the Web site by using the computer-specific anonymous access account (that is, IUSR_<computername>). Note If you want users to be able to access any site content anonymously, you must enable anonymous access for the entire Web application. Then later, site owners can configure how anonymous access is used within their sites. For more information about anonymous access, see Choose which security groups to use (Windows SharePoint Services). c. In the Use Secure Sockets Layer (SSL) section, select Yes or No. If you choose to enable SSL for the Web site, you must configure SSL by requesting and installing an SSL certificate. Important If you use SSL, you must add the appropriate certificate on each server by using IIS administration tools. For more information about using SSL, see Plan for secure communication within a server farm (Windows SharePoint Services). 5. In the Load Balanced URL section, type the URL for the domain name for all sites that users will access in this Web application. This URL domain will be used in all links shown on pages within the Web application. By default, the box is populated with the current server name and port. The Zone box is automatically set to Default for a new Web application, and cannot be changed from this page. To change the zone for a Web application, see Extend an existing Web application later in this article. 6. In the Application Pool section, choose whether to use an existing application pool or create a new application pool for this Web application. To use an existing application pool, select Use existing application pool. Then select the application pool you want to use from the drop-down menu. a. To create a new application pool, select Create a new application pool. b. In the Application pool name box, type the name of the new application pool, or keep the default name. c. In the Select a security account for this application pool section, select Predefined to use an existing application pool security account, and then select the security account from the drop-down menu.
  • 117. 117 d. Select Configurable to use an account that is not currently being used as a security account for an existing application pool. In the User name box, type the user name of the account you want to use, and type the password for the account in the Password box. 7. In the Reset Internet Information Services section, choose whether to allow Microsoft Windows SharePoint Services to restart IIS on other farm servers. The local server must be restarted manually for the process to finish. If this option is not selected and you have more than one server in the farm, you must wait until the IIS Web site is created on all servers and then run iisreset /noforce on each Web server. The new IIS site is not usable until that action is completed. The choices are unavailable if your farm only contains a single server. 8. In the Database Name and Authentication section, choose the database server, database name, and authentication method for your new Web application. Item Action Database Server Type the name of the database server and Microsoft SQL Server instance you want to use in the format <SERVERNAMEinstance>.You can also use the default entry. Database Name Type the name of the database, or use the default entry. Database Authentication Choose whether to use Windows authentication (recommended) or SQL authentication. • If you want to use Windows authentication, leave this option selected. • If you want to use SQL authentication, select SQL authentication. In the Account box, type the name of the account you want the Web application to use to authenticate to the SQL Server database, and then type the password in the Password box. 9. Click OK to create the new Web application, or click Cancel to cancel the process
  • 118. 118 and return to the Application Management page. Extend an existing Web application You can extend an existing Web application if you need to have separate IIS Web sites that expose the same content to users. This is typically used for extranet deployments where different users access content by using different domains. This option reuses the content database from an existing Web application. Extend an existing Web application 1. In the SharePoint Central Administration Web site, on the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 2. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Extend an existing Web application. 3. On the Extend Web Application to Another IIS Web Site page, in the Web Application section, click the Web application link and then click Change Web application. 4. On the Select Web Application page, click the Web application you want to extend. 5. On the Extend Web Application to Another IIS Web Site page, in the IIS Web Site section, you can select Use an existing IIS Web site to use a Web site that has already been created, or you can choose to leave Create a new IIS Web site selected. The Description, Port, and Path boxes are populated for either choice. You can choose to use the default entries or type the information you want in the boxes. 6. In the Security Configuration section, configure authentication and encryption for the extended Web application. a. In the Authentication Provider section, choose either Negotiate (Kerberos) or NTLM. Note To enable Kerberos authentication, you must perform additional configuration. For more information about authentication methods, see Plan authentication methods (Windows SharePoint Services). b. In the Allow Anonymous section, choose Yes or No. If you choose to allow anonymous access, this enables anonymous access to the Web site by using the computer-specific anonymous access account (that is, IUSR_<computername>). Note If you want users to be able to access any site content anonymously, you must enable anonymous access for the entire Web application. Then later, site owners can configure how anonymous access is used within their sites. For more information about anonymous access, see Choose which security groups to use (Windows SharePoint Services). c. In the Use Secure Sockets Layer (SSL) section, select Yes or No.
  • 119. 119 If you choose to enable SSL for the Web site, you must configure SSL by requesting and installing an SSL certificate. Important If you use SSL, you must add the appropriate certificate on each server by using IIS administration tools. For more information about using SSL, see Plan for secure communication within a server farm (Windows SharePoint Services). 7. In the Load Balanced URL section, type the URL for the domain name for all sites that users will access in this Web application. This URL domain will be used in all links shown on pages within the Web application. By default, the text box is populated with the current server name and port. 8. In the Load Balanced URL section, under Zone, select the zone for the extended Web application from the drop-down menu. You can choose Intranet, Internet, Custom, or Extranet. 9. Click OK to extend the Web application, or click Cancel to cancel the process and return to the Application Management page.
  • 120. 120 Configure alternate access mapping (Windows SharePoint Services) Each Web application can be associated with a collection of mappings between internal and public URLs. Both internal and public URLs consist of the protocol and domain portion of the full URL (for example, https://www.fabrikam.com). A public URL is what users type to get to the SharePoint site, and that URL is what appears in the links on the pages. Internal URLs are in the URL requests that are sent to the SharePoint site. Many internal URLs can be associated with a single public URL in multi-server farms (for example, when a load balancer routes requests to specific IP addresses to various servers in the load-balancing cluster). Each Web application supports five collections of mappings per URL; the five collections correspond to five zones (default, intranet, extranet, Internet, and custom). When the Web application receives a request for an internal URL in a particular zone, links on the pages returned to the user have the public URL for that zone. Manage alternate access mappings 1. On the top navigation bar, click Operations. 2. On the Operations page, in the Global Configuration section, click Alternate access mappings. Add an internal URL 1. On the Alternate Access Mappings page, click Add Internal URLs. 2. If the mapping collection that you want to modify is not specified, then choose one. In the Alternate Access Mapping Collection section, click Change alternate access mapping collection on the Alternate Access Mapping Collection menu. 3. On the Select an Alternate Access Mapping Collection page, click a mapping collection. 4. In the Add internal URL section, in the URL protocol, host and port box, type the new internal URL (for example, https://www.fabrikam.com). 5. In the Zone list, click the zone for the internal URL. 6. Click Save.
  • 121. 121 Edit or delete an internal URL Note You cannot delete the last internal URL for the default zone. 1. On the Alternate Access Mappings page, click the internal URL that you want to edit or delete. 2. In the Edit internal URL section, modify the URL in the URL protocol, host and port box. 3. In the Zone list, click the zone for the internal URL. 4. Do one of the following: • Click Save to save your changes. • Click Cancel to discard your changes and return to the Alternate Access Mappings page. 5. Click Delete to delete the internal URL. Edit public URLs Note There must always be a public URL for the default zone. 1. On the Alternate Access Mappings page, click Edit Public URLs. 2. If the mapping collection that you want to modify is not specified, then choose one. In the Alternate Access Mapping Collection section, click Change alternate access mapping collection on the Alternate Access Mapping Collection menu. 3. On the Select an Alternate Access Mapping Collection page, click a mapping collection. 4. In the Public URLs section, you may add new URLs or edit existing URLs in any of the following text boxes: • Default • Intranet • Extranet • Internet • Custom 5. Click Save. Map to an external resource You can also define mappings for resources outside internal Web applications. To do so, you must supply a unique name, initial URL, and a zone for that URL. (The URL must be unique to the farm.)
  • 122. 122 1. On the Alternate Access Mappings page, click Map to External Resource. 2. On the Create External Resource Mapping page, in the Resource Name box, type a unique name. 3. In the URL protocol, host and port box, type the initial URL. 4. Click Save.
  • 123. 123 Create zones for Web applications (Windows SharePoint Services) If your solution architecture includes Web applications with more than one zone, use the guidance in this article to create additional zones. Create a new zone You can create a new zone by extending an existing Web application. Follow the quot;Extend an existing Web applicationquot; procedure in Create or extend Web applications (Windows SharePoint Services) to create a new zone. The new zone is created when you select a zone in step 10 of the procedure. Refer to your planning architecture documents and worksheets to determine which zones you need to create and what authentication method should be associated with each zone. You can change the authentication provider for a zone on the Authentication Providers page. For more information, see Plan authentication methods (Windows SharePoint Services). View existing zones On the Alternate Access Mappings page, you can view the zones that have been created for your farm. 1. Click the Start button, point to All Programs, then point to Microsoft Office Server, and then click SharePoint 3.0 Central Administration. 2. On the Central Administration home page, click Operations. 3. On the Operations page, in the Global Configuration section, click Alternate access mappings. On the Alternate Access Mappings page, each Web application is displayed with its associated zone.
  • 124. 124 See Also • Create or extend Web applications (Windows SharePoint Services) • Configure alternate access mapping (Windows SharePoint Services)
  • 125. 125 Create quota templates (Windows SharePoint Services) In this article: • Create a new quota template • Edit an existing quota template • Delete a quota template A quota template consists of storage limit values that specify how much data can be stored in a site collection and the storage size that triggers an e-mail alert to the site collection administrator when that size is reached. You can create a quota template that can be applied to any site collection in the farm. Note When you apply a quota template to a site collection, the storage limit applies to the site collection as a whole. In other words, the storage limit applies to the sum of the content sizes for the top-level site and all subsites within the site collection. You can also modify existing quota templates. When a quota template is modified, the new storage limits you defined in the template will apply to any site collection that uses that quota template. This allows you to modify storage limits for multiple site collections without having to change settings for each site collection individually. Create a new quota template Create a new quota template 1. Click the Start button, point to All Programs, then point to Microsoft Office Server, and then click SharePoint 3.0 Central Administration. 2. On the Central Administration home page, click Application Management. 3. On the Application Management page, in the SharePoint Site Management section, click Quota templates. 4. On the Quota Templates page, in the Template Name section, select Create a new quota template. 5. Type the name of the new template in the New template name box. • If you want to base your new template on an existing quota template, click the Template to start from down arrow and select the desired template from the drop-down menu.
  • 126. 126 6. In the Storage Limit Values section, set the values you want to apply to the template. a. If you want to restrict the amount of data that can be stored, click the Limit site storage to a maximum of check box and type the storage limit in megabytes into the text box. b. If you want an e-mail to be sent to the site collection administrator when a certain storage threshold is reached, click the Send warning E-mail when site storage reaches check box and type the threshold in megabytes into the text box. 7. Click OK to create the new quota template, or click Cancel to cancel the operation and return to the Application Management page. Edit an existing quota template Edit an existing quota template 1. Click the Start button, point to All Programs, then point to Microsoft Office Server, and then click SharePoint 3.0 Central Administration. 2. On the Central Administration home page, click Application Management. 3. On the Application Management page, in the SharePoint Site Management section, click Quota templates. 4. In the Template Name section, click the Template to modify down arrow and select the template you want to edit from the drop-down menu. 5. In the Storage Limit Values section, set the values you want to apply to the template. a. If you want to restrict the amount of data that can be stored, click the Limit site storage to a maximum of check box and type the storage limit in megabytes into the text box. b. If you want an e-mail to be sent to the site collection administrator when a certain storage threshold is reached, click the Send warning E- mail when site storage reaches check box and type the threshold in megabytes into the text box. 6. Click OK to modify the quota template, or click Cancel to cancel the operation and return to the Application Management page. Delete a quota template Delete a quota template 1. Click the Start button, point to All Programs, then point to Microsoft Office Server, and then click SharePoint 3.0 Central Administration. 2. On the Central Administration home page, click Application Management. 3. On the Application Management page, in the SharePoint Site Management section, click Quota templates. 4. In the Template Name section, click the Template to modify down arrow and select the template you want to delete from the drop-down menu. 5. Click the Delete button.
  • 127. 127 6. Click OK on the dialog box that appears to delete the quota template.
  • 128. 128 Installing application templates for Windows SharePoint Services 3.0 Microsoft has created 40 application templates for Microsoft Windows SharePoint Services 3.0 that are available for download at the SharePoint Products and Technologies Web site (http://go.microsoft.com/fwlink/? LinkId=85166&clcid=0x409). Application templates for Windows SharePoint Services 3.0 are separated into two groups, site admin templates and server admin templates. • Site admin templates are custom templates that are easy for any SharePoint site administrator to install into the template gallery. • Server admin templates were created as site definitions, enabling tighter integration and enhanced functionality with the Windows SharePoint Services 3.0 platform. They require administrator permissions on the server to install. Site Admin Templates Note To install or remove a site admin template, you must be a member of the Owners SharePoint group (or another SharePoint group with Full Control permissions) on the Windows SharePoint Services 3.0 site. Install a template 1. Download the template you want to install to your computer. 2. Double-click the .exe file to extract the files. 3. Log on to the SharePoint site as a member of the Owners group. 4. On the Site Actions menu, click Site Settings. 5. In the Galleries section, click Site templates. If you don’t see Site templates in the Galleries section, you might not be at a top-level site. In the Site Collection Administration section, click Go to top-level site administration. 6. Click Upload to save an application template to this SharePoint site. If you want to save more than one application template, click Upload Multiple Files. 7. Browse to the <template_name>.stp file, and then click Open. 8. Click OK.
  • 129. 129 Create a site 1. Log on to the SharePoint site as a member of the Owners group. 2. On the Site Actions menu, click Site Settings. 3. In the Site Administration section, click Sites and workspaces. 4. Click Create. 5. On the New SharePoint Site page, fill in the information about your new site. 6. In the Template Selection section, click the Custom tab. Any site admin application templates that have been uploaded will be listed here. 7. Click the template to use for the new site, and then click Create. The following procedure will not remove any sites that were already created by using the template. It will only prevent users from creating new sites based on the template. Remove a template 1. Log on to the top-level SharePoint site as a member of the Owners group. 2. On the Site Actions menu, click Site Settings. 3. In the Galleries section, click Site templates. 4. In the list of site templates, find the application template to remove, and then click Edit. 5. Confirm that this is the application template to remove, and then click Delete Item. 6. Click OK to confirm the deletion. The application template is now unavailable to SharePoint sites and it has been removed from the SharePoint site template gallery. Server Admin Templates Note To install or remove a server admin template, you must be a member of the Owners SharePoint group (or another group with Full Control permissions) on the SharePoint site and be a member of the Administrators group on the server running Windows SharePoint Services 3.0. Install and remove server admin templates by using the Stsadm command-line tool at %PROGRAMFILES%common filesmicrosoft sharedweb server extensions12bin. Before installing a server admin template, you must first install the Application Template Core solution (http://go.microsoft.com/fwlink/? LinkId=85162&clcid=0x409). If you have already installed this solution, skip to quot;Install a template.quot;
  • 130. 130 Install the Application Template Core solution 1. Download the Application Template Core solution to the server. 2. Double-click the .exe file to extract the files. 3. Open a Command Prompt window. Note To open a Command Prompt window, click Start, point to All Programs, point to Accessories, and then click Command Prompt. 4. Type stsadm -o addsolution -filename <file_path>ApplicationTemplateCore.wsp, where <file_path> is the location you extracted the Application Template Core files to, and then press ENTER. 5. Type stsadm -o deploysolution -name ApplicationTemplateCore.wsp -allowgacdeployment, and then press ENTER. Note Additional attributes may be required based on your Windows SharePoint Services 3.0 configuration. For more information about available attributes, type stsadm -help deploysolution, and then press ENTER. 1. Type stsadm -o copyappbincontent, and then press ENTER. Install a template 1. Download the template you want to install to the server. 2. Double-click the .exe file to extract the files. 3. At the command prompt, type stsadm -o addsolution -filename <file_path><template_name>.wsp, where <file_path> is the location you extracted the template files to and <template_name>.wsp is the .wsp file for your template, and then press ENTER. 4. Type stsadm -o deploysolution -name <template_name>.wsp -allowgacdeployment, and then press ENTER. Note Additional attributes may be required based on your Windows SharePoint Services 3.0 configuration. For more information about available attributes, type stsadm -help deploysolution, and then press ENTER. 5. To check the deployment status, open the Central Administration site for the server. 6. Click the Operations tab, and then, in the Global Configuration section, click Solution management, and then check the status of your solutions. 7. After all the solutions are marked Globally Deployed, from the command line, run iisreset. Create a site 1. Log on to the SharePoint site as a member of the Owners group. 2. On the Site Actions menu, click Site Settings. 3. In the Site Administration section, click Sites and workspaces. 4. Click Create. 5. On the New SharePoint Site page, fill in the information about your new site. 6. In the Template Selection section, click the Application Templates tab. Any server admin application templates that have been uploaded will be listed here.
  • 131. 131 7. Click the template to use for the new site, and then click Create. The following procedure will not remove any sites that were already created by using the template. It will only prevent users from creating new sites based on the template. The Application Template Core solution must remain installed and deployed for other server admin templates to be installed. Remove a template 1. Log on to the server running Windows SharePoint Services 3.0 as a member of the Administrators group on the server. 2. Do one or both of the following: • To remove a solution from the list of templates for new sites, at the command prompt, type stsadm -o retractsolution -name <template_name>.wsp, and then press ENTER. Note Additional attributes may be required based on your Windows SharePoint Services 3.0 configuration. For more information about available attributes, type stsadm -help retractsolution, and then press ENTER. • To remove a solution from the server, at the command prompt, type stsadm -o deletesolution -name <template_name>.wsp, and then press ENTER. Note Additional attributes may be required based on your Windows SharePoint Services 3.0 configuration. For more information about available attributes, type stsadm -help deletesolution, and then press ENTER.
  • 132. 132 Create site collections (Windows SharePoint Services) When you create a site collection, you also create the top-level site within that site collection. Select the appropriate template for your scenario, such as: team site for a team collaboration Web site, or Blog for a blog site. Create a site collection 1. On the top navigation bar, click Application Management. 2. On the Application Management page, in the SharePoint Site Management section, click Create site collection. 3. On the Create Site Collection page, in the Web Application section, if the Web application in which you want to create the site collection is not selected, click Change Web Application on the Web Application menu, and then on the Select Web Application page, click the Web application in which you want to create the site collection. 4. In the Title and Description section, type the title and description for the site collection. 5. In the Web Site Address section, under URL, select the path to use for your URL (such as an included path like /sites/ or the root directory, /). If you select a wildcard inclusion path, such as /sites/, you must also type the site name to use in your site's URL. Note The paths available for the URL option are taken from the list of managed paths that have been defined as wildcard inclusions. For more information about managed paths, see Define managed paths in the Central Administration Help system. 6. In the Template Selection section, in the Select a template list, select the template that you want to use for the top-level site in the site collection. 7. In the Primary Site Collection Administrator section, enter the user name (in the form DOMAINusername) for the user who will be the site collection administrator. 8. If you want to identify a user as the secondary owner of the new top-level Web site (recommended), in the Secondary Site Collection Administrator section, enter the user name for the secondary administrator of the site collection. 9. If you are using quotas to limit resource use for site collections, in the Quota Template section, click a template in the Select a quota template list. 10. Click OK.
  • 133. 133 Prepare to crawl host-named sites that use Basic authentication In this article: • Solution prerequisites • High-level solution overview • Deploy the solution When configuring a Web application to use host-named sites, Web hosters typically use Basic authentication for the default zone. The index component of the search server, sometimes called the crawler, cannot crawl host-named Web sites that are deployed in the usual way for the following reasons: • The crawler cannot authenticate using Basic authentication. • Host-named sites do not enable the index component of the search server to authenticate by using another zone in the polling order. For more information about how polling order works with non-host-named sites, see the “Authentication requirements for crawling content” section in Plan authentication methods [Windows SharePoint Services]. This article describes how to create a solution in Microsoft Windows SharePoint Services 3.0 so the crawler can crawl your host-named sites. The components of the solution are to: • Create two zones for your Web application. • Direct requests from end-users to the default zone, which is configured for Basic authentication. • Direct requests from intranet users and the crawler directly to the Intranet zone, which you configure for NTLM authentication. Solution prerequisites The procedures included in this solution require the following types of administrators: • Domain Name System (DNS) administrator • Server administrator • Farm administrator
  • 134. 134 Other requirements include: • Two DNS servers: one Internet-facing DNS server, and one intranet- facing DNS server. • Two static IP addresses: one from the Internet-facing DNS server, and a different static IP address from the intranet-facing DNS server. These two IP addresses must be associated with the same site name. This solution assumes the following: • A server administrator either configures separate network interface cards (NICs) on all front-end Web servers in the server farm with both static IP addresses or adds both static IP addresses to one NIC. • The search server that you will use for your Web application is running. • You do not have another Web application using port 80. Note Although it is possible to implement this solution by using a different port (as long as both zones use the same port), port 80 is typically used so end-users do not see a port number in the URL of their host-named site. High-level solution overview The following figure shows a high-level overview of this solution.
  • 135. 135 This solution requires two DNS servers. Each DNS server maps the same host name to a different static IP address. This is typically referred to as a split DNS environment. The Internet-facing DNS server resolves the URL of the host-named site to the default zone of your Web application. This is the zone end-users use to access the site using Basic authentication. The intranet-facing DNS server resolves this same URL to an IP address that is mapped to the Intranet zone of your Web application. This is the zone that intranet users and the crawler use to access the site using NTLM authentication. This mapping is possible because when a new zone is created by extending the Web application, Windows SharePoint Services 3.0 creates an Internet Information Services (IIS) Web site for that zone. A server administrator can use IIS Manager to map a static IP address directly to an IIS Web site, which is associated with a particular zone of a particular Web application. High-level steps The following list describes the high-level steps for this solution. 1. The farm administrator uses the Central Administration Web site to create a Web application on port 80 without a host header assigned to it. 2. The farm administrator configures the default zone of this Web application to use Basic authentication. 3. The farm administrator extends the Web application, specifies the host header name, and then specifies NTLM authentication on the intranet zone. 4. The DNS administrator maps the site name to the static IP addresses in DNS. 5. The server administrator uses IIS Manager to perform the following actions: • Map the static IP address from the Internet-facing DNS server to the IIS Web site that is associated with the default zone (that is, the zone that uses Basic authentication) of your Web application. • Map the static IP address from the intranet-facing DNS server to the IIS Web site associated with the Intranet zone (that is, the zone that uses NTLM authentication) of your Web application, and remove the IIS host header that was assigned to this site in step 3. 6. The server administrator creates a host header-based site collection by using the Stsadm command-line utility.
  • 136. 136 Note You must use the Stsadm command-line utility to specify the URL that you want for your host header-based site collection. 7. The farm administrator can grant permissions to the Web application and the site collection administrator can grant permissions to the site collection. • Map the static IP address from the Internet-facing DNS server to the IIS Web site that is associated with the default zone (that is, the zone that uses Basic authentication) of your Web application. • Map the static IP address from the intranet-facing DNS server to the IIS Web site associated with the Intranet zone (that is, the zone that uses NTLM authentication) of your Web application, and remove the IIS host header that was assigned to this site in step 3. Deploy the solution Use the following procedures in the order listed to deploy the solution described earlier in this article. Create Web application 1. Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration. 2. On the top link bar of the Central Administration home page, click Application Management. 3. On the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 4. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Create a new Web application. 5. On the Create New Web Application page, in the IIS Web Site section, configure the following settings for your new Web application. a. Accept the default setting, Create a new IIS web site, and then type a name for the Web site in the Description box. b. In the Port box, type 80. c. Ensure that the Host Header box is blank. 6. In the Application Pool section, select Use existing application pool, or accept the default setting, Create new application pool. If you are creating a new application pool, specify the security account to use for the new application pool. 7. In the Search Server section, select the search server that you want to use to index this Web application from the Select Windows SharePoint Services search server list. 8. Click OK. Perform the following procedure on all front-end Web servers in the server farm.
  • 137. 137 Restart IIS 1. Click Start and then click Run. 2. In the Run dialog box, in the Open box, type cmd, and then click OK. 3. At the command prompt, type the following command, and then press ENTER: iisreset /noforce 4. Close the command prompt window. Perform the following procedure to configure the Web application to use Basic authentication. Configure the default zone to use Basic authentication 1. On the Central Administration home page, click Application Management. 2. On the Application Management page, in the Application Security section, click Authentication providers. 3. On the Authentication Providers page, in the Zone column, click Default. 4. In the IIS Authentication Settings section, select Basic authentication (password is sent in clear text). 5. Click Save. Extend the Web application Use the following procedure to extend the Web application to create a new zone that uses NTLM authentication. Extend the Web application 1. On the Central Administration home page, click Application Management. 2. On the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 3. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Extend an existing Web application. 4. On the Extend Web Application to Another IIS Web Site page, in the Web Application section, on the Web Application menu, click Change Web Application. 5. On the Select Web Application page, select the Web application you want to extend. This is the Web application you created earlier in this article. 6. In the IIS Web Site section, do the following: a. In the Description box, type a description for the new site. b. In the Port box, type 80. c. In the Host Header box, type a host header name. 7. In the Security Configuration section, ensure that NTLM is selected. 8. In the Load Balanced URL section, select the zone you want to use, (in this example, Intranet.) Note The intranet-facing DNS server must be able to resolve this load-balanced URL to the static IP address that you assign to the Web site that you configure to use NTLM authentication.
  • 138. 138 9. Click OK. Perform the following procedure on all front-end Web servers in the server farm. Restart IIS 1. Click Start and then click Run. 2. In the Run dialog box, in the Open box, type cmd, and then click OK. 3. At the command prompt, type the following command, and then press ENTER: iisreset /noforce 4. Close the command prompt window. Map site names to static IP addresses in DNS Host-named sites enable farm administrators to choose the name they want to use in the URL for their sites. Note that the name (that is, the URL) must be a unique name on the domain. The administrator for the Internet-facing DNS server must map the site name chosen by the farm administrator to the appropriate static IP address. In a later step, the server administrator maps this static IP address to the IIS Web site that is configured to use the default zone used by the Web application. Likewise, the administrator for the intranet-facing DNS server must map this same site name to a different static IP address. In a later step, the server administrator will map this static IP address to the IIS Web site that is configured to use the Intranet zone used by the Web application. Additionally, this DNS administrator must also map the host header name that the farm administrator used when extending the Web application to this static IP address. Even though this host name is removed in a later procedure, this host name is used by the crawler to access the Web application on the Intranet zone. The following procedure must be performed by a server administrator on each front-end Web server in the server farm. Map the static IP addresses to the Web sites 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In the console tree, expand the local computer node, expand Web Sites, right-click the Web site you configured for Basic authentication, and then click Properties. 3. In the Properties dialog box, on the Web Site tab, in the Web site identification section, in the IP address list, select the IP address that you want to map to the customer-facing Web site. 4. Click OK to close the Properties dialog box. 5. In the console tree, right-click the Web site you configured for NTLM
  • 139. 139 authentication, and then click Properties. 6. In the Properties dialog box, on the Web Site tab, in the Web site identification section, click Advanced. 7. In the Advanced Web Site Identification dialog box, in the Multiple identities for this Web site section, select the row containing the host header name you configured for the Web site that is using NTLM authentication, and then click Edit. 8. In the Add/Edit Web Site Identification dialog box, select the IP address that you want to map to the Web site that is using NTLM authentication from the IP address list. 9. In the Host Header value box, make a note of the host header name. This is the host header name you assigned to the site that you configured for NTLM authentication. You will need to use this name in the next procedure. 10. In the Host Header value box, delete the host header name, and then click OK. 11. Click OK to close the Advanced Web Site Identification dialog box. 12. Click OK to close the Properties dialog box. 13. Close IIS Manager. Use the following procedure to create a site collection for your Web application. You must be a server administrator to perform the following steps. Create a site collection for the Web application 1. Click Start and then click Run. 2. In the Run dialog box, in the Open box, type cmd, and then click OK. 3. Browse to the following folder: systemdrive:Program FilesCommon FilesMicrosoft Sharedweb server extensions12 BIN where systemdrive is the drive on which Windows SharePoint Services 3.0 is installed. 4. In the command window, type the following command, and then press ENTER: stsadm.exe -o createsite -url http://<HostNamedSiteAddress> -ownerlogin <DomainNameUserName> -owneremail <username@example.com> -hostheaderwebapplicationurl http://<WebApplicationUrl> The following table describes the variables used in step 4 of the previous procedure. Variable Description HostNamedSiteAddress URL chosen by the farm administrator for users to access the top-level site of the site collection. The DNS administrator maps this name to the IP address used to access the Default zone of your Web application. DomainNameUserName Primary owner of the host header-based site collection.
  • 140. 140 Variable Description username@example.com E-mail address of the site collection owner. WebApplicationUrl URL of the default zone of the Web application. You can find this URL on the Web Application List page in Central Administration. Grant user permissions Before users can access the sites on the Web application you have created, you must grant those users the appropriate permissions to your sites. If you want to manage security at the Web application level, a farm administrator can create a policy to grant permissions to the Web application. Alternatively, if you want to manage permissions at the site collection level and at lower levels, site collection administrators can add users to the appropriate SharePoint groups. For information about using a policy to grant users permissions, see quot;Manage permissions through policyquot; in the Help system. For more information about managing permissions at the site collection and lower levels, see Chapter overview: Plan site and content security [Windows SharePoint Services].
  • 141. 141 Prepare to crawl host-named sites that use forms authentication In this article: • Solution prerequisites • High-level solution overview • Deploy the solution When configuring a Web application to use host-named sites, Web hosters typically use forms authentication for the default zone. The index component of the search server, sometimes called the crawler, cannot crawl host-named Web sites that are deployed in the usual way for the following reasons: • The crawler cannot authenticate using forms authentication. • Host-named sites do not enable the index component of the search server to authenticate by using another zone in the polling order. For more information about how polling order works with non-host-named sites, see the “Authentication requirements for crawling content” section in Plan authentication methods [Windows SharePoint Services]. This article describes how to create a solution in Microsoft Windows SharePoint Services 3.0 so the crawler can crawl your host-named sites. The components of the solution are to: • Create two zones for your Web application. • Direct requests from end-users to the default zone, which is configured for forms authentication. • Direct requests from intranet users and the crawler directly to the Intranet zone, which you configure for NTLM authentication. Solution prerequisites The procedures included in this solution require the following types of administrators: • Domain Name System (DNS) administrator • Server administrator • Farm administrator
  • 142. 142 Other requirements include: • Two DNS servers: one Internet-facing DNS server and one intranet- facing DNS server. • Two static IP addresses: one from the Internet-facing DNS server and a different static IP address from the intranet-facing DNS server. These two IP addresses must be associated with the same site name. This solution assumes the following: • A server administrator will either configure separate network interface cards (NICs) on all front-end Web servers in the server farm with both static IP addresses or will add both static IP addresses to one NIC. • The search server that you will use for your Web application is running. • You do not have another Web application using port 80. Note Although it is possible to implement this solution by using a different port (as long as both zones use the same port), port 80 is typically used so end-users don’t see a port number in the URL of their host-named site. • You have already implemented forms authentication in your environment. Note that forms authentication can be implemented using several different authentication providers. The authentication provider you use with your implementation of forms authentication determines where user accounts are stored.
  • 143. 143 High-level solution overview The following figure shows a high-level overview of this solution. This solution requires two DNS servers. Each DNS server maps the same host name to a different static IP address. This is typically referred to as a split DNS environment. The Internet-facing DNS server resolves the URL of the host-named site to the default zone of your Web application. This is the zone end-users use to access the site using forms authentication. The intranet-facing DNS server resolves this same URL to an IP address that is mapped to the Intranet zone of your Web application. This is the zone intranet users and the crawler use to access the site using NTLM authentication. This mapping is possible because when a new zone is created by extending the Web application, Windows SharePoint Services 3.0 creates an Internet Information Services (IIS) Web site for that zone. A server administrator can use IIS Manager to map a static IP address directly to an IIS Web site, which is associated with a particular zone of a particular Web application.
  • 144. 144 High-level steps The following list describes the high-level steps for this solution. 1. The farm administrator uses the Central Administration Web site to create a Web application on port 80 without a host header assigned to it. 2. The farm administrator configures the default zone of this Web application to use forms authentication. 3. The server administrator adds a custom XML element to the appropriate Web.config files to specify the name of the authentication provider used with forms authentication. 4. The server administrator creates a file named stsadm.exe.config to enable the Stsadm command-line utility to determine how to find the authentication provider you want to use with forms authentication. 5. The farm administrator extends the Web application, specifies the host header name, and then specifies NTLM authentication on the Intranet zone. 6. The DNS administrator maps the site name to the static IP addresses in DNS. 7. The server administrator uses IIS Manager to do the following: • Map the static IP address from the Internet-facing DNS server to the IIS Web site associated with the default zone (that is, the zone using forms authentication) of your Web application. • Map the static IP address from the intranet-facing DNS server to the IIS Web site associated with the Intranet zone (that is, the zone using NTLM authentication) of your Web application and removes the IIS host header that was assigned to this site in step 5. 8. The server administrator creates a host header-based site collection by using the Stsadm command-line utility. Note You must use the Stsadm command-line utility to specify the URL you want for your host header-based site collection. 9. The farm administrator can grant permissions to the Web application and the site collection administrator can grant permissions to the site collection. Deploy the solution Use the following procedures in the order listed to deploy the solution described earlier in this article.
  • 145. 145 Create a Web application 1. Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration. 2. On the top link bar of the Central Administration home page, click Application Management. 3. On the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 4. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Create a new Web application. 5. On the Create New Web Application page, in the IIS Web Site section, configure the following settings for your new Web application. a. Accept the default setting, Create a new IIS web site, and then type a name for the Web site in the Description box. b. In the Port box, type 80. c. Ensure that the Host Header box is blank. 6. In the Application Pool section, select Use existing application pool, or accept the default setting, Create new application pool. If you are creating a new application pool, specify the security account to use for the new application pool. 7. In the Search Server section, select the search server that you want to use to index this Web application from the Select Windows SharePoint Services search server list. 8. Click OK. Perform the following procedure on all front-end Web servers in the server farm. Restart IIS 1. Click Start and then click Run. 2. In the Run dialog box, in the Open box, type cmd, and then click OK. 3. In the command window, type the following command, and then press ENTER: iisreset /noforce 4. Close the command prompt window. Perform the following procedure to configure the Web application to use forms authentication. Configure the default zone to use forms authentication 1. On the Central Administration home page, click Application Management. 2. On the Application Management page, in the Application Security section, click Authentication providers. 3. On the Authentication Providers page, in the Zone column, click Default. 4. On the Edit Authentication page, in the Authentication Type section, select Forms. 5. In the Membership Provider Name section, in the Membership provider name box, type the name of your membership provider. 6. Optionally, in the Role Manager Name section, in the Role manager name box, type the name of your role manager. 7. Click Save.
  • 146. 146 Add configuration settings to the applicable Web.config files The server administrator must add an XML element to the Web.config file for the default zone of the Web application created earlier in this article and to the Web.config file for the Central Administration site. This XML element must specify the name of the authentication provider and optionally other information about the authentication provider your organization uses with forms authentication. Note that the contents of this XML element (and even the name of the element itself) will differ from one organization to another. For more information about constructing this required XML element, see Authentication samples [Windows SharePoint Services]. After you have constructed the required XML element, you must add it to the appropriate Web.config files on the appropriate servers in your server farm. On each server in the farm running the Windows SharePoint Services Web Application service, add the required XML element to the Web.config file of the IIS Web site associated with the default zone for your Web application. On each server in your server farm running the Central Administration service, add the required XML element to the Web.config file of the Central Administration site. Note Farm administrators can use the Services on Server page in Central Administration to determine which servers are running these services. Add the custom XML element to servers running the Windows SharePoint Services Web Application service 1. Log on to a server in your server farm that is running the Windows SharePoint Services Web Application service. 2. Click Start, and then click Run. In the Run dialog box, type inetmgr, and then click OK. 3. In IIS Manager, in the console tree, expand the local computer node, and then expand Web Sites. 4. Right-click the Web site associated with the default zone of the Web application you created earlier, and then click Explore. 5. In the Name column, right-click web.config, select Open, and then open the file using an ASCII text editor, such as Notepad. 6. Insert your custom XML element named <connectionStrings> immediately after the </configSections> element. 7. If you are inserting the optional <membership> or <roleManager> elements, you must insert them inside the <system.web> element. 8. Save and close the Web.config file.
  • 147. 147 9. Repeat steps 1 through 7 on any additional server in your farm running the Windows SharePoint Services Web Application service. You must be a member of the Administrators group to perform the following procedure. Add the custom XML element to servers running the Central Administration service 1. Log on to a server in your server farm that is running the Central Administration service. 2. Click Start, and then click Run. In the Run dialog box, type inetmgr, and then click OK. 3. In IIS Manager, in the console tree, expand the local computer node, and then expand Web Sites. 4. Right-click the Central administration Web site, and then click Explore. This site is named SharePoint Central Administration v3, by default. 5. In the Name column, right-click web.config, click Open, and then open the file using an ASCII text editor, such as Notepad. 6. Insert your custom XML element named <connectionStrings> immediately after the </configSections> element. 7. If you are using custom <membership> or <roleManager> elements, you must insert them inside the <system.web> element. 8. Save and close the Web.config file. 9. Repeat steps 1 through 7 on any additional server in your farm running the Central Administration service. Use the following procedure to create a file named stsadm.exe.config. This file must contain the same XML element that you added to the Web.config files. This file enables the Stsadm command-line utility to determine how to find the authentication provider you want to use. Create the stsadm.exe.config file 1. Open an ASCII text editor, such as Notepad, and add the following text: <?xml version=quot;1.0quot; encoding=quot;UTF-8quot; standalone=quot;yesquot;?> <configuration> <system.web> </system.web> </configuration> 2. Insert the same custom XML element named <connectionStrings> that you added to your Web.config files in the preceding step after the <configuration> tag. 3. If you are using custom <membership> or <roleManager> elements, you must insert them inside the <system.web> element. 4. Save the file and name it stsadm.exe.config. 5. You must ensure that the text editor you are using does not add the .txt extension to the filename. If this occurs, remove the .txt extension before proceeding to the next step. 6. Copy the stsadm.exe.config file to the following folder on each server in the
  • 148. 148 farm from which a farm administrator might use the stsadm.exe utility: systemdrive:Program FilesCommon FilesMicrosoft Sharedweb server extensions12 BIN We recommend that you copy this file to each server in the server farm. Extend the Web application Use the following procedure to extend the Web application to create a new zone that uses NTLM authentication. Extend the Web application 1. On the Central Administration home page, click Application Management. 2. On the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application. 3. On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Extend an existing Web application. 4. On the Extend Web Application to Another IIS Web Site page, in the Web Application section, on the Web Application menu, click Change Web Application. 5. On the Select Web Application page, select the Web application you want to extend from list. 6. In the IIS Web Site section, do the following: a. In the Description box, type a description for the new site. b. In the Port box, type 80. c. In the Host Header box, type a host header name. 7. In the Security Configuration section, ensure that NTLM is selected. 8. In the Load Balanced URL section, select the zone you want to use (in this example, Intranet.) Note The intranet-facing DNS server must be able to resolve this load-balanced URL to the static IP address that you assign to the Web site that you configure to use NTLM authentication. 9. Click OK. Perform the following procedure on all front-end Web servers in the server farm. Restart IIS 1. Click Start, and then click Run. 2. In the Run dialog box, in the Open box, type cmd, and then click OK. 3. At the command prompt, type the following and then press ENTER. iisreset /noforce 4. Close the command prompt window.
  • 149. 149 Map site names to static IP addresses in DNS Host-named sites enable farm administrators to choose the name they want to use in the URL for their sites. Note that the name (that is, the URL) must be a unique name on the domain. The administrator for the Internet-facing DNS must map the site name chosen by the farm administrator to the appropriate static IP address. In a later step, the server administrator maps this static IP address to the IIS Web site that is configured to use the default zone used by the Web application. Likewise, the administrator for the intranet-facing DNS must map this same site name to a different static IP address. In a later step, the server administrator will map this static IP address to the IIS Web site that is configured to use the Intranet zone used by the Web application. Additionally, this DNS administrator must also map the host header name that the farm administrator used when extending the Web application to this static IP address. Even though this host name is removed in a later procedure, this host name is used by the crawler to access the Web application on the Intranet zone. The following procedure must be done by a server administrator on each front- end Web server in the server farm.
  • 150. 150 Map the static IP addresses to the Web sites 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In the console tree, expand the local computer node, expand Web Sites, right-click the Web site you configured for forms authentication and then click Properties. 3. In the Properties dialog box, on the Web Site tab, in the Web site identification section, select the IP address that you want to map to the customer- facing Web site from the IP address list. 4. Click OK to close the Properties dialog box. 5. In the console tree, right-click the Web site you configured for NTLM authentication and then click Properties. 6. In the Properties dialog box, on the Web Site tab, in the Web site identification section, click Advanced. 7. In the Advanced Web Site Identification dialog box, in the Multiple identities for this Web site section, select the row containing the host header name you configured for the Web site that is using NTLM authentication and then click Edit. 8. In the Add/Edit Web Site Identification dialog box, select the IP address you want to map to the Web site that is using NTLM authentication from the IP address list. 9. In the Host Header value box, make a note of the host header name. This is the host header name you assigned to the site that you configured for NTLM authentication. You will need to use this name in the next procedure. 10. In the Host Header value box, delete the host header name and then click OK. 11. Click OK to close the Advanced Web Site Identification dialog box. 12. Click OK to close the Properties dialog box. 13. Close IIS Manager. Use the following procedure to create a site collection for your Web application. You must be a server administrator to perform the following steps. Create a site collection for the Web application 1. Click Start and then click Run. 2. In the Run dialog box, in the Open box, type cmd, and then click OK. 3. Browse to the following folder: systemdrive:Program FilesCommon FilesMicrosoft Sharedweb server extensions12 BIN where systemdrive is the drive on which Windows SharePoint Services 3.0 is installed. 4. In the command window, type the following command, and then press ENTER: stsadm.exe -o createsite -url http://<HostNamedSiteAddress> -ownerlogin <ProviderName:UserName> -owneremail <username@example.com> -hostheaderwebapplicationurl http://<WebApplicationUrl>
  • 151. 151 The following table describes the variables used in step 4 of the previous procedure. Variable Description HostNamedSiteAddress URL chosen by the farm administrator for users to access the top-level site of the site collection. The DNS administrator maps this name to the IP address used to access the Default zone of your Web application. ProviderName:UserName Primary owner of the host header based site collection. username@example.com E-mail address of the site collection owner. WebApplicationUrl URL on the default zone of the Web application. You can find this address on the Web Application List page in Central Administration. Grant user permissions Before users can access the sites on the Web application you have created, you must grant those users the appropriate permissions to your sites. If you want to manage security at the Web application level, a farm administrator can create a policy to grant permissions to the Web application. Alternatively, if you want to manage permissions at the site collection level and at lower levels, site collection administrators can add users to the appropriate SharePoint groups. For information about using a policy to grant users permissions, see quot;Manage permissions through policyquot; in the Help system. For more information about managing permissions at the site collection and lower levels, see Chapter overview: Plan site and content security [Windows SharePoint Services].
  • 152. 152 Add site content (Windows SharePoint Services) In this article: • Use Web site designers to design and add content • Migrate content from another site • Allow users to add content directly There are several methods that you can use to add content to sites, including: • Using Web site designers to design and add content. • Migrating content from another site. • Allowing users to add content directly. Depending on your scenario, you may find particular methods more appropriate. Use Web site designers to design and add content when you are working with: • A public-facing Internet site • A large intranet site Migrate content from another site when you are working with: • A site or set of sites that is being reorganized. Allow users to add content directly when you are working with: • A collaboration site in which the site owner can create the lists and libraries that are needed, and then grant site members access so that they can begin contributing content. • A blog site in which the blog owner can set up the structure for the blog, and then start creating posts. • A wiki site in which the wiki site owner can grant access to users and the users can start creating topics in the wiki. Use Web site designers to design and add content When you create a public-facing site or a larger intranet site, Web site owners and designers must plan and implement many elements, such as site navigation, site
  • 153. 153 design (master pages plus .css files), and the overall information architecture for the site. For more information about planning for these elements, see Planning and architecture for Windows SharePoint Services 3.0 technology. Follow the steps in Enable access for end users (Windows SharePoint Services) to give Web site designers permissions to the site. When they have completed their work, you can then optionally grant access to authors to contribute content before you grant access to the other users in your organization or before you make the site available to the public on the Internet. Migrate content from another site If you are reorganizing an existing site and need to migrate content to a different site collection, you can use several methods to migrate the content. You can use: • The Export and Import operations for the Stsadm command-line tool to migrate site collections or subsites. For more information about using Stsadm operations, see the following resources: • Export: Stsadm operation (Windows SharePoint Services) • Import: Stsadm operation (Windows SharePoint Services) • The Content Migration object model to programmatically move content at any level in the site (Web site, list, library, folder, file, or list item). For more information about using the Content Migration object model, see quot;Content Migration Overviewquot; in the Microsoft Windows SharePoint Services 3.0Software Development Kit (http://go.microsoft.com/fwlink/? LinkId=86999&clcid=0x409). Allow users to add content directly If you want your site owners to begin adding content directly to a site, you can immediately grant them access and allow them to control the site's organization and design. Follow the steps in Enable access for end users (Windows SharePoint Services) to give your end users permissions to the site. After you grant permissions, users can begin adding content. For more information about adding content to sites, see the Help system for Windows SharePoint Services 3.0.
  • 154. 154 Enable access for end users (Windows SharePoint Services) In this article: • Add site collection administrators • Add site owners or other users After you create your site collection and populate it with content, you are ready to grant access to end users. This article helps you configure administrative and user permissions for a site collection. Note that you can also configure permissions for the following securable objects within a site collection: site, list, library, folder, document, or item. For more information about assigning permissions for different securable objects within a site collection, see Plan site security (Windows SharePoint Services). In most cases, these actions are not performed by farm administrators, but are performed by site collection administrators or site owners. Moreover, these steps are performed in the site collection itself, not in Central Administration. (However, you can add site collection administrators by using Central Administration and by using the Site Settings page in the site collection.) Nonetheless, this information is presented in the Deployment Guide because it is truly the final stage of deployment — the stage when the site collection is made available for end users. This article does not cover how to enable anonymous access. When you create a Web application, you decide whether to allow anonymous access for site collections on that Web application. For more information about anonymous access, see the following resources: • Chapter overview: Plan environment-specific security (Windows SharePoint Services) • Plan authentication settings for Web applications (Windows SharePoint Services) • Choose which security groups to use (Windows SharePoint Services) • quot;Enable anonymous accessquot; in the Central Administration Help system.
  • 155. 155 Add site collection administrators When you created the site collection, you were required to supply the user name for at least one site collection administrator. If the user name you supplied was not that for the actual administrator for the site collection — for example, if you did not know who was going to be actual administrator and you used your own user name — or if you need to change or add a user name for a site collection administrator, you can do so by using the following procedure. Note This procedure uses the Central Administration Web site, but you can also add a site collection administrator from the top-level site in the site collection by using the Site Settings page for the top-level site. On the Site Settings page, in the Users and Permissions section, click Site collection administrators. Add a site collection administrator 1. In Central Administration, on the top link bar, click Application Management. 2. On the Application Management page, in the SharePoint Site Management section, click Site collection administrators. 3. If the selected site is not the site for which you want to manage administrators, on the Site Collection Administrators page, on the Site Collection menu in the Site Collection section, click Change Site Collection. • In the Select Site Collection dialog box, select the site for which you want to manage administrators. • Click OK. 4. In either the Primary site collection administrator box or the Secondary site collection administrator box, enter the user name of the user to whom you want to assign that role. 5. Click OK. Add site owners or other users If you have not yet set up any groups for this site or site collection, you must set up groups before you can add any users to groups. (You can also add users individually, without setting up groups, but if you want to manage users efficiently, we recommend that you use groups.) To specify which group to assign to site visitors, site members, site owners, or other groups, use the following procedure. This procedure helps you set up the default groups, but you can also create additional groups.
  • 156. 156 Note The SiteName Owners group has the Full Control permission level on the site, so you can add users to that group to give them administrative access for that site. For more information about groups and permission levels, see Determine permission levels and groups to use (Windows SharePoint Services). Set up Members, Visitors, and Owners groups for a site 1. On the site home page, on the Site Actions menu, click Site Settings. 2. On the Site Settings page, click People And Groups. 3. On the People and Groups page, on the Quick Launch, click Groups. 4. On the People and Groups: All Groups page, on the Settings menu, click Set Up Groups. 5. On the Set Up Groups for this Site page, select a group for each set of users that you want to change. Alternatively, select Create a new group to assign a custom group to a set of users. After you have configured groups for the site, you can add users and grant them permissions by using the following procedure. Add users to groups 1. On the site home page, on the Site Actions menu, click Site Settings. 2. On the Site Settings page, click People And Groups. 3. On the People and Groups page, on the Quick Launch, click Groups. 4. Click the name of the group to which you want to add users. 5. On the People and Groups: Group name page, on the New menu, click Add Users. 6. On the Add Users page, type the account names that you want to add, or browse to find users from Active Directory directory service. 7. In the Give Permission section, be sure that Add users to a SharePoint group is selected and that the correct group is displayed. Note In rare cases, you might want to give individual permissions to a user by clicking Give users permission directly. However, assigning individual permissions to many users can quickly become difficult and time-consuming to manage. We recommend that you use groups as much as possible to efficiently manage site access. 8. Click OK. For more information about managing users and groups, see quot;Manage SharePoint groupsquot; in the Help system for Windows SharePoint Services 3.0.
  • 157. 157 III. Pre-release versions (Windows SharePoint Services)
  • 158. 158 Installing Windows SharePoint Services 3.0 for Beta 2 Technical Refresh Updates are available for the Beta 2 Technical Refresh of Microsoft SharePoint Products and Technologies. This article addresses how to obtain and install the update for Microsoft Windows SharePoint Services 3.0 Beta 2. This update will include two phases: a binary update and a database upgrade. This document addresses both phases. In this article: • How to install Beta 2 Technical Refresh update in a new installation • How to upgrade an existing Beta 2 installation to Beta 2 Technical Refresh • How to upgrade an existing Windows SharePoint Services 2.0 installation to Beta 2 Technical Refresh • Known issues • Appendixes How to install the Beta 2 Technical Refresh update in a new installation Method 1: Applying Beta 2 Technical Refresh update to Beta 2 (recommended) Note You need to install all SKUs and language packs on a server farm at the same time when you use this method. For example, if you intend to install Microsoft Office SharePoint Server 2007 Beta 2 and Microsoft Office Project Server 2007 Beta 2 on the same farm, both applications need to be installed at the same time. After the Beta 2 Technical Refresh update is installed, you will not be able to add additional applications or language packs at a later time unless you uninstall and reinstall all applications and language packs. Note Prior to installing the Beta 2 Technical Refresh, ensure that the account you are logged in as is a system administrator on all the computers in the farm and on the computer running SQL Server.
  • 159. 159 1. Install Microsoft .NET Framework 2.0 and Microsoft Windows Workflow Foundation Runtime Components Beta 2.2 (Build 3807.7).Also, ASP.NET Web server extensions must be enabled in Internet Information Services (IIS). Instructions for installing the Windows Workflow Foundation Beta 2.2 and Microsoft .NET Framework 2.0 are provided in Deployment for Windows SharePoint Services (version 3) technology. For more information about Microsoft .NET Framework 2.0, see the Microsoft .NET Framework Developer Center. For more information about the Windows Workflow Foundation Runtime Components Beta 2.2, see the Windows Workflow Foundation Web site. 2. Install the Beta 2 product from your local copy. For more information about installing Beta 2, see Deployment for Windows SharePoint Services (version 3) technology Note Make sure that a Beta 2 Web application has been provisioned in the server farm. Important Certain steps contained in this article direct you to stop and disable the Search service on all computers. If you do not stop the Search service by using the Services on Server page, search will not work on your sites after you apply the update. Follow step 3, below, to ensure that you have turned off the correct services before upgrade. 3. To turn off the Windows SharePoint Services Search service, do the following: a. Navigate to Central Administration on your farm. b. Click Operations, and select Services on Server from the Topology and Services section. c. Find Windows SharePoint Services Search, and click Stop. d. Click OK. e. Repeat this for all the servers in the farm where the Windows SharePoint Services Search service is running, and delete the registry keys listed below from all these servers 4. Uninstall Microsoft Windows Workflow Foundation Runtime Components Beta 2.2 (Build 3807.7). 5. Install Microsoft .NET Framework 3.0 – Release Candidate. 6. Install any additional Beta 2 applications or language packs that you require. 7. Now, install the Beta 2 Technical Refresh. a. Run the Windows SharePoint Services 3.0 Beta 2 Technical Refresh update.
  • 160. 160 • Start the update installation by double-clicking the update file. • Accept the End User License Agreement (EULA), and then click Continue. • After you have read and accepted the EULA, a confirmation dialog box appears with information about update requirements. Click Yes. • Clicking Yes will start installation, beginning with the extraction of the update files. • After the update installation has finished, the completion dialog box will be displayed. a. If you installed any additional language packs, you must exit the SharePoint Products and Technologies Configuration Wizard and install the Beta 2 Technical Refresh language pack updates for Windows SharePoint Services 3.0 before proceeding. 8. If you are upgrading from a stand-alone Beta 2 installation to a stand- alone Beta 2 Technical Refresh installation, delete the following registry node from your registry: • HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSServicesMicrosoft.SharePoint.Search.Admi nistration.SPSearchService 9. The SharePoint Products and Technologies Configuration Wizard will be automatically started when the update is completed. (If you closed the wizard or if it did not start, point to All Programs on the Start menu, point to Administrative Tools, and then click SharePoint Products and Technologies Configuration Wizard.) 10. A message is displayed asking you to run Setup on the remaining servers in the farm. Click OK to start upgrade, and then wait for upgrade to be completed. 11. Make sure that upgrade has been completed on the first server. Validate that the Central Administration site is rendered as you expect. 12. Repeat steps 1 through 9 on each remaining server computer in the farm. Run the SharePoint Products and Technologies Configuration Wizard on each of these computers and join the existing farm. 13. For each server on which Windows SharePoint Services Search was online, do the following: a. Start the Windows SharePoint Services Search service from the Services on Server page or by using stsadm -o spsearch -action start -databaseserver <DB serverinstance> -databasename <new name>
  • 161. 161 b. Recover the association of Search servers and content databases by using stsadm -o spsearch -action attachcontentdatabase -databaseserver <content database server> - databasename <content database name> -searchserver <Search server name> Note You can use Central Administration UI to start the Windows SharePoint Services Search service. You would need to create a new Database for Search and not use the existing one. Method 2: Installing Beta 2 Technical Refresh in a quot;slipstreamquot; approach New in Windows SharePoint Services 3.0 is the ability to install updates during the initial product installation, also called quot;slipstreaming.quot; The Setup software can find update files in the Updates folder, sequence them, and then apply those files during the initial product installation. The update installation is incorporated into the overall product installation experience. You can use the default method or customize your update installation. The default method is described below. For information about customizing the installation, see quot;Use Config.xml to customize update installationquot; in Appendixes, later in this article. 1. Install Microsoft Windows Workflow Foundation Runtime Components Beta 2.2 (Build 3807.7), and Microsoft .NET Framework 2.0. Also, ASP.NET Web server extensions must be enabled in Internet Information Services (IIS). Instructions for installing the Windows Workflow Foundation Beta 2.2 and Microsoft .NET Framework 2.0 are provided in Deployment for Windows SharePoint Services (version 3) technology. For more information about Microsoft .NET Framework 2.0, see the Microsoft .NET Framework Developer Center. For more information about the Windows Workflow Foundation Runtime Components Beta 2.2, see the Windows Workflow Foundation Web site. 2. Install updates during product installation via the default Updates folder. (To customize your installation, see quot;Use Config.xml to customize update installationquot; in Appendixes, later in this article.) a. Copy the Windows SharePoint Services 3.0 Beta 2 installation bits to your local computer. Windows SharePoint Services 3.0 Beta 2 was shipped to customers as an executable package. Extract the installation bits from the Beta 2 SharePoint_Setup.exe package by using the following command line: Sharepoint_setup.exe /extract:c:WSS
  • 162. 162 b. Locate the Updates folder in your local Windows SharePoint Services 3.0 source copy. The Updates folder should be in the root of the source. For example, if your Windows SharePoint Services 3.0 source is copied to C:WSS, the path to the Updates folder is C:WSSUpdates. c. Extract the updates from the Beta 2 Technical Refresh update package by using the following command line: <package> /extract:<path> 3. After completing Setup, if you need language packs, install the Beta 2 language packs for Windows SharePoint Services 3.0, and then install the Beta 2 Technical Refresh language pack updates for Windows SharePoint Services 3.0. 4. Uninstall Microsoft Windows Workflow Foundation Runtime Components Beta 2.2 (Build 3807.7). 5. Install Microsoft .NET Framework 3.0 – Release Candidate. 6. Run the SharePoint Products and Technologies Configuration Wizard. After the wizard has finished, you should have a working installation. Repeat all the steps of Method 2 above on each remaining server computer in the farm. When you run the SharePoint Products and Technologies Configuration Wizard on each of these computers, click Yes to join an existing farm. How to upgrade an existing Beta 2 installation to Beta 2 Technical Refresh Note Prior to installing the update, you need to be logged on as a domain account that has administrative credentials on both the Web server and the computer running SQL Server. Alternatively, you can log in by using an account that has the Database Creators and Security Administrators role in SQL Server, with database access to all of the databases in Windows SharePoint Services 3.0. Important Certain steps contained in this article direct you to stop and disable the Search service on all computers. If you do not stop the Search service by using the Services on Server page, search will not work on your sites after you update them. Follow step 1 below to ensure that you have turned off the correct services before upgrade.
  • 163. 163 To turn off the Windows SharePoint Services Search service 1. Navigate to Central Administration on your farm. 2. Click Operations, and select Services on Server from the Topology and Services section. 3. Find Windows SharePoint Services Search, and click Stop. 4. Click OK. 5. Repeat this for all the servers in the farm where the Windows SharePoint Services Search services is running, and delete the registry key listed below from all these servers: • HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSServicesMicrosoft.SharePoint.Search.Administrati on.SPSearchService To obtain and install the Beta 2 Technical Refresh updates 1. Obtain the updates for Beta 2 Technical Refresh at http://go.microsoft.com/fwlink/?LinkId=72231&clcid=0x409. 2. Uninstall Microsoft Windows Workflow Foundation Runtime Components Beta 2.2 (Build 3807.7). 3. Install Microsoft .NET Framework 3.0 – Release Candidate. This installs Windows Workflow Foundation version 4203.2. 4. If you are using a network load balancer, disconnect all servers from it. 5. Select a front-end Web server that is running Central Administration, and do the following: a. Start the Windows SharePoint Services 3.0 update installation by double-clicking the update file. b. Accept the End User License Agreement (EULA), and then click Continue. c. After you have read and acceped the EULA, a confirmation dialog box appears with information about update requirements. Click Yes. d. Clicking Yes will start installation, beginning with the extraction of the update files. Note During the installation process, you will receive the message about having to update Windows XP. Ignore this; click OK to continue. e. After the update installation has finished, the completion dialog box will be displayed. f. Click Ok. 6. If you installed Beta 2 language packs, you must exit the SharePoint Products and Technologies Configuration Wizard and install the Beta 2
  • 164. 164 Technical Refresh language pack updates for Windows SharePoint Services 3.0 before proceeding. 7. If you are upgrading from a stand-alone Beta 2 installation to a stand- alone Beta 2 Technical Refresh installation, delete the following registry node from your registry: • HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSServicesMicrosoft.SharePoint.Search.Admi nistration.SPSearchService 8. At this point, the Post Setup Configuration Wizard will be automatically started when the update is completed. (If you closed the wizard or if it did not start, point to All Programs on the Start menu, point to Administrative Tools, and then click SharePoint Products and Technologies Configuration Wizard.) 9. A message is displayed asking you to run Setup on the remaining servers in the farm. Click OK to start upgrade, and then wait for upgrade to be completed. 10. Verify that upgrade is completed by reviewing the upgrade log. The upgrade.log file, located at %Programfiles%Common FilesMicrosoft Sharedweb server extensions12LOGS, contains information about your update. 11. Repeat steps 1 through 10 on each remaining server computer on the farm. 12. Validate that your sites render as you expect. • Browse to the Central Administration site, validate that it renders as you expect. • Browse to each front-end Web server, validate that they all render as you expect. 13. Start the Windows SharePoint Services Search service from the Services on Server page or by using stsadm -o spsearch -action start -databaseserver <DB serverinstance> -databasename <new name> Recover the association of Search servers and content databases by using stsadm -o spsearch -action attachcontentdatabase -databaseserver <content database server> -databasename <content database name> -searchserver <Search server name> Note You can use Central Admin UI to start the Windows SharePoint Services Search service. You would need to create a new Database for Search and not use the existing one.
  • 165. 165 How to upgrade from Windows SharePoint Services 2.0 to Beta 2 Technical Refresh To upgrade from Windows SharePoint Services 2.0 directly to Beta 2 Technical Refresh, you will follow the same basic steps used above for incorporating Beta 2 Technical Refresh into a new installation, select your upgrade path, and complete the upgrade after performing some manual steps. There are three approaches to upgrade. • In-place upgrade, which updates the existing databases and servers, is generally easier, but the environment is offline while it runs. • Gradual upgrade, where upgrade is done on one to many site collections at a time, lets you run the old and new versions side by side, but it's more complex and resource-intensive than in-place upgrade. • Database migration is an upgrade into a clean farm. It works by copying databases into the new farm. Many manual steps are required to run this type of upgrade. Note If you are doing a content database migration, the easiest approach is to create a new, empty Beta 2 farm, then upgrade it to Beta 2 Technical Refresh by using the instructions in How to upgrade an existing Beta 2 installation to Beta 2 Technical Refresh earlier in this article. From there, follow the instructions in Deploy in Deployment for Windows SharePoint Services (version 3) technology. To do an in-place or gradual upgrade, you must use the slipstreaming approach. The Setup software has the ability to find update files in the Updates folder, sequence them, and then apply those files during the initial product installation. The update installation is incorporated into the overall product installation experience. 1. Install Microsoft Windows Workflow Foundation Runtime Components Beta 2.2 (Build 3807.7). 2. Install Microsoft .NET Framework 2.0. Also, ASP.NET Web server extensions must be enabled in Internet Information Services (IIS). Instructions for installing the Windows Workflow Foundation Beta 2.2 and Microsoft .NET Framework 2.0 are provided in Deployment for Windows SharePoint Services (version 3) technology. For more information about Microsoft .NET Framework 2.0, see the Microsoft .NET Framework Developer Center. For more information about the Windows
  • 166. 166 Workflow Foundation Runtime Components Beta 2.2, see the Windows Workflow Foundation Web site. 3. Install updates during product installation via the default Updates folder. (To customize your installation, see quot;Use Config.xml to customize update installationquot; in Appendixes later in this article.) a. Copy the Windows SharePoint Services 3.0 Beta 2 installation bits to your local computer. Windows SharePoint Services 3.0 Beta 2 was shipped to customers as an executable package. Extract the installation bits from the Beta 2 SharePoint_Setup.exe package by using the following command line: Sharepoint_Setup.exe /extract:c:WSS b. Locate the Updates folder in your local Windows SharePoint Services 3.0 source copy. The Updates folder should be in the root of the source. For example, if your Windows SharePoint Services 3.0 source is copied to C:WSS, the path to the Updates folder is C:WSSUpdates. c. Extract the updates from the Beta 2 Technical Refresh update package by using the following command line: <package> /extract:<path> Example: WSSB2TR-kbnnnnnn-en-us.exe /extract:C:WSSUpdates This command will place three Beta 2 Technical Release files that have the extension MSP in the <path> folder. Note When you extract the update, you will be prompted by the EULA. You will need to accept the EULA in order to proceed. d. Install the Windows SharePoint Services 3.0 Beta 2 product from your local copy by clicking setup.exe. For more information about installing Windows SharePoint Services 3.0 Beta 2, see Deployment for Windows SharePoint Services (version 3) technology. Updates will be automatically installed after Windows SharePoint Services 3.0 Beta 2 is installed. 4. Select either Yes, perform a gradual upgrade or Yes, perform an automated in-place upgrade (selected by default). 5. On the Server Type tab, select Web Front End or Standalone. 6. When Setup is complete, the screen displays a check box for starting the Post-Setup Configuration Wizard. Important Clear this check box, and click Close. If you do continue and the Post- Setup Configuration Wizard starts, close it.
  • 167. 167 7. Before running the SharePoint Products and Technologies Configuration Wizard, you must change the following registry keys based on the type of upgrade you have chosen. Automated in-place upgrade for a stand-alone installation • Navigate to the following registry keys in the registry editor: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSSetupType. Set the value to V2V_INPLACE_UPGRADE. HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSSetupTypeBackup. Set the value to V2V_INPLACE_UPGRADE. Add the following registry key of type DWORD, and set its value to 1: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSWmsdeToWyukonUpgrade Automated in-place upgrade for a single server with full SQL Server installation, or a farm • Navigate to the following registry keys in the registry editor: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSSetupType. Set the value to V2V_INPLACE_UPGRADE. HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSSetupTypeBackup. Set the value to V2V_INPLACE_UPGRADE. Gradual upgrade • Navigate to the following registry keys in the registry editor: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSSetupType. Set the value to V2V_GRADUAL_UPGRADE. HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSSetupTypeBackup. Set the value to V2V_GRADUAL_UPGRADE. 8. Run the pre-upgrade scanning tool (Prescan) by opening a command window, navigating to the WSS directory <local drive>Program filesCommon filesMicrosoft Sharedweb server extensions12bin, and typing the following at the command prompt: Prescan /all For more information about this tool, see Upgrading to Windows SharePoint Services version 3. 9. If you need language packs, install the Beta 2 language packs of Windows SharePoint Services 3.0 first, and then install the Beta 2 Technical Refresh language pack updates for Windows SharePoint Services 3.0.
  • 168. 168 10. Run the SharePoint Products and Technologies Configuration Wizard. 11. A message box is displayed that reminds you that you quot;must run setup and install new binary files for every server in your server farm.quot; You can close this message and continue. 12. If you have more than one server you are upgrading, you will repeat all the steps above, but run the SharePoint Product and Technologies Configuration Wizard from the command line. 13. After editing the registry keys and installing the Beta 2 and Beta 2 Technical Refresh language packs, open the command window. 14. Navigate to the WSS directory <local drive>Program filesCommon filesMicrosoft Sharedweb server extensions12bin. For gradual upgrade, use the command: psconfig -cmd configdb -connect –server <DBSERVERNAME> -database <SHAREPOINTCONFIG DB NAME from first WFE> -user <user acct> -password <pwd> -cmd installfeatures -cmd services -install -cmd secureresources -cmd upgrade –sidebyside For in-place upgrade, use the command: psconfig -cmd configdb -connect -server <configDBserver> -database <configDBname> -user <username> -password <pw> -cmd installfeatures -cmd services -install -cmd secureresources -cmd upgrade –inplace. 15. After the wizard has finished, you should have a working installation. The Finalize Upgrade page opens when you click Finish. If there are action items for you to complete, they will be listed on this page. 16. Copy the Windows SharePoint Services 3.0 Beta 2 installation bits to your local computer. Windows SharePoint Services 3.0 Beta 2 was shipped to customers as an executable package. Extract the installation bits from the Beta 2 SharePoint_Setup.exe package by using the following command line: Sharepoint_Setup.exe /extract:c:WSS 17. Locate the Updates folder in your local Windows SharePoint Services 3.0 source copy. The Updates folder should be in the root of the source. For example, if your Windows SharePoint Services 3.0 source is copied to C: WSS, the path to the Updates folder is C:WSSUpdates. 18. Extract the updates from the Beta 2 Technical Refresh update package by using the following command line: <package> /extract:<path> Example: WSSB2TR-kbnnnnnn-en-us.exe /extract:C:WSSUpdates This command will place three Beta 2 Technical Release files that have the extension MSP in the <path> folder.
  • 169. 169 Note When you extract the update, you will be prompted by the EULA. You will need to accept the EULA in order to proceed. 19. Install the Windows SharePoint Services 3.0 Beta 2 product from your local copy by clicking setup.exe. For more information about installing Windows SharePoint Services 3.0 Beta 2, see Deployment for Windows SharePoint Services (version 3) technology. Updates will be automatically installed after Windows SharePoint Services 3.0 Beta 2 is installed. Known issues For known issues, see the readme file that accompanies your update. Immediately after applying the update, browsing to the content site returns quot;Server error in / applicationquot; When browsing the site, the following ASP.NET event may appear: Event ID: 1310 Event code: 3006 Event message: A parser error has occurred. Event time: 8/28/2006 5:56:27 PM Event time (UTC): 8/28/2006 10:56:27 PM Event ID: 99a79803818e4b24a57ea3bc83b49b29 Event sequence: 5 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/1498048029/Root-2-128012793819527153 Trust level: WSS_Minimal
  • 170. 170 Application Virtual Path: / Application Path: C:InetpubwwwrootwssVirtualDirectories80 Machine name: servername Process information: Process ID: 2144 Process name: w3wp.exe Account name: DOMAINaccount Exception information: Exception type: Exception Exception message: The resource object with key 'open_menu' was not found. Request information: Request URL: http://servername/_layouts/error.aspx Request path: /_layouts/error.aspx User host address: 172.29.14.34 User: Domainacccount Is authenticated: True Authentication Type: NTLM Thread account name: Domainaccount To resolve this issue: 1. Reset IIS in order to refresh the SharePoint Products and Technologies content Web application information. 2. If you receive this message after applying the update, on each server in the farm run the command IISReset /noforce on each server in the farm.
  • 171. 171 3. If the problem still occurs after running IISRESET, this indicates that the Web application did not get upgraded and you need to perform the following procedure. To complete the upgrade 1. Open a command prompt and change to the following directory: Program FilesCommon FilesMicrosoft Sharedweb server extensions12 BIN 2. Run the following command: psconfig -cmd upgrade -inplace b2b -wait Incorrect or otherwise misleading instructions may be seen during Setup A message box in Setup provides misleading instructions in about how to upgrade a multi-server farm to Beta 2 Technical Refresh. You should ignore the pop-up message box and continue with upgrade. The easiest way to update and upgrade a multi-server farm to Beta 2 Technical Refresh from Beta 2 is to apply the upgrade to each server completely, before going to the next server. This is counter to the instructions in the message box. To explain further, the proper approach is: 1. Install the update, following the instructions. 2. You will see a message box that begins: quot;You must run setup to install new binary files for every server in your server farm.quot; 3. Click OK and continue past this message box. 4. Follow the on-screen instructions until the upgrade process has been completed on this first server. 5. After upgrade has been completed on the first server, go to the next server in the farm and repeat the same process. Do not try to run upgrade on more than one server in the farm at any one time. Resolving issues with custom site definitions If you have upgraded custom sites with Windows SharePoint Services 3.0 Beta 2 by using custom site definition upgrade files, and then you apply the Beta 2 Technical Refresh update, these files will not be updated. This explains the need for the subsequent upgrade of any remaining custom sites after the update fails.
  • 172. 172 After the update is applied. and before any version-to-version upgrade for the custom sites is started, re-create the custom site definition upgrade files. Resolve quot;error in Web Partquot; error message When you go to Windows SharePoint Services 3.0 Central Administration, you might see a message saying quot;error in Web Partquot; on the home page. To resolve this issue, reset the Farm Topology Web Part by doing the following: 1. On the Site Actions menu, click Edit Page. 2. On the Farm Topology Web Part, on the toolbar, click Edit, and then click Delete. 3. In the Left Web Part Zone, click Add a Web Part. 4. In the Add Web Parts to Left dialog box, select the check box next to the Farm Topology Web Part, and then click Add. This resets the Web Part to its proper state. Recover the SharePoint Search Service after upgrade If you did not apply the workaround before updating, do the following on each and every server that has an online (quot;startedquot;) Windows SharePoint Services Search service: 1. Open a command prompt on the server, and change directory to Program FilesCommon FilesMicrosoft Sharedweb server extensions12 BIN. 2. Type stsadm -o spsearch -i This will output the current association of content databases to search servers. You need this for step 3. 3. On each and every server that has an online (quot;startedquot;) Windows SharePoint Services Search service, do the following: • Stop the Windows SharePoint Services Search service (this action throws away the Search index): stsadm -o spsearch -action stop 4. If you encounter a problem or error, type the following commands: • net stop sptimerv3 • net stop spsearch • If the service will not stop, type Kill -f mssearch.exe • stsadm -o spsearch -action stop • net start sptimerv3
  • 173. 173 Windows Workflow Foundation error When installing the Beta 2 Technical Refresh update for Windows SharePoint Services 3.0, an error message reports quot;This product requires Windows Workflow Foundation (version 3.0.4125.0), which is part of .Net Framework 3.0.quot; However, installing version 3.0.4125.0 of Workflow Foundation does not fix the problem. The Workflow Foundation version number specified in the error message is incorrect. The correct version number is 3.0.4203.2. It can be downloaded as part of the Microsoft .NET Framew. Error message received after update is complete When you have completed the update, and before the configuration wizard starts, you will receive the message, quot;You have at least one other product or language that requires the Beta 2 Technical Refresh. Use Add/Remove Programs to determine which products need to be updated on Windows XP. To perform this action on Windows Vista, reference the Installed Programs feature.quot; This message can be ignored. Click OK. Appendixes In this appendix: • Best practices for planning to update • Use Config.xml to customize update installation • Upgrade strategies for different server configurations • What happens during update • What happens during upgrade • How to detect upgrade completion Best practices for planning to update To ensure a smooth upgrade process, be sure to follow these best practices. 1. Back up your data. Perform a full backup before upgrading, You should do this because, if anything happens to your servers, you won't have to start from the old version and perform the upgrade again. 2. Try it on a test farm first
  • 174. 174 Back up the live farm, restore to test servers and perform the update. Examine the results to set expectations for what the live updated sites will look like and to determine how much post-update customization will have to be done, plus how long the update will take. For more information about performing a test upgrade and a list of common issues, see Use a trial upgrade to find potential issues in Upgrading to Windows SharePoint Services (version 3). 3. Plan for capacity The upgrade that will be done with this update is an in-place upgrade. With the in-place upgrade, you need to plan for very little expansion in the databases; however, many transactions take place while the upgrade process runs, and so the log files will need to expand to accommodate the changes taking place. To find out how large your databases are currently, use SQL Server Enterprise Manager. In addition to the database space, you also need to have room for the following log files: • The upgrade log files. • The transaction log files for the databases. These log files must grow quickly to accommodate the number of changes taking place in the databases. Be sure that you have enough disk space for these log files. Note In very large environments, there is a possibility that the default growth rate for the transaction log files (10 percent) is not enough to keep up with the upgrade process, and can cause a timeout in the process. Again, a trial upgrade is the best way to determine if the transaction log files can keep up with the upgrade process. If your environment is very large, or if you timed out during a trial upgrade, consider pre-growing the SQL Server transaction log files to be sure that you have room for the amount of transactions that need to be processed. For more information about pre-growing the SQL Server transaction logs, see the Expanding a Database topic in the SQL Server 2000 documentation 4. Estimate how long the upgrade will take. The best way to estimate overall time is to do a trial update of a small portion of the data, then review the upgrade log files. You can also use the log files to check your progress during the update process. The upgrade.log file located at %Programfiles%Common FilesMicrosoft Sharedweb server extensions12 LOGS contains the duration. There are cases, however, where your databases may have grown larger than is manageable, and cannot be split. In this case, the Stsadm.exe backup and
  • 175. 175 restore commands can help you split the content up into more manageable chunks. 5. Create a communication plan In general, the server administrators and Shared Services Providers (SSP) administrators set the timeline for upgrade, and site owners are notified only when the process is about to begin. However, because each team member has their own tasks to perform at particular points in the overall update process, it is critical that you have a solid plan to communicate the progress of the update to all team members so that everyone knows when it is time to perform their particular tasks. It is important to communicate with site owners, designers, and developers at the following points during the update process: • When their sites will be updated. They must be informed that their sites will be unavailable during the upgrade. • When to expect their updated sites to be ready. This means that the upgrade team has not only upgraded but also verified the functionality of the upgraded sites. • How the update may impact them and what they should know about the new environment. For example, the site may look different or function slightly differently. Or they may need to reapply customizations from the old site after update. 6. Determine how to handle customizations By default, if you used a SharePoint-compatible Web page editor such as Microsoft Office FrontPage to perform customizations, an in-place upgrade preserves customizations and does not reset the site definition. If you are using customized site definitions, an upgrade definition is required to properly upgrade. Use Config.xml to customize update installation To customize your installation, perform the following steps instead of step 2 for Method 2 under How to install Beta 2 Technical Refresh update in a new installation earlier in this article. 1. Install updates during product installation via a redirect to the Updates folder a. Extract the updates from the Beta 2 Technical Refresh installation package to a folder on the local test computer by using the following command line: <package> /extract:<path> Example: WSSB2TR-kbnnnnnn-en-us.exe /extract:C:B2TRUpdates
  • 176. 176 b. Create a customized Config.xml file with the following setting configured: <Configuration> <SetupUpdates CheckForSUpdate='Yes' SUpdateLocation='<path>'/> </Configuration> Where <path> is the location you extracted the Beta 2 Technical Refresh updates to (for example, C:B2TRUpdates) Note There is a default Config.xml file in the filessetup folder of the installation bits for Windows SharePoint Services 3.0 Beta 2. If you prefer, you can modify this file rather than create a new one. c. Install Windows SharePoint Services 3.0 Beta 2 by using the Config.xml file that redirects the Updates folder: Setup.exe /config <config.xml file> Note Updates will be automatically installed after Windows SharePoint Services 3.0 Beta 2 is installed. Upgrade strategies for different server configurations There are two types of installations that are possible for Windows SharePoint Services 3.0, the stand-alone server and the farm. In this section you will find approaches to updating your servers that are intended to minimize downtime and maximize throughput. Stand-alone server Updating a stand-alone server installation is fairly straightforward in that only one server will be updated. When installation of the update is finished, the Post Setup Configuration Wizard will start, which will allow you to trigger the upgrade. As such, Windows SharePoint Services 3.0 will be offline during the update. Server farm A server farm can be small (one or two servers) or medium to large (three or more servers). As the server farm grows in size, so does the number of possible configurations and the level of complexity.
  • 177. 177 Small farm Like the stand-alone server deployment, updating a small farm is fairly straightforward. In a two-server configuration, you likely have the application and Web tier installed on one server and the database tier installed on the other. Windows SharePoint Services 3.0 will be offline during the update; you will need to plan accordingly. Large and medium server farm strategy With the medium and large farm, there will be a period of time when Windows SharePoint Services 3.0 is not available. With some understanding of the process, you can minimize downtime. The nature of server farms in SharePoint Products and Technologies, and the importance of the configuration database, necessitate that one server must initiate the farm upgrade to update any objects in the configuration database. This server will be one that has the Central Administration Web application. By way of example, consider the following steps: 1. Select a server that has the Central Administration Web application. 2. If you are using a network load balancer, disconnect servers from it. 3. Open a command prompt on the server and change directory to Program FilesCommon FilesMicrosoft Sharedweb server extensions12 BIN 4. Type stsadm -o spsearch -i This will output the status of Search servers, their global configuration information, and the current association of content databases to search servers. You need this later for step 6. 5. On each and every server with an online (quot;startedquot;) SharePoint Search service, stop the SharePoint Search service (this action throws away the Search index) by using one of the following methods: • stsadm -o spsearch -action stop • Stop the Windows SharePoint Services Search service by using the Services on Server page • Run updates and the Post Setup Configuration Wizard on all the servers in the farm. Caution If you do not stop the Search service on all server computers, you could get search database corruption and will need to reset your
  • 178. 178 index to continue. If you did not stop the service before running the update, on each server with an online (quot;startedquot;) Windows SharePoint Services 3.0 Search service, follow the steps in quot;Recover the Windows SharePoint Services Search service after upgradequot; in Known issues, earlier in this article. 6. For each server on which Windows SharePoint Services Search was online: • Start the Windows SharePoint Services Search service from the Services on Server page or by using stsadm -o spsearch -action start -databaseserver <DB serverinstance> -databasename <new name> • Recover the association of Search servers and content databases by using stsadm -o spsearch -action attachcontentdatabase -databaseserver <content database server> -databasename <content database name> -searchserver <Search server name> 7. Update your version of Windows Workflow Foundation on each of your servers. 8. Install the update on the server that has the Central Administration Web application that you identified in step 1. 9. When installation of the update is finished, start upgrade by using the Post Setup Configuration Wizard from the server that has the Central Administration Web application that you identified in step 1. 10. When the upgrade is complete, if you are using a network load balancer, reconnect it to the server that has the Central Administration Web application that you identified in step 1. 11. Install the update on all other servers. 12. Perform upgrade of all other servers. 13. If you are using a network load balancer, reconnect servers to it. Note All servers in the farm need to be updated, however you need to update one server at a time before moving on to another server. What happens during update Updating the Windows SharePoint Services 3.0 Beta 2 is a two step process: update and upgrade. During the update step, the binary bits are replaced.
  • 179. 179 What happens during upgrade A build-to-build in-place upgrade takes place on the same hardware as your previous installation. When you run an in-place upgrade, the process upgrades your entire installation in a preset sequence. The following steps explain what happens as the in-place upgrade process runs. 1. After performing all update steps, the installation software performs an in-place upgrade. 2. The upgrade process runs and upgrades the configuration database and the Central Administration site. 3. The upgrade process runs and upgrades any data specific to the server (for example, search settings). 4. The upgrade process runs on each Web application and upgrades each site collection in that Web application. Note When you install an update, it will upgrade the data for the current Windows SharePoint Services installation to the newest version. To ensure that no customizations are lost, the farm property for quot;reset pages to site template version during upgradequot; will be set to FALSE. This is done automatically and requires no further action on your part. 5. After all sites have been upgraded, the upgrade process ends. 6. Repeat the upgrade action on each server in a server farm environment. 7. The administrator confirms that upgrade is complete by checking the upgrade log. How to detect upgrade completion The best way to detect that the upgrade has completed is to review the upgrade log files. You can also use the log files to check your progress during the update process. The upgrade.log file, located at %Programfiles%Common FilesMicrosoft Sharedweb server extensions12LOGS, contains information about your update. When upgrade is complete, the log file will finish with the string quot;upgrade session has finishedquot;. The log will also report any errors or warnings. If errors or warnings have occurred, determine your next action based on information in the log file. See Also • Deployment for Windows SharePoint Services (version 3) technology
  • 180. 180 Upgrading from Windows SharePoint Services 3.0 Beta 2 Technical Refresh to Release Version Follow the instructions in this article carefully when you upgrade from Microsoft Windows SharePoint Services 3.0 Beta 2 Technical Refresh to the release version. During upgrade, your farm will be offline for a period of time while the databases are upgraded to the release version of the product. Be sure to notify your customers in advance. In this article: • Prepare for upgrade • Uninstall Windows SharePoint Services 3.0 Beta 2 Technical Refresh • Install the release version of Windows SharePoint Services 3.0 • Uninstall and reinstall Microsoft .NET Framework 3.0 Prepare for upgrade Perform the procedures in this section on every server computer in your farm. Delete failed timer jobs 1. Open SharePoint 3.0 Central Administration. 2. On the top navigation bar, click Operations. 3. In the Global Configuration section, click Timer job definitions. 4. On the Timer Job Definitions page, look for backup and restore or upgrade timer jobs in the list. If any exist, delete them by clicking the timer job and then clicking Delete on the page that appears. Record current server information 1. Record the name of every server computer that hosts SharePoint 3.0 Central Administration. 2. Record the following information for each server computer: • Server type When you install the release version, you will need to specify the same server type that you have currently installed for each server computer in your farm.
  • 181. 181 Note The server type of a computer is located in the HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSServerRole registry subkey. The values are singleserver for Basic installations or WFE for Advanced (farm) installations. • Central Administration account and password You will need to use the same account and password when you install the release version. Stop Windows SharePoint Services Search in a Basic installation 1. Open SharePoint 3.0 Central Administration. 2. On the top navigation bar, click Operations. 3. In the Topology and Services section, click Services on Server. Stop Windows SharePoint Services Search. Stop Windows SharePoint Services Search in an Advanced (farm) installation 1. On the Start menu, click Run. In the Open box, type cmd and then click OK. 2. At the command prompt, type cd %Programfiles%Common FilesMicrosoft Sharedweb server extensions12bin 3. At the command prompt, type stsadm -o spsearch -action list > SearchServerList.txt 4. Open SharePoint 3.0 Central Administration. 5. On the top navigation bar, click Operations. 6. In the Topology and Services section, click Services on Server. 7. On every server, stop Windows SharePoint Services Search if it is not already stopped. To easily check the status of the search service on each server, click the server name in the Server list. Modify the registry setting for the configuration database connection 1. On the Start menu, click Run. In the Open box, type regedit and then click OK. 2. In the Registry Editor, navigate to and click the following subkey: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0SecureConfigDB 3. On the File menu, click Export, and in the File name box, typeSharePointRegKeyBackupThis backs up the subkey so you can restore it to your registry later, if necessary. 4. Under the registry subkey, right-click the dsn value, and then click Rename. 5. Type dsn2 for the name, and then press ENTER to save your changes.
  • 182. 182 Caution Be sure to check that you have renamed the registry key to dsn2. If you fail to perform this step, upgrade will fail and you will have to manually upgrade the content databases to a new installation. This step is required for the installation process to detect and upgrade Beta 2 Technical Refresh to the release version. 6. Close the Registry Editor. Delete existing SharePoint Products and Technologies Configuration Wizard logs 1. Open a command window. 2. At the command prompt, type cd quot;%programfiles%common filesmicrosoft sharedweb server extensions12logsquot; and then press ENTER. 3. At the command prompt, type del psc*.log and then press ENTER. Uninstall Beta 2 Technical Refresh Perform the procedure in this section on all server computers in your farm. You can perform the steps in parallel across all server computers, or complete the procedure on each computer before moving to the next. You do not need to uninstall .NET Framework or Windows Workflow Foundation from these computers. Uninstall Beta 2 Technical Refresh 1. In Control Panel, double-click Add or Remove Programs. 2. Uninstall all Microsoft Windows SharePoint Services 3.0 Language Packages. Caution You must uninstall all language packs before you uninstall Windows SharePoint Services 3.0 Beta 2 Technical Refresh. If you do not uninstall all language packs at this point, you will be unable to install the release version of Windows SharePoint Services 3.0. 3. A message box appears to remind you to run the SharePoint Products and Technologies Configuration Wizard after uninstalling the language packs. You can ignore this reminder; click OK. 4. Select Microsoft Windows SharePoint Services 3.0, and then click Remove. 5. In the first message box that asks you to confirm that you want to uninstall, click Yes. 6. In the second message box that asks you to confirm that you want to uninstall, click OK. 7. If you are prompted to restart the computer, do so.
  • 183. 183 Install the release version of Windows SharePoint Services 3.0 The procedure in this section must first be performed on a front-end Web server that hosted the Central Administration Web application in your Beta 2 Technical Refresh installation, which you noted under quot;Record current server information,quot; earlier in this article. After you successfully complete this procedure on that server computer, perform it on all the other server computers in the farm, one at a time. Note If upgrade fails on any server computer, do not run this procedure on any other computer in the farm until you have fixed the problem. After you have fixed the problem, run the SharePoint Products and Technologies Configuration Wizard again to resume upgrade. Install Windows SharePoint Services 3.0 release version 1. Run Setup for the release version of Windows SharePoint Services 3.0. 2. Follow the steps to install the product. If the Upgrade Earlier Versions dialog box is displayed, choose No, do not upgrade at this time, and then click Install Now. 3. On the welcome page of the SharePoint Products and Technologies Configuration Wizard, click Cancel, and then click Yes in the dialog box that appears. 4. If you are using a Basic installation, perform the following steps: a. In Control Panel, double-click Administrative Tools, and then double-click Services. b. Double-click SQL Server 2005 Embedded Edition (MICROSOFT##SSEE). c. In the Startup type list, click Automatic, and then click OK. d. Click Start the service. e. On the Start menu, click Run. In the Open box, type regedit and then click OK. f. In the Registry Editor, navigate to the following subkey: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSS g. Under the registry subkey, double-click the Server Role value, change the value to SINGLESERVER, and then click OK. h. Close the Registry Editor. 5. Install any Microsoft Windows SharePoint Services 3.0 Language Packages. At the end of every language pack installation, cancel the SharePoint Products and Technologies Configuration Wizard when it opens. 6. Run the SharePoint Products and Technologies Configuration Wizard. Use the Central Administration account and password that you noted under quot;Record current server information,quot; earlier in this article. Be sure you select the same server type you previously used for this server, which you also noted under quot;Record current server information.quot;
  • 184. 184 A message box appears to remind you that services will be started; click Yes. A message box appears to remind you to run the wizard on each server in the farm; click OK. Note Upgrade may only be run on one server computer in the farm at a time. Ignore the warning that is briefly displayed in the wizard that reads Failed to start search service SPSearchServiceInstance on this server after completing upgrade. Please start it manually. You will start this service in step 10. 7. If you are performing a Basic installation and the SharePoint Products and Technologies Configuration Wizard fails with the error message …is blocked because the signature is not valid, do the following: a. On the Start menu, click Run. In the Open box, type regedit and then click OK. b. In the Registry Editor, navigate to the following subkey, and then delete it: HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsWeb Server Extensions12.0WSSServicesMicrosoft.SharePoint.Search.Administration.SPSearchService c. Run the SharePoint Products and Technologies Configuration Wizard again. 8. Wait until upgrade has been completed successfully on this server computer before you start upgrade on any other server computer. 9. Open the file SearchServerList.txt, which you created in step 3 of quot;Stop Windows SharePoint Services Search in an Advanced (farm) installation,quot; earlier in this article. 10. On every server listed with Status:Online, do the following: a. On the Start menu, click Run. In the Open box, type cmd and then click OK. b. At the command prompt, type cd %Programfiles%Common FilesMicrosoft Sharedweb server extensions12 bin c. At the command prompt, type stsadm -o spsearch -action start -farmserviceaccount DoMAINname -farmservicepassword password -databaseserver searchdatabaseserver -databasename WSS_Search_NewDB 11. After starting search, you need to associate content databases to search servers. If a content database is not associated with a search server and you attempt a search on a site in the content database, the following message will be displayed: Your search cannot be completed because this site is not assigned to an indexer. Perform the following steps: a. Open SharePoint 3.0 Central Administration, click Application Management, and then click Content Databases. b. Click the content database for a Web application, and for Search Server choose a Windows SharePoint Services Search Server. c. Repeat these steps for each content database for each Web application. If the Search service is not functional, perform the following procedures for both Basic and Advanced (farm) installations. On each and every server that has an online (quot;startedquot;) Windows SharePoint Services Search service, do the following:
  • 185. 185 1. Open a command prompt window on the server, and change directory to Program FilesCommon FilesMicrosoft Sharedweb server extensions12BIN. 2. Type stsadm -o spsearch –action list This will output the current association of content databases to search servers. 3. Type stsadm -o spsearch -action stop This stops the Windows SharePoint Services Search service (this action throws away the search index). If you encounter a problem or error, do the following: 1. Type net stop sptimerv3 net stop spsearch If the service does not stop, do the following: 1. Open a command prompt window, and type run tasklist /svc 2. Find quot;SPSearchquot; in the output and note the process ID <pid>. 3. At the command prompt, type run taskkill /f /pid <pid> 4. At the command prompt, type stsadm -o spsearch -action stop net start sptimerv3 Uninstall and reinstall Microsoft .NET Framework 3.0 After you have successfully installed the release version and verified that the search service is functional, perform this procedure on every server computer in your farm. Uninstall and reinstall Microsoft .NET Framework 3.0 1. In Control Panel, click Add or Remove Programs, select Microsoft .NET Framework 3.0, and then remove it. 2. Install Microsoft .NET Framework 3.0 (http://www.microsoft.com/downloads/ details.aspx?FamilyId=10CC340B- F857-4A14-83F5-25634C3BF043&displaylang=en).