Microsoft NetWork 2016 - SharePoint Add-ins (SharePoint Apps) su novi način kreiranja custom rješenja koja se naslanjaju na SharePoint. AddOns se ne izvršavaju unutar SharePoint konteksta već kao zasebne web aplikacije, te stoga njihovo konfigurisanje predstavlja važan korak u konfigurisanju bilo koje SharePoint farme (bilo prilikom razvoja ili prilikom implementacije u produkciji). Za pravilno konfigurisanje AddOn-a neophodno je ispuniti nekoliko preduslova - kako na samom SharePoint-u tako i na pratećoj infrastrukturi. U ovom predavanju ćemo detaljno, korak po korak, objasniti neophodne korake, pokazati kako se konfiguriše SharePoint kroz administrativni web interfejs te upotrebom PowerShell-a kako bi SharePoint AddOns mogli da se instaliraju na farmi. ovo predavanje namijenjeno je svima koji imaju potrebu da konfigurišu SharePoint Server za Addins, kao i onima koji se time bave iz hobija.
6. Problem
• SharePoint 2013 / 2016 => preporuka da se ne
koristi Server-Side Code (Farm Solutions)
• SharePoint Apps / SharePoint Add-ins su
preferirani način za razvoj i deployment custom
rješenja
• Neophodna je dodatna konfiguracija na
SharePoint farmi
8. Konfiguracija farme
1. DNS konfiguracija
a. Forward Lookup zona
b. CNAME Alias
2. Wildcard SSL sertifikat
3. Konfigurisanje SharePoint servisnih aplikacija
a. Subscription Settings SA
b. App Management SA
4. Konfigurisanje add-on URL-ova
9. DNS konfiguracija
• Forward Lookup Zona
– u slucaju odvojenog domena (opciono)
• CNAME Alias
– „wildcard“
– Redirekcija svih zahtjeva sa app domenom (ili
poddomenom) na FQDN SharePoint farme
10. Wildcard SSL sertifikat
• Potreban je samo u slučaju ako su i
SharePoint i add-on konfigurisani za SSL
12. SharePoint Service Apps (2)
2. Konfigurisati Subscription Service app (PoSh)
$account = Get-SPManagedAccount "<AccountName>"
# Gets the name of the managed account and sets it to the variable $account for later use.
$appPoolSubSvc = New-SPServiceApplicationPool -Name SettingsServiceAppPool -Account $account
# Creates an application pool for the Subscription Settings service application.
# Uses a managed account as the security account for the application pool.
# Stores the application pool as a variable for later use.
$appSubSvc = New-SPSubscriptionSettingsServiceApplication -ApplicationPool $appPoolSubSvc -Name SettingsServiceApp -
DatabaseName <SettingsServiceDB>
# Creates the Subscription Settings service application, using the variable to associate it with the application pool
that was created earlier.
# Stores the new service application as a variable for later use.
$proxySubSvc = New-SPSubscriptionSettingsServiceApplicationProxy -ServiceApplication $appSubSvc
# Creates a proxy for the Subscription Settings service application.
13. SharePoint Service Apps (3)
2. Konfigurisati App Management Service app
(PowerShell ili Centralna Administracija)
$account = Get-SPManagedAccount "<AccountName>"
# Gets the name of the managed account and sets it to the variable $account for later use.
$appPoolAppSvc = New-SPServiceApplicationPool -Name AppServiceAppPool -Account $account
# Creates an application pool for the Application Management service application.
# Uses a managed account as the security account for the application pool.
# Stores the application pool as a variable for later use.
$appAppSvc = New-SPAppManagementServiceApplication -ApplicationPool $appPoolAppSvc -Name AppServiceApp -DatabaseName
<AppServiceDB>
# Creates the Application Management service application, using the variable to associate it with the application
pool that was created earlier.
# Stores the new service application as a variable for later use.
$proxyAppSvc = New-SPAppManagementServiceApplicationProxy -ServiceApplication $appAppSvc
# Creates a proxy for the Application Management service application.
14. Konfigurisanje add-in URL-ova
• PowerShell-om ili iz
Centralne Administracije
Set-SPAppDomain <appDomain>
Set-SPAppSiteSubscriptionName -Name "app" -Confirm:$false
16. Low Trust Autorizacija
• Microsoft preporučuje ovaj način autorizacije
• Prvenstveno namijenjena za add-ine koji su cloud-hostani
• Trusted Token Issuer je Azure Access Control Service
• Koriste se access-tokeni za autorizaciju
• Neophodna internet konekcija
• Add-ini se mogu objaviti na Office Store i instalirati na
SharePoint Online (Office 365)
• Detaljna konfiguracija na https://github.com/OfficeDev/PnP-
Tools/tree/master/Scripts/SharePoint.LowTrustACS.Configurati
on
17. Low trust
SharePoint Farm
Add-in Admin
End Users ACS
Registration
of add-in
Verification of
registration
Approve
and publish
Remote
connectivity
2
34 5
6
7
Server & Tenant
Admin
1
Associate server
to Office 365 tenant
Provider hosted
add-ins
spapp_appnane.contoso.com
18. High Trust Autorizacija
– Koriste se digitalni sertifikati
– Namijenjena za full on-premises okruženja
– Malo komplikovanija za konfiguraciju
– Nije neophodna internet konekcija
– Add-ini se ne mogu instalirati na SharePoint Online
– Detaljna konfiguracija na https://msdn.microsoft.com/en-
us/library/office/fp179901.aspx
– Konfiguracijske PowerShell skripte na
https://msdn.microsoft.com/en-us/library/office/dn579380.aspx
19. High trust (S2S)
SharePoint Farm
Add-in Admin
End Users
Registration
of certificate
1
Server Admin
Provider hosted
add-ins
spapp_appnane.contoso.com
Configuration of
certificate
Approve and
publish apps
2
7
6
4 5
3
Remote
connectivity
Verification of
certificate
21. Dijeljeno okruženje
Najčešća konfiguracija
Svaki add-in ima svoj ASP.NET web sajt na dijeljenoj IIS farmi
Load balanced za visoku dostupnost
1
Differentservicesusedby
add-ins
Networkloadbalancer ASP.netapplications
hostedinIIS
Loadbalanced
servers
https://spapp_app1.contoso.com
https://spapp_app2.contoso.com
https://spapp_app3.contoso.com
2
4
5
https://spapp_app3.contoso.com
3
22. Dedicated okruženje
Svaki add-on ima svoju ASP.net IIS aplikaciju na zasebnim serverima
Load balanced za visoku dostupnost
1
Differentservicesusedby
add-ins
Networkloadbalancer ASP.netapplications
hostedinIIS
Loadbalanced
servers
https://spapp_app1.contoso.com
https://spapp_app2.contoso.com
https://spapp_app3.contoso.com
2
3 4
5
23. Izolovano okruženje
Za svaku organizaciju se projektuju zasebna okruženja projektovana
ponaosob kao dijeljeno okruženje
1
Differentservicesusedby
add-ins
Networkloadbalancer ASP.netapplications
hostedinIIS
Loadbalanced
servers
https://spapp_org2_app2.contoso.com
2
3 4
5
https://spapp_org2_app1.contoso.com
https://spapp_org1_app2.contoso.com
https://spapp_org1_app1.contoso.com
https://spapp_org3_app2.contoso.com
https://spapp_org3_app1.contoso.com
24. Za više informacija
• Configure an environment for apps for SharePoint
(SharePoint 2013)
• Set up an on-premises development environment
for SharePoint Add-ins
• Architecture models for SharePoint provider hosted
add-ins in on-premises
• Office Dev PnP Web Cast – Provider hosted add-in
infrastructure setup for SharePoint on-premises
• Patterns and Practices videos (Channel 9)