This post assumes you've already installed the SharePoint Binaries (Grey Wizard), and that you are not using the Farm Config Wizard (White Wizard) to set up the farm, and that you've read HarbarNet before reading this post. It also assumes that you've patched the install to the most recent cu.
Note: You don't have to install everything, you could just take the code in green below, for the managed metadata service, or you could manually do it.
User Profile Synchronization service application configuration doesn’t have to stress you anymore. And most of what you are about to read is adapted from HarbarNet, from the post that is\was located at this URL: http://www.harbar.net/articles/sp2010ups.aspx and from TechNet
Here are the steps adapted from Spence Harbar’s blog and parts of TechNet:
1. Install SharePoint in a whatever farm topology, use a setup user account to run the install, this user is a local admin
2. When you get to the screen that asks for the account that will connect to the back end database, enter the name of the server, not the FQDN. Enter Myserver, not Myserver.mydomain.com
3. Enter the account name for the Farm Account (DOMAIN\My_Farmer). Note: this is not the setup user account,
4. After the farm installs, patch it to the most current cumulative update (note: this was needed for SharePoint 2010 RTM, and is not the case with 2013): http://technet.microsoft.com/en-us/sharepoint/bb735839.aspx
5. After the farm is updated and you’re still logged in with the setup user account, save this text into a file with a .ps1 extension
Click here to watch a video of this script
#####################################################
This script replicates most of the functionality found in the SharePoint Products Configuration Wizard with the EXCEPTION of the USER PROFILE SERVICE
original content for what follows - located here: http://technet.microsoft.com/en-us/library/gg983005%28v=office.14%29.aspx
#####################################################
Add-PSSnapin Microsoft.SharePoint.PowerShell -erroraction SilentlyContinue
## Settings you may want to change ##
$databaseServerName = “2010SQL”
$searchServerName = “2010WEB1” #Front end Server that will run central admin, the server you’re on right now
$saAppPoolName = “SharePoint Web Services Default”
$appPoolUserName = “DOMAIN\MyFarmer” #farm admin account for Timer and Central admin, check that both services are running under this account before
# running this script
## Service Application Service Names ##
$accesssSAName = “Access Services”
$bcsSAName = “Business Data Connectivity Service”
$excelSAName = “Excel Services Application”
$metadataSAName = “Managed Metadata Web Service”
$performancePointSAName = “PerformancePoint Service”
$searchSAName = “SharePoint Server Search”
$stateSAName = “State Service”
$secureStoreSAName = “Secure Store Service”
$usageSAName = “Usage and Health Data Collection Service”
$userProfileSAName = “User Profile Synchronization Service”
$visioSAName = “Visio Graphics Service”
$WebAnalyticsSAName = “Web Analytics Service”
$WordAutomationSAName = “Word Automation Services”
$saAppPool = Get-SPServiceApplicationPool -Identity $saAppPoolName -EA 0
if($saAppPool -eq $null)
{
Write-Host “Creating Service Application Pool…”
$appPoolAccount = Get-SPManagedAccount -Identity $appPoolUserName -EA 0
if($appPoolAccount -eq $null)
{
Write-Host “Please supply the password for the Service Account…”
$appPoolCred = Get-Credential $appPoolUserName
$appPoolAccount = New-SPManagedAccount -Credential $appPoolCred -EA 0
}
$appPoolAccount = Get-SPManagedAccount -Identity $appPoolUserName -EA 0
if($appPoolAccount -eq $null)
{
Write-Host “Cannot create or find the managed account $appPoolUserName, please ensure the account exists.”
Exit -1
}
New-SPServiceApplicationPool -Name $saAppPoolName -Account $appPoolAccount -EA 0 > $null
}
Write-Host “Creating Usage Service and Proxy…”
$serviceInstance = Get-SPUsageService
New-SPUsageApplication -Name $usageSAName -DatabaseServer $databaseServerName -DatabaseName “UsageDB” -UsageService $serviceInstance > $null
Write-Host “Creating Access Services and Proxy…”
New-SPAccessServiceApplication -Name $accesssSAName -ApplicationPool $saAppPoolName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Access Database Service”} | Start-SPServiceInstance > $null
Write-Host “Creating BCS Service and Proxy…”
New-SPBusinessDataCatalogServiceApplication -Name $bcsSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “BusinessDataCatalogDB” > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Business Data Connectivity Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Excel Service…”
New-SPExcelServiceApplication -name $excelSAName –ApplicationPool $saAppPoolName > $null
Set-SPExcelFileLocation -Identity “http://” -ExcelServiceApplication $excelSAName -ExternalDataAllowed 2 -WorkbookSizeMax 10 -WarnOnDataRefresh:$true
Get-SPServiceInstance | where-object {$_.TypeName -eq “Excel Calculation Services”} | Start-SPServiceInstance > $null
Write-Host “Creating Metadata Service and Proxy…”
New-SPMetadataServiceApplication -Name $metadataSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “MetadataDB” > $null
New-SPMetadataServiceApplicationProxy -Name “$metadataSAName Proxy” -DefaultProxyGroup -ServiceApplication $metadataSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Managed Metadata Web Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Performance Point Service and Proxy…”
New-SPPerformancePointServiceApplication -Name $performancePointSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “PerformancePointDB” > $null
New-SPPerformancePointServiceApplicationProxy -Default -Name “$performancePointSAName Proxy” -ServiceApplication $performancePointSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “PerformancePoint Service”} | Start-SPServiceInstance > $null
##START SEARCH
Write-Host “Creating Search Service and Proxy…”
Write-Host ” Starting Services…”
Start-SPEnterpriseSearchServiceInstance $searchServerName
Start-SPEnterpriseSearchQueryAndSiteSettingsServiceInstance $searchServerName
Write-Host ” Creating Search Application…”
$searchApp = New-SPEnterpriseSearchServiceApplication -Name $searchSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “SearchDB”
$searchInstance = Get-SPEnterpriseSearchServiceInstance $searchServerName
Write-Host ” Creating Administration Component…”
$searchApp | Get-SPEnterpriseSearchAdministrationComponent | Set-SPEnterpriseSearchAdministrationComponent -SearchServiceInstance $searchInstance
##Crawl
Write-Host ” Creating Crawl Component…”
$InitialCrawlTopology = $searchApp | Get-SPEnterpriseSearchCrawlTopology -Active
$CrawlTopology = $searchApp | New-SPEnterpriseSearchCrawlTopology
$CrawlDatabase = ([array]($searchApp | Get-SPEnterpriseSearchCrawlDatabase))[0]
$CrawlComponent = New-SPEnterpriseSearchCrawlComponent -CrawlTopology $CrawlTopology -CrawlDatabase $CrawlDatabase -SearchServiceInstance $searchInstance
$CrawlTopology | Set-SPEnterpriseSearchCrawlTopology -Active
Write-Host -ForegroundColor white ” Waiting for the old crawl topology to become inactive” -NoNewline
do {write-host -NoNewline .;Start-Sleep 6;} while ($InitialCrawlTopology.State -ne “Inactive”)
$InitialCrawlTopology | Remove-SPEnterpriseSearchCrawlTopology -Confirm:$false
Write-Host
##Query
Write-Host ” Creating Query Component…”
$InitialQueryTopology = $searchApp | Get-SPEnterpriseSearchQueryTopology -Active
$QueryTopology = $searchApp | New-SPEnterpriseSearchQueryTopology -Partitions 1
$IndexPartition= (Get-SPEnterpriseSearchIndexPartition -QueryTopology $QueryTopology)
$QueryComponent = New-SPEnterpriseSearchQuerycomponent -QueryTopology $QueryTopology -IndexPartition $IndexPartition -SearchServiceInstance $searchInstance
$PropertyDatabase = ([array]($searchApp | Get-SPEnterpriseSearchPropertyDatabase))[0]
$IndexPartition | Set-SPEnterpriseSearchIndexPartition -PropertyDatabase $PropertyDatabase
$QueryTopology | Set-SPEnterpriseSearchQueryTopology -Active
Write-Host ” Creating Proxy…”
$searchAppProxy = New-SPEnterpriseSearchServiceApplicationProxy -Name “$searchSAName Proxy” -SearchApplication $searchSAName > $null
#####END SEARCH
Write-Host “Creating State Service and Proxy…”
New-SPStateServiceDatabase -Name “StateServiceDB” -DatabaseServer $databaseServerName | New-SPStateServiceApplication -Name $stateSAName | New-SPStateServiceApplicationProxy -Name “$stateSAName Proxy” -DefaultProxyGroup > $null
Write-Host “Creating Secure Store Service and Proxy…”
New-SPSecureStoreServiceapplication -Name $secureStoreSAName -Sharing:$false -DatabaseServer $databaseServerName -DatabaseName “SecureStoreServiceAppDB” -ApplicationPool $saAppPoolName -auditingEnabled:$true -auditlogmaxsize 30 | New-SPSecureStoreServiceApplicationProxy -name “$secureStoreSAName Proxy” -DefaultProxygroup > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Secure Store Service”} | Start-SPServiceInstance > $null
#Write-Host “Creating User Profile Service and Proxy…”
#$userProfileService = New-SPProfileServiceApplication -Name $userProfileSAName -ApplicationPool $saAppPoolName -ProfileDBServer $databaseServerName -#ProfileDBName “ProfileDB” -SocialDBServer $databaseServerName -SocialDBName “SocialDB” -ProfileSyncDBServer $databaseServerName -ProfileSyncDBName “SyncDB”
#New-SPProfileServiceApplicationProxy -Name “$userProfileSAName Proxy” -ServiceApplication $userProfileService -DefaultProxyGroup > $null
#Get-SPServiceInstance | where-object {$_.TypeName -eq “User Profile Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Visio Graphics Service and Proxy…”
New-SPVisioServiceApplication -Name $visioSAName -ApplicationPool $saAppPoolName > $null
New-SPVisioServiceApplicationProxy -Name “$visioSAName Proxy” -ServiceApplication $visioSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Visio Graphics Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Web Analytics Service and Proxy…”
$stagerSubscription = "<StagingDatabases><StagingDatabase ServerName='$databaseServerName' DatabaseName='StagerDB'/></StagingDatabases>"
$reportingSubscription = "<ReportingDatabases><ReportingDatabase ServerName='$databaseServerName' DatabaseName='WarehouseDB'/></ReportingDatabases>"
New-SPWebAnalyticsServiceApplication -Name $WebAnalyticsSAName -ApplicationPool $saAppPoolName -ReportingDataRetention 20 -SamplingRate 100 -ListOfReportingDatabases $reportingSubscription -ListOfStagingDatabases $stagerSubscription > $null
New-SPWebAnalyticsServiceApplicationProxy -Name “$WebAnalyticsSAName Proxy” -ServiceApplication $WebAnalyticsSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Web Analytics Web Service”} | Start-SPServiceInstance > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Web Analytics Data Processing Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Word Conversion Service and Proxy…”
New-SPWordConversionServiceApplication -Name $WordAutomationSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “WordAutomationDB” -Default > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Word Automation Services”} | Start-SPServiceInstance > $null
############################################## End Script
6. Create a two managed accounts, one named for content and used to run your web applications and one named for serviceApps and used to run new Service Applications (e.g. User Profile synch) , Security > configure managed accounts
7. See the surgeon generals WARNING below: and then navigate to C:\Program files\Microsoft Office Servers\14.0\Synchronization Service\MaData using the farm account and make sure the farm account has at least modify via it’s membership in wss_admin_wpg, on this entire path, and it should because it is a member of the wss_admin_wpg group. If that is not the case, open a management shell and type in add-spshelladmin -user domain\myfarmaccount where myfarmaccount Is the name of the farm account that was input during the install, the setup user account (mydomain\mysetupUseraccount) and farm account (mydomain\myFarmer) should already be members.
WARNING: Don’t modify acl’s unless you’re sure you know it wont hurt sharepoint. http://technet.microsoft.com/en-us/library/cc721637(office.12).aspx
NOTE: The Manager Data folder, MaData, will be empty before you configure the service, and after you start the synch and iisreset (see steps below), you’ll be able to drive into it and see two folders and one file, it is at this time, when you see the folders and the file, that you know you are safe to open the UPS and configure it, continue to step 8.
One of the Harbar net pages gives a good example of using ULS viewer to track the user profile install, you really should check that out, if you haven't.
8. Add Allow local login to the Farm Account via secpol.msc > Local Policies > User Rights Assignment > Allow Logon Locally,
9. Add the Farm Account to the Local Admins, too (compmgmt.msc > configuration > Local users and groups > administrators)
10. Log the setup user off, log the farm account on and then off, log back on with the setup user account.
11. right click on your domain in Active directory users and computers > click delegate control > next > add your account that will be used to configure the actual user profile service, later (e.g SP_UserProfiles_FarmName) > Create a custom task to delegate > This folder, existing objects in the folder, and creation of new objects… > next > scroll down, check Replicating Directory Changes (don’t check any other boxes, i.e. don’t check property specific, etc.) > next > finish
There is good info on TechNet about step 11 located here: http://technet.microsoft.com/en-us/library/hh296982.aspx
12. Create a Web Application, call it SharePoint - 80, on port 80,use the content account, and when prompted to create a site collection, you can if you want to, but it’s not needed for this exercise, and wont impact whether your ups will work.
13. Now let’s create, a Metadata UPS Mysite Hub web application. Create another web application, call it SharePoint metadata hub - 9094, or pick a better more professional name, say UPS AD DS Sync, but put it on port xxxx (where xxxx is a number greater than 1024), not on port 80. And run it with the content account, not the farm account.
Note: Metadata UPS Mysite Hub, is not the technical term for it, and some people might laugh at you if you call it that. This Hub, so to speak, is where I roll up the UPS and Metadata site collections. They don’t have to be together, but you do need the metadata site collection and the ups/enterprise mySite site collections up, before you can get UPS to synch up nicely.
PLEASE NOTE: some sites have you create just one site collection, you will eventually split them out as they grow.
14. Once the Web application, is created, create an enterprise mySite Host Site collection in the root, name it after the UPS service Synch (or choose your own nameology).
steps to create the site collection for UPS: Application Management > Site Collections > Create Site Collections > choose the Metadata UPS hub web app that runs on port xxxx > name it, give it an account for the site collection admin, use the same content account that you used when you created the web app, if you want.
15. Create another site collection in the Metadata hub web app, locate this one under a managed path, that you created or under /sites/Meta. Note: You could name the url portion of the site anything you want. Use the Publishing portal site template for this site collection.
16. Open this newly created site, http://myserver.mydomain.com/sites/meta and navigate into site collections features and the site features
(http://myserver.mydomain.com/sites/meta/_layouts/managefeatures.aspx) and insure that content organizer and Metadata navigation and filtering features are activated, copy the url to your metadata hub site. (e.g. http://myserver.mydomain.com/sites/meta)
17. Navigate to Central Admin > Application Management > Service Applications > Manage service applications and click to the right of the Metadata Web Service so that you get an illuminated properties icon in the ribbon, scroll down to the content type hub box and paste in the url to your metadata hub site.
Ok, back to Central Admin, Application Management > Service Applications > manage Services on server > Start the User Profile Service and ask yourself this question “Have I patched this farm to the most current CU if it is SharePoint 2010 RTM?”
18. While still on the manage service applications page, click new > user profile service application > name it > Run it in a new application pool, name the new app pool > it runs under the farm account > the default databases are ok > Paste in the url to your MySite Host site collection, since you created it in the root, this url looks just like the url to the web application, just the protocol, servername and the port (e.g. http://2010SP:9094), click OK.
Note: I’ve had better success if I make sure to leave the / behind the my site host url, and remove it from the My Site managed path, so say no to (/Personal) and say yes to (Personal)
Click Ok,
19. Make sure those permissions for allow local login, local admins, and the path to the Manager Data are correct. Which brings up one more thing about permissions, the account that you’ll use to configure user profile synch after you get through setting it up, the userProfile account need replicate directory changes.
20. Moved in front of step 18
21. Start the User Profile synchronization service, while it is still saying its starting, or after 10 minutes, run IISRESET
22. Navigate to C:\Program Files\Microsoft Office Servers\14.0\Synchronization Service\MaData Refresh this folder, wait, grab a copy of War and Peace, or Slaughterhouse 5, start reading, have a smoke if you smoke, or just go to bed. Either way wait until you see, a folder named ILMMA, MOSS- and a file named UpdateFile
23. Navigate to Manage Service Applications and click on User Profile Service Application.
24. Configure the synchronization connection using the account you gave the replicate directory changes permission. click create new connection and just fill in the form. use the sp_userprofile account, you’re logged into the server at this time with the setup user account because you’re still setting it up.
25. click on configure synch settings choose users only for the first synch, then after you synch just users go back and synch users and groups.
Note: You don't have to install everything, you could just take the code in green below, for the managed metadata service, or you could manually do it.
User Profile Synchronization service application configuration doesn’t have to stress you anymore. And most of what you are about to read is adapted from HarbarNet, from the post that is\was located at this URL: http://www.harbar.net/articles/sp2010ups.aspx and from TechNet
Here are the steps adapted from Spence Harbar’s blog and parts of TechNet:
1. Install SharePoint in a whatever farm topology, use a setup user account to run the install, this user is a local admin
2. When you get to the screen that asks for the account that will connect to the back end database, enter the name of the server, not the FQDN. Enter Myserver, not Myserver.mydomain.com
3. Enter the account name for the Farm Account (DOMAIN\My_Farmer). Note: this is not the setup user account,
4. After the farm installs, patch it to the most current cumulative update (note: this was needed for SharePoint 2010 RTM, and is not the case with 2013): http://technet.microsoft.com/en-us/sharepoint/bb735839.aspx
5. After the farm is updated and you’re still logged in with the setup user account, save this text into a file with a .ps1 extension
Click here to watch a video of this script
#####################################################
This script replicates most of the functionality found in the SharePoint Products Configuration Wizard with the EXCEPTION of the USER PROFILE SERVICE
original content for what follows - located here: http://technet.microsoft.com/en-us/library/gg983005%28v=office.14%29.aspx
#####################################################
Add-PSSnapin Microsoft.SharePoint.PowerShell -erroraction SilentlyContinue
## Settings you may want to change ##
$databaseServerName = “2010SQL”
$searchServerName = “2010WEB1” #Front end Server that will run central admin, the server you’re on right now
$saAppPoolName = “SharePoint Web Services Default”
$appPoolUserName = “DOMAIN\MyFarmer” #farm admin account for Timer and Central admin, check that both services are running under this account before
# running this script
## Service Application Service Names ##
$accesssSAName = “Access Services”
$bcsSAName = “Business Data Connectivity Service”
$excelSAName = “Excel Services Application”
$metadataSAName = “Managed Metadata Web Service”
$performancePointSAName = “PerformancePoint Service”
$searchSAName = “SharePoint Server Search”
$stateSAName = “State Service”
$secureStoreSAName = “Secure Store Service”
$usageSAName = “Usage and Health Data Collection Service”
$userProfileSAName = “User Profile Synchronization Service”
$visioSAName = “Visio Graphics Service”
$WebAnalyticsSAName = “Web Analytics Service”
$WordAutomationSAName = “Word Automation Services”
$saAppPool = Get-SPServiceApplicationPool -Identity $saAppPoolName -EA 0
if($saAppPool -eq $null)
{
Write-Host “Creating Service Application Pool…”
$appPoolAccount = Get-SPManagedAccount -Identity $appPoolUserName -EA 0
if($appPoolAccount -eq $null)
{
Write-Host “Please supply the password for the Service Account…”
$appPoolCred = Get-Credential $appPoolUserName
$appPoolAccount = New-SPManagedAccount -Credential $appPoolCred -EA 0
}
$appPoolAccount = Get-SPManagedAccount -Identity $appPoolUserName -EA 0
if($appPoolAccount -eq $null)
{
Write-Host “Cannot create or find the managed account $appPoolUserName, please ensure the account exists.”
Exit -1
}
New-SPServiceApplicationPool -Name $saAppPoolName -Account $appPoolAccount -EA 0 > $null
}
Write-Host “Creating Usage Service and Proxy…”
$serviceInstance = Get-SPUsageService
New-SPUsageApplication -Name $usageSAName -DatabaseServer $databaseServerName -DatabaseName “UsageDB” -UsageService $serviceInstance > $null
Write-Host “Creating Access Services and Proxy…”
New-SPAccessServiceApplication -Name $accesssSAName -ApplicationPool $saAppPoolName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Access Database Service”} | Start-SPServiceInstance > $null
Write-Host “Creating BCS Service and Proxy…”
New-SPBusinessDataCatalogServiceApplication -Name $bcsSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “BusinessDataCatalogDB” > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Business Data Connectivity Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Excel Service…”
New-SPExcelServiceApplication -name $excelSAName –ApplicationPool $saAppPoolName > $null
Set-SPExcelFileLocation -Identity “http://” -ExcelServiceApplication $excelSAName -ExternalDataAllowed 2 -WorkbookSizeMax 10 -WarnOnDataRefresh:$true
Get-SPServiceInstance | where-object {$_.TypeName -eq “Excel Calculation Services”} | Start-SPServiceInstance > $null
Write-Host “Creating Metadata Service and Proxy…”
New-SPMetadataServiceApplication -Name $metadataSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “MetadataDB” > $null
New-SPMetadataServiceApplicationProxy -Name “$metadataSAName Proxy” -DefaultProxyGroup -ServiceApplication $metadataSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Managed Metadata Web Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Performance Point Service and Proxy…”
New-SPPerformancePointServiceApplication -Name $performancePointSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “PerformancePointDB” > $null
New-SPPerformancePointServiceApplicationProxy -Default -Name “$performancePointSAName Proxy” -ServiceApplication $performancePointSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “PerformancePoint Service”} | Start-SPServiceInstance > $null
##START SEARCH
Write-Host “Creating Search Service and Proxy…”
Write-Host ” Starting Services…”
Start-SPEnterpriseSearchServiceInstance $searchServerName
Start-SPEnterpriseSearchQueryAndSiteSettingsServiceInstance $searchServerName
Write-Host ” Creating Search Application…”
$searchApp = New-SPEnterpriseSearchServiceApplication -Name $searchSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “SearchDB”
$searchInstance = Get-SPEnterpriseSearchServiceInstance $searchServerName
Write-Host ” Creating Administration Component…”
$searchApp | Get-SPEnterpriseSearchAdministrationComponent | Set-SPEnterpriseSearchAdministrationComponent -SearchServiceInstance $searchInstance
##Crawl
Write-Host ” Creating Crawl Component…”
$InitialCrawlTopology = $searchApp | Get-SPEnterpriseSearchCrawlTopology -Active
$CrawlTopology = $searchApp | New-SPEnterpriseSearchCrawlTopology
$CrawlDatabase = ([array]($searchApp | Get-SPEnterpriseSearchCrawlDatabase))[0]
$CrawlComponent = New-SPEnterpriseSearchCrawlComponent -CrawlTopology $CrawlTopology -CrawlDatabase $CrawlDatabase -SearchServiceInstance $searchInstance
$CrawlTopology | Set-SPEnterpriseSearchCrawlTopology -Active
Write-Host -ForegroundColor white ” Waiting for the old crawl topology to become inactive” -NoNewline
do {write-host -NoNewline .;Start-Sleep 6;} while ($InitialCrawlTopology.State -ne “Inactive”)
$InitialCrawlTopology | Remove-SPEnterpriseSearchCrawlTopology -Confirm:$false
Write-Host
##Query
Write-Host ” Creating Query Component…”
$InitialQueryTopology = $searchApp | Get-SPEnterpriseSearchQueryTopology -Active
$QueryTopology = $searchApp | New-SPEnterpriseSearchQueryTopology -Partitions 1
$IndexPartition= (Get-SPEnterpriseSearchIndexPartition -QueryTopology $QueryTopology)
$QueryComponent = New-SPEnterpriseSearchQuerycomponent -QueryTopology $QueryTopology -IndexPartition $IndexPartition -SearchServiceInstance $searchInstance
$PropertyDatabase = ([array]($searchApp | Get-SPEnterpriseSearchPropertyDatabase))[0]
$IndexPartition | Set-SPEnterpriseSearchIndexPartition -PropertyDatabase $PropertyDatabase
$QueryTopology | Set-SPEnterpriseSearchQueryTopology -Active
Write-Host ” Creating Proxy…”
$searchAppProxy = New-SPEnterpriseSearchServiceApplicationProxy -Name “$searchSAName Proxy” -SearchApplication $searchSAName > $null
#####END SEARCH
Write-Host “Creating State Service and Proxy…”
New-SPStateServiceDatabase -Name “StateServiceDB” -DatabaseServer $databaseServerName | New-SPStateServiceApplication -Name $stateSAName | New-SPStateServiceApplicationProxy -Name “$stateSAName Proxy” -DefaultProxyGroup > $null
Write-Host “Creating Secure Store Service and Proxy…”
New-SPSecureStoreServiceapplication -Name $secureStoreSAName -Sharing:$false -DatabaseServer $databaseServerName -DatabaseName “SecureStoreServiceAppDB” -ApplicationPool $saAppPoolName -auditingEnabled:$true -auditlogmaxsize 30 | New-SPSecureStoreServiceApplicationProxy -name “$secureStoreSAName Proxy” -DefaultProxygroup > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Secure Store Service”} | Start-SPServiceInstance > $null
#Write-Host “Creating User Profile Service and Proxy…”
#$userProfileService = New-SPProfileServiceApplication -Name $userProfileSAName -ApplicationPool $saAppPoolName -ProfileDBServer $databaseServerName -#ProfileDBName “ProfileDB” -SocialDBServer $databaseServerName -SocialDBName “SocialDB” -ProfileSyncDBServer $databaseServerName -ProfileSyncDBName “SyncDB”
#New-SPProfileServiceApplicationProxy -Name “$userProfileSAName Proxy” -ServiceApplication $userProfileService -DefaultProxyGroup > $null
#Get-SPServiceInstance | where-object {$_.TypeName -eq “User Profile Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Visio Graphics Service and Proxy…”
New-SPVisioServiceApplication -Name $visioSAName -ApplicationPool $saAppPoolName > $null
New-SPVisioServiceApplicationProxy -Name “$visioSAName Proxy” -ServiceApplication $visioSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Visio Graphics Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Web Analytics Service and Proxy…”
$stagerSubscription = "<StagingDatabases><StagingDatabase ServerName='$databaseServerName' DatabaseName='StagerDB'/></StagingDatabases>"
$reportingSubscription = "<ReportingDatabases><ReportingDatabase ServerName='$databaseServerName' DatabaseName='WarehouseDB'/></ReportingDatabases>"
New-SPWebAnalyticsServiceApplication -Name $WebAnalyticsSAName -ApplicationPool $saAppPoolName -ReportingDataRetention 20 -SamplingRate 100 -ListOfReportingDatabases $reportingSubscription -ListOfStagingDatabases $stagerSubscription > $null
New-SPWebAnalyticsServiceApplicationProxy -Name “$WebAnalyticsSAName Proxy” -ServiceApplication $WebAnalyticsSAName > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Web Analytics Web Service”} | Start-SPServiceInstance > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Web Analytics Data Processing Service”} | Start-SPServiceInstance > $null
Write-Host “Creating Word Conversion Service and Proxy…”
New-SPWordConversionServiceApplication -Name $WordAutomationSAName -ApplicationPool $saAppPoolName -DatabaseServer $databaseServerName -DatabaseName “WordAutomationDB” -Default > $null
Get-SPServiceInstance | where-object {$_.TypeName -eq “Word Automation Services”} | Start-SPServiceInstance > $null
############################################## End Script
6. Create a two managed accounts, one named for content and used to run your web applications and one named for serviceApps and used to run new Service Applications (e.g. User Profile synch) , Security > configure managed accounts
7. See the surgeon generals WARNING below: and then navigate to C:\Program files\Microsoft Office Servers\14.0\Synchronization Service\MaData using the farm account and make sure the farm account has at least modify via it’s membership in wss_admin_wpg, on this entire path, and it should because it is a member of the wss_admin_wpg group. If that is not the case, open a management shell and type in add-spshelladmin -user domain\myfarmaccount where myfarmaccount Is the name of the farm account that was input during the install, the setup user account (mydomain\mysetupUseraccount) and farm account (mydomain\myFarmer) should already be members.
WARNING: Don’t modify acl’s unless you’re sure you know it wont hurt sharepoint. http://technet.microsoft.com/en-us/library/cc721637(office.12).aspx
NOTE: The Manager Data folder, MaData, will be empty before you configure the service, and after you start the synch and iisreset (see steps below), you’ll be able to drive into it and see two folders and one file, it is at this time, when you see the folders and the file, that you know you are safe to open the UPS and configure it, continue to step 8.
One of the Harbar net pages gives a good example of using ULS viewer to track the user profile install, you really should check that out, if you haven't.
8. Add Allow local login to the Farm Account via secpol.msc > Local Policies > User Rights Assignment > Allow Logon Locally,
9. Add the Farm Account to the Local Admins, too (compmgmt.msc > configuration > Local users and groups > administrators)
10. Log the setup user off, log the farm account on and then off, log back on with the setup user account.
11. right click on your domain in Active directory users and computers > click delegate control > next > add your account that will be used to configure the actual user profile service, later (e.g SP_UserProfiles_FarmName) > Create a custom task to delegate > This folder, existing objects in the folder, and creation of new objects… > next > scroll down, check Replicating Directory Changes (don’t check any other boxes, i.e. don’t check property specific, etc.) > next > finish
There is good info on TechNet about step 11 located here: http://technet.microsoft.com/en-us/library/hh296982.aspx
12. Create a Web Application, call it SharePoint - 80, on port 80,use the content account, and when prompted to create a site collection, you can if you want to, but it’s not needed for this exercise, and wont impact whether your ups will work.
13. Now let’s create, a Metadata UPS Mysite Hub web application. Create another web application, call it SharePoint metadata hub - 9094, or pick a better more professional name, say UPS AD DS Sync, but put it on port xxxx (where xxxx is a number greater than 1024), not on port 80. And run it with the content account, not the farm account.
Note: Metadata UPS Mysite Hub, is not the technical term for it, and some people might laugh at you if you call it that. This Hub, so to speak, is where I roll up the UPS and Metadata site collections. They don’t have to be together, but you do need the metadata site collection and the ups/enterprise mySite site collections up, before you can get UPS to synch up nicely.
PLEASE NOTE: some sites have you create just one site collection, you will eventually split them out as they grow.
14. Once the Web application, is created, create an enterprise mySite Host Site collection in the root, name it after the UPS service Synch (or choose your own nameology).
steps to create the site collection for UPS: Application Management > Site Collections > Create Site Collections > choose the Metadata UPS hub web app that runs on port xxxx > name it, give it an account for the site collection admin, use the same content account that you used when you created the web app, if you want.
15. Create another site collection in the Metadata hub web app, locate this one under a managed path, that you created or under /sites/Meta. Note: You could name the url portion of the site anything you want. Use the Publishing portal site template for this site collection.
16. Open this newly created site, http://myserver.mydomain.com/sites/meta and navigate into site collections features and the site features
(http://myserver.mydomain.com/sites/meta/_layouts/managefeatures.aspx) and insure that content organizer and Metadata navigation and filtering features are activated, copy the url to your metadata hub site. (e.g. http://myserver.mydomain.com/sites/meta)
17. Navigate to Central Admin > Application Management > Service Applications > Manage service applications and click to the right of the Metadata Web Service so that you get an illuminated properties icon in the ribbon, scroll down to the content type hub box and paste in the url to your metadata hub site.
Ok, back to Central Admin, Application Management > Service Applications > manage Services on server > Start the User Profile Service and ask yourself this question “Have I patched this farm to the most current CU if it is SharePoint 2010 RTM?”
18. While still on the manage service applications page, click new > user profile service application > name it > Run it in a new application pool, name the new app pool > it runs under the farm account > the default databases are ok > Paste in the url to your MySite Host site collection, since you created it in the root, this url looks just like the url to the web application, just the protocol, servername and the port (e.g. http://2010SP:9094), click OK.
Note: I’ve had better success if I make sure to leave the / behind the my site host url, and remove it from the My Site managed path, so say no to (/Personal) and say yes to (Personal)
Click Ok,
19. Make sure those permissions for allow local login, local admins, and the path to the Manager Data are correct. Which brings up one more thing about permissions, the account that you’ll use to configure user profile synch after you get through setting it up, the userProfile account need replicate directory changes.
20. Moved in front of step 18
21. Start the User Profile synchronization service, while it is still saying its starting, or after 10 minutes, run IISRESET
22. Navigate to C:\Program Files\Microsoft Office Servers\14.0\Synchronization Service\MaData Refresh this folder, wait, grab a copy of War and Peace, or Slaughterhouse 5, start reading, have a smoke if you smoke, or just go to bed. Either way wait until you see, a folder named ILMMA, MOSS- and a file named UpdateFile
23. Navigate to Manage Service Applications and click on User Profile Service Application.
24. Configure the synchronization connection using the account you gave the replicate directory changes permission. click create new connection and just fill in the form. use the sp_userprofile account, you’re logged into the server at this time with the setup user account because you’re still setting it up.
25. click on configure synch settings choose users only for the first synch, then after you synch just users go back and synch users and groups.
No comments:
Post a Comment
Thanks for commenting, if you have a question and want a reply, please post it on TechNet forums and reference this blog, or navigate to www.SharePointPapa.com and post it there, all of these blog posts and more are on my SharePoint Papa site.