Installing SharePoint Server 2016 – Part 6

Configuring SharePoint Farm for SharePoint Hosted Add-Ins

Not much has been changed for Apps other than the fact that they are now called Add-Ins. The configuration remain the same.

1. Need to setup an Apps Domain for SharePoint Apps (Zone)

2. Need a certificate for app domain

3. Perform App Configuration on Central Administration

4. Creating App Catalog Site collection,

5. Uploading and adding an Add-In

Creating App Domain for Add-Ins

SharePoint hosted Add-Ins require a unique app domain. You must create a new Zone in DNS for you farm. If you have multiple farms in your environment, you can create root domain and then a sub domain for every farm. It is fully supported by Microsoft.

1. Login to Domain Controller VM

2. Open DNS Manager – Right Click on Forward Lookup Zones – New Zone

3. Click Next

image

4. Choose Primary Zone – Click Next

image

5. Click Next.

image

6. Type In your App domain. I am using contoso16appscom

image

7. Choose do not allow auto updates. Click Next

image

8. Click Finish

image

9. Expand the Forward Lookup Zones – Right click on contoso16apps.com – New CNAME

image

10. Alias Name type * (Asterisk) – Click Browse – Double Click on Your Domain Controller Name – Forward Lookup Zone – Contoso.com – Select the SharePoint box and Click OK.

image

image

image

image

image

11. Click OK

12. Open PowerShell or command prompt and type the following

13. Ping app-1234.contoso16apps.com

image

14. Just to make sure try the same from SharePoint Box as well.

15. Now let’s complete the App Configuration

16. Open SharePoint Central Administration – Apps – Configure App URLs

image

17. To Fix the above error, I check if both App Management and Subscription Settings services are running.

Get-SPServiceInstance | ? TypeName -like “*Subscription*” | Select Id, TypeName

Get-SPServiceInstance | ? TypeName -like “*App Management*” | Select Id, TypeName

image

18. Then I check if both App Management and Subscription settings service application exist

Get-SPServiceApplication | ? TypeName -like “*Subscription*” | Select Id, TypeName

Get-SPServiceApplication | ? TypeName -like “*App Management*” | Select Id, TypeName

image

19. The result showed that I do not have the subscription settings service application. I used the script below to create it.

$AppPool = Get-SPServiceApplicationPool “SharePoint Web Services Default”

$Subscription = New-SPSubscriptionSettingsServiceApplication -Name “Subscription Settings” -DatabaseName “2016_Subscription” -ApplicationPool $AppPool -Verbose

New-SPSubscriptionSettingsServiceApplicationProxy -ServiceApplication $Subscription

20. Went back to Configure apps page and refresh

image

21. Now Type the app domain and App prefix and click OK.

22. Now Click on Manage App Catalog – Select the portal web application – Click OK.

image

23. Click OK after create a new app catalog site.

image

24. Type the site collection name, description and URL

image

25. Type in Primary site collection Admin and end users group name. Everyone to give all users access to apps. Click OK.

image

26. Once the site is created click on Link to Open in new tab.

image

27. Click on Apps for SharePoint – Click Upload – Select and Add-In file and click Upload. Enter apps title and click OK.

image

28. You can find the sample app here

image

Adding an Add-In to SharePoint Site.

First Open Management Shell as Administrator – type iisreset and press enter.

image

Open SharePoint Site – Click on Site Contents – Add an App – Select From your organization – App 4

Click Trust IT

image

image

Now click on the App – You will see the Certificate Error. We will resolve this error in the next step.

image

Clicking on Continue to this website will prompt for authentication.

image

image

App Configuration is complete. We will now request a certificate.

Creating a Certificate for App Domain

There are two options for certificate one is self-signed certificate and then using a certificate from Certificate authority. For some reason I did not liked self-signed certificate. I always configure enterprise certificate store in my lab. Creating a Certificate Authority in a Lab is very easy process. Please find the blog post below on how to set it up.

Installing an Enterprise Certificate Authority in Windows Server 2012

http://www.vkernel.ro/blog/installing-an-enterprise-certificate-authority-in-windows-server-2012

Once you have installed and configured the Certificate Authority, the next step would be to create a certificate template. We will create this template by duplicating the web server template. We will then make sure this template has permissions for domain computers to enroll, private key is exportable. We will then issue the template. Let’s do that.

Login to Domain Controller – Server Manager – Click Certificate Authority

image

Right Click on Certificate Template – Manage

image

Right Click on Web Server template – Duplicate Template

image

Certificate Template Console will open

Enter Template Display Name and validity Period from General Tab, from Request Handling “Allow private key to be exported”.

Do not choose 5 years. 2 years are good 🙂

image

image

Click on Security Tab -> Add Type “Domain Computers” – Choose Enroll – Authenticated Users – Enroll

image

image

Click OK. Minimize Certificate Template Console

In Certificate Authority Console – Right Click on Certificate Templates – New – Certificate Template to Issue

image

Choose SharePoint template that we created

image

Our template is now complete. Let’s request a new certificate for apps.

Search MMC from start screen and Open MMC

image

Click Add Snapin – Certificates – Add – Computer Accounts – Next – Finish – OK

Right Click on Personal – All Tasks – Request New Certificates

image

Click Next – Next – Click ON More information link next to sharePoint2016 Cert Template.

image

Select Common Name – type *.contoso16apps.com – Click Add

image

Select DNS – type *.contoso16apps.com – Click Add

image

From General type Friendly Name and Description – Click Apply OK.

image

Select the certificate template and click Enroll

image

image

Right Click – All Tasks – Export – Next

 image

image

Yes, export the private key – Next

image  

Click Next

image

Check the password checkbox and click Next.

image

Click Browse and provide the File name and Click Save.

image

Click Next and Finish.

image

Copy the Certificate to SharePoint VM.

Assign Apps Certificate to No Host Header Web Application

Open IIS Manager

image

Click on Server Node – Double Click on Server Certificates – Import – Select the new exported certificate – Select the certificate – enter password and click OK.

image

Right click on No Host Header Web App – Edit Bindings

image

Click Edit – Select the new Apps SSL – Click OK – Close

image

image

Go back to page where the app was loaded and click Refresh

image

Certificate Error is now gone.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s