zettelkasten/OneNoteExport/Kommunikationstechnologie/Sharepoint/Infrastruktur/28_BKKSPTWM001.md

BKKSPTWM001

Mittwoch, 5. Dezember 2018

10:58

 

BS 2016 STD

CPU 1

MEM 4 GB

C = 80 GB

IP = 10.96.73.121

 

 

WM Manager 1.0 Version 1.1.11208.2

 

 

1.  Download der Files.

>  

2.  Auf dem WF Server den WebPlattformInstaller (WebPlatformInstaller_amd64_en-US) installieren.

>  
>
>  

3.  Installationsbefehle in der CMD as admin für die restliche Installation:

-   WebpiCmd.exe /Install /Products:ServiceBus /XML:C:\\Install\\Workflowmanager-offline\\ServiceBus\\feeds\\latest\\webproductlist.xml /AcceptEula /SuppressPostFinish

-   WebpiCmd.exe /Install /Products:WorkflowClient /XML:C:\\Install\\Workflowmanager-offline\\WorkflowClient\\feeds\\latest\\webproductlist.xml

-   WebpiCmd.exe /Install /Products:WorkflowManagerRefresh /XML:C:\\Install\\Workflowmanager-offline\\WorkflowManagerRefresh\\feeds\\latest\\webproductlist.xml

-   WebpiCmd.exe /Install /Products:WorkflowCU5 /XML:C:\\Install\\Workflowmanager-offline\\WorkflowCU5\\feeds\\latest\\webproductlist.xml

>  
>
> Service Account (svc-sptWorkflowM) zur lokalen Administrator Gruppe hinzugefügt.
>
>  
>
> Danach den WF konfigurieren.

[ZU prüfen]{.mark}

-   Verwendung von SSL zwischen WF und SQL

 

2 Farm Verbinden :

Register-SPWorkflowService -SPSite <https://mobilnet-sptest.bkk-mobiloil.de> -WorkflowHostUri <https://bkksptwm001.bkk-mobiloil.de:12290> **-ScopeName SPTEST**

 

 

Hier mal ein generelles Beispiel :

Register-SPWorkflowService

    -SPSite <https://farmb.corp.local>

    -WorkflowHostUri <https://wffarm.corp.local:12290>

    -ScopeName FarmB

 

Aus \<<http://www.wictorwilen.se/sharing-a-workflow-manager-1.0-farm-between-multiple-sharepoint-2013-farms>\>

 

 

Summary der Installation:

 

Configuration for Workflow Manager

Management Database SQL Instance        sqlsharepointt\\sqlsharepointt

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Management Database Name        WFManagementDB

Instance Management Database SQL Instance        sqlsharepointt\\sqlsharepointt

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Instance Management Database Name        WFInstanceManagementDB

Resource Management Database SQL Instance        sqlsharepointt\\sqlsharepointt

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Resource Management Database Name        WFResourceManagementDB

RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password        \*\*\*\*\*\*\*\*\*\*\*

Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\*

Workflow Manager Outbound Signing Certificate        Auto-generated

Service SSL Certificate        Auto-generated

Encryption Certificate        Auto-generated

Workflow Manager Management Port        12290

HTTP Port        Disabled

Enable firewall rules on this computer        True

Administrators Group        BUILTIN\\Administrators

Configuration for Service Bus

Management Database SQL Instance        sqlsharepointt\\sqlsharepointt

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Management Database Name        SbManagementDB

Gateway Database SQL Instance        sqlsharepointt\\sqlsharepointt

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Gateway Database Name        SbGatewayDatabase

Message Container SQL Instance        sqlsharepointt\\sqlsharepointt

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Message Container Database Name        SBMessageContainer01

RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password        \*\*\*\*\*\*\*\*\*\*\*

Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\*

Farm Certificate        Auto-generated

Encryption Certificate        Auto-generated

HTTPS Port        9355

TCP Port        9354

Message Broker Port        9356

Internal Communication Port Range        9000 - 9004

Enable firewall rules on this computer        True

Administrators Group        BUILTIN\\Administrators

 

 

 

\# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.

 

\# Create new SB Farm

\$SBCertificateAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with Service Bus Certificate Auto-generation key \*\*\*\*\*\*\' -Verbose;

 

 

New-SBFarm -SBFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SbManagementDB;Integrated Security=True;Encrypt=False\' -InternalPortRangeStart 9000 -TcpPort 9354 -MessageBrokerPort 9356 -RunAsAccount \'svc-sptWorkflowM@BKK-MOBILOIL\' -AdminGroup \'BUILTIN\\Administrators\' -GatewayDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SbGatewayDatabase;Integrated Security=True;Encrypt=False\' -CertificateAutoGenerationKey \$SBCertificateAutoGenerationKey -MessageContainerDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SBMessageContainer01;Integrated Security=True;Encrypt=False\' -Verbose;

 

\# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.

 

\# Create new WF Farm

\$WFCertAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with Workflow Manager Certificate Auto-generation key \*\*\*\*\*\*\' -Verbose;

 

 

New-WFFarm -WFFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False\' -RunAsAccount \'svc-sptWorkflowM@BKK-MOBILOIL\' -AdminGroup \'BUILTIN\\Administrators\' -HttpsPort 12290 -HttpPort 12291 -InstanceDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFInstanceManagementDB;Integrated Security=True;Encrypt=False\' -ResourceDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFResourceManagementDB;Integrated Security=True;Encrypt=False\' -CertificateAutoGenerationKey \$WFCertAutoGenerationKey -Verbose;

 

\# Add SB Host

\$SBRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with RunAs Password for Service Bus \*\*\*\*\*\*\' -Verbose;

 

 

Add-SBHost -SBFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SbManagementDB;Integrated Security=True;Encrypt=False\' -RunAsPassword \$SBRunAsPassword -EnableFirewallRules \$true -CertificateAutoGenerationKey \$SBCertificateAutoGenerationKey -Verbose;

 

Try

{

\# Create new SB Namespace

New-SBNamespace -Name \'WorkflowDefaultNamespace\' -AddressingScheme \'Path\' -ManageUsers \'svc-sptWorkflowM@BKK-MOBILOIL\',\'admin-kbe@BKK-MOBILOIL\' -Verbose;

 

Start-Sleep -s 90

}

Catch \[system.InvalidOperationException\]

{

}

 

\# Get SB Client Configuration

\$SBClientConfiguration = Get-SBClientConfiguration -Namespaces \'WorkflowDefaultNamespace\' -Verbose;

 

\# Add WF Host

\$WFRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with RunAs Password for Workflow Manager \*\*\*\*\*\*\' -Verbose;

 

 

Add-WFHost -WFFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False\' -RunAsPassword \$WFRunAsPassword -EnableFirewallRules \$true -SBClientConfiguration \$SBClientConfiguration -CertificateAutoGenerationKey \$WFCertAutoGenerationKey -Verbose;

 

 

 

 

 

 

![Computergenerierter Alternativtext: WORKFLOW MANAGER CONFIGURATION WIZARD Workflow Manager Configuration Workfc•x Manager tarm uses the tollowing databases, certif•tes. potls Default Values have ten prcvfded. Configure Farm Management Database SQL SERVER INSTANCE SPT-workf10wM \@Advanced Options Enab\'e SSL cor-,necticn With SQL Semer instarce @ Windows Authentication C) SQL Server Authentication SbOVe SQL DATABASE NAME Configure Instance Management Database SQL SERVER INSTANCE SPT•workflowM DATA3ASE NAME ](media/image1.png){width="6.510416666666667in" height="6.322916666666667in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:04

 

 

![Computergenerierter Alternativtext: Configure Instance Management Database SQL SERVER INSTANCE SPT-workflowM DATABASE MAME SPT-WFlnstanceManagementDB Configure Resource Management Database SQL SERVER INSTANCE SPT-workflowM DATABASE NAME SPT -W F Re Source Management OB Con figure Service Account Ilo User whi.ch the Services will ran (RunAs \"Sing the fomnat • for the same are every time youjoin ccmpLAer to the %brkfow USER ID ](media/image2.png){width="6.520833333333333in" height="4.614583333333333in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:05

 

 

 

![Computergenerierter Alternativtext: Configure Service Account User account ur•der which the serv•ices will run (RunAs Account) using the formet • domainlvser or User@domain\'.Credertials for the same are required ever•/ time join a compLfter to the Manage farm\_ USER ID svc-sptworkf10wM@BKK-MOBlL01L Configure Certificates Workfo-\* Manager requires SSL and cutt»ound signing cetificates. To Provide custom ce:tifcat--- urcheck the Auto-generate Auto-generate CERTIFICATE GENERATION KEY This Qy is required ever,\' time you joh a computer to the WorkfO\* Manage tarn-. CONHRM CERTIncATE GENERATION KEY ](media/image3.png){width="6.5in" height="4.458333333333333in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:06

 

 

![Computergenerierter Alternativtext: Configure Ports WORKFLOW MANAGER MANAGEMENT PORT Port on \*fich Workflow Manager Listens for management requests. The uns---zured HTTP or whi•ch Manöger Listens for managemert requests. Note that this feature Should not en abled in produ•ction 12291 Ü Allow Workflow management over HTTP on this computer v.l Enable firewall rules on this computer Configure Admin Group Thi; group Will be granted access to the databases as of the Workflow Manager You must restart this CCM2uter f \"ministr&tOrS grcup iS Cf thiS ](media/image4.png){width="6.489583333333333in" height="3.9895833333333335in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:06

 

ServiceBus Config

 

 

![Computergenerierter Alternativtext: WORKFLOW MANAGER CONFIGURATION WIZARD Service Bus Configuration Workfcw Manager uns on a Service Bus deployment. Semice Bus uses the following databases. certifotes, and pcrts. Detauit values have been prcmded. Configure Farm Management Database SQL SERVER INSTANCE spr-workflcwv DATABASE NAME SPT-SBManagementDB Configure Gateway Database SQL SERVER INSTANCE SPT-workflowM DATA3ASE NAME Configure Message Container Database SQL SERVER INSTANCE SPT-workflcwM ](media/image5.png){width="6.802083333333333in" height="6.3125in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:09

 

 

![Computergenerierter Alternativtext: Configure Message Container Database SQL SERVER INSTANCE SPT•workflcwM DATA3ASE NAME SPT-SBMessagecontainer01 Configure Service Account User Raunt ur%er whith the serViCe-S Wil\' (Run\" uSing the formet •user@domain\'.CredertiSSfor sarr,e are reguireC every time ycu jain computer to the Service farrr„ D Use the same semice account credentials as provided for Workflow Manager USER ID svc-sptServiceBus@BKK-MOBlLOlL Configure Certificate ](media/image6.png){width="6.65625in" height="4.25in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:16

 

 

![Computergenerierter Alternativtext: Configure Certificate Serwce Bus requires a rarm ceftifcate. To provide a custom ceftifcat« uncheck tre Auto-generate Option. Auto-generate CERTIFZATE GENERATION KEY This key is requiret every time youjoin a computer to the Service Bus fam. Use the same certificate generation key as provided for Workflow Manager Configure Ports SSL acce-ssWe for a Service Bus 9355 Network- PCtt for Service Bus 9354 MESSAGE 3ROKER PORT rnis gort is useC tor message brc• pott communication ](media/image7.png){width="6.520833333333333in" height="4.03125in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:16

 

 

![Computergenerierter Alternativtext: TCP PORT Network- PCtt for Service Bus 9354 MESSAGE 3ROKE_R PQRT This is used tor message brcker pott commonication 9356 INTERNAL COMMUNICATION PORT RANGE Port rar,ge useC for communicat\'on ætween Service Bus comp•ters in the fum The port here is the starting oort fc•\' range ot 5 ports. Enable firewall rules on this computer Configure Admin Group Thi; user group Nil be acce-ss to the databases as Of the Service Bus You must restart fiiscom%Jter if administratarS iS Created Cf thiS eanfguation bkk-mobiloiNSG-SPT-WFAdmin ](media/image8.png){width="6.260416666666667in" height="4.229166666666667in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 14:17

 

Configuration for Workflow Manager

Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Management Database Name        SPT-WFManagementDB

Instance Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Instance Management Database Name        SPT-WFInstanceManagementDB

Resource Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Resource Management Database Name        SPT-WFResourceManagementDB

RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password        \*\*\*\*\*\*\*\*\*\*\*

Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\*

Workflow Manager Outbound Signing Certificate        Auto-generated

Service SSL Certificate        Auto-generated

Encryption Certificate        Auto-generated

Workflow Manager Management Port        12290

HTTP Port        Disabled

Enable firewall rules on this computer        True

Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin

Configuration for Service Bus

Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Management Database Name        SPT-SBManagementDB

Gateway Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Gateway Database Name        SPT-SBGatewayDatabase

Message Container SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Message Container Database Name        SPT-SBMessageContainer01

RunAs Account        svc-sptServiceBus@BKK-MOBILOIL

RunAs Password        \*\*\*\*\*\*\*\*\*\*\*

Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\*

Farm Certificate        Auto-generated

Encryption Certificate        Auto-generated

HTTPS Port        9355

TCP Port        9354

Message Broker Port        9356

Internal Communication Port Range        9000 - 9004

Enable firewall rules on this computer        True

Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin

 

Configuration for Workflow Manager

Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Management Database Name        SPT-WFManagementDB

Instance Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Instance Management Database Name        SPT-WFInstanceManagementDB

Resource Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Resource Management Database Name        SPT-WFResourceManagementDB

RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password        \*\*\*\*\*\*\*\*\*\*\*

Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\*

Workflow Manager Outbound Signing Certificate        Auto-generated

Service SSL Certificate        Auto-generated

Encryption Certificate        Auto-generated

Workflow Manager Management Port        12290

HTTP Port        Disabled

Enable firewall rules on this computer        True

Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin

Configuration for Service Bus

Management Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Management Database Name        SPT-SBManagementDB

Gateway Database SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Gateway Database Name        SPT-SBGatewayDatabase

Message Container SQL Instance        SPT-WorkflowM

Enable SSL connection with SQL Server instance        False

Authentication        Windows Authentication

Message Container Database Name        SPT-SBMessageContainer01

RunAs Account        svc-sptServiceBus@BKK-MOBILOIL

RunAs Password        \*\*\*\*\*\*\*\*\*\*\*

Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\*

Farm Certificate        Auto-generated

Encryption Certificate        Auto-generated

HTTPS Port        9355

TCP Port        9354

Message Broker Port        9356

Internal Communication Port Range        9000 - 9004

Enable firewall rules on this computer        True

Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin

\<\<Log.txt\>\>

Register-SPWorkflowService -spsite \"<https://portal-spt.bkk-mobiloil.de/sites/SPD>\" -WorkflowHos

tUri \"<https://bkksptwm001.bkk-mobiloil.de:12290>\" -ScopeName spt

 

 

Alle Accounts der SG-SPT-WFAdmin

![Computergenerierter Alternativtext: Eigenschaften von SG-SPT-WFAdrnin • RkO dg-SptAdrnÉI svc-spt \"tgieder \'At\$ed von Actrve bkknobiloifeiVOk4dm-,3 bkk bi i d bkkqnoblo\' bkk•nobibi s ](media/image9.png){width="3.6979166666666665in" height="4.604166666666667in"}

 

Erfasster Bildschirmausschnitt: 05.12.2018 16:03

 

 

 

 

 

Test:

Powershell

Get-WFFarmStatus

Get-SBFarmStatus

 

 

<http://www.harbar.net/articles/wfm3.aspx>

 

Ab dem Punkt \"... we enrol a certificate on on of the Workflow Manager hosts..\", sind wir der Anleitung gefolgt und haben wir das Zert erstellt und exportiert.

 

**Reconfiguring Service Bus and Workflow Manager to use the new certificate**

 

 

Powershell Befehle aus dem Artikel ausgeführt und Installation abgeschlossen.

 

Zertifikate auf den SharePoint Servern im \"Personal\" und Trusted Root Certification Authorities\" Store bekannt gemacht.