BKKSPTWM001 Mittwoch, 5. Dezember 2018 10:58   BS 2016 STD CPU 1 MEM 4 GB C = 80 GB IP = 10.96.73.121     WM Manager 1.0 Version 1.1.11208.2     1. Download der Files. >   2. Auf dem WF Server den WebPlattformInstaller (WebPlatformInstaller_amd64_en-US) installieren. >   > >   3. Installationsbefehle in der CMD as admin für die restliche Installation: - WebpiCmd.exe /Install /Products:ServiceBus /XML:C:\\Install\\Workflowmanager-offline\\ServiceBus\\feeds\\latest\\webproductlist.xml /AcceptEula /SuppressPostFinish - WebpiCmd.exe /Install /Products:WorkflowClient /XML:C:\\Install\\Workflowmanager-offline\\WorkflowClient\\feeds\\latest\\webproductlist.xml - WebpiCmd.exe /Install /Products:WorkflowManagerRefresh /XML:C:\\Install\\Workflowmanager-offline\\WorkflowManagerRefresh\\feeds\\latest\\webproductlist.xml - WebpiCmd.exe /Install /Products:WorkflowCU5 /XML:C:\\Install\\Workflowmanager-offline\\WorkflowCU5\\feeds\\latest\\webproductlist.xml >   > > Service Account (svc-sptWorkflowM) zur lokalen Administrator Gruppe hinzugefügt. > >   > > Danach den WF konfigurieren. [ZU prüfen]{.mark} - Verwendung von SSL zwischen WF und SQL   2 Farm Verbinden : Register-SPWorkflowService -SPSite -WorkflowHostUri **-ScopeName SPTEST**     Hier mal ein generelles Beispiel : Register-SPWorkflowService     -SPSite     -WorkflowHostUri     -ScopeName FarmB   Aus \<\>     Summary der Installation:   Configuration for Workflow Manager Management Database SQL Instance        sqlsharepointt\\sqlsharepointt Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Management Database Name        WFManagementDB Instance Management Database SQL Instance        sqlsharepointt\\sqlsharepointt Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Instance Management Database Name        WFInstanceManagementDB Resource Management Database SQL Instance        sqlsharepointt\\sqlsharepointt Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Resource Management Database Name        WFResourceManagementDB RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL RunAs Password        \*\*\*\*\*\*\*\*\*\*\* Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\* Workflow Manager Outbound Signing Certificate        Auto-generated Service SSL Certificate        Auto-generated Encryption Certificate        Auto-generated Workflow Manager Management Port        12290 HTTP Port        Disabled Enable firewall rules on this computer        True Administrators Group        BUILTIN\\Administrators Configuration for Service Bus Management Database SQL Instance        sqlsharepointt\\sqlsharepointt Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Management Database Name        SbManagementDB Gateway Database SQL Instance        sqlsharepointt\\sqlsharepointt Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Gateway Database Name        SbGatewayDatabase Message Container SQL Instance        sqlsharepointt\\sqlsharepointt Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Message Container Database Name        SBMessageContainer01 RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL RunAs Password        \*\*\*\*\*\*\*\*\*\*\* Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\* Farm Certificate        Auto-generated Encryption Certificate        Auto-generated HTTPS Port        9355 TCP Port        9354 Message Broker Port        9356 Internal Communication Port Range        9000 - 9004 Enable firewall rules on this computer        True Administrators Group        BUILTIN\\Administrators       \# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.   \# Create new SB Farm \$SBCertificateAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with Service Bus Certificate Auto-generation key \*\*\*\*\*\*\' -Verbose;     New-SBFarm -SBFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SbManagementDB;Integrated Security=True;Encrypt=False\' -InternalPortRangeStart 9000 -TcpPort 9354 -MessageBrokerPort 9356 -RunAsAccount \'svc-sptWorkflowM@BKK-MOBILOIL\' -AdminGroup \'BUILTIN\\Administrators\' -GatewayDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SbGatewayDatabase;Integrated Security=True;Encrypt=False\' -CertificateAutoGenerationKey \$SBCertificateAutoGenerationKey -MessageContainerDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SBMessageContainer01;Integrated Security=True;Encrypt=False\' -Verbose;   \# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.   \# Create new WF Farm \$WFCertAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with Workflow Manager Certificate Auto-generation key \*\*\*\*\*\*\' -Verbose;     New-WFFarm -WFFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False\' -RunAsAccount \'svc-sptWorkflowM@BKK-MOBILOIL\' -AdminGroup \'BUILTIN\\Administrators\' -HttpsPort 12290 -HttpPort 12291 -InstanceDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFInstanceManagementDB;Integrated Security=True;Encrypt=False\' -ResourceDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFResourceManagementDB;Integrated Security=True;Encrypt=False\' -CertificateAutoGenerationKey \$WFCertAutoGenerationKey -Verbose;   \# Add SB Host \$SBRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with RunAs Password for Service Bus \*\*\*\*\*\*\' -Verbose;     Add-SBHost -SBFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=SbManagementDB;Integrated Security=True;Encrypt=False\' -RunAsPassword \$SBRunAsPassword -EnableFirewallRules \$true -CertificateAutoGenerationKey \$SBCertificateAutoGenerationKey -Verbose;   Try { \# Create new SB Namespace New-SBNamespace -Name \'WorkflowDefaultNamespace\' -AddressingScheme \'Path\' -ManageUsers \'svc-sptWorkflowM@BKK-MOBILOIL\',\'admin-kbe@BKK-MOBILOIL\' -Verbose;   Start-Sleep -s 90 } Catch \[system.InvalidOperationException\] { }   \# Get SB Client Configuration \$SBClientConfiguration = Get-SBClientConfiguration -Namespaces \'WorkflowDefaultNamespace\' -Verbose;   \# Add WF Host \$WFRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String \'\*\*\*\*\* Replace with RunAs Password for Workflow Manager \*\*\*\*\*\*\' -Verbose;     Add-WFHost -WFFarmDBConnectionString \'Data Source=sqlsharepointt\\sqlsharepointt;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False\' -RunAsPassword \$WFRunAsPassword -EnableFirewallRules \$true -SBClientConfiguration \$SBClientConfiguration -CertificateAutoGenerationKey \$WFCertAutoGenerationKey -Verbose;             ![Computergenerierter Alternativtext: WORKFLOW MANAGER CONFIGURATION WIZARD Workflow Manager Configuration Workfc•x Manager tarm uses the tollowing databases, certif•tes. potls Default Values have ten prcvfded. Configure Farm Management Database SQL SERVER INSTANCE SPT-workf10wM \@Advanced Options Enab\'e SSL cor-,necticn With SQL Semer instarce @ Windows Authentication C) SQL Server Authentication SbOVe SQL DATABASE NAME Configure Instance Management Database SQL SERVER INSTANCE SPT•workflowM DATA3ASE NAME ](media/image1.png){width="6.510416666666667in" height="6.322916666666667in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:04     ![Computergenerierter Alternativtext: Configure Instance Management Database SQL SERVER INSTANCE SPT-workflowM DATABASE MAME SPT-WFlnstanceManagementDB Configure Resource Management Database SQL SERVER INSTANCE SPT-workflowM DATABASE NAME SPT -W F Re Source Management OB Con figure Service Account Ilo User whi.ch the Services will ran (RunAs \"Sing the fomnat • for the same are every time youjoin ccmpLAer to the %brkfow USER ID ](media/image2.png){width="6.520833333333333in" height="4.614583333333333in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:05       ![Computergenerierter Alternativtext: Configure Service Account User account ur•der which the serv•ices will run (RunAs Account) using the formet • domainlvser or User@domain\'.Credertials for the same are required ever•/ time join a compLfter to the Manage farm\_ USER ID svc-sptworkf10wM@BKK-MOBlL01L Configure Certificates Workfo-\* Manager requires SSL and cutt»ound signing cetificates. To Provide custom ce:tifcat--- urcheck the Auto-generate Auto-generate CERTIFICATE GENERATION KEY This Qy is required ever,\' time you joh a computer to the WorkfO\* Manage tarn-. CONHRM CERTIncATE GENERATION KEY ](media/image3.png){width="6.5in" height="4.458333333333333in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:06     ![Computergenerierter Alternativtext: Configure Ports WORKFLOW MANAGER MANAGEMENT PORT Port on \*fich Workflow Manager Listens for management requests. The uns---zured HTTP or whi•ch Manöger Listens for managemert requests. Note that this feature Should not en abled in produ•ction 12291 Ü Allow Workflow management over HTTP on this computer v.l Enable firewall rules on this computer Configure Admin Group Thi; group Will be granted access to the databases as of the Workflow Manager You must restart this CCM2uter f \"ministr&tOrS grcup iS Cf thiS ](media/image4.png){width="6.489583333333333in" height="3.9895833333333335in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:06   ServiceBus Config     ![Computergenerierter Alternativtext: WORKFLOW MANAGER CONFIGURATION WIZARD Service Bus Configuration Workfcw Manager uns on a Service Bus deployment. Semice Bus uses the following databases. certifotes, and pcrts. Detauit values have been prcmded. Configure Farm Management Database SQL SERVER INSTANCE spr-workflcwv DATABASE NAME SPT-SBManagementDB Configure Gateway Database SQL SERVER INSTANCE SPT-workflowM DATA3ASE NAME Configure Message Container Database SQL SERVER INSTANCE SPT-workflcwM ](media/image5.png){width="6.802083333333333in" height="6.3125in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:09     ![Computergenerierter Alternativtext: Configure Message Container Database SQL SERVER INSTANCE SPT•workflcwM DATA3ASE NAME SPT-SBMessagecontainer01 Configure Service Account User Raunt ur%er whith the serViCe-S Wil\' (Run\" uSing the formet •user@domain\'.CredertiSSfor sarr,e are reguireC every time ycu jain computer to the Service farrr„ D Use the same semice account credentials as provided for Workflow Manager USER ID svc-sptServiceBus@BKK-MOBlLOlL Configure Certificate ](media/image6.png){width="6.65625in" height="4.25in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:16     ![Computergenerierter Alternativtext: Configure Certificate Serwce Bus requires a rarm ceftifcate. To provide a custom ceftifcat« uncheck tre Auto-generate Option. Auto-generate CERTIFZATE GENERATION KEY This key is requiret every time youjoin a computer to the Service Bus fam. Use the same certificate generation key as provided for Workflow Manager Configure Ports SSL acce-ssWe for a Service Bus 9355 Network- PCtt for Service Bus 9354 MESSAGE 3ROKER PORT rnis gort is useC tor message brc• pott communication ](media/image7.png){width="6.520833333333333in" height="4.03125in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:16     ![Computergenerierter Alternativtext: TCP PORT Network- PCtt for Service Bus 9354 MESSAGE 3ROKE_R PQRT This is used tor message brcker pott commonication 9356 INTERNAL COMMUNICATION PORT RANGE Port rar,ge useC for communicat\'on ætween Service Bus comp•ters in the fum The port here is the starting oort fc•\' range ot 5 ports. Enable firewall rules on this computer Configure Admin Group Thi; user group Nil be acce-ss to the databases as Of the Service Bus You must restart fiiscom%Jter if administratarS iS Created Cf thiS eanfguation bkk-mobiloiNSG-SPT-WFAdmin ](media/image8.png){width="6.260416666666667in" height="4.229166666666667in"}   Erfasster Bildschirmausschnitt: 05.12.2018 14:17   Configuration for Workflow Manager Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Management Database Name        SPT-WFManagementDB Instance Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Instance Management Database Name        SPT-WFInstanceManagementDB Resource Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Resource Management Database Name        SPT-WFResourceManagementDB RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL RunAs Password        \*\*\*\*\*\*\*\*\*\*\* Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\* Workflow Manager Outbound Signing Certificate        Auto-generated Service SSL Certificate        Auto-generated Encryption Certificate        Auto-generated Workflow Manager Management Port        12290 HTTP Port        Disabled Enable firewall rules on this computer        True Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin Configuration for Service Bus Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Management Database Name        SPT-SBManagementDB Gateway Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Gateway Database Name        SPT-SBGatewayDatabase Message Container SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Message Container Database Name        SPT-SBMessageContainer01 RunAs Account        svc-sptServiceBus@BKK-MOBILOIL RunAs Password        \*\*\*\*\*\*\*\*\*\*\* Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\* Farm Certificate        Auto-generated Encryption Certificate        Auto-generated HTTPS Port        9355 TCP Port        9354 Message Broker Port        9356 Internal Communication Port Range        9000 - 9004 Enable firewall rules on this computer        True Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin   Configuration for Workflow Manager Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Management Database Name        SPT-WFManagementDB Instance Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Instance Management Database Name        SPT-WFInstanceManagementDB Resource Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Resource Management Database Name        SPT-WFResourceManagementDB RunAs Account        svc-sptWorkflowM@BKK-MOBILOIL RunAs Password        \*\*\*\*\*\*\*\*\*\*\* Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\* Workflow Manager Outbound Signing Certificate        Auto-generated Service SSL Certificate        Auto-generated Encryption Certificate        Auto-generated Workflow Manager Management Port        12290 HTTP Port        Disabled Enable firewall rules on this computer        True Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin Configuration for Service Bus Management Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Management Database Name        SPT-SBManagementDB Gateway Database SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Gateway Database Name        SPT-SBGatewayDatabase Message Container SQL Instance        SPT-WorkflowM Enable SSL connection with SQL Server instance        False Authentication        Windows Authentication Message Container Database Name        SPT-SBMessageContainer01 RunAs Account        svc-sptServiceBus@BKK-MOBILOIL RunAs Password        \*\*\*\*\*\*\*\*\*\*\* Certificate Generation Key        \*\*\*\*\*\*\*\*\*\*\* Farm Certificate        Auto-generated Encryption Certificate        Auto-generated HTTPS Port        9355 TCP Port        9354 Message Broker Port        9356 Internal Communication Port Range        9000 - 9004 Enable firewall rules on this computer        True Administrators Group        bkk-mobiloil\\SG-SPT-WFAdmin \<\\> Register-SPWorkflowService -spsite \"\" -WorkflowHos tUri \"\" -ScopeName spt     Alle Accounts der SG-SPT-WFAdmin ![Computergenerierter Alternativtext: Eigenschaften von SG-SPT-WFAdrnin • RkO dg-SptAdrnÉI svc-spt \"tgieder \'At\$ed von Actrve bkknobiloifeiVOk4dm-,3 bkk bi i d bkkqnoblo\' bkk•nobibi s ](media/image9.png){width="3.6979166666666665in" height="4.604166666666667in"}   Erfasster Bildschirmausschnitt: 05.12.2018 16:03           Test: Powershell Get-WFFarmStatus Get-SBFarmStatus       Ab dem Punkt \"... we enrol a certificate on on of the Workflow Manager hosts..\", sind wir der Anleitung gefolgt und haben wir das Zert erstellt und exportiert.   **Reconfiguring Service Bus and Workflow Manager to use the new certificate**     Powershell Befehle aus dem Artikel ausgeführt und Installation abgeschlossen.   Zertifikate auf den SharePoint Servern im \"Personal\" und Trusted Root Certification Authorities\" Store bekannt gemacht.