zettelkasten/28_BKKSPTWM001.md at 5a108aa2b4135af0e72d7a64654b59c91b3e7032

ralfk/zettelkasten

Fork 0

Ralf Koop 5a108aa2b4 .

2023-08-25 23:29:11 +02:00

20 KiB

Raw Blame History

BKKSPTWM001

Mittwoch, 5. Dezember 2018

10:58

BS 2016 STD

CPU 1

MEM 4 GB

C = 80 GB

IP = 10.96.73.121

WM Manager 1.0 Version 1.1.11208.2

Download der Files.

Auf dem WF Server den WebPlattformInstaller (WebPlatformInstaller_amd64_en-US) installieren.

Installationsbefehle in der CMD as admin für die restliche Installation:

WebpiCmd.exe /Install /Products:ServiceBus /XML:C:\Install\Workflowmanager-offline\ServiceBus\feeds\latest\webproductlist.xml /AcceptEula /SuppressPostFinish
WebpiCmd.exe /Install /Products:WorkflowClient /XML:C:\Install\Workflowmanager-offline\WorkflowClient\feeds\latest\webproductlist.xml
WebpiCmd.exe /Install /Products:WorkflowManagerRefresh /XML:C:\Install\Workflowmanager-offline\WorkflowManagerRefresh\feeds\latest\webproductlist.xml
WebpiCmd.exe /Install /Products:WorkflowCU5 /XML:C:\Install\Workflowmanager-offline\WorkflowCU5\feeds\latest\webproductlist.xml

Service Account (svc-sptWorkflowM) zur lokalen Administrator Gruppe hinzugefügt.

Danach den WF konfigurieren.

[ZU prüfen]{.mark}

Verwendung von SSL zwischen WF und SQL

2 Farm Verbinden :

Register-SPWorkflowService -SPSite https://mobilnet-sptest.bkk-mobiloil.de -WorkflowHostUri https://bkksptwm001.bkk-mobiloil.de:12290 -ScopeName SPTEST

Hier mal ein generelles Beispiel :

-SPSite https://farmb.corp.local

-WorkflowHostUri https://wffarm.corp.local:12290

-ScopeName FarmB

Aus <http://www.wictorwilen.se/sharing-a-workflow-manager-1.0-farm-between-multiple-sharepoint-2013-farms>

Summary der Installation:

Configuration for Workflow Manager

Management Database SQL Instance sqlsharepointt\sqlsharepointt

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Management Database Name WFManagementDB

Instance Management Database SQL Instance sqlsharepointt\sqlsharepointt

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Instance Management Database Name WFInstanceManagementDB

Resource Management Database SQL Instance sqlsharepointt\sqlsharepointt

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Resource Management Database Name WFResourceManagementDB

RunAs Account svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password ***********

Certificate Generation Key ***********

Workflow Manager Outbound Signing Certificate Auto-generated

Service SSL Certificate Auto-generated

Encryption Certificate Auto-generated

Workflow Manager Management Port 12290

HTTP Port Disabled

Enable firewall rules on this computer True

Administrators Group BUILTIN\Administrators

Configuration for Service Bus

Management Database SQL Instance sqlsharepointt\sqlsharepointt

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Management Database Name SbManagementDB

Gateway Database SQL Instance sqlsharepointt\sqlsharepointt

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Gateway Database Name SbGatewayDatabase

Message Container SQL Instance sqlsharepointt\sqlsharepointt

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Message Container Database Name SBMessageContainer01

RunAs Account svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password ***********

Certificate Generation Key ***********

Farm Certificate Auto-generated

Encryption Certificate Auto-generated

HTTPS Port 9355

TCP Port 9354

Message Broker Port 9356

Internal Communication Port Range 9000 - 9004

Enable firewall rules on this computer True

Administrators Group BUILTIN\Administrators

# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.

# Create new SB Farm

$SBCertificateAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String '***** Replace with Service Bus Certificate Auto-generation key ******' -Verbose;

New-SBFarm -SBFarmDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=SbManagementDB;Integrated Security=True;Encrypt=False' -InternalPortRangeStart 9000 -TcpPort 9354 -MessageBrokerPort 9356 -RunAsAccount 'svc-sptWorkflowM@BKK-MOBILOIL' -AdminGroup 'BUILTIN\Administrators' -GatewayDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=SbGatewayDatabase;Integrated Security=True;Encrypt=False' -CertificateAutoGenerationKey $SBCertificateAutoGenerationKey -MessageContainerDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=SBMessageContainer01;Integrated Security=True;Encrypt=False' -Verbose;

# To be run in Workflow Manager PowerShell console that has both Workflow Manager and Service Bus installed.

# Create new WF Farm

$WFCertAutoGenerationKey = ConvertTo-SecureString -AsPlainText -Force -String '***** Replace with Workflow Manager Certificate Auto-generation key ******' -Verbose;

New-WFFarm -WFFarmDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False' -RunAsAccount 'svc-sptWorkflowM@BKK-MOBILOIL' -AdminGroup 'BUILTIN\Administrators' -HttpsPort 12290 -HttpPort 12291 -InstanceDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=WFInstanceManagementDB;Integrated Security=True;Encrypt=False' -ResourceDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=WFResourceManagementDB;Integrated Security=True;Encrypt=False' -CertificateAutoGenerationKey $WFCertAutoGenerationKey -Verbose;

# Add SB Host

$SBRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String '***** Replace with RunAs Password for Service Bus ******' -Verbose;

Add-SBHost -SBFarmDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=SbManagementDB;Integrated Security=True;Encrypt=False' -RunAsPassword $SBRunAsPassword -EnableFirewallRules $true -CertificateAutoGenerationKey $SBCertificateAutoGenerationKey -Verbose;

Try

{

# Create new SB Namespace

New-SBNamespace -Name 'WorkflowDefaultNamespace' -AddressingScheme 'Path' -ManageUsers 'svc-sptWorkflowM@BKK-MOBILOIL','admin-kbe@BKK-MOBILOIL' -Verbose;

Start-Sleep -s 90

}

Catch [system.InvalidOperationException]

{

}

# Get SB Client Configuration

$SBClientConfiguration = Get-SBClientConfiguration -Namespaces 'WorkflowDefaultNamespace' -Verbose;

# Add WF Host

$WFRunAsPassword = ConvertTo-SecureString -AsPlainText -Force -String '***** Replace with RunAs Password for Workflow Manager ******' -Verbose;

Add-WFHost -WFFarmDBConnectionString 'Data Source=sqlsharepointt\sqlsharepointt;Initial Catalog=WFManagementDB;Integrated Security=True;Encrypt=False' -RunAsPassword $WFRunAsPassword -EnableFirewallRules $true -SBClientConfiguration $SBClientConfiguration -CertificateAutoGenerationKey $WFCertAutoGenerationKey -Verbose;

$Computergenerierter Alternativtext: WORKFLOW MANAGER CONFIGURATION WIZARD Workflow Manager Configuration Workfc•x Manager tarm uses the tollowing databases, certif•tes. potls Default Values have ten prcvfded. Configure Farm Management Database SQL SERVER INSTANCE SPT-workf10wM \@Advanced Options Enab\'e SSL cor-,necticn With SQL Semer instarce @ Windows Authentication C) SQL Server Authentication SbOVe SQL DATABASE NAME Configure Instance Management Database SQL SERVER INSTANCE SPT•workflowM DATA3ASE NAME$ {width="6.510416666666667in" height="6.322916666666667in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:04

$Computergenerierter Alternativtext: Configure Instance Management Database SQL SERVER INSTANCE SPT-workflowM DATABASE MAME SPT-WFlnstanceManagementDB Configure Resource Management Database SQL SERVER INSTANCE SPT-workflowM DATABASE NAME SPT -W F Re Source Management OB Con figure Service Account Ilo User whi.ch the Services will ran (RunAs \"Sing the fomnat • for the same are every time youjoin ccmpLAer to the %brkfow USER ID$ {width="6.520833333333333in" height="4.614583333333333in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:05

$Computergenerierter Alternativtext: Configure Service Account User account ur•der which the serv•ices will run (RunAs Account) using the formet • domainlvser or User@domain\'.Credertials for the same are required ever•/ time join a compLfter to the Manage farm\_ USER ID svc-sptworkf10wM@BKK-MOBlL01L Configure Certificates Workfo-\* Manager requires SSL and cutt»ound signing cetificates. To Provide custom ce:tifcat--- urcheck the Auto-generate Auto-generate CERTIFICATE GENERATION KEY This Qy is required ever,\' time you joh a computer to the WorkfO\* Manage tarn-. CONHRM CERTIncATE GENERATION KEY$ {width="6.5in" height="4.458333333333333in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:06

$Computergenerierter Alternativtext: Configure Ports WORKFLOW MANAGER MANAGEMENT PORT Port on \*fich Workflow Manager Listens for management requests. The uns---zured HTTP or whi•ch Manöger Listens for managemert requests. Note that this feature Should not en abled in produ•ction 12291 Ü Allow Workflow management over HTTP on this computer v.l Enable firewall rules on this computer Configure Admin Group Thi; group Will be granted access to the databases as of the Workflow Manager You must restart this CCM2uter f \"ministr&tOrS grcup iS Cf thiS$ {width="6.489583333333333in" height="3.9895833333333335in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:06

ServiceBus Config

{width="6.802083333333333in" height="6.3125in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:09

$Computergenerierter Alternativtext: Configure Message Container Database SQL SERVER INSTANCE SPT•workflcwM DATA3ASE NAME SPT-SBMessagecontainer01 Configure Service Account User Raunt ur%er whith the serViCe-S Wil\' (Run\" uSing the formet •user@domain\'.CredertiSSfor sarr,e are reguireC every time ycu jain computer to the Service farrr„ D Use the same semice account credentials as provided for Workflow Manager USER ID svc-sptServiceBus@BKK-MOBlLOlL Configure Certificate$ {width="6.65625in" height="4.25in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:16

{width="6.520833333333333in" height="4.03125in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:16

$Computergenerierter Alternativtext: TCP PORT Network- PCtt for Service Bus 9354 MESSAGE 3ROKE_R PQRT This is used tor message brcker pott commonication 9356 INTERNAL COMMUNICATION PORT RANGE Port rar,ge useC for communicat\'on ætween Service Bus comp•ters in the fum The port here is the starting oort fc•\' range ot 5 ports. Enable firewall rules on this computer Configure Admin Group Thi; user group Nil be acce-ss to the databases as Of the Service Bus You must restart fiiscom%Jter if administratarS iS Created Cf thiS eanfguation bkk-mobiloiNSG-SPT-WFAdmin$ {width="6.260416666666667in" height="4.229166666666667in"}

Erfasster Bildschirmausschnitt: 05.12.2018 14:17

Configuration for Workflow Manager

Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Management Database Name SPT-WFManagementDB

Instance Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Instance Management Database Name SPT-WFInstanceManagementDB

Resource Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Resource Management Database Name SPT-WFResourceManagementDB

RunAs Account svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password ***********

Certificate Generation Key ***********

Workflow Manager Outbound Signing Certificate Auto-generated

Service SSL Certificate Auto-generated

Encryption Certificate Auto-generated

Workflow Manager Management Port 12290

HTTP Port Disabled

Enable firewall rules on this computer True

Administrators Group bkk-mobiloil\SG-SPT-WFAdmin

Configuration for Service Bus

Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Management Database Name SPT-SBManagementDB

Gateway Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Gateway Database Name SPT-SBGatewayDatabase

Message Container SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Message Container Database Name SPT-SBMessageContainer01

RunAs Account svc-sptServiceBus@BKK-MOBILOIL

RunAs Password ***********

Certificate Generation Key ***********

Farm Certificate Auto-generated

Encryption Certificate Auto-generated

HTTPS Port 9355

TCP Port 9354

Message Broker Port 9356

Internal Communication Port Range 9000 - 9004

Enable firewall rules on this computer True

Administrators Group bkk-mobiloil\SG-SPT-WFAdmin

Configuration for Workflow Manager

Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Management Database Name SPT-WFManagementDB

Instance Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Instance Management Database Name SPT-WFInstanceManagementDB

Resource Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Resource Management Database Name SPT-WFResourceManagementDB

RunAs Account svc-sptWorkflowM@BKK-MOBILOIL

RunAs Password ***********

Certificate Generation Key ***********

Workflow Manager Outbound Signing Certificate Auto-generated

Service SSL Certificate Auto-generated

Encryption Certificate Auto-generated

Workflow Manager Management Port 12290

HTTP Port Disabled

Enable firewall rules on this computer True

Administrators Group bkk-mobiloil\SG-SPT-WFAdmin

Configuration for Service Bus

Management Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Management Database Name SPT-SBManagementDB

Gateway Database SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Gateway Database Name SPT-SBGatewayDatabase

Message Container SQL Instance SPT-WorkflowM

Enable SSL connection with SQL Server instance False

Authentication Windows Authentication

Message Container Database Name SPT-SBMessageContainer01

RunAs Account svc-sptServiceBus@BKK-MOBILOIL

RunAs Password ***********

Certificate Generation Key ***********

Farm Certificate Auto-generated

Encryption Certificate Auto-generated

HTTPS Port 9355

TCP Port 9354

Message Broker Port 9356

Internal Communication Port Range 9000 - 9004

Enable firewall rules on this computer True

Administrators Group bkk-mobiloil\SG-SPT-WFAdmin

<<Log.txt>>

tUri "https://bkksptwm001.bkk-mobiloil.de:12290" -ScopeName spt

Alle Accounts der SG-SPT-WFAdmin

$Computergenerierter Alternativtext: Eigenschaften von SG-SPT-WFAdrnin • RkO dg-SptAdrnÉI svc-spt \"tgieder \'At\$ed von Actrve bkknobiloifeiVOk4dm-,3 bkk bi i d bkkqnoblo\' bkk•nobibi s$ {width="3.6979166666666665in" height="4.604166666666667in"}

Erfasster Bildschirmausschnitt: 05.12.2018 16:03

Test:

Powershell

Get-WFFarmStatus

Get-SBFarmStatus

http://www.harbar.net/articles/wfm3.aspx

Ab dem Punkt "... we enrol a certificate on on of the Workflow Manager hosts..", sind wir der Anleitung gefolgt und haben wir das Zert erstellt und exportiert.

Reconfiguring Service Bus and Workflow Manager to use the new certificate

Powershell Befehle aus dem Artikel ausgeführt und Installation abgeschlossen.

Zertifikate auf den SharePoint Servern im "Personal" und Trusted Root Certification Authorities" Store bekannt gemacht.

20 KiB Raw Blame History

20 KiB

Raw Blame History