ralfk/zettelkasten
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5a108aa2b4
zettelkasten/OneNoteExport/Kommunikationstechnologie/Sharepoint/Wizdom/06_Wizdom Installation SPQ (old).md
Ralf Koop 5a108aa2b4 .
2023-08-25 23:29:11 +02:00

32 KiB
Raw Blame History

Wizdom Installation SPQ (old)

Donnerstag, 7. Februar 2019

09:48

 

Wizdom cetr installiert

wizdom-spq.bkk-mobiloil.de

 

 

sll kommunikation zwischen den servern

 

-----------------------

für die app: später

 

 

2.)dfsr installier

Install-WindowsFeature FS-DFS-Replication, RSAT-DFS-Mgmt-Con

 

dann reboot

 

 

dfs managemnet console

 

 

Computergenerierter Alternativtext: Management Action View Help New Replication Group Wizard x Namespace.. Replication Grcup„. Namespaces to Di. „ Replication Group.„ Window from Here DFS Management Namespaces Replication Rep litltiln &oup Tm the type re#äbn to cre\*e @ Muhipuvcse replicäizn COI-figures tWC C) 70\'.\' for collectcn The corfigures twcsvay r»icäion between twc servem such as a server arz a hub destnaticn) semer This to Collect at the ---ver Ycu can ther use bækup soft\*7e to back the däa on the Regic\*ion Type NöTe arz Domain R4cäion Membes Selecten Member FcåS to Settings Creäe Récäion Starts a Wizard to Create a replic.tion grcup. {width="8.854166666666666in" height="6.760416666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:19

 

 

 

Computergenerierter Alternativtext: Management Action View Help New Replication Group Wizard x DFS Management Namespaces Replication Name Twe a narre nd doman forthe r---icäion The rep---jon mug be unique the domain ho---s the r\$ication R\$cäion Nave arz Domän Membes Selecten Ol\*ional desc@tjon cf replicatbn Membe Settings Creäe Récäion Namespace.. Replication Namespaces to Di. „ Replication Group.„ Window from Here Starts a wizard to Create a replication {width="8.802083333333334in" height="6.708333333333333in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:20

 

 

Computergenerierter Alternativtext: e New Replication Group Wlzard Group x Type Üca•rSn Membes T\"Ology Schedule Primar,\' Membe Folders to Settir•. Eid Cteäe Add then two or the BKKSPQPHA002 de {width="6.364583333333333in" height="5.458333333333333in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:22

 

 

Computergenerierter Alternativtext: e New Replication Group Wlzard TOPO x Type ÜcmSn Membe•s TCOObgy pwnary Fobders to Repicate Settings md Creäe a tr»obgy of crynecti:ns among membem of the r4cäbn \_ Hub Et-dsooke topdc•ø\' rev_ues three or rrore rnembet• h the group h ths 90ke mernbers are ccrnected to or,e cr two hub mernbery Ths üygobgy wotks n PLUicatbn scerzios date ongnates from the mm-ber arz replcates to the \_ topdcgy. re•pEatiøn TH s tcpology are t en fewer C) No t»ology Séct this cvtlon wart to create a topology you fflis replicat•a-\' wil He you create the cueom {width="6.364583333333333in" height="5.447916666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:22

 

 

 

Computergenerierter Alternativtext: e New Replication Group Wlzard Replicaticn GrtÄJP and x Type Üca•rSn Membes logy Selection pnmary Fobders to Repicate Settings md Creäe Select the ---Won s&edule md bandwiåh to be use by for new comectims n the reOicäbn @ R4cäe cortruou\*,\' the spæied Sardwidth Lee this optm to enabe 24 hous a day seven days a w--- usng tf• C) R4cäe dun-g the spezfed days tfres Le this optbn to spe:-fy the d3ys and tnes replcaticn cc:curs intial r\*icäion sched_IÉ has no replicati:n irtervals mg--- at One before replicatjon cm cccur {width="6.385416666666667in" height="5.458333333333333in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:23

 

 

Computergenerierter Alternativtext: e New Replication Group Wizard Primary Member x Type ÜcmSn Membes logy Selection md dwidth pwnary Fobders to Repicate Settings md Creäe the serverthat a:rtsns the cortent you to replicate to Other membe• The server e\'own as the \"nar,\' meT& pnmary BKKSPQPHAOOI the to be replicated exist on multiple servem. the feies fi•s on the membe \*\'II be durrg initiS revåc&ion {width="6.4375in" height="5.447916666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:23

 

 

Computergenerierter Alternativtext: Add Folder to Replicate BKKSPOPHAOOI Lecal of folderto Exanvle - C XDocuTäs Sé:t or b\'pe a name to represett thås foder on al memb€8 of the redicaten This name s krown as the folder rare. @ Use based on path W•zdom -SPO C) Use aan\* DocuTäs x {width="3.21875in" height="4.0in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:24

Computergenerierter Alternativtext: Add Folder to Replicate BKKSPOPHAOOI Lecal of foldertc Example - C XDocuTäs Sé:t ortype a name to represett thås fobr on al membes of r4caten \'-cu. This name s krown as the repic-äai folder rame. @ Use na-re based on path W•zdom -SPO C) Use aan\* DocuTäs the NTFS pemisSom for the ,øcäed fo&r C) pemÉsions Pem•ssions x {width="3.21875in" height="4.947916666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:24

 

 

Computergenerierter Alternativtext: e New Replication Group Wlzard Folders To séct a on the \"\*nar,\' tt-ä you war\* to r\*cäe to äh« the repbcation cick x Type ÜcmSn Membes logy Selection dwidth pnmary Fobders to Rep---e Local of WRdom-SPO on Beve,x Sätr,. md Cree folders: Loa ReOicated Folder Nar,e Wizdom.SPQ NTFS Pamissions {width="6.354166666666667in" height="5.447916666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:25

 

 

 

Computergenerierter Alternativtext: x BKKSPOPHA002 the nitiS status the replicated folde on ths member\_ O Disabled The folder on the folde syr&rwized members pell C_A.Däa replicated folder tNs menber readoriy {width="3.65625in" height="4.677083333333333in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:26

 

Computergenerierter Alternativtext: e New Replication Group Wlzard Local Path on Members To »eciy the bcal Xh cf the folder or folder is read-only Select the membe c:5ck Edi x Type Üca•rSn Membes T\"Ology dwidth pnmary Fobders to Rep---e Local of WRdom-SPQ Settr,. md Cree Pnmary Primary bcS Path: BKKSPOPHAOOI D:XWIzdyn-SPQ Status BKKSPQPHACQ DAWzdxr,-SPQ {width="6.375in" height="5.458333333333333in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:27

 

 

Computergenerierter Alternativtext: e New Replication Group Wlzard Review Setti•vgs and x Type ÜcmSn Membes logy Selection dwidth pnmary Fobders to Rep---e Local of WRdom-SPO on her MemE---• Sä-tr,. md Creäe Yoa selected the forthe new r»icäjon group settjn. correct dick Creäe to replcatcn grouv To change a Setting, cick Prevous. or Select appropr---e Page in tre onentatjon pane group : Membes (2)\' EKKSPQPHAOCI BKKSPQPHAC•02 Topology b\'pe Le of cmrectbns (2) BKKSPOPHA002 BKKSPOPHAOOI BKKSPOPHAOOI BKKSFOPHA002 Cmnection S\*edde. Rep---e {width="6.364583333333333in" height="5.46875in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:27

 

 

Computergenerierter Alternativtext: e New Replication Group Wlzard Type Domen Membes T\"Ology pnmary Fobders to Repicate Local of WRdom-SPO on Sä-tr,. md Cree x You ha ve susces\"y completed the New Wizard. Cre\*e group Cre\*e nembem Set perniSSiO\"S foldem replcÄ8S folder rnembershp Cre&e cornectms. To Size the stEging foldet large er,ough prevent replication slxing stopping, you rw.st tEke into Ecco.nt ize of the Wes to Ee replicu,ted\_ For rr,ore informeticn. see the cotimizytion auidence\_ {width="6.375in" height="5.447916666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:27

 

 

Computergenerierter Alternativtext: New Replication Group Wizard Type Domen Membes You ha ve susces\"y completed the New Wizard. T\"Ology pwnary Fobders to Repicate Replication • ReplEatfi1 not L\" the iS up by Of the graup The Of this deper•ds on P•dive Dredoty SS a S the Local of WRdom- Üc tYis ag&n Sätr,. To Size the stEging foldet large er,ough prevent replication irc•r, sloving stopping, you rw.st tEke into Ecco.nt ize of the Wes to Ee replicu,ted\_ For rr,ore informeticn. see the coti\*zytion auidence\_ {width="6.333333333333333in" height="5.416666666666667in"}

 

Erfasster Bildschirmausschnitt: 07.02.2019 10:27

 

 

 

Test Datei auf einen Srever mit Inhalt ins Verzeichnis gelegt.

 

Powershell Befehl force der DFS Replica:

dfsrdiag pollad

 

Dateien wurden nach erfolgreichen Test wieder gelöscht.

 

DFSR abgeschlossen.

 

+++++++++++++++

 

Datenbank für Wizdom erstellt.

 

User "svc-spqwizdom" wurden die Rechte "owner" gewährt.

 

-- Voraussetzungen geprüft --

IIS Application development extensions 4.6 aktiviert

asp 4.6 - aktiviert

 

Netframework 4.6 installiert

 

4 GB RAM

4 * Prozessoren

 

app - überprüft
app url

keine permissions

app catalog

 

Powershell Befehl zur Erstelllung der SharePoint SC für Wizdom:

New-SPSite -url "https://kerbmobilnet-spq.bkk-mobiloil.de/sites/AKP" -OwnerAlias "bkk-mobiloil\cfg-spqAdmin" -name "App-Katalog-Mobilnet-SPQ" -Template "APPCATALOG#0" -Language 1033

 

 

Auf der Site müssen die Features kontrolliert werden

  • SharePoint Server Pub Infra aktivieren ---- Fehler entdeckt!!

 

Template kontrollieren von der Mobilnet!

  • Teamsite

$web = Get-SPWeb https://kerbmobilnet-spq.bkk-mobiloil.de/

$web.WebTemplate + " " + $web.WebTemplateId

 

Alte Teamsite war mit dem Template "sts0" (Blank Site) erstellt worden, dies ist nicht korrekt. Site wurde gelöscht.

 

Neue Teamsite wurde per Powershell erstellt:

New-SPSite -url "https://kerbmobilnet-spq.bkk-mobiloil.de/" -OwnerAlias "bkk-mobiloil\cfg-spqadmin" -name "Mobilnet" -Template "STS#0"

 

Feature per Powershell aktivieren

$site = Get-SPSite https://kerbmobilnet-spq.bkk-mobiloil.de/

$web = Get-SPWeb $site.url

Enable-SPFeature -Identity "PublishingSite" -Url $site.url -Confirm:$False

Enable-SPFeature -Identity "PublishingWeb" -Url $web.Url -Confirm:$False

 

 

---- gehöhrt nicht zur Wizdom Installation ---

Token Time geprüft und hochgesetzt analog zur SPT

$mysts = Get-SPSecurityTokenServiceConfig

$mysts.WindowsTokenLifetime /// 10Std.

$mysts.LogonTokenCacheExpirationWindow /// Wert 10 Minuten

$TT = [Microsoft.SharePoint.Administration.SPWebService]::ContentService

$TT.TokenTimeout /// Wert 1Tag

---- ENDE ---

 

[SP Mobilnet - Site Settings]{.mark}

  • [Mange Site Features (SharePoint Server Publishing)]{.mark}

  • [SiteCollection Feature (SharePoint Server Publishing Infrastructure)]{.mark}

 

 

Site Settings

Import "Search Configuration"

XML hochladen- fehler

correlid 7988bf9e-0dc5-c098-21b8-c5767441a6cb

 

 

 

App001/002 Fehler

PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd secureresources

 

 

Wizdom user berechtigt auf installations verzeichnis mit full

 

High Trust hinzufügen

wizdom zertifikat auf pha server verwenden

Powershell:

 

PS C:\Users\cfg-spqAdmin> new-guid

 

Guid erstellt:

----

d3b32f4c-07d1-4f98-ad76-49a961657052

 

PS C:\Users\cfg-spqAdmin> $issuer = "d3b32f4c-07d1-4f98-ad76-49a961657052"

PS C:\Users\cfg-spqAdmin> $publicCertPath = "D:\SP\Zertifikate\Wizdom-SPQ.cer"

PS C:\Users\cfg-spqAdmin> $siteUrl = "https://kerbmobilnet-spq.bkk-mobiloil.de/"

PS C:\Users\cfg-spqAdmin> $web = Get-SPWeb $siteUrl

PS C:\Users\cfg-spqAdmin> $certificate = Get-PfxCertificate $publiccertPath

PS C:\Users\cfg-spqAdmin> $realm = Get-SPAuthenticationRealm -ServiceContext $web.Site

PS C:\Users\cfg-spqAdmin> $fullAppIdentifier = $issuer + '@' + $realm

PS C:\Users\cfg-spqAdmin> New-SPTrustedRootAuthority -Name "WizdomApp" -certificate $certificate

PS C:\Users\cfg-spqAdmin> New-SPTrustedSecurityTokenIssuer -name "WizdomApp" -certificate $certificate -RegisteredIssuer $fullAppIdentifier -IsTrustBroker

 

 

IsSelfIssuer : False

NameId :

RegisteredIssuerName : 9e3e6a5a-75ff-4aeb-b595-bbf7699056f5@fbedc042-4989-4e39-b39e-0444a8b3d98c

AuthorizationEndPointUri :

EndSessionEndPointUri :

DefaultClientIdentifier :

ScopedClientIdentifier : {}

IdentityClaimTypeInformation : Microsoft.SharePoint.Administration.Claims.SPTrustedClaimTypeInformation

Description :

SigningCertificate : [Subject]

CN=wizdom-spq.bkk-mobiloil.de

 

Issuer

CN=BKKCAv2, DC=bkk-mobiloil, DC=de

 

Serial Number

2900001E66B8134CB56205DADF000000001E66

 

Not Before

07.02.2019 09:59:53

 

Not After

04.02.2029 09:59:53

 

Thumbprint

758F5C5463089022AED898F38246D3AB1EF6ECCF

 

AdditionalSigningCertificates : {}

MetadataEndPoint :

IsAutomaticallyUpdated : False

Name : WizdomApp

TypeName : Microsoft.SharePoint.Administration.Claims.SPTrustedSecurityTokenService

DisplayName : WizdomApp

Id : 351dd810-5ace-4665-9f74-259e9526c589

Status : Online

Parent : SPSecurityTokenServiceManager Name=SecurityTokenServiceManager

Version : 1195805

DeploymentLocked : False

Properties : {}

Farm : SPFarm Name=SPQ_Config

UpgradedPersistedProperties : {}

 

 

 

Erfasster Bildschirmausschnitt: 13.02.2019 12:26

 

 

 

 

PS C:\Users\cfg-spqAdmin> Register-SPAppPrincipal -NameIdentifier $fullAppIdentifier -site $web -DisplayName "WizdomApp"

 

 

NameIdentifier EncodedNameIdentifier

-------------- ---------------------

9e3e6a5a-75ff-4aeb-b595-bbf7699056f5@fbedc042-4989-4e39-b39e-0444a8b3d98c i:0i.t|ms.sp.ext|9e3e6a5a-75ff-4aeb-b595-b...

 

 

folgende url aufrufen

https://kerbmobilnet-spq.bkk-mobiloil.de/_layouts/15/appregnew.aspx

 

dort clientid generate etc

 

Computergenerierter Alternativtext: https\'\"kerbmobilnet-;pa.bkk-mobiloil.dei SK u ritv Register an App Clie nt S«ret: WtzdO m App DO r na in: aarnp\'e: \"N.vw.conto-so.com• Redirect URI: https://wizdom-bpq. de aarnple: \" https•.\'/w•.w.contoso.con.\'default.aspx\" ? System Account SHARE FOLLOW SharePoint Home Notebook Site Contents EDIT LINKS Sites Mobilnet App nformation EDIT LINKS The ans intormatim, induding app 4 tite rostirg url redired u«. {width="6.979166666666667in" height="2.8541666666666665in"}

 

 

 

Ergebnis:

 

Computergenerierter Alternativtext: Mobilnet EDIT LINKS The app identifier has been successfully created. Client ld•. Cl i e nt Secret: Title App Domaim URI: abfog860-cdeg-adfa-bffb-9g2,1fB3a9Uf AjoaXSbNkuk5sNf0KRsyZsd4VOFvLWt128HNu4,EU2 Wizdom wizdom-spqbkk-mobiloilde httpsWwizdom- spq de {width="8.510416666666666in" height="1.4270833333333333in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 12:28

 

 

high trust ende

 

Wizdom App Paket muss erstellt werden:

 

App Paket heruntergeladen

 

ps1 file und xml mit Clientid/Produktid versorgt (s.o.)

 

im Appmanifest.xml

 

a

Computergenerierter Alternativtext: Site COI I List Metadata Language Default Metadata Language Add a document Choose a file Version Comments Regicter App M Od ified Appsfor SharePoint • All De p I oyee SharePoint Sites Home Apps for SharePoint New Apps for SharePoint All Apps Apps for Office App Requests Site Contents Upload Featured Apps Unavailable Apps Title Name AppVersion Edit 10 Valid App D.\'XSP\'%I O_Wiz do omAp p.app Upload files using Windows Explorer instead QI Add as a new version to existing files {width="12.458333333333334in" height="7.510416666666667in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 13:56

 

 

Computergenerierter Alternativtext: IO_Wizdcm Home Share v A ThisPC Daten(D:) SP IO_WIzdom Date medified 14:36 15.01.2019 1539 13022019 11:15 13.02.2019 13:55 Type File folder Compressed (Zipp\... Compressed (Zipp\... XML Document Compressed (Zipp\... APP 5&056 KB 12 KB 36 KB \* Quick access Desktop Downloads Documents Pictures 02 Scripte WizdomApp \"307- 2016.zip 2016).zip Sea rchConfiguration.xm I SearchConfiguration.zip {width="7.791666666666667in" height="3.1875in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 13:56

 

 

Computergenerierter Alternativtext: W•zdomApp Home Share Thi5PC Daten (D:) SP IO_Wtzdom WzdomApp Type File folder XML Document PNG File XML Document XML Document Applcon.png Applcon.png,configxml AppManifest.xmI Date mcdified 13022019 13:35 13022019 13:35 13.02.2019 11•52 \* Quick access Desktop Downloads Documents Pictures 02 se/Pte t emp ThisPC Desktop {width="8.5625in" height="3.6354166666666665in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 13:56

 

 

Computergenerierter Alternativtext: AppManifest.xmI - Notepad File Edit Format View Help k?xrl version-\"1.Ø\" c! IBEDF-C97-B41D-43C5-B751-7CaeAD999884\--» - -12ff4dee34a9-o (App xm1ns---\"http://scheras.microsoft.com/sharepoint/2Ø12/app/manifest\" «Properties dit1e\*izdomAppc/Tit1e) https / /kerbrobilnet - spq. bkk de/Base/Pages/Configu \'Startpago c/Proper•ties» «Appprincipal) denotewebApp11cation Client1d-\"abfØ986Ø-cde9-4dfa-bf7b-9924f83a9Ø4f\" c/AppPrincipal) eAppPermåssåonRequests «AppPermissionRequest Scope-\"http://sharepoint/content/sitecollection\" Right-\"Fu11Contr01\" «AppPermåssionRequest Scope•\"http://sharepoint/social/tenant\" appPermissionRequest Scope-\"http://sharepoint/search\" Right-\"QueryAsUserIgnoreAppPrincipa1\" /) (AppPermissionRequest Scope---\"http://sharepoint/content/tenant\" appPermissionRequest Scope-\"http://sharepoint/taxonony\" (AppPepmissionRequest Scope---\"http://sharepoint/content/sitecollection/web\" c/AppPermissionRequests) c/App» Version---\" I.e.ø.l\" x SharePo: {width="11.927083333333334in" height="4.208333333333333in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 13:57

 

 

 

 

https://kerbmobilnet-spq.bkk-mobiloil.de/sites/AKP

 

Aus <https://bkkspqapp001:2016/_admin/SiteCollections.aspx?ReturnSelectionPage=%2fapplications.aspx>

 

 

 

 

 

umgekehrte Reihenfolge der Screenshots

 

 

Computergenerierter Alternativtext: SharePoint FILES LJ3RARY S Apps for SharePoint Apps for Office App Requests Site Contents Sites Home Apps for SharePoint New Upload Sync Share More V All Apps Featured Apps Unavailable Apps Metadata Enabled A few seconds ago Yes Vald App ID Metadata \'ProductID : (I) App Version 1.0.0.0 WizdomApp fies {width="14.072916666666666in" height="5.125in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 13:58

 

Valid App Packed steht auf nicht valid !!!

 

Fehlerbehebung:

 

 

 

IIS:

 

inst direktory:

wizdom blob

wizdom website

wizdom website.web.config

 

plus cmd Befehle:

 

%systemroot%\system32\inetsrv\appcmd add site /name:Wizdom /physicalPath:"D:\Wizdom-SPQ\Wizdom website" /bindings:https/*:443:wizdom-spq.mobiloil.de

%systemroot%\system32\inetsrv\appcmd add vdir /app.name:Wizdom/ /path:/Blob /physicalPath:"D:\Wizdom-SPQ\Wizdom blob\Public"

%systemroot%\system32\inetsrv\appcmd add apppool /name:Wizdom

%systemroot%\system32\inetsrv\appcmd set app "Wizdom/" /applicationPool:Wizdom

%systemroot%\system32\inetsrv\appcmd set apppool "Wizdom" /processModel.identityType:"SpecificUser"

%systemroot%\system32\inetsrv\appcmd set apppool "Wizdom" /processModel.userName:"bkk-mobiloil.de\svc-spqWizdom"

%systemroot%\system32\inetsrv\appcmd set apppool "Wizdom" /processModel.password:"43-ufFuSydWx"

 

 

 

 

Computergenerierter Alternativtext: BKKSPQPHAOOI File View Help Start Page v BKKSPQPHAOOI (EKK.MOBIL Applicaticn Pools v Sites Default Web Site ; Wzdcm Sites Wild cm Wizdom Home Edit Permissions.,. Bindings\... Settings..\_ View Applicaticns View Virtual Cirectcries Manage Website Rest art Start Stop Browse All Unassigned Pot: Pages and O utput • V; Show All Groupby: Area ASP.NET p roviders Auth ent „ Req u Filte Ing State SS L Settvngs Edit Site Binding Type Host name: Type https 8 wizdom-spq.mobilcil.de RequireSer.ær Name Indication SSL c ertificate: •spq. bkk• l. de wizdcm-spq.mcbiloil.de en (https) Advanced Settings\... Limits\... Help Management Configurat.„ Editor {width="12.75in" height="7.166666666666667in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 14:09

 

 

authenification geändert

 

allgemein

Computergenerierter Alternativtext: Internet Information (115) Manage BKKSPQPHAOOI Sites Wizdcm O isabled Disabled Oisebled PC Type HTTP 302 Login/Redirect HTTP 401 Challenge File View Help Stat Page v BKKSPQPHAOOI (EKK.MOBIL Applicaticn Pools v Sites Default Web Site v Wzdom App_Oata ) bin Blob Modules Service References Authentication Anony Aut he ntication ASP.NET Imperscnation Forms Authentvcaticn Windows Authentication {width="7.291666666666667in" height="4.1875in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 14:11

 

blob anders:

 

 

Computergenerierter Alternativtext: Internet Information (115) Manage BKKSPQPHAOOI Sites Wildern Disabled O isebled Res p Type HTTP 302 Logirv\'Redirect File View Help Stat Page v BKKSPQPHAOOI (EKK.MOBIL Application Pools v Sites Default Web Site App_Oata ) bin Modules Service References Authentication Ano ny Authe ASP.NET Imperscnation Forms Authentication {width="6.59375in" height="3.6041666666666665in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 14:12

 

windows bei hv eigentlich auf disable aber es soll auch nun so funktionieren!!

 

 

 

Computergenerierter Alternativtext: BKKSPQPHAOOI File View Help Stat Page v BKKSPQPHAOOI (EKK.MOBIL Application Pools v Sites Default Web Site App_Oata bin BIObl Modules Service References Sites Wild cm Authenticat Anonymous Authenticatic ASP.NET Imperscnation F Orms Authentvcation Windows Authentication {width="3.2604166666666665in" height="3.8541666666666665in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 14:13

 

 

 

folgende berechtigung im cert store einrichten

 

Computergenerierter Alternativtext: Ccnso/el - (Console Rcct,Certificates (Lccal File Action View Favorit--- Window Help Console Root v Certificate (L Od Computer) P ersonal v Trust ed Root Certification Authorities e Trust Intermediate Certification Authorities Trusted Publishers Untrusted Certificates Third- Party Root Certification Authorities Trusted People Client Authentication Issuers Preview Build Roots Microsoft Montoring Agent Remote Desktop Cetificate Enrollment Requests Card Trusted Trust ed Dev Web Hosting ) Windows Live ID Token Issuer Issued By BKKCAv2 x • wizdcm-spq.bkk-mcbilcil.de Permissicns for wizdom-spq.bkk-mcbiloil.de private &oup or user OWNER LISYSTEM (EKKSPQPHAOOI PemisScæ for svc-spqWizdom , Row setings. Der,\' Advnced {width="6.604166666666667in" height="6.114583333333333in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 14:15

 

 

 

 

 

D:\Wizdom-SPQ\Wizdom website

 

web.config anpassen

<<web.config>>

 

Auf PHA002 alles wie oben ab cmd von PHA001, damit IIS auch angelegt wird.

 

 

Danach App zur Seite hinzufügen!

über den App Store wurde die alte App gelöscht und eine neue hinzugefügt, muss noch hier plazertiert werden.siehe Mail von Julian 15Uhr

 

Dann war die App valid....

 

AppCatalog eintragen

 

Computergenerierter Alternativtext: Central Administration Application Management System Settings M o nitoring Backup and Restore Security Upgrade and Migration General Application Settings Apps Office 365 Configuration Wizards Manage App Catalog App Catalog Site The app Catalog Site ccntains cat&logs for apps for SharePoint and Office. IJse this Site to make »ps available to end Users, Learn about the app Catalog Site- Web Application: https://kerbmobilnet-spq.bkk-mobiloilde/ Site URL: https•JA-erbmobdnet-spq.bkk-mobiloil.de/sites/A KP Primary administrator: cfg-spqAdmin View Site settings {width="17.03125in" height="4.510416666666667in"}

 

Erfasster Bildschirmausschnitt: 13.02.2019 15:51

 

Es dauerte an dieser Stelle etwas bis wir die App Wizdom gesehen haben.

 

plus IIS Reset

 

 

admin-kbe

hinzugefügt zur mobilnet

local admin

admin für den AppKatalog

 

#####

nicht ausgeführt:

hightrust angelegt:

 

$highTrustCert = New-SelfSignedCertificate -Type Custom -DnsName "WizdomHighTrust" -CertStoreLoc

ation cert:\LocalMachine\My -FriendlyName "WizdomHighTrust" -NotBefore ([DateTime]::Now) -NotAfter ([DateTime]::MaxValue)

 

$highTrustCert | Export-PfxCertificate -FilePath "D:\Wizdom-SPQ\cert\WizdomHighTrust.pfx -passwo

rd pass@word1 -asplaintext -force

 

#####

 

 

Wizdom Zertifikat auf App Servern installiert

 

 

Computergenerierter Alternativtext: PS C:NUserRcfg-spqAdmins Sissuer (S) Suspend Help (default is y 2dOT-fighTøust-SPQ. cer\' PS C:lUsersXcfg-spqAdmins PS C:XUsersXcfg-spqAdmins PS C:NUsersXcfg-spqAdmins PS C:XUsersXcfg-spqAdmins PS C:XUsersXcfg-spqAdmins PS C:XUsersXcfg-spqAdmino PS C:XÜsersXcfg-spqAdmins ertificate ypeNane DI splayNæme Status Parent erslon Depl oynentLccked Pr operties Farn SpubhcCertPath Ssi teLlrI kerl_wcbl I ret-svc. bkk-mobl 1m 1. de;\" Saeb Get-SPWeb SsiteL1rI Scertificate Get-PfxCertificate Spubliccertpath Srealrn Get-SPAuthenti cationReaIm -ServiceContext Sweb.Site SfuIIApgIdentifier -r Srealrn S issuer Nev-SPTrustedRootAwthority -Name \"ai zdu:r.qgp\" -certificate : tsubject) C bWi g hT r Number) Befor 13.02.2019 CNot After) 31.12.9999 (Thumbprint) 77789E431SA4FE56FB6B7F2B3D61238K75FIE39 Microso . SharePoint.A&ninistration. SPTrustedRootAuthority Ri zdorApp • 94b9bb7d-1312-477e-b576-76f864d952aa Online SPTrustedRootAwthorityManager • 1204172 : False : SPFarn NanezSPQ_Comfig upgr adedPersi stedProperties {width="11.614583333333334in" height="4.760416666666667in"}

 

Erfasster Bildschirmausschnitt: 14.02.2019 16:59

 

 

Computergenerierter Alternativtext: PS Is Selflssuer Nan eld Regi steredIssuerName u thu\'r\'i zat\'i onEndpointuri EndSess•i onEndpointur•i DefaultCli entldentifier Scopeæ i I d ent tyc I airTypeInf i on gni dditionalsignin«ertificates etadataEndPoint s Autonati cal lyopdated Name ypeName DisplayNxe Parent Dep OynentLCCked pr operties u pgr adedpers i i -name 2dotr.400\' -certificate Scertificate -RegisteredIssuerName Sful er -IsTrust8roker : False : 9e3e6a5a-75ff-4aeb-bsgs-bbf76990S6fsafbedc042-49S9-4e39-b39e-0444a8b3d98c : Microsoft. SPTruSteæainTypeInfcrmation ghT r Clssuer) C ghT r CSeriaI Number) 2835BtX33DA95CåA450080B4A8S92S07 LNot Before) 13.02.2019 (Not After) 31.12.9999 tThunbpri nt) 7,\'.\'89E431åA4FES6F8687F283D61238K75FIE39 : False : zdonApp : Microsoft. SharePoint.A&ninistration.CIaims. SPTrustedSecurityTokenSerwice • KizdonApp : d395f750-3cda-4213-8ed7-19236aOSb37S : Online • NMeSecurityTokenSerVic\*anager • 1204175 : SPFarn Nane-spQ_ccnfig PS Register-SPAppPrincipaI -Nameldentifier SfuIIAppIdentiFier -site Sweb -DisplayName Nameldentifier EncodedNa•eIdentifi er i . t extl 9e3e6a5a-75ff-4aeb-bS95-bbf7699056f5afbedc042-4989-4e39-b39e---04\... PS iisreset ttæpting stop\... Internet services successfully stopped tt&pting start\... Internet services successfully restarted PS C:XÜsersXcfg-spqAdmins {width="12.125in" height="7.552083333333333in"}

 

Erfasster Bildschirmausschnitt: 14.02.2019 16:59

 

 

 

 

ToDo:

Anpassung wizdom web.config - DB

 

Probe ob pha02 auch alleine läuft

Loadbalancer integrieren

 

 

Day3

 

 

D:\Wizdom-SPQ\Wizdom website

Wizdom web.config angepasst  

<add key="IOC:Wizdom365.BLL.Managers.ICacheManager, Wizdom365.BLL" value="Wizdom365.BLL.Managers.MemoryCacheManager, Wizdom365.BLL" />

 Wird zu:

 <add key="IOC:Wizdom365.BLL.Managers.ICacheManager, Wizdom365.BLL" value="Wizdom365.BLL.Managers.SqlCacheManager, Wizdom365.BLL" />

 

Logs zu finden:

D:\Wizdom-SPQ\Wizdom website\App_Data\FileStorage\Logs

 

[Ausstehend]{.mark}

[Search Configuration ausstehend]{.mark}

 

 

Infos zu:

issuer id

GUID - Client-ID

http://www.sharepointpals.com/post/SharePoint-OAuth-using-Client-ID-and-secret

https://docs.microsoft.com/de-de/sharepoint/dev/sp-add-ins/register-sharepoint-add-ins

https://docs.microsoft.com/de-de/sharepoint/dev/solution-guidance/security-apponly-azureacs

 

 

https://www.sharepointeurope.com/high-trust-apps-in-sharepoint-2013/

Status 16.10.2019 :

New-SPTrustedRootAuthority -Name "WizdomApp" -certificate $certificate

 

 

Certificate : [Subject]

CN=wizdom-spq.bkk-mobiloil.de

 

Issuer

CN=BKKCAv2, DC=bkk-mobiloil, DC=de

 

Serial Number

2900001E66B8134CB56205DADF000000001E66

 

Not Before

07.02.2019 09:59:53

 

Not After

04.02.2029 09:59:53

 

Thumbprint

758F5C5463089022AED898F38246D3AB1EF6ECCF

 

Name : WizdomApp

TypeName : Microsoft.SharePoint.Administration.SPTrustedRootAuthority

DisplayName : WizdomApp

Id : 98263f1d-9ba3-402d-9799-6c25b6cd3ad3

Status : Online

Parent : SPTrustedRootAuthorityManager

Version : 282458

DeploymentLocked : False

Properties : {}

Farm : SPFarm Name=SPQ_Config

UpgradedPersistedProperties : {}

 

 

 

 

New-SPTrustedSecurityTokenIssuer -name "WizdomApp" -certificate $certificate -RegisteredIssuer $fullAppIdentifier -IsTrustBroker

 

 

IsSelfIssuer : False

NameId :

RegisteredIssuerName : d3b32f4c-07d1-4f98-ad76-49a961657052@ca2aa056-fc0f-4819-b910-30ed52510025

AuthorizationEndPointUri :

EndSessionEndPointUri :

TokenEndPointUri :

DefaultClientIdentifier :

ScopedClientIdentifier : {}

IdentityClaimTypeInformation : Microsoft.SharePoint.Administration.Claims.SPTrustedClaimTypeInformation

Description :

SigningCertificate : [Subject]

CN=wizdom-spq.bkk-mobiloil.de

 

Issuer

CN=BKKCAv2, DC=bkk-mobiloil, DC=de

 

Serial Number

2900001E66B8134CB56205DADF000000001E66

 

Not Before

07.02.2019 09:59:53

 

Not After

04.02.2029 09:59:53

 

Thumbprint

758F5C5463089022AED898F38246D3AB1EF6ECCF

 

AdditionalSigningCertificates : {}

MetadataEndPoint :

IsAutomaticallyUpdated : False

Name : WizdomApp

TypeName : Microsoft.SharePoint.Administration.Claims.SPTrustedSecurityTokenService

DisplayName : WizdomApp

Id : 0fb1e70b-65a5-47ba-9bd6-1e619d05dee4

Status : Online

Parent : SPSecurityTokenServiceManager Name=SecurityTokenServiceManager

Version : 282501

DeploymentLocked : False

Properties : {}

Farm : SPFarm Name=SPQ_Config

UpgradedPersistedProperties : {}

 

 

 

PS C:\Users\admin-rko> Register-SPAppPrincipal -NameIdentifier $fullAppIdentifier -site $web -DisplayName "WizdomApp"

 

NameIdentifier EncodedNameIdentifier

-------------- ---------------------

d3b32f4c-07d1-4f98-ad76-49a961657052@ca2aa056-fc0f-4819-b910-30ed52510025 i:0i.t|ms.sp.ext|d3b32f4c-07d1-4f98-ad76-49a961657052@ca2aa056-fc0f-4819...

 

 

 

folgende url aufrufen

https://kerbmobilnet-spq.bkk-mobiloil.de/_layouts/15/appregnew.aspx

 

dort clientid generate etc

 

 

 

Computergenerierter Alternativtext: Client-ID f255e9734c444d3.ba9f.b4753729013a Geheirrer Clientschlüssel: A+mkQbWDDY5iAFQB16sOJsNgZgasHZOSblN8 App-Domäne: wizdorn-spqbkk-mobiIciLde g•eispiel: •vs\".cont050.com\" WeiterIetumgs-URI: httpsWwizdom -spq.bkk-mobiloil.del Beispiel: •https://wmv.contosoxom\'defaultaspx• Geneneren {width="4.052083333333333in" height="2.78125in"}

 

Erfasster Bildschirmausschnitt: 16.10.2019 11:12

 

Ergebnis :

 

Die App-ID wurde erfolgreich erstellt.

Client-ID:   f255e973-4c44-4d60-ba9f-b4753729013a
Geheimer Clientschlüssel:   A+mkQbWDDY5iAFQBl6s0JsNgZgasHZOSblN8cWmdg6I=
Titel:   Wizdom
App-Domäne:   wizdom-spq.bkk-mobiloil.de
Weiterleitungs-URI:   https://wizdom-spq.bkk-mobiloil.de

 

Aus <https://kerbmobilnet-spq.bkk-mobiloil.de/_layouts/15/appregnew.aspx>

 

 

 

Troubleshooting: Datei nochmal vom Server holen Änderungen zum Pfad