osp401. demo create the publishing certificate $rootcert = (get-...
TRANSCRIPT
![Page 1: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/1.jpg)
Configuring Cross-Farm Services in Microsoft SharePoint 2010
Shannon BrayTechnical Architect | Training DirectorPlanet Technologies
OSP401
![Page 2: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/2.jpg)
Shannon Bray
MCT, MCPD(e), MCITP, MCSD, MCAD, …SharePoint 2010 Microsoft Certified Master CandidateAutomating SharePoint 2010 with Windows PowerShell 2.0Technical Architect | Training DirectorPresident of Colorado SharePoint User’s Group
![Page 3: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/3.jpg)
In this session you will learn to:
Understand the Service Application ArchitectureUnderstand Key ConceptsUnderstand Service Federation and How it WorksThe Steps Include …Test the Federated Service EnvironmentTroubleshoot the Federated Service Environment
![Page 4: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/4.jpg)
To Start Out With …
Two Farmshttp://enterprise.teched.localhttp://internet.teched.local
No SharePoint Service AccountsNo SharePoint Service ApplicationsNo SharePoint Content Databases in SQL Server
![Page 5: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/5.jpg)
To Start Out With …
Two Farmshttp://enterprise.teched.localhttp://internet.teched.local
No SharePoint Service AccountsNo SharePoint Service ApplicationsNo SharePoint Content Databases in SQL Server
Everything will be built during the presentation!!!
![Page 6: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/6.jpg)
demo
Build Core Infrastructures
Shannon BrayTechnical Architect | Training DirectorPlanet Technologies
![Page 7: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/7.jpg)
Understand the SA Architecture
Services can be consumed “a la carte”The service architecture is extensibleServices are supported on SharePoint FoundationServices can be scaled outServices can be resilient \ redundantServices can be Federated
![Page 8: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/8.jpg)
Understand Key Concepts
ServiceService Machine InstanceService ApplicationService Application ProxyService ConsumerService Proxy GroupsDeploying Service ApplicationsAutomatic Services
![Page 9: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/9.jpg)
Understand Federation and How it Works
Automatic ServicesServices that Support FederationFarm Level TrustService Application PermissionsDomain Level Trust
![Page 10: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/10.jpg)
Automatic Services
Application Discovery and Load Balancer Service ApplicationSecurity Token Service Application
![Page 11: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/11.jpg)
demo
Automatic Services
Shannon BrayTechnical Architect | Training DirectorPlanet Technologies
![Page 12: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/12.jpg)
Enterprise Services Farm
![Page 13: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/13.jpg)
The Steps Include …
Create the Publishing CertificateCreate the Consumer CertificatesExchange the CertificatesImport the Consumer Certificates on PublisherImport the Publishing Certificate on the ConsumerConfigure Trust with Consumer Farm IDPublish the Service(s)Consume the Service(s)
![Page 14: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/14.jpg)
Create the Publishing Certificate
$rootCert = (Get-SPCertificateAuthority).RootCertificate
$rootCert.Export("Cert") | Set-Content "C:\Certs\EnterpriseServicesRootCert.cer" -Encoding byte
![Page 15: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/15.jpg)
Create the Consumer Certificates
$rootCert = (Get-SPCertificateAuthority).RootCertificate $rootCert.Export("Cert") | Set-Content "C:\Certs\InternetRootCert.cer" -Encoding byte
$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate $stsCert.Export("Cert") | Set-Content "C:\Certs\InternetSTSCert.cer" -Encoding byte
![Page 16: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/16.jpg)
Get the Consumer Farm ID
$farmID = (Get-SPFarm).Id
New-Item C:\Certs\internetConsumerFarmID.txt -type file -force -value "$farmID“
![Page 17: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/17.jpg)
Swap ‘Em
Copy-Item \\$consumer\c$\Certs\InternetConsumerFarmID.txt \\$publisher\c$\Certs
Copy-Item \\$publisher\c$\Certs\EnterpriseServicesRootCert.cer \\$iconsumer\c$\CertsCopy-Item \\$iconsumer\c$\Certs\InternetRootCert.cer \\$publisher\c$\CertsCopy-Item \\$iconsumer\c$\Certs\InternetSTSCert.cer \\$publisher\c$\Certs
![Page 18: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/18.jpg)
Import the Certs on Publishing
$trustCert = Get-PfxCertificate "C:\certs\InternetRootCert.cer" New-SPTrustedRootAuthority Internet -Certificate $trustCert
$stsCert = Get-PfxCertificate "c:\certs\InternetSTSCert.cer" New-SPTrustedServiceTokenIssuer Internet -Certificate $stsCert
![Page 19: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/19.jpg)
Import the Certs on Consumer
$trustCert = Get-PfxCertificate "C:\Certs\EnterpriseServicesRootCert.cer"
New-SPTrustedRootAuthority EnterpriseServices -Certificate $trustCert
![Page 20: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/20.jpg)
Permissions to the Consumer Farm
$farmID = Get-Content C:\Certs\InternetConsumerFarmID.txt
$security = Get-SPTopologyServiceApplication | Get-SPServiceApplicationSecurity
$claimProvider = (Get-SPClaimProvider System).ClaimProvider
![Page 21: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/21.jpg)
Topology Discovery
$principal = New-SPClaimsPrincipal -ClaimType "http://schemas.microsoft.com/sharepoint/2009/08/claims/farmid" -ClaimProvider $claimProvider -ClaimValue $farmID
Grant-SPObjectSecurity -Identity $security -Principal $principal -Rights "Full Control"
Get-SPTopologyServiceApplication | Set-SPServiceApplicationSecurity -ObjectSecurity $security
![Page 22: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/22.jpg)
demo
The Steps Include…
Shannon BrayTechnical Architect | Training DirectorPlanet Technologies
![Page 23: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/23.jpg)
Test the Federated Service Environment
Managed Metadata Service from Consumer Farm
![Page 24: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/24.jpg)
Troubleshoot the Environment
Ensure Domain TrustConsumer has permission to Topology ServiceCheck the ACLFQDNCertificates
![Page 25: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/25.jpg)
demo
Test and Troubleshoot the Federated ServicesShannon BrayTechnical Architect | Training DirectorPlanet Technologies
![Page 26: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/26.jpg)
![Page 27: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/27.jpg)
Related Content
OSP310 - Virtualizing Your SharePoint Farm ArchitectureOSP201 - The Ten Immutable Laws of Microsoft SharePoint Security
BOF18 – Advanced Architectures for Microsoft SharePoint 2010
Product Demo Stations for SharePoint 2010
Find Me Later At…BOF18 – Advanced Architectures for Microsoft SharePoint 2010SharePoint Booth@NoIdentity29 – Follow me… to follow me.
![Page 28: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/28.jpg)
Resources
www.microsoft.com/teched
Sessions On-Demand & Community Microsoft Certification & Training Resources
Resources for IT Professionals Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet http://microsoft.com/msdn
Learning
http://northamerica.msteched.com
Connect. Share. Discuss.
![Page 29: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/29.jpg)
Complete an evaluation on CommNet and enter to win!
![Page 30: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/30.jpg)
Scan the Tag to evaluate this session now on myTech•Ed Mobile
![Page 31: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/31.jpg)
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.
![Page 32: OSP401. demo Create the Publishing Certificate $rootCert = (Get- SPCertificateAuthority).RootCertificate $rootCert.Export("Cert")](https://reader035.vdocuments.mx/reader035/viewer/2022062309/5697bf8c1a28abf838c8b918/html5/thumbnails/32.jpg)