Category: URL

A quick-guide to setting up OWA with SharePoint 2013 – start to finish


Future and existing Office Web Apps – OWA Lovers!
😁
This time, I just found that a quick guide like this was something that I needed myself, and since I could not find anything that was short and compact enough, I made my own guide…
This Little guide is completely based on the TechNet articles mentioned in the references section, but this is nontheless a lot shorter and easier to follow.

Oakwood_clockx

The old Clock at Oakwood station



Click your OWA task of choice:
Step 1
Prepare a 2008 R2 Server to run OWA
Prepare a 2012 Server to run OWA
Step 2
Install Office Web Apps Server
Step 3
Deploy a single-server Office Web Apps Server farm that uses HTTPS
Step 4
Configure SharePoint to use OWA over https (recommended)
Configure SharePoint to use OWA over http
Additional
Disconnect SharePoint from OWA farm
Configure the Default open behavior for documents
Credits and References




Prepare a 2008 R2 server to run Office Web Apps Server

1. Install the following software (Minimum required):

2. Import the server module
(In a PowerShell prompt running as administrator and with the SharePoint snapin loaded)
Import-Module ServerManager

3. Add the required Features and Roles by running this command:
Add-WindowsFeature Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,Web-Security,Web-Windows-Auth,Web-Filtering,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Console,Ink-Handwriting,IH-Ink-Support

4. Restart the server if prompted when the command finishes.

5. Done

TechNet Reference
Back to menu




Prepare a 2012 server to run Office Web Apps Server

1. In a PowerShell prompt running as administrator, add the required Features and Roles by running this command:
Add-WindowsFeature Web-Server,Web-Mgmt-Tools,Web-Mgmt-Console,Web-WebServer,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Security,Web-Filtering,Web-Windows-Auth,Web-App-Dev,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,InkandHandwritingServices

2. Done

TechNet Reference
Back to menu



Install Office Web Apps Server
1. Download Office Web Apps Server from the Microsoft Download Center (Link).

2. Run Setup and walk through the steps in the wizard.
Windows Server 2012, open the .img file directly and run Setup.exe
Windows Server 2008 R2 SP1, use any program that can mount or extract .img files. Then run Setup.exe

3. Download and install the Office Web Apps Server update KB2810007.

TechNet Reference
Back to menu



Deploy a single-server Office Web Apps Server farm that uses HTTPS

If components of the .NET Framework 3.5 were installed and then removed, you might see “500 Web Service Exceptions” or “500.21 – Internal Server Error” messages when you run OfficeWebApps cmdlets. To fix this, run the following sample commands from an elevated command prompt to clean up settings that could prevent Office Web Apps Server from functioning correctly:
In Windows Server 2008 R2:
%systemroot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -iru
iisreset /restart /noforceIn Windows Server 2012:
dism /online /enable-feature /featurename:IIS-ASPNET45

1. Create the Office Web Apps Server farm

New-OfficeWebAppsFarm -InternalUrl <InternalURL> -ExternalUrl <ExternalURL> -CertificateName <CertificateName> -EditingEnabled

<InternalURL> FQDN name of the server that runs Office Web Apps Server
<ExternalURL> FQDN name that can be accessed on the Internet
<CertificateName> Is the friendly name of the https/SSL certificate used
-EditingEnabled, optional and is added to enable editing in Office Web Apps

2. Verify that the Office Web Apps Server farm was created successfully

Go to the https://internal.url.com/hosting/discovery
If you see a (WOPI)-discovery XML file in your web browser then all is good.

Depending on the security settings of your web browser, you might see a message that prompts you to select Show all content before the contents of the discovery XML file are displayed.

3. Done

TechNet Reference
Back to menu



Configure SharePoint to use OWA over https (recommended)
(In a PowerShell prompt running as administrator and with the SharePoint snapin loaded)

The Web Application to be used must be configured to use Claims as authentication method, else OWA will not work.

1. Create new binding:
New-SPWOPIBinding -ServerName <WacServerName>
(<WacServerName> must be the FQDN internal URL)

2. Verify current zone:
Get-SPWOPIZone

3. Change to internal-https if it is set to http:
Set-SPWOPIZone –zone “internal-https

4. Verify https:
Get-SPWOPIZone

5. Verify functionality in a document library (Not using the system account, appearing as sharepoint\system)
Click on the ‘Three dots’ after a documents name and see if you get a preview, if you do, its all good!

6. Done

TechNet Reference
Back to menu



Configure SharePoint to use OWA over http
(In a PowerShell prompt running as administrator and with the SharePoint snapin loaded)

The Web Application to be used must be configured to use Claims as authentication method, else OWA will not work.

1. Create new binding:
New-SPWOPIBinding -ServerName -AllowHTTP
( must be the FQDN internal URL)

2. Verify current zone:
Get-SPWOPIZone

3. Change to internal-http:
Set-SPWOPIZone –zone “internal-http”

4. Verify http:
Get-SPWOPIZone

5. Check AllowoverHttp setting:
(Get-SPSecurityTokenServiceConfig).AllowOAuthOverHttp

6. Set AllowOAuthOverHttp to True.
$config = (Get-SPSecurityTokenServiceConfig)
$config.AllowOAuthOverHttp = $true
$config.Update()

7. Verify change:
(Get-SPSecurityTokenServiceConfig).AllowOAuthOverHttp

8. Verify functionality in a document library (Not using the system account, appearing as sharepoint\system)
Click on the ‘Three dots’ after a documents name and see if you get a preview, if you do, its all good!

9. Done

TechNet Reference
Back to menu



Disconnect SharePoint from OWA farm
(In a PowerShell prompt running as administrator and with the SharePoint snapin loaded)

1. Remove the binding
Remove-SPWOPIBinding –All:$true

2. Done

TechNet Reference
Back to menu



Configure the Default open behavior for documents

1. On a per farm level: Adjust the default open behavior on a per-file-type basis by using the New-SPWOPIBinding and Set-SPWOPIBinding Windows PowerShell cmdlets.

2. On a per Site Collection level by activating the ‘Open Documents in Client Applications by Default’ site Collection feature.

3. On a per Document library level using the Library setting – Advanced setting – ‘Default open behavior for browser-enabled documents’

4. Done

TechNet Reference
Back to menu




References:

Deploy Office Web Apps Server
http://technet.microsoft.com/en-us/library/jj219455.aspx

Configure SharePoint 2013 to use Office Web Apps
http://technet.microsoft.com/en-us/library/ff431687.aspx

Configure the default open behavior for browser-enabled documents (Office Web Apps when used with SharePoint 2013)
http://technet.microsoft.com/en-us/library/ee837425.aspx

Set-SPWOPIBinding
http://technet.microsoft.com/en-us/library/jj219454.aspx

Plan Office Web Apps (Used with SharePoint 2013)
http://technet.microsoft.com/en-us/library/ff431682.aspx

SharePoint authentication requirements for Office Web Apps
http://technet.microsoft.com/en-us/library/ff431682.aspx#authentication

Configuring Office Web Apps in SharePoint 2013 (Steve Peschka – Microsoft)
http://blogs.technet.com/b/speschka/archive/2012/07/23/configuring-office-web-apps-in-sharepoint-2013.aspx

Enabling Licensing and Editing for Office Web Apps in SharePoint 2013 (Steve Peschka – Microsoft)
http://blogs.technet.com/b/speschka/archive/2012/12/31/enabling-licensing-and-editing-for-office-web-apps-in-sharepoint-2013.aspx

Thanks to:

Mattias Gutke! All the time dude!
Ankie D – a great customer who has forced me to learn more on OWA
Stefan K – Another customer who made me refresh my knowledge
Steve Peschka, he wrote the original guide…see ref section


___________________________________________________________________________________________________

Enjoy!

Regards

Twitter | Technet Profile | LinkedIn

Export a document library using Export-SPWeb and itemurl


Export-SPWeb

(This is my better version of the TechNet articles on the same CMDlet that does a poor job with the details, I hope that it will help some of you)
SharePoint 2010 | SharePoint 2013
Applies to:  SharePoint Foundation 2010 | SharePoint Server 2010 | SharePoint Foundation 2013 | SharePoint Server 2013 

Exports a site, list, or library.


Export-SPWeb [-Identity] <GUID/Name/SPWeb object> -Path <String> [-AssignmentCollection <SPAssignmentCollection>] [-CompressionSize <Int32>] [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-HaltOnError <SwitchParameter>] [-HaltOnWarning <SwitchParameter>] [-IncludeUserSecurity <SwitchParameter>] [-IncludeVersions <LastMajor | CurrentVersion | LastMajorAndMinor | All>] [-ItemUrl <String>] [-NoFileCompression <SwitchParameter>] [-NoLogFile <SwitchParameter>] [-UseSqlSnapshot <SwitchParameter>] [-WhatIf [<SwitchParameter>]]

——————–EXAMPLE———————–

Export-SPWeb http://site –Path "c:\temp\site export.cmp" -ItemURL "/subsite/documents"

This example exports the document library at http://site/subsite/documents to a new file called ‘site export.cmp' in the ‘C:\temp’ directory.

Parameters

Parameter

Required

Description
Identity Required Specifies the URL or GUID of the Web to be exported. The type must be either
– a valid GUID, in the form ‘12345678-90ab-cdef-1234-567890bcdefgh’
– a valid name of a SharePoint site (for example, MySPSite1)
or a URL: http://blog.blksthl.com
or an instance of a valid SPWeb object
Path Required Specifies the name of the export file. If the -NoFileCompression parameter is used, a directory must be specified; otherwise, any file format is valid.
Example: “c:\temp\exportedsite.cmp” or with the -NoFileCompression “c:\temp\exportedsite\”
AssignmentCollection Optional Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment   object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.

                                                                                                                                         Note:
When the Global parameter is used, all objects are contained in the global store. If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.
CompressionSize Optional Sets the maximum file size for the compressed export files. If the total size of the exported package is greater than this size, the exported package will be split into multiple files.
Confirm Optional Prompts you for confirmation before executing the command. For more information, type the following   command: get-help about_commonparameters
Force Optional -Force Forcefully overwrites the export package if it already exists.The type must be either of the following values:
True
FalseThe default value is False.
HaltOnError Optional Stops the export process when an error occurs.
HaltOnWarning Optional Stops the export process when a warning occurs.
IncludeUserSecurity Optional Preserves the user security settings except for SPLists that have broken inheritance and item level   permissions set.
(Use Import-SPWeb with –IncludeUserSecurity to preserve security on import)
IncludeVersions Optional Indicates the type of file and list item version history to be included in the export operation. If the
-IncludeVersions parameter is absent, the Export-SPWeb cmdlet by default uses a value of CurrentVersion. The type must be any one of the following versions:
LastMajor “Last major version for files and list items (default)”
CurrentVersion “The current version, either the last major version or the last minor version”
LastMajorAndMinor “Last major and last minor version for files and list items”
All “All versions for files and list items”
ItemUrl Optional Specifies the relative path to the object to be exported. Can also be a GUIDThe type must be a valid relative path, for example, /Subsite/Documents
or a valid GUID in the form: 12345678-90ab-cdef-1234-567890bcdefgh
NoFileCompression Optional Either enables or disables file compression in the export package. The export package is stored in the   folder specified by the Path parameter or Identity parameter. We recommend that you use this parameter for performance reasons. If compression is enabled, the export process can increase by approximately 30 percent.
NoLogFile Optional Suppresses the generation of an export log file. If this parameter is not specified, the Export-SPWeb   cmdlet will generate an export log file in the same location as the export package. The log file uses Unified Logging Service (ULS).It is recommended to use this parameter. However, for performance reasons, you might not want to generate a log file.
UseSqlSnapshot Optional Specifies a SQL Database Snapshot will be created when the export process begins, and all exported   data will be retrieved directly from the database snapshot. This snapshot will be automatically deleted when export completes.
WhatIf Optional Displays a message that describes the effect of the command instead of executing the command. For   more information, type the following command: get-help about_commonparameters

References:

Export-SPWeb
http://technet.microsoft.com/en-us/library/ff607895(v=office.15).aspx

Export a site, list, or document library (Search Server 2010)
http://technet.microsoft.com/en-us/library/ff428101(v=office.14).aspx

Thanks to:

Mattias Gutke – CAG – My main man!


___________________________________________________________________________________________________

Good Luckl!!

Regards

Twitter | Technet Profile | LinkedIn

A quick guide to configuring the Loopback check


Update: A free tool is available that does all this for you in a GUI: Loopback Check configuration Tool released – free download

Hi dear friends!

401.1 Access denied…
If you try to access your newly created web application with a real nice FQDN or NetBIOS name and you end up getting a 401.1 Access denied…

Even after adding the site to the local intranet zone in IE…
Even after beeing prompted 3 times and filling in the correct credentials…
After setting up your Search to crawl you sites in a small farm whith crawl and web services on the same server…

You check and doublecheck your credentials, you add yourself as the farm admin, you try logging on with the farm account, but nothing…still 401.1…

I know this has been written about many times Before, but some things seem to still be missing…
Now everyone seems comfortable with the sparse description on how to ‘add hosts to the list’ which is pretty much what you do when configuring the loopback check the ‘secure way’. You can also disable the loopbackcheck completely, but why if there is no real reason. Read Spencer Harbars excellent post on the topic if you need explaining why this is so. It is a few years but it is still the truth!

The KB article 896861 for this is an old one and the title does not really tell you that this is the one you are looking for, ‘type the host name or the host names for the sites that are on the local  computer, and then click OK.’ is not crystal…

Jump to:
Configure Loopback check using the GUI
Configure Loopback check using Powershell
Credits and References


What you need to do is this step by step:

In ‘Metro’ mode, type regedit

Regedit1x

Regedit will most likely be the only result, hit enter

Regedit2

In regedit, find the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

First…

Regedit3x

then…

Regedit4x

Now, create a Multi-String Value under the MSV1_0 key.

Regedit5x

Type in the name of the new Multi-String value: ‘BackConnectionHostNames’, Hit Enter.

Regedit6x

Right click on the value BackConnectionHostNames and coose Modify.

Regedit7x

Add the URL you want to be able to access from a local browser on the server.

Regedit8

Don’t know why, but I seem to Always get this. Click Ok.

Regedit9

Viola!

Regedit10x

Adding multiple URL’s to the list of ‘trusted’ URL’s, simply make a new line between them.

Regedit11

That will look like this.

Regedit12x

To be extra sure that nothing else will sabotage functionality, check so that the URL’s are added to DNS.
(Or local hosts file)

DNS1x

Check so that the URL’s are added as bindings in IIS.

IIS1x

Verify that the URL’s are correct and are added to AAM.

AAM1x

Make sure that the URL is added to the Local Intranet Zone in Internet Explorer (if you need to browse the site from the server, NOT RECOMMENDED!).

IE3x

Try to access the URL in a browser.

IE1x

And the other URL.

IE2x

Done!

Doing the same using PowerShell

Using PowerShell to configure the Loopback check, requires two steps:

1. Add the multistring value to the registry
Get-Item -path “HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0” | new-Itemproperty -Name “BackConnectionHostNames” -Value (“coolsite.corp.balkestahl.se”, “alias.corp.balkestahl.se”) -PropertyType “MultiString”

2. Restart the IISADMIN service
Restart-Service IISADMIN

1. Add the multistring value to the registry

Given that you have Everything setup correctly, your AAM’s, your DNS entrys, (URL added to local intranetsites zone in IE), and so forth…you can use this single PowerShell command to exclude the URL’s for your sites from the loopbackcheck, this way, you don’t have to disable the loopbackcheck at all (Way better security).

The following command will add my two URL’s to the exclusion list, edit the values to add your own URL’s.

Run this in a PowerShell prompt running in elevaled mode/as Administrator

Get-Item -path “HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0” | new-Itemproperty -Name “BackConnectionHostNames” -Value (“coolsite.corp.balkestahl.se”, “alias.corp.balkestahl.se”) -PropertyType “MultiString”

Running this will if Everything is done right, show this

Powershell1

This is how it will look if it succeeds!

Powershell2

If you get ‘The property already exists.’, then you already have the ‘BackConnectionHostNames’ value added to the registry, check using registry editor to see if you can delete it or if it has other values that need to be there.

After a successful execution, check the registry to verify

Regedit12x

2. Restart the IISADMIN service

Now you have to restart the IISADMIN service in order for it to ‘reread’ the registry values and implement our Changes.
This is easy, in a PowerShell prompt running in elevaled mode/as Administrator

Restart-Service IISADMIN

Powershell3

Note the typo/bug in the text, it says stopping twice but what it does it stopping and starting

Done!

The command line in step 1 will add two (2) entries to the list, coolsite.corp.balkestahl.se and alias.corp.balkestahl.se. If you need to add more URL’s, add them to the Values, like: -Value (“coolsite.corp.balkestahl.se”, “alias.corp.balkestahl.se”, “mycoolnetbiosname”, “extraname.corp.balkestahl.se”).

Make sure that the doublequotes are formated in the proper way if you copy from this post!

That would make the command

Get-Item -path “HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0” | new-Itemproperty -Name “BackConnectionHostNames” -Value (“coolsite.corp.balkestahl.se”, “alias.corp.balkestahl.se”, “mycoolnetbiosname”, “extraname.corp.balkestahl.se”) -PropertyType “MultiString”

and

Restart-Service IISADMIN -force

References:

You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or a later version
http://support.microsoft.com/kb/896861

DisableLoopbackCheck & SharePoint: What every admin and developer should know. (Spencer Harbar folks)
http://www.harbar.net/archive/2009/07/02/disableloopbackcheck-amp-sharepoint-what-every-admin-and-developer-should-know.aspx

Can’t crawl web apps you KNOW you should be able to crawl (Todd Klindt’s oldie but goodie)
http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=107

Thanks to:

As Always, Mattias Gutke! Now at CAG. Always a great help and second opinion!


___________________________________________________________________________________________________

Enjoy!

Regards

Twitter | Technet Profile | LinkedIn

A guide to Alternate Access Mappings Basics in SharePoint 2013


LabCenter-stamp-v2

Alternate Access Mapping Basics in SharePoint 2013

(This post is in its entirety valid for SharePoint 2010 as well)

Explains how you should look at Alternate Access Mappings – left to right.
Alternate Access Mappings is something that most SharePoint engineers or administrators struggles with. More often than not, you get it right in the end but we are not really sure why it works or if it really works the way we want it to.
This, is my attempt to make it easy to understand.

IMG_0430smallframed

Note: This is part 1 in a series, the next part will show how to configure DNS and a simple scenario adding a new NetBIOS name as URL to a Web Application.
Note: For the complete guide, with DNS steps and 4 different scenarios including https, download the free Whitepaper from TechNet: The final guide to Alternate Access Mappings

In order to make AAMs simpler to understand, look at it a bit differently, start with this simple table:

Left area            Internal URL’s
Right area          Public URL’s with a zone
Middle area        Zones, is what connects Internal URL’s to Public URL’s, many to one.

Internal URL redirects or transforms to a Public URL, from left, to right. The URL on the left, is what you enter in the address field in your browser, the Public URL on the right is what you will see once there, this goes for visible and invisible links as well.
Internal URL format: Protocol + URL (+non default port)

Public URL is the address of the Web Application for one of the five zones available. The ‘Default’ must be filled out and has some special properties/uses, the other four are optional. You can only have five Public URL’s per Web Application.
This is the URL that the browser will be redirected to in the end.
Public URL format: Protocol + URL (+non default port)

Zone is a label representing a Public URL, the zone is used to ‘connect’ an Internal URL to a Public URL. The zone names has no relation what so ever with the four Internet Explorer security zones (Internet, Local Intranet, Trusted sites and Restricted sites) and could just as easily been named 1,2,3,4 and 5. A zone can also represent an authentication provider.
Zones: Default, Intranet, Internet, Custom, Extranet

Example:

AAMTable1

Note: Based on the Zone selected for every Internal URL, they will be connected to a Public URL.

From left – to right…
The zones might as well be represented by numbers:

AAMTable2

Note: Try to always use the most used URL as   the default Public URL. This is what will be used by other services, like   crawl and in certain other links.

Translated to SharePoint GUI, this same setup would look like this:

AAM1

AAM2

Note: Filtered on this Web Applications   Alternate Access Mapping Collection only.
Same Alternate Access Mappings as in the Example table above.

You will see that if you click on any of the ‘Internal URLs’ that you can select zone, and with the zone, the Public URL it will be connected to:

AAM3
In addition to the actual Alternate Access Mapping in SharePoint Central Administration, you also have to add a Binding in IIS, contrary to what many believe, except for the initial hostheader when you create the web application, SharePoint does not do that for you, so you have to do it manually.
The example above would show up in IIS Bindings like this:

AAM4

As you can see, in IIS 8.0 and Windows Server 2012, the https binding does show up as a hostname, in IIS 7.5 and Windows Server 2008 R2, the hostname is determined by the name configured in certificate used when adding that binding and hidden in this view.

That’s it! When you have configured your AAM’s and Bindings correctly, given that you have name resolution and IP addresses in order and connectivity from the client to the server(s) and all other aspects in order, you can now start to use the URL’s you want.


_________________________________________________________

Enjoy!

Regards

Twitter | Technet Profile | LinkedIn

Whitepaper: The final guide to Alternate Access Mappings


This 45 page Guide is now available as a Free PDF download from Microsoft Technet Gallery.
Download : The final guide to Alternate Access Mappings

A preview of the whitepaper:


_________________________________________________________

Enjoy!

Regards

Twitter | Technet Profile | LinkedIn