Skip Ribbon Commands
Skip to main content

Publishing SharePoint Service Applications

 

Brian Jones

28/01/2015

We have two SharePoint farms, the first is used for the Intranet and team sites. The second farm is used for the public facing web site.

Both SharePoint farms have application servers which are underutilised as the number of users and the amount of content is quite low.

  • 15 Users
  • <10,000 documents
Farm image 1.png

When editors were working on the publishing farm they would try and follow content unsuccessfully as the User Profile server was not provisioned, we also had a search server doing very little.

The plan was the streamline the SharePoint infrastructure by removing the application server from the publishing farm and allowing the publishing farm to use the search and application services from the intranet farm.

The first step was to create a trust between the two farms:

1.       On the Web Servers on both farms open the SharePoint 2013 Management Shell

2.       On the Intranet Farm run the following PowerShell command

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content C:\Temp\IntranetFarmRoot.cer -Encoding byte

 

3.       On the Publishing Farm run the following PowerShell command

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content C:\Temp\ConsumingFarmRoot.cer -Encoding byte

$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate

$stsCert.Export("Cert") | Set-Content C:\Temp\ConsumingFarmSTS.cer -Encoding byte

 

4.       Copy the certificate from C:\temp on the Intranet Farm to C:\temp on the Publishing farm

5.       Copy the 2 certificates from C:\temp on the Publishing Farm to C:\temp on the Intranet farm

6.       Run the following PowerShell command on the Publishing farm

 

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content C:\Temp\PublishingFarmRoot.cer -Encoding byte

 

7.       Run the following PowerShell command on the Intranet farm

 

$trustCert = Get-PfxCertificate C:\Temp\ConsumingFarmRoot.cer

New-SPTrustedRootAuthority IntranetFarm -Certificate $trustCert

 

$stsCert = Get-PfxCertificate c:\Temp\ConsumingFarmSTS.cer

New-SPTrustedServiceTokenIssuer WebPublishingFarm -Certificate $stsCert

 

Once trust has been created the Service Applications that I wanted the Publishing farm to use had to be published from SharePoint.

 

  1. Open SharePoint Central administration on the Intranet farm
  2. Click on Application Management > Manage Service Applications
  3. Select the Search Service application and click on Publish in the ribbon
  4. Select Publish the Service Application to other farms
  5. Copy the Published URL and click OK
  6. Open SharePoint Central administration on the Publishing farm
  7. Click on Application Management > Manage Service Applications
  8. Click on Connect > Search Service Proxy
  9. Paste the Published URL into the box and click OK
  10. Repeat this process for the User Profile Service

 

Once this process has been completed I needed to add a content source to the search service on the Intranet farm to allow it to crawl the Publishing site. I then removed the application server from the publishing farm.

Farm image 2.png
 


 About us

Fuse Collaboration Services is a Cloud Solution Provider and Microsoft Gold Partner specialising in delivering SharePoint, Skype for Business, and Azure cloud-based solutions. Based in Northampton, UK.

Microsoft Gold Partner Logo showing 5 competencies

Read more

 Latest Tweets

 Latest Blog

 

 

Get single sign-on for all apps3995<p class="lead">​​​Are you looking for an identity-as-a-service (IDaaS) solution that solves your biggest IT challenges without compromising user experience?</p><p class="lead">With Azure Active Directory, the Microsoft IDaaS solution, you can streamline the employee experience with single sign-on capabilities and reduce the complexity of managing identity, security, and access to your company’s critical data. You get a proven solution that allows you to&#58;​</p><hr />​ <div class="lead"><div class="row"><div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image004.png" alt="" />​ ​ <div class="media-body">​​Quickly adopt cloud services​</div></div></div>​ <div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image006.png" alt="" /> <div class="media-body">Improve application security</div></div></div>​ ​</div>​ <div class="row"><div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image008.png" alt="" /> <div class="media-body">Empower employees with access to world-class cloud apps</div></div></div><div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image010.png" alt="" /> <div class="media-body">Monitor application usage and protect your business</div></div></div></div>​ <div class="row"><div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image012.png" alt="" /> <div class="media-body">Easily and securely manage employee and vendor access</div></div></div><div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image014.png" alt="" /> <div class="media-body">Secure remote, mobile access to on-premises apps</div></div></div>​ </div><div class="row"><div class="col-md-6">​ <div class="media"> <img class="img-responsive pull-left" src="/ourblog/Blog%20Site%20Images/image016.png" alt="" /> <div class="media-body">Implement consistent, self-service application access management</div></div></div>​​​ </div></div><hr /><p class="lead"><a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=4fc45909-2b6d-48b9-bcf9-a446e9d472d6&amp;TermSetId=c98895cd-d37f-4406-9cff-5480b4f829b6&amp;TermId=218eb0be-10f6-490a-82a7-a7fd47c8de90">Contact Fuse</a> to discuss how we can help implement IDaaS within your organisation, using our expertise and experience to reduce risk and project length.​</p> <div class="well well-lg"><p class="lead">Are you curious about how Azure Active Directory can work for you? <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=4fc45909-2b6d-48b9-bcf9-a446e9d472d6&amp;TermSetId=c98895cd-d37f-4406-9cff-5480b4f829b6&amp;TermId=721159e3-34c0-40dc-8028-ae2e2f2e79e4">Let us show you how​</a>!​</p></div>​​a.walman@fusecollaboration.com | Andrew Walman | 693A30232E777C6675736563735C612E77616C6D616E i:0#.w|fusecs\a.walman17/01/2018 00:00:002018-01-17T00:00:00Zno matter where they liveAzure Active Directory, the Microsoft IDaaS solution24/02/2018 00:15:562757htmlFalseaspx

 Contact us

Our address
12 Brookfield, Duncan Close
Moulton Park, Northampton
NN3 6WL
P: +44(0)1604 797979
Contact Us