Skip Ribbon Commands
Skip to main content

Publishing SharePoint Service Applications

 

Brian Jones

28/01/2015

We have two SharePoint farms, the first is used for the Intranet and team sites. The second farm is used for the public facing web site.

Both SharePoint farms have application servers which are underutilised as the number of users and the amount of content is quite low.

  • 15 Users
  • <10,000 documents
Farm image 1.png

When editors were working on the publishing farm they would try and follow content unsuccessfully as the User Profile server was not provisioned, we also had a search server doing very little.

The plan was the streamline the SharePoint infrastructure by removing the application server from the publishing farm and allowing the publishing farm to use the search and application services from the intranet farm.

The first step was to create a trust between the two farms:

1.       On the Web Servers on both farms open the SharePoint 2013 Management Shell

2.       On the Intranet Farm run the following PowerShell command

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content C:\Temp\IntranetFarmRoot.cer -Encoding byte

 

3.       On the Publishing Farm run the following PowerShell command

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content C:\Temp\ConsumingFarmRoot.cer -Encoding byte

$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate

$stsCert.Export("Cert") | Set-Content C:\Temp\ConsumingFarmSTS.cer -Encoding byte

 

4.       Copy the certificate from C:\temp on the Intranet Farm to C:\temp on the Publishing farm

5.       Copy the 2 certificates from C:\temp on the Publishing Farm to C:\temp on the Intranet farm

6.       Run the following PowerShell command on the Publishing farm

 

$rootCert = (Get-SPCertificateAuthority).RootCertificate

$rootCert.Export("Cert") | Set-Content C:\Temp\PublishingFarmRoot.cer -Encoding byte

 

7.       Run the following PowerShell command on the Intranet farm

 

$trustCert = Get-PfxCertificate C:\Temp\ConsumingFarmRoot.cer

New-SPTrustedRootAuthority IntranetFarm -Certificate $trustCert

 

$stsCert = Get-PfxCertificate c:\Temp\ConsumingFarmSTS.cer

New-SPTrustedServiceTokenIssuer WebPublishingFarm -Certificate $stsCert

 

Once trust has been created the Service Applications that I wanted the Publishing farm to use had to be published from SharePoint.

 

  1. Open SharePoint Central administration on the Intranet farm
  2. Click on Application Management > Manage Service Applications
  3. Select the Search Service application and click on Publish in the ribbon
  4. Select Publish the Service Application to other farms
  5. Copy the Published URL and click OK
  6. Open SharePoint Central administration on the Publishing farm
  7. Click on Application Management > Manage Service Applications
  8. Click on Connect > Search Service Proxy
  9. Paste the Published URL into the box and click OK
  10. Repeat this process for the User Profile Service

 

Once this process has been completed I needed to add a content source to the search service on the Intranet farm to allow it to crawl the Publishing site. I then removed the application server from the publishing farm.

Farm image 2.png
 


 About us

Fuse Collaboration Services is a Cloud Solution Provider and Microsoft Gold Partner specialising in delivering SharePoint, Skype for Business, and Azure cloud-based solutions. Based in Northampton, UK.

Microsoft Gold Partner Logo showing 5 competencies

Read more

 Latest Tweets

 Latest Blog

 

 

‘We’d love you to stick around’. But stick around where?3728<p class="lead">Here at Fuse Collaboration Services both our personal and professional email inboxes are receiving a steady flow of emails from companies asking us to stay on their mailing lists. This is the most obvious and public aspect of the new GDPR that is currently being implemented.</p><p>There are a couple of positive side-effects from these new regulations, not least that by forcing you to opt in to mailing lists to make sure you are only receiving what you want to receive a company will really know how engaged you are, making your email address all the more valuable when it comes to marketing.</p><p>Companies have been responding to the GDPR changes by re-working their data management policies, but how much time is being put into how these policies can be enacted day-to-day, especially away from the aforementioned marketing email lists?</p><p>For example, if you have written a policy that says that emails are going to be stored for one year before deletion, how are you going to store them away from an active email server (thereby reducing the burden on a day-to-day server), or keep hold of them once a member of staff leaves? Or what happens if data is accidentally deleted by a member of staff?</p><p>Furthermore, data security is made all the more important as more and more companies opt for a flexible working approach where their staff can work from remote locations, such as home or (dare we say it) a high street coffee chain with its free Wi-Fi access.</p><p>Domestic or public internet access networks are unlikely to have the same levels of security as a company's, which makes it all the more important that any data transfer between a central hub and remote laptop is encrypted and has the latest security.</p><p>Chris Evans of Computer Weekly has highlighted <a href="https&#58;//www.computerweekly.com/feature/GDPR-brings-serious-implications-for-data-storage" target="_blank"> <span style="text-decoration&#58;underline;">five areas</span></a>&#160;which will impact the day-to-day work of the data storage manager under GDPR, including&#58;</p><ul><li>encryption; </li><li>detailed application-to-storage mapping;</li><li>security and audit; </li><li>validation of test and development requirements;</li><li>and collaborating closely with colleagues.</li></ul><p>Ultimately, you need to be able to give all your customers, clients, stakeholders and staff the confidence that their data and documents are stored securely, but also in a way that allows you to respond to data requests quickly and efficiently without having to wade through a mound of irrelevant information.</p><p>You also need to have the peace of mind that any deleted information can be recovered within your policy timetables, whether they be one year, five years, or longer than that.</p><p>There is also a danger that you could be sucked into a one-size-fits-all approach using policy and storage templates that have been designed for organisations that are in a different sector or are of a vastly different size to your own.</p><p>Fuse's data back-up and storage solutions tick all of the boxes you need to have that peace of mind to concentrate on your main business, namely growing as a company, while also being tailored to your specific needs.</p><p>Fuse uses a mixture of cloud-based packages to meet your requirements and allow your staff to access their relevant information <em>securely </em>regardless of where they are working. Our solutions are also easy to monitor by your in-house IT team, so that in the unlikely event of a data breach it can be identified, resolved and reported quickly.</p><div class="well well-lg"><p class="lead">Give us a call on 01604 797979 and we can have a chat about how you can make sure your data policy matches your day-to-day operations and requirements.</p></div> | Chris Wearmouth | 693A30232E777C6675736563735C632E776561726D6F757468 i:0#.w|fusecs\c.wearmouth16/05/2018 23:00:002018-05-16T23:00:00ZData security and rentention in a cloud based infrastructureData security in a cloud based infrastructure14/06/2018 09:56:102550htmlFalseaspx

 Contact us

Our address
12 Brookfield, Duncan Close
Moulton Park, Northampton
NN3 6WL
P: +44(0)1604 797979
Contact Us