Get to know the new Microsoft SharePoint Migration Tool:

TOOL.png

For many years SharePoint Migration has been a very challenging task for all the SharePoint professionals as it really requires a lot planning, assessment and careful implementation to ensure that the data remains secure and it doesn’t gets missed during the migration.

While the migration between SharePoint on-premises environment is really straight forward where you need to follow the content database detach/attach or content database copy/restore method, that was not the case while migrating the data from on-premises to Office 365 (i.e. SharePoint Online). You had to depend on many third-party tools such as AvePoint, Sharegate and Metalogix etc. to do this and these tools were indeed very costly to afford. Microsoft recently introduced the Migration API that takes advantage of Azure Blob storage which was quite convincing to use but required a lot of manual effort and even using that you couldn’t perform a migration at the site collection level. So, with all these challenges/uncertainties revolving around SharePoint on-premises to SharePoint online migration, Microsoft has announced the release of its own native Migration tool on Ignite last week. This tool is in beta version for now and is available for the public to download and explore from this link below.

Download link: _ https://hrcppestorageprod.blob.core.windows.net/migrationtool/default.htm

The best part about this tool is, it’s free and you don’t need to be a global admin or a SharePoint admin in Office 365 to use this. All you need is a write access to the destination SharePoint Online site collection and you can use this tool to migrate your data.

Alright, now let’s dive bit deeper and see how to make use of this tool and what are the features we get with this tool that can help to streamline the migration process.

How to use the Microsoft SharePoint Migration Tool?  

1.To begin with, please use the link below to download and install the Microsoft SharePoint migration tool as shown in the image below.

Download link: _ https://hrcppestorageprod.blob.core.windows.net/migrationtool/default.htm

1.PNG

2.Once done click on “Install “on the next screen as shown in the image below.

2.PNG

3. This should start to download and install the tool as shown in the image below.

3.PNG

4. After downloading and installing the tool, you would get the below screen. Please go ahead and click on next.

4

5. You would be prompted for your Office 365 credentials, please go ahead and sign-in with your Office 365 username and password.

6.PNG

6. Once done entering your credentials, please click on sign-in as shown in the image below.

7.PNG

7. After you have successfully signed-in to the tool, you would be seeing three options asking where is your source data as shown in the image below.

8

8. In this example, I wanted to migrate the data from a “File Share” to a “SharePoint Online site” and hence I’m choosing File Share as the source as shown in the image below and it asks me to choose the folder.

9.PNG

9. Once done choosing the file share path, please go ahead and click on next as shown in the image below.

10

10. So, once you’re done choosing the source path you would be prompted to choose the destination SharePoint site as shown in the image below. Please specify the site URL and also the document library to where you need to move your content.

11

Note: Please make sure that you have site collection admin access to the target site because only then it would retrieve the document libraries in the drop-down

11. Once done adding both the source and destination, please go ahead and click on add and the tool will add this to the list of tasks as shown in the image below.

13.PNG

12. So as shown in the image below, you can see the list of tasks added for migration and if required you can add few more tasks as well.

Note: The tasks that you add here can be of different types (meaning, you can add a task for migrating contents from a file share to a SharePoint Online site and the second one can be to migrate data from a SharePoint on-premises site to a SharePoint Online site and the third one can be a bulk migration task using a CSV file)

15

  1. You can also use the pause button if required to pause the migration process as shown in the image below.

18.PNG

14. Once you click on the “Migrate” button you can notice that the migration process has started as shown in the image below.

19

15. Finally, once the migration is completed you can check the completion status as shown in the image below. In addition to that you can also click on the “Open report” button to get the migration reports.

20

16. Once you click on the “Open report” button the windows explorer will open the below mentioned folder structure from where you can access the migration reports.

23.PNG

26

17. This is how the contents in the report would look like.

21

22

  1. Finally, you can check the document library in the destination SharePoint Online site to confirm whether the files have been migrated successfully .In my case please see the image below which confirms that the files have been migrated successfully.

24

 

19. So in the above example I showed you how to perform a migration using this tool from a file share to a SharePoint online site. Similarly, you can do the same for migrating the files from a SharePoint on-premises site to a SharePoint online site. However, before doing so please check and ensure that you have site collection access on both the source and destination. Finally, you can plan bulk migration tasks using the CSV file option. I’ll discuss in detail about that in a different article very soon .

What happens behind the scenes while using the Microsoft SharePoint Migration Tool?

Well, just in case if you’re interested to know what happens behind the screen while using the tool the steps below should give you an overview about that.

On a high level this is what happens,

  1. You enter your Office 365 credentials to authenticate yourself.
  2. Then you get prompted to enter the source (i.e. File Share or SharePoint on-premises site URL or the CSV file for bulk migration) and the destination SharePoint Online site where you want to migrate the files.
  3. Once you’re done specifying the details and click on the migrate button , the tools takes care of scanning , packaging , uploading and importing the files and all these tasks are performed in parallel across all the files submitted for migration .

Let’s dig bit further and see what happens at each stage …

On the Authentication stage:

After opening the tool, the first thing we must do is authenticate to the destination SPO site (i.e. the tenant where you will be migrating your files) by providing your username and password .By doing so the tool associates the migration jobs with your account.  This allows you to resume your migration from another computer if needed by logging in with the same credentials. This account should be a site collection administrator of the destination where you want to migrate the files.

On the Scanning stage:

Once you click on the “Migrate” button, a scan is performed on every file. Please note that a scan is always performed; even if you elect to not migrate your files (see Advanced Settings). The scan verifies that there is access to the data source and write access to the SharePoint Online destination. It also scans the file for known potential issues and risks.

On the packaging stage:

On the packaging stage, a content package is created that contains a manifest consisting of 8 XMLs.

On the uploading stage:

On the uploading stage, the content package is uploaded to Azure with the manifest. Before a migration job can be accepted from a SPO provided Azure container, the data is encrypted at rest using the AES CBC 256 standard. The files are encrypted along with the manifest files.

On the importing stage:

On the importing stage, the key is provided to SPO SAS. Only Azure and SPO are interacting to fetch and migrate the content into the destination. This process is a timer job based, but does not prevent other jobs from being queued up. During the import, a report is created in the working folder and live updates are made. After the migration job is completed, the log is stored in the Azure container and a final report is created. A log is stored in each Manifest Container.

Recommendations for using the Microsoft SharePoint Migration Tool:

For best performance:

CPU 64-bit Quad core processor or better
RAM 16 GB
Local Storage SSD : 150 GB free space
Network card 1 Gps
Operating System Windows Server 2012 R2 or Windows 10 client

.NET Framework 4.6.2

 

For slow performance:

CPU 64-bit 1.4 GHz 2-core processor or better
RAM 8 GB
Local Storage Hard disk: 150 GB free space
Network card High speed internet connection
Operating System Windows Server 2008 R2, Windows 7 updated or better

.NET Framework 4.6.2

Impact on the file permissions when it’s migrated:

The user permission would be retained to the cloud provided that the user accounts are synced to Azure AD using AAD Connect tool and the users have SharePoint Online licenses assigned to them.

The below mentioned table should give you an overview about how the user permissions are mapped when a user is synced to Azure AD and when he/she is not synced:

 

User sync status File Share SharePoint on-prem files
User mapped between on-premises and SPO (using AAD Connect tool  or a user mapping file provided) There are only two types of permissions that will be migrated; Read and Write.

 

If a file has Write permission for user1, then the file will be set to Contribute for user1 in SPO. If a file has Read permission for user1, then the file will be set to Read for user1 in SPO.

 

Note: At this time, the special permissions, such as Deny, will not be saved.

All the unique permissions on a file will be migrated to SPO.  Inherited permissions will not be migrated.
No user mapping (not-synced, no user mapping file) Files will be assigned the default permission of the location to which it has been migrated in SPO. Files will be assigned the default permission of the location to which it has been migrated in SPO.

Behavior of the tool when you choose SharePoint on-premises and File Share:

SharePoint on-premises: If you select the SharePoint on-premises option, you will be asked to enter the name of the SharePoint Server site where your files are located and prompted for your credentials for that site. You will indicate what document library you wish to migrate.

Note: As of now the tool only supports SharePoint 2013

File Share: If you select the File share option, you will be asked to enter the location of the file share, the URL of the SharePoint Online site and document library where they will be moved.

Advanced settings in the Microsoft SharePoint Migration Tool:

Use the advanced settings option in the tool you can perform the below mentioned tasks as well.

In order to make use of the “Advanced settings” option on the SharePoint Migration Tool, please make use of the gear icon on the window where you see the “Migrate” button after specifying the source and destination as shown in the image below.

27.PNG

29.PNG

Setting Description
Only perform scanning If you wish to scan the files as a pre-assessment to migration, turn Only perform scanning on.
Enable incremental migration By setting enable incremental migration to On, it lets you rerun the migration jobs at a later date, migrating only the changes or additions since the previous run.

 

Important: If you wish to be able to submit this job again for incremental migration, this setting must be set to On before the initial migration job is submitted.

Migrate file version history If set to No, only the most recent version of the file will be migrated. If set to Yes, you can choose whether to keep all versions, or limit it to a specific number.
Do not migrate hidden files If set to On, hidden system files will not be migrated.
Do not migrate files created before If you choose to limit what files are migration based on creation date, set your values in this section. This may be to limit the number of files migrated or to adhere to overall company governance policy regarding file retention.
Do not migrate files modified before If you choose to limit what files are migration based on modified date, set your values in this section. This may be to limit the number of files migrated or to adhere to overall company governance policy regarding file retention.
Do not migrate files with these extensions To prevent certain file types from migrating, list each extension, separating it with a vertical bar. For example, mp4|avi|mkv. Do not include the leading “.” before the extension name
Do not migrate files and folders with invalid characters By default, the setting is set to Off. This is the recommended setting. The tool will attempt to move all the files without filtering on characters. If any file can’t be accepted into SPO, a failure message will be generated for that file.

 

If set to On, the tool will skip any potential special characters. While this can improve performance when the source potentially contains a high number of files containing invalid characters, it also has drawbacks. To prevent malicious activities, source packages that generate more than 100 errors to the destination server will be blocked. As a result, all valid files in that package would also be blocked.

Active Azure Directory lookup By default, this is set to On. If no User mapping file is provided by the user, then Active Azure Directory is used as the default for user mapping.
Preserve user permissions By default, this is set to On. If set to Off, no permissions will be preserved.
User mapping file By default, Azure AD lookup is used to map users when submitting migration jobs. If you wish to use your own mapping file, select the file to be used by clicking Choose file. If you choose to use a custom user mapping file and you want to preserve user permissions, turn off Active Azure Directory lookup. By doing so if a user isn’t found in the mapping file, the tool won’t look in up in AAD.
SharePoint Migration Tool work folder By default, a temp folder will be created. If you wish to specify a specific working folder, enter the name here.
Use custom Azure storage If you wish to use your own Azure storage, set this value to On.

 

If you choose to turn on, additional fields will display to enter your account and key, and settings to select if you want to enable or disable encryption, and whether temporary files are deleted when migration is complete.

Conclusion:

The Microsoft SharePoint Migration tool in indeed a powerful and free to use tool. As of now the product is in beta version and Microsoft is continuously working on enhancing the tool by adding many cool features which you normally get to see on any third party migration tool such as Sharegate , Metalogix or AvePoint . You can even plan a migration of terabytes of data by using this tool so that your users can start taking advantage of the cool features in cloud. Last but not least, given the features and simplicity of this tool, this is definitely a must have tool for every SharePoint Admin out there.

You can also read this article on the Hubfly blog site too by going through the link below and very soon I’ll be making a  demo video on the Microsoft SharePoint migration tool which would be avaialble on the Hubfly blogsite .

Please subscribe to the Hubfly blogsite for many cool articles on SharePoint & Office 365 .

Here’s the link : http://www.hubfly.com/blog/migration/microsoft-sharepoint-migration-tool-step-by-step-walkthrough/

Good luck with the Microsoft SharePoint Migration Tool….Happy SharePointing!!!

 

Advertisements

Visio Web Access to be removed from SharePoint Online:

I’m not sure how many of you had the chance to take a look at the Message center in the Office 365 admin center last week , if you haven’t yet I would urge you all to take a look at this announcement which was made on Sep 25th about Microsoft removing the Visio web access/Visio web part and communicate the same to your end users/business .

Although ,it’s too early to talk about this change as the change will come into effect only from Sep 30,2018 onwards I think it would be worthwhile to start preparing ourselves for this change as the Visio web part has been one of the most heavily used web part by many SharePoint users for many years and with this change we should start thinking about at alternative now .

Visio web access.PNG

Webinar on SharePoint Online Communication Sites

Hi All,

Please join us for a webinar on August 12th,2017 at 6:00 pm IST on ” Overview of Communication Sites in SharePoint Online” .

WEBINAR

Agenda:

  1. Introduction to Communication sites in SharePoint Online​

2. Different designs and what’s inside a communication site?​

3. Demo on creating Communication sites​

4. Demo on Customizing Communication sites​

5. Benefits of using Communication sites​

6. What’s lacking in Communication sites?

We’ll be discussing in detail about SharePoint Online Communication Sites and all it’s new features and functionalities.

Webinar details : http://www.c-sharpcorner.com/events/overview-of-communication-sites-in-sharepoint-online

When to perform a Search full crawl in SharePoint 2013?

Search is indeed a mission critical component in SharePoint 2013 and it’s very important that it functions properly so that you get the desired results. As we all know, the search results and their relevancy is directly proportional to how often your content sources are crawled and what sort of crawling you’re running in your SharePoint farm (i.e. full crawl, incremental crawl and continuous crawl). So, in this post I’m not going to discuss about the different type of search crawls or the SharePoint 2013 search architecture, perhaps I would be discussing on when and under what circumstances should a SharePoint administrator perform a full search crawl. The reason for me picking up this topic is because I see a lot of misconception among SharePoint administrators in understanding when the Search full crawl has to be performed. For the most part, I’ve seen many folks turning on full crawl when it’s not required at all and before doing so we need to understand that turning on Search full crawl is going to consume a lot of your server’s resource and at worst case it could even make your SharePoint farm go to an unresponsive state and hence it’s very important that we do this only when it’s required.

1

Alright, let’s get into the details ….

Listed below are the reasons why and under what circumstances should a SharePoint farm Administrator perform a full search crawl:

1.You just created a new Search Service application and the default content source (i.e. Local SharePoint sites) that gets created along with the newly created Search service application hasn’t been crawled yet.

22. You recently added a new content source and it hasn’t been crawled yet (Note: This is applicable for all the types of content sources (i.e. Local SharePoint sites, File shares, Exchange public folders and External line of business data)

3.png

3.When there has been, a change made to the existing content source (meaning, when you’re trying to edit the existing content source for making some changes)

4.png

4.When you’re patching your SharePoint 2013 farm by installing a Cumulative update, Service packs and hot-fixes etc. For some reason I see a lot dilemma on this specific point because it brings up a question on why should a full crawl be performed post the patching .The reason for this is really simple ,  if you read my article on patching a SharePoint farm you would notice that I’ve mentioned a step where you need to suspend the search crawl before patching your farm and the reason for mentioning that is because it’s quite possible that when you check the crawling schedule  before patching you farm there may not be any instance of crawl running. However, if a crawl is triggered by schedule which occurs during the installation, the search application may crash or lead to inadvertent results. In worst case, you might end up rebuilding the entire search application. Hence, as a best practice it’s very important that you suspend the search service application before patching your farm and once you’re done with patching your farm please go ahead and resume it and run a full crawl.

5

6

7

5.When changes have been made to managed properties in search. A full crawl of all affected content sources is required for the new or changed managed property to take effect.

8.png

6.If you want to detect security changes that were made to local groups on a file share after the last full crawl of the file share

9.png

7.When the incremental crawl keeps failing continuously. If an incremental crawl fails many consecutive times for any content, the system removes the affected content from the search index. In such case, please look into the search crawl logs and try to identify the issue and fix it after which you need to run a search full crawl so that the failed content gets updated in the search index.

8.If you have made some changes to the search Crawl rules such as adding, deleting or modifying the crawl rule.

10.png

9.When your search index gets corrupted you need to perform a search index reset after which you need to run a full search crawl. Please check my article on search index reset to understand how to perform an index reset and under what circumstances should you be performing a search index reset.

11.png

10.The permissions given to the default content access account has been changed.

11. Apart from the above mentioned one’s the system by itself would be performing a search full crawl even when an incremental or continuous crawl is scheduled under the following circumstances:

   a)The SharePoint administrator stopped the previous crawl.

    b)A content database was restored, or a farm administrator has detached and reattached a content database.

    c) A full crawl of the content source has never been done from this Search service application.

     d)The crawl database does not contain entries for the addresses that are being crawled. Without entries in the crawl database for the items being crawled, incremental crawls cannot occur.

Thanks for reading this post. Happy SharePointing!!!

Demystifying MinRole in SharePoint Server 2016:

MinRole – I hope everyone would agree with me when I say that “MinRole” has become a buzz word among many SharePoint folks ever since Microsoft released SharePoint Server 2016. I myself have personally read many articles/blogs and viewed some videos on it to understand in detail about MinRole and how to make use of it. However, there has been times where I couldn’t really understand it completely and I had to work with many SharePoint experts in the industry to understand in detail about what MinRole is and how it works. But still I can sense a lot of uncertainty among few SharePoint folks in understanding MinRole and how to make use of it. Hence, in this article I’ll be explaining in detail about the below mentioned points….

  1. What is MinRole?
  2. How to deploy a SharePoint 2016 farm using MinRole topology?
  3. Different server roles in MinRole
  4. Different type of MinRole topologies
  5. MinRole -Before and after Feature Pack 1
  6. The benefits of using MinRole
  7. MinRole Administration
  8. MinRole compliancy
  9. Opting out of MinRole
  10. How/where to deploy 3rd party apps while using MinRole?

160121MinRole_lg.JPG

Alright, so let’s get started …

  1. What is MinRole?

To put it in very simple words, MinRole is a new farm topology based on a set of predefined server roles which got introduced in SharePoint Server 2016. Unlike the old traditional SharePoint farm topologies where you add a server to a farm and then configure it, here you can select the role of a server when you create a new farm or join a server to an existing farm and SharePoint will automatically configure the services on each server based on the server’s role. SharePoint Server 2016 by default has been optimized for the MinRole farm topology.

So, the point here to understand is, with MinRole you don’t need to add servers to a SharePoint farm and then configure each server in the farm as WFE, APP, Search etc.… MinRole will do that magic for you. Once you add a new SharePoint 2016 server to a farm and run the configuration wizard you would get a screen as shown below which asks you to choose the appropriate role .Once you select the appropriate role ,SharePoint will automatically turn on and configure the necessary services based on the server’s role.

2.png

Now that we have understood about MinRole, let’s understand how to deploy a SharePoint 2016 farm using MinRole topology.

2.How to deploy a SharePoint 2016 farm using MinRole topology?

Before I go ahead and discuss about how to deploy a SharePoint 2016 farm using MinRole topology, let’s refresh ourselves by taking a glance at the default SharePoint 2013 streamlined topology which we’re already used to. Let’s look at the image below to understand about the default SharePoint 2013 streamlined topology…

18.png

So as shown in the image above, in SharePoint 2013 when you create or add a new server to the farm you have to manually go to the “Manage services on server “section on Central administration site and turn on the required services after which you would be configuring the required service application (Ex: Search Service Application, Managed metadata service application, User Profile service application & Distributed Cache service application etc.…)

services-on-server.jpg

However, the good news with SharePoint 2016 you don’t need to spend time on turning on the required services under “Manage services on Server “. You just need to focus on choosing the required role on the “Specify server role “window which I just described above and SharePoint  will take care of the rest for you. Hang on, let’s be clear here …. SharePoint will only take care of automatically turning on the required services but the service application has to be configured by you as an admin. I guess while reading this, you must have this question in mind … “Well this is cool, but how does SharePoint manages to do this by itself? “…The answer to this follows, when you create a new farm or join a machine to an existing farm, SharePoint starts the base set of service instances that are required for the server’s role. It also detects which additional services have been enabled in the farm and starts the matching service instances as appropriate for the server’s role. Finally, it detects which service applications have been created in the farm and which services are necessary to support those service applications. Those service instances will be started as appropriate for the server’s role, as well.

MinRole management of service instances doesn’t happen only when you join a server to a farm. As you enable or disable services in the farm, or as you create and delete service applications in the farm, MinRole starts and stops service instances on the existing servers in the farm. This ensures that each server in your SharePoint farm is running exactly the services it needs.

So, the end result is, you as a SharePoint farm administrator can only focus on what services you want to run in your farm and not worry about where they’re running. The MinRole topology in SharePoint will take care of the rest.

Also, let’s take a look at the image below which illustrates how the SharePoint services are scattered between these different server roles while using MinRole topology.

1.PNG

All the user interactive scenarios would be running on the WFE role, all the background tasks such as Search, UPS etc. would be running on the APP role and finally the caching services would be running on the DC role .

Well, hang on …. I still didn’t tell you how to deploy a SharePoint 2016 farm using MinRole. There’s two variants to do this … 1. Using the SharePoint product configuration wizard 2. Using PowerShell.

  1. Using the SharePoint Configuration Wizard:

So, you can choose the role of a server while adding it to the farm using the below mentioned screen which you get while running the product configuration wizard.

2.png

  1. Using PowerShell:

POWERSHELL.png

Now that we have understood how to deploy a SharePoint 2016 server /farm using MinRole, let’s try to understand the different roles available in MinRole topology.

  1. Different server roles in MinRole:

The below mentioned image from one of my presentations on SharePoint 2016 clearly illustrates the different roles that are available in MinRole.

3.PNG

4.PNG

So, based on your need/architecture planning you can choose the appropriate role. However, this architecture might sound quite costly because with MinRole you can’t add two application roles together like how we used to do in SharePoint 2013 for small farms with 4 to 6 servers, meaning you don’t get to enjoy the privilege of having Search and Managed metadata or may be Search and User Profile service running on the same server. In MinRole if you do so then that particular server would be marked as non-compliant. But Microsoft has listened to its customers about this and has made some changes to the MinRole feature in Feature Pack 1 release for SharePoint 2016 and I’ll be talking in detail about that later on  this article.

Note: The concept of Service packs is gone in SharePoint 2016 and is now replaced with Feature packs. You don’t get to see Service packs anymore at least on SharePoint 2016. Also, the Feature packs won’t be as separate packages like your service packs which gets released separately( i.e. once in 12 months as a separate package ). A particular month’s CU/PU would be called as a feature pack where Microsoft would ship all the fixes/new features and that month’s CU would be called as Feature Pack. Till now Microsoft has release Feature Pack 1 (i.e. Nov 2016 CU) and you can find the details about that in this link below . So, a specific month’s CU would be released as a FP hereafter .

https://support.microsoft.com/en-us/help/3127940/november-8,-2016,-update-for-sharepoint-server-2016-kb3127940

Microsoft was quite ahead of their schedule while they released FP1 as the original release date was planned on 2017 .However they managed to release that on Q4 of 2016 itself .

This image below depicts the roadmap for SharePoint Server 2016 :

Roadmap.png

Alright , let’s jump into the different type of topologies in MinRole .

  1. Different type of MinRole topologies :

Now that we have seen a lot about MinRole , I guess it really begs the question of how to choose the appropriate SharePoint topology while using MinRole . Well , let’s go and take a look at it . Shall we ?

A typical SharePoint 2013 Topology :

This is how a typical SharePoint 2013 Topology would look like . Please check the image below .

9.png

In this case the SharePoint Administrators manually configure services on each server to fit these roles and in addition that as features and services are added, administrators have to determine where these components should run based on best practices, current server load, etc.

But this is not the case with SharePoint 2016 MinRole Topology , since this is a role based architecture you can directly choose the role you want to deploy and MinRole will take care of the rest . Please check the image below which depicts a SharePoint 2016 MinRole topology architecture .

SharePoint 2016 MinRole Topology :

MinRole topology.PNG

As shown in the image above, you need not less than 4 servers to deploy a SharePoint 2016 farm.  If you’re including SQL then in that case you need at least 5 servers for MinRole. Also , Minimum configuration does not have any resiliency.

Let’s see how this works when you want to plan a SharePoint 2016 HA farm with MinRole topology .

6.PNG

8.png

So, as you can see in the image above , two servers are required for each role . When it comes to  Distributed  cache three servers are required in a cluster quorum . We also need SQL availability groups to achieve HA in the SQL layer. So, in total you might require 13 servers altogether if you’re also adding Office Online server in HA .

However , this count may vary based on your architecture and planning . Please check the image below where I’ve designed a HA SharePoint 2016 farm with proper planning .In this case the total number of servers required is 18 .So the point to note here , based on your business needs you can scale out the total number of servers for HA .

10.PNG

Custom 3 Tier MinRole Topology:

This is how a custom 3 tier MinRole topology looks like. The front-end servers are benefited from MinRole. The custom server role is used to configure custom servers to run majority of SharePoint service applications and reduce the number of servers.  Unlike MinRole, the services have to be manually configured on the custom server role. It’s the job of the SharePoint Administrators to configure the required services on the custom server.

custome 3 tier.PNG

Custom HA Topology with Search:

custom HA with search

This is how this architecture has been planned,

  • Two load balanced servers with Front-end role.
  • Two custom servers running distributed cache, User Profile Sync, Secure Store.
  • Two servers with Search server role.
  • SQL servers configured with always on availability groups.

5.MinRole -Before and after Feature Pack 1:

Now, if you see the complete overview of MinRole you might understand that you need high budget to implement this due to the total number of servers required. Unlike SharePoint 2013, you don’t get to add the roles together in a single server (i.e. Custom Role) while using MinRole topology and this might increase the budget and many customers have reported the same concern to Microsoft. As always, Microsoft listened to their customer’s feedback and they’ve made some changes to this in Feature pack 1. Let’s look at that in the image below.

11.PNG

I guess the image above gives a detailed explanation about the changes to MinRole topology post FP1 . So, post FP1 you can add two roles together which will reduce the total number of servers required to build a SharePoint 2016 farm using MinRole.

post FP1.png

If you’re interested in knowing more about the new features that was introduced in Feature Pack 1, please take a look at the link below.

https://blogs.office.com/2016/09/26/announcing-feature-pack-1-for-sharepoint-server-2016-cloud-born-and-future-proof/

  1. The benefits of using MinRole:

Listed below are the benefits of using MinRole.

  1. Simpler Deployments
  2. Improved Performance and Reliability
  3. Simpler Capacity Planning and Farm Scalability.

Simpler Deployments:

  • SharePoint Administrators no longer need to worry about which services have been enabled on which servers.
  • Administrators can reduce the risk of slight misconfigurations during installation by leveraging a template-type deployment.
  • Administrators can focus on what functionality to enable in the farm and let SharePoint take care of the rest.

Improved Performance and Reliability:

  • Microsoft has been operating SharePoint online since 2011 and has analyzed key performance characteristics of operating SharePoint at an internet scale such as CPU, Memory, disk I/O and network latency.
  • SharePoint has been optimized for MinRole topology based on all that analysis /learning which Microsoft learned from operating SharePoint Online in their own datacenters for years.
  • Improved service application load balancer services requests from local service instances instead of going across the farm to another server.

Simpler Capacity Planning and Farm Scalability:

  • In SharePoint 2016, Microsoft bases capacity planning on the MinRole topology.
  • Leverage predictable and perspective capacity-planning guidance by deploying a farm based on the MinRole topology.
  • As SharePoint needs grow, easily add more servers to the farm and SharePoint will automatically configure the additional servers.
  1. MinRole Administration:

You can administer MinRole from the Central administration site and also via PowerShell

Using Central Administration site:

13.PNG

You can change the role of a server after it’s deployed and also check whether the server is complaint from the central administration site itself.  The same can be achieved using PowerShell as well. A server in the farm which was acting as WFE today can be made as a APP tomorrow and once you change the role SharePoint will automatically turn on and off the required services .

Using PowerShell:

POWERSHELL.png

Note: There’s some bugs that has already been identified and reported to MS while toggling the role of server from the Central Administration site and hence it’s better to use PowerShell to change the role of a server

8.MinRole compliancy:

  • Once a Server’s role is configured, only those services appropriate for that role can run on that server.
  • SharePoint 2016 has a new set of Health Analyzer rules and timer jobs to identify when a server isn’t MinRole complaint.
  • If a service is accidently turned on and shouldn’t be running on that server, SharePoint will automatically turn it off.

compliancy.PNG

 14.png

9.Opting out of MinRole:

As a SharePoint administrator, you can always say no to MinRole if you’re not planning to use it. This can be achieved by assigning some/all the servers in the farm to the custom role and then manually manage service instances on these servers. Also, you need to consider using “ServerRoleOptional” parameter when creating a new SharePoint farm if existing deployments script needs to remain intact.

10.How/where to deploy 3rd party apps while using MinRole?

Well, the answer to this simple. Yes, you guessed it correctly, so it’s the “Custom Role” that you need to choose while deploying any third-party applications such as (Ninetex Workflows, AvePoint etc.). In addition to that, services like PerformancePoint, PowerPivot etc. would best fit in the custom role.

MinRole is truly phenomenal and would definitely reduce the risk and the time taken by a SharePoint administrator to deploy a SharePoint 2016 farm. Microsoft has done an awesome job in introducing MinRole on SharePoint 2016 which would definitely reduce all our burdens as SharePoint administrators. Thanks for reading this post …. Happy SharePointing!!!

Webcast of SharePoint Virtual Summit:

sharepoint-virtual-summit-2017.jpg

For those who missed to attend the SharePoint Virtual Summit session which was held on May 16th , please make use of the link below to watch the webcast on demand

https://event.microsoft.com/events/2017/1705/SharepointSummit/

Watch the webcast to learn how to create a connected workplace in Office 365 with OneDrive and SharePoint, integrated with Yammer, Microsoft Teams, Windows, PowerApps and Microsoft Flow.

In this webcast , Microsoft has unveiled the latest innovations and roadmap, and you’ll learn how industry-leading customers are leveraging these technologies as part of their digital transformation. Discover how Office 365, connected with Windows and Azure, is reinventing productivity for you, your teams and your organization.

Happy SharePointing !!!

Webinar on Getting started with Office 365 :

 

Office 365 pic 2.png

Hi All ,

On behalf of C Sharp corner Chennai chapter I’ll be delivering a session on “Getting started with Microsoft Office 365 “ . The details about the session as well as the registration link can be found below . Please make yourself available for the session and try to gain some insights on Office 365 .

Registration link :_ http://www.c-sharpcorner.com/events/getting-started-with-microsoft-office-365

Agenda:
  • Introduction to Office 365
  • Understanding the Office 365 features and services.
  • Touring the Office 365 Admin center
  • What’s new in Office 365?
  • Recap
  • Conclusion

Workflow Manager configuration for SharePoint Server 2013:

a.png

This article will give you a detailed explanation on how to configure Workflow manager for SharePoint Server 2013. Unlike SharePoint 2010, we don’t get the SharePoint 2013 workflows with the SharePoint 2013 product itself. We need to install and configure “Workflow Manager” which is a standalone product that was introduced along with SharePoint 2013 to get SharePoint 2013 workflows.  However, you would still get SharePoint 2010 workflows by default in SharePoint 2013. If you need to avail SharePoint 2013 workflows, then we need to install Workflow manager for SharePoint 2013 and configure a workflow farm with service bus farm.

Note: All your workflows that were built by using SharePoint Server 2010 will continue to work in SharePoint Server 2013.

The SharePoint 2013 Workflow platform uses the new Workflow Manager Service. Workflow Manager is built on top of Windows Workflow Foundation. Windows Workflow Foundation is part of the .NET Framework 4.5.

Architectural changes in SharePoint Workflow:

b.png

Installation and Configuration of Workflow Manager in SharePoint 2013:

Alright, now let’s look on how to install and configure Workflow Manager

Once configured, we need to register our SharePoint web application with the workflow farm. Once the SharePoint farm is registered with Workflow farm, SharePoint 2013 workflows will be available and we can use them in SharePoint sites.

Note: You can install Workflow manager on the SharePoint server itself or you can have separate environment for Workflow manager and attach your SharePoint 2013 farm to the Workflow manager farm

Prerequisites for Workflow manager:

If you want install workflow manager 1.0, here are the pre-requisites:

  • .NET Framework 4 Platform Update 3 or .NET Framework 4.5
  • Service Bus 1.0
  • Workflow Client 1.0
  • PowerShell 3.0

The following are the pre-requisites to configure Workflow Manager 1.0

  • Instance of SQL Server 2008 R2 SP1, SQL Server Express 2008 R2 SP1, or SQL Server 2012.
  • TCP/IP connections or named pipes must be configured in SQL Server.
  • Windows Firewall must be enabled. [Windows Firewall is Off on target server]
  • Ports 12290 and 12291 must be available.

Installation steps:

To install Workflow Manager, we need to first install Windows Platform Installer 5.0 x64 bit.

  1. Download Windows Platform Installer x64 bit version 5.0 from the link
  2. Run Windows Platform Installer
  3. Select the “I accept the terms in the License Agreement” and click Ok.

c.png

4. It’ll take some time to install Windows Platform Installer.

d.png

5. Once WEB PLATFORM INSTALLER is installed, go to start and search for “Web Platform Installer”, and then click on the “Web Platform Installer” icon.

e

6. The application will load all the required files.

f.png

9. Once done, you would get this screen as shown in the image below.

g.png

10. In this screen, go to the “Products” tab

h.png

11. Click on Add button for the below products:

  1. Workflow Manager 1.0
  2. Service Bus 1.o
  3. Workflow Client 1.0
  4. Workflow Manager 1.0 Refresh (CU2)

i.png11. Now, click on install.

j.png12. Click on “I Accept”

k.png

13. You may see a prompt as shown below, don’t worry and just click Ok

l.png

14. Now, the WEB PLATFORM INSTALLER will start installation process and may take some time to install the selected products.

m.png

15. After the installation of the selected products the wizard will tell you that some of the products require some additional configuration. Click on the:” Continue” button as shown in the image below.

n.png

Alright, so now we’re done with installing the workflow manager, let’s look on how to configure it.

Configuring Workflow Manager:

  1. Open Workflow manager and select “Configure Workflow Manager Farm using Custom Settings” option as shown in the image below.

o.png

2. For Farm Management Database, provide the SQL instance name and the database name. Click on “Test Connection” button. It will take some time to verify and show the green tick mark symbol once the connection is verified as shown in the image below.

1.png

3. Follow the same steps for “Instance Management Database” and “Resource Management Database”.

2.png

b3.png

4. Provide the service account and password which you want to use for Workflow manager configuration.

 

Note: Please bear in mind that you need to use a separate service account for Workflow manager configuration and not the same farm account. Else, you would get errors during the configuration.

3.png

5. Also, please note that this account should be part of the local administrators group on server(s) where you are going to configure Workflow Manager and should also have “Sysadmin” permissions on the SQL Instance

6. Next, you need to provide Certificate generation key. This is same as the “Passphrase” which we create while configuring SharePoint server farm. For adding new Workflow Host or Service Bus Host, you will need to provide the same key.

4.png

7. After setting certificate generation key, we need to configure ports for communication between workflow farm and SharePoint farm. Below are the ports we need to configure:

a) Workflow Manager Management Port for HTTPS – Default port is 12290 for HTTPS.

b) Workflow Manager Management Port for HTTP – Default port is 12291 for HTTP. If you want to use HTTP protocol for using Workflow management service, we need to select the checkbox “Allow Workflow management over HTTP on this computer”.

5.png

To open the ports, we need to create appropriate inbound rules in firewall. This wizard provides an option to create the firewall rules automatically. Select the check box to create firewall rules.

8. At this point, specify admin group for Workflow management farm. This means we need to specify the domain or local group whose members should be treated as administrators. By default, “BUILTIN\Administrators:” group is added as administrator group for the Workflow farm.

9.png

9. Click next [right arrow] at bottom of the dialog box. It will take some time to validate the configuration settings and save the same.

x.png

10. Now, it’s time to provide required details such as database info, service account and certificate generation key for Service Bus Farm.

10.png

11.png

11. If you want to use the same service account which you provided for Workflow Manager Farm in the previous window, you can select the check box “Use the same service account credentials as provided for Workflow Manager”.

12. For certificate generation, select the select the check box “Auto generate”.

13. If you want to use the same certificate generation key which you provide for Workflow Management Farm in the previous window, you can select the check box “Use the same certificate generation key as provided for Workflow Manager”.

13.png

14.Configure required ports for communication.

14.png

15. Enable firewall rules and provide Admin group.

15.png

16. After providing all the information, click on next step. Wizard will show you summary of the configuration you have provided. At this point, review the settings and if you want to change something, go back and make the required changes and then come back to summary page.

16.png

17. Now start configuring the farm.

17.png

18.png

b4.png

b5.png

17. It will take around 10 minutes to configure the Workflow Manager and Service Bus farm.

18. Once the processing completes, close the window.

b6.png

19. Now, browse the URL https://workflowhostserver.domain.com:12290 or https://localhost:12290, (if you receive certificate warning, click on continue option) this should display XML schema related to the Workflow farm.

a7.png

a8.png

20. Click on Certificate Icon in the address bar. Now, click on “View Certificate”.

a9

21. Navigate to details tab and click on “Copy to file” option.

a10.png

22. You will see Certificate Export Wizard. Click Next.

a11.png

23. Select Base x64 type.

a12.png

24. Select the directory and give a file name. Click on Save button.

a13.png

25. Click on Next button.

a14

26. Finally, click on Finish.

b7.png

27. Once the certificate is exported, you will get below message. Click Ok.

a15

28. Now copy the certificate file to the SharePoint server and paste it there. Once done, open SharePoint PowerShell using the Farm Service Account and run the below command to Add the certificate to SharePoint Trusted Root Authority.

$cert = Get-PfxCertificate <path of the certificate file with extension>

New-SPTrustedRootAuthority -Name “Workflow Farm Certificate” -Certificate $cert

  1. Next, register the web application to consume workflow service.

Register-SPWorkflowService -SPSite ‘https://webapp.domain.com/managedpath/sitecollection&#8217; -WorkflowHostUri ‘http://workflowhost.domain.com:12991&#8217; –AllowOAuthHttp

  1. Finally, navigate to Central Administration à Manage Service Applications à Workflow Service Application Proxy and verify that it says “Workflow is connected”.

b8

31. To verify if the SharePoint 2013 Workflow Template is now available, open SharePoint designer 2013, open the SharePoint site, go to workflows and click on New. In drop down, it should show you “SharePoint 2013 Workflow Template”.

b9.png

 

Common Issues and Solutions that you might encounter while configuring workflow manager:

Issue #1:

System.Management.Automation.CmdletInvocationException: The remote server returned an error: (400) Bad Request. The api-version in the query string is not supported. Either remove it from the Uri or use one of ‘2012-03’..TrackingId:0aef4968-6974-41db-bf43-fecd4fda4a38_GDS-SP2013-VM,TimeStamp:5/15/2014 1:27:51 PM —> System.ArgumentException: The remote server returned an error: (400) Bad Request. The api-version in the query string is not supported. Either remove it from the Uri or use one of ‘2012-03’..TrackingId:0aef4968-6974-41db-bf43-fecd4fda4a38_GDS-SP2013-VM,TimeStamp:5/15/2014 1:27:51 PM —> System.Net.WebException: The remote server returned an error: (400) Bad Request.

Cause: Service Bus version is not appropriately installed.

Solution:

Remove the server from SB Farm and WF Farm.

Delete the SB and WF databases from SQL instance.

Uninstall Workflow Manager and Service Bus applications.

Install appropriate versions using Windows Platform Installer. Workflow Manager Refresh 1.0 and servicebus 1.0 CU.

Issue #2:

System.Management.Automation.CmdletInvocationException: The token provider was unable to provide a security token while accessing ‘https://sharepoint0120.secam.sa.net:9355/WorkflowDefaultNamespace/$STS/Windows/&#8217;. Token provider returned message: ‘<Error><Code>400</Code>

Solution:

Make sure CU 2 for Workflow Manager is installed. The Workflow service account has dbo permission on SB and WF databases.

Issue #3:

Add-WFHost : The remote server returned an error: (401) Unauthorized. Manage claim is required for this operation.

Cause: Workflow service account is not part of ManageUsers group for WorkflowDefaultNamespace

Solution:

To find if service account is part of ManageUsers group or not, run below command

PS > Get-SBNamespace -Name WorkflowDefaultNamespace

SubscriptionId        : 00000000000000000000000000000000

State                 : Active

Name                  : WorkflowDefaultNamespace

AddressingScheme      : Path

CreatedTime           : 17-02-2015 14:31:09

IssuerName            : WorkflowDefaultNamespace

IssuerUri             : WorkflowDefaultNamespace

ManageUsers           : {srv_sp_test_admin@domain.com}

DnsEntry              :

PrimarySymmetricKey   : ******************************

SecondarySymmetricKey :

Since workflow account “srv_sp_workflow” is not listed here, we need to add it. For that, run below command.

Set-SBNamespace -Name WorkflowDefaultNamespace -ManageUsers @(‘srv_sp_workflow@domain.com’, ‘srv_sp_test_admin@domain.com’)

Now you can try to add the server using “Join the existing Workflow Farm” option. Or you may run Add-WFHost command.

Happy SharePointing!!!  Thanks for reading this post.

 

 

 

 

Report on external users in SharePoint Online:

SP Online image

Alright in this post I’m going to introduce you all to a small PowerShell script which will help you in getting the list of all the external users in your SharePoint Online tenant. Unlike the “Get-SPOExternalUser” PowerShell command  this will display the list of all sites in SharePoint Online , the external sharing status of those sites as well as with whom the sites are shared with externally . This can be used handy by Offic6 365 global admins or SharePoint Online admins to get a report of external sharing/users in their tenant.

Let’s take a look at the script now …

Step1:

Run this command in the SharePoint online management shell to connect to your tenant.

Connect-SPOService -Url https://office365admin123-admin.sharepoint.com-credential $credentials 

Step 2 :

Once done with the first command run the below mentioned command to get the report.

$i = 0

ForEach ($site in Get-SPOSite) {

$i++

    Write-Host “*********”

    Write-Host “Site number: ” $i

    $site.Url

    $site.Owner

    $site.SharingCapability

    Get-SPOExternalUser -SiteUrl $site.Url

 

}

This is how the result of this script will look like, check the image below ….

Result 2

I hope this helps you to get the report may be once in a week or a month. Thanks for reading this post…Happy SharePointing !!!

Extending the Retention period of orphaned personal site collections up to a year:

One drive 1.png

Alright , I guess you might have figured out what this post is going to be about by seeing the title .So yes , I’m going to show you how to extend the retention period of the One Drive for business content up to a year even after the user has left the company .

So I guess all the Office 365 folks as well as SharePoint folks out there would be aware of the “My site cleanup policy” that runs in SharePoint once a user’s account has been deleted in AD. If you’re not aware of this yet, please check my article on that. Also to understand how this works on SharePoint Online, you can take a look at the link below. Microsoft has did an awesome job on writing a detailed article about this and hence I’m not going to spend my time writing a detailed article explaining the same stuff once again .

https://support.microsoft.com/en-in/help/3042522/onedrive-for-business-retention-and-deletion

So here in this article I’m going to introduce you to a PowerShell command that will extend the retention period of the contents in the personal site (i.e. One Drive for Business) up to a year so that you have a year’s time to copy the contents from a user’s One Drive for business folder even after he/she has left the company.

I guess scenario’s like this are quite possible when a user has been terminated and his account has been deleted or may be a user left the company and the default retention period was not sufficient for you to copy the important contents from his One Drive for business folder .

So here’s the PowerShell command for that ….

Set-SPOTenant -OrphanedPersonalSitesRetentionPeriod 365

You need to run this as a SharePoint Online command as shown in the image below.

one drive 2.png

Once done it will update the retention policy for all the orphaned One Drive for Business sites in your tenant. The other way to do this is by putting a hold on the user’s One Drive for Business as a part of an eDiscovery case and the site won’t get deleted until the hold is removed. But this command will make your life even easier by making the change for the entire tenant.

Happy SharePointing …..I hope this helps someone. Thanks to Chris Bortlik for showing this to us.