Wednesday, November 27, 2013

Create SharePoint 2013 Search Service Application using PowerShell

Although we can create SharePoint 2013 search service application from Central Administration,  I prefer creating it through PowerShell as it gives the ability to get rid of GUIDs in Search service Database names. Also, from SharePoint 2013 Central Administration, Its not possible to modify search topology! So, PowerShell is the ideal way to create/configure Search in SharePoint 2013.

Creating Search Service Application in PowerShell includes these 7 steps:
  1. Create an application pool for search service application 
  2. Start search service instances on the server
  3. Create a search service application 
  4. Create a search service application proxy
  5. Create new search service topology 
  6. Create all six components of the search and assign them to the search topology
  7. Activate the search topology
PowerShell Script to Create Search Service Application for SharePoint 2013:
Here is the PowerShell script to create Search service application in SharePoint 2013.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

# Specify the Settings for the Search Service Application
$ServerName = (Get-ChildItem env:computername).value
$IndexLocation = "D:\Search Index"
$SearchServiceApplicationName = "Search Service Application"
$SearchServiceApplicationProxyName = "Search Service Application Proxy"
$SearchDatabaseServer = "G1SP2013"
$SearchServiceApplicationDatabase = "SP2013_Search_Service" 

$SearchAppPoolName = "Search Service Application pool"
$SearchAppPoolAccount =  Get-SPManagedAccount "Crescent\SP13_Search"

#Check if Managed account is registered already
Write-Host -ForegroundColor Yellow "Checking if the Managed Accounts already exists"
$SearchAppPoolAccount = Get-SPManagedAccount -Identity $SearchAppPoolAccount -ErrorAction SilentlyContinue
If ($SearchAppPoolAccount -eq $null)
    Write-Host "Please Enter the password for the Service Account..."
    $AppPoolCredentials = Get-Credential $SearchAppPoolAccount
    $SearchAppPoolAccount = New-SPManagedAccount -Credential $AppPoolCredentials

#*** Step 1: Create Application Pool for Search Service Application **** 
#Get the existing Application Pool
$SearchServiceAppPool = Get-SPServiceApplicationPool -Identity $SearchAppPoolName -ErrorAction SilentlyContinue
#If Application pool Doesn't exists, Create it
if (!$SearchServiceAppPool)
    $SearchServiceAppPool = New-SPServiceApplicationPool -Name $SearchAppPoolName -Account $SearchAppPoolAccount 
    write-host "Created New Application Pool" -ForegroundColor Green

#*** Step 2: Start Search Service Instances ***
Start-SPEnterpriseSearchServiceInstance $ServerName -ErrorAction SilentlyContinue
Start-SPEnterpriseSearchQueryAndSiteSettingsServiceInstance $ServerName -ErrorAction SilentlyContinue

#*** Step 3: Create Search Service Application **** 
# Get the Search Service Application
$SearchServiceApplication = Get-SPEnterpriseSearchServiceApplication -Identity $SearchServiceApplicationName -ErrorAction SilentlyContinue
# Create the Search Service Application, If it doesn't exists! 
    $SearchServiceApplication = New-SPEnterpriseSearchServiceApplication -Name $SearchServiceApplicationName -ApplicationPool $SearchServiceAppPool -DatabaseServer $SearchDatabaseServer -DatabaseName $SearchServiceApplicationDatabase
    write-host "Created New Search Service Application" -ForegroundColor Green

#*** Step 4: Create Search Service Application Proxy **** 
 #Get the Search Service Application Proxy
 $SearchServiceAppProxy = Get-SPEnterpriseSearchServiceApplicationProxy -Identity $SearchServiceApplicationProxyName -ErrorAction SilentlyContinue
 # Create the Proxy, If it doesn't exists! 
    $SearchServiceAppProxy = New-SPEnterpriseSearchServiceApplicationProxy -Name $SearchServiceApplicationProxyName -SearchApplication $SearchServiceApplication 
    write-host "Created New Search Service Application Proxy" -ForegroundColor Green

#*** Step 5: Create New Search Topology 
$SearchServiceInstance = Get-SPEnterpriseSearchServiceInstance -Local
#To Get Search Service Instance on Other Servers: use - $SearchServiceAppSrv1 = Get-SPEnterpriseSearchServiceInstance -Identity "<Server Name>"

# Create New Search Topology 
$SearchTopology =  New-SPEnterpriseSearchTopology -SearchApplication $SearchServiceApplication

#*** Step 6: Create Components of Search

New-SPEnterpriseSearchContentProcessingComponent –SearchTopology $SearchTopology -SearchServiceInstance $SearchServiceInstance

New-SPEnterpriseSearchAnalyticsProcessingComponent –SearchTopology $SearchTopology -SearchServiceInstance $SearchServiceInstance

New-SPEnterpriseSearchCrawlComponent –SearchTopology $SearchTopology -SearchServiceInstance $SearchServiceInstance

New-SPEnterpriseSearchAdminComponent -SearchTopology $SearchTopology -SearchServiceInstance $SearchServiceInstance

#Prepare Index Location
Remove-Item -Recurse -Force -LiteralPath $IndexLocation -ErrorAction SilentlyContinue
MKDIR -Path $IndexLocation -Force

#Create Index and Query Components
New-SPEnterpriseSearchIndexComponent –SearchTopology $SearchTopology -SearchServiceInstance $SearchServiceInstance -RootDirectory $IndexLocation 

New-SPEnterpriseSearchQueryProcessingComponent –SearchTopology $SearchTopology -SearchServiceInstance $SearchServiceInstance

#*** Step 7: Activate the Toplogy for Search Service ***
$SearchTopology.Activate() # Or Use: Set-SPEnterpriseSearchTopology -Identity $SearchTopology

Here is the Search center topology created:
Create SharePoint 2013 Search Service Application using PowerShell
As you see in the above screen, Provisioning search service application creates 4 databases:  I'm naming them as follows:
  • SP2013_Search_Service - Search Service Administration database stores configuration and topology (It could be better: SP2013_Search_Service_AdminDB")
  • SP2013_Search_Service_AnalyticReporting- Stores the result of usage analysis report.
  • SP2013_Search_Service_CrawlStore - The crawl database contains detailed tracking and historical information about crawled items
  • SP2013_Search_Service_LinksStore - Link database, Stores the information extracted by the content processing component & click-through information of searched items.
The above script creates search service application in sharepoint 2013 using PowerShell for a stand-alone environment. If you are looking for creating SharePoint search service application in multi-server farm, refer: create and configure a search service application in sharepoint 2016 Multi-server Farm

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.

Thursday, November 21, 2013

Bing Maps with GeoLocation Column in SharePoint 2013

SharePoint 2013 introduced a new functionality called "Geolocation" as a Field type to enable location based data in SharePoint lists. So with GeoLocation field, we can bring "Map" experience to the users.  Geolocation Field type is not enabled by default. We have to do few configurations to make it available in SharePoint 2013.

Here are the steps in summary to enable Geolocation field in SharePoint 2013:
  1. Register for a Bing map key
  2. Set Bing map key in SharePoint
  3. Add GeoLocation column to SharePoint  site/list Programmatically.
Pre-requisites: You need to have SQLSysClrTypes.msi installed on every SharePoint front-end web server for SharePoint 2013 GeoLocation-Bing Map functionality. So, Download and install "SqlSYsCLRTypes.msi' from: (For SQL Server 2012.)

Step 1: Get a Bing map key Obtain a Bing map key by registering at: In my case, Here is what I've created by clicking "Create or View Keys".
On clicking Submit, you'll get a message "Key created successfully" with Keys listed below the form.
sharepoint 2013 geolocation field

Step 2: Set Bing Map Key in SharePoint 2013
Login to your SharePoint Server, From SharePoint Management PowerShell, Enter:

Set-SPBingMapsKey –BingKey "<Bing Maps key obtained>"

This sets Bing API Key at the farm level. Its also possible to set Bing map key at Web Application Level.

Step 3: Add GeoLocation Field to SharePoint Site/List
Unfortunately, There is no UI way to add Geolocation column to SharePoint site or List! So, Lets do it programmatically using PowerShell.
Add-PSSnapin Microsoft.SharePOint.PowerShell

#SharePoint Site URL to add Geolocation field
$webURL = ""

#Field definition for Geolocation  
$fieldXml = "<Field Type='Geolocation' DisplayName='Location' />"

#Get the Web 
$web = Get-SPWeb $webURL

#Add field to the Web
This adds "Location" field to the provided SharePoint web. You can Navigate to List settings >> Add from Existing columns and then Select "Location" column under Custom columns group.

Its also possible to add GeoLocation column directly to the SharePoint list. Here is the PowerShell script:
Add-PSSnapin Microsoft.SharePOint.PowerShell

#SharePoint Site URL and List name parameters.
$webURL = ""
$ListName = "Project List"

#Field definition for Geolocation  
$fieldXml = "<Field Type='Geolocation' DisplayName='Project Location' />"

#Get the Web & List  
$web = Get-SPWeb $webURL
$list = $web.Lists[$ListName]

#Add the Field to List  

#or use: $FieldType = [Microsoft.SharePoint.SPFieldType]::Geolocation
#$List.Fields.Add($columnName, $FieldType, $false)

Set GeoLocation column Value:
Now, You can enter locations either by Providing Latitude-Longitude coordinates or based on current location. On clicking "Use My Location" link, SharePoint automatically sets the location based on your IP!
sharepoint 2013 geolocation column
 and the Geolocation field in action!
GeoLocation Column in SharePoint 2013

Map View
Geolocation functionality also provides an another feature: Map View, which gives map layout for the locations tagged. Just create a new view for your list/library >> Choose "Map View"
How to Create Map View in SharePoint 2013

and the result goes here:
To add Geo-location column to SharePoint Online, refer: How to Add Geo-location (Bing Maps) Field to SharePoint Online List using PowerShell?

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.

Wednesday, November 20, 2013

Integrating Windows Live ID, Google and Facebook Authentications with SharePoint 2013

Federated authentication mechanism handles authentication by external providers which send the token back to SharePoint. So, Instead of we, creating accounts internally (in AD, SQL Server) for external users and partners, We can make use of external authentication providers like Microsoft Live ID Accounts, Google, Yahoo, Facebook accounts (or even external Active Directory - ADFS ) to manage authentication. Its extremely useful with public facing SharePoint sites, isn't it?

This article walks through step by step on integrating Windows Live ID, Google and Facebook account authentications with SharePoint 2013.

To start with, Here are the steps in summary:
  1. We need Windows Azure ACS (Access Control Service) as our Trusted Identity provider. Subscribe and get one.
  2. Add new Identity Provider for SharePoint 2013 with PowerShell.
  3. Authorize users by granting them access to the web application.

Step 1: Configure Azure ACS with required Providers:

Create a Windows Azure Account
We need Windows Azure Access Control Service (ACS) to handle authentication from external entities. From ACS we can to choose Providers like Microsoft Live ID, Google , etc. Create a windows Azure Account - Subscribe for Azure (you must have a Microsoft Live ID & may need credit card).
Go to: and register a new account.
Integrating Windows Live ID accounts with with SharePoint 2013
I registered a Trial account with Azure. If you are part of any Windows Azure user groups, you can obtain a free coupon and get Windows Azure 30 days free pass at:

Create New Azure Access Control Service
  • Login to Windows Azure Portal, Click on "New" link from the footer pane >> App Services >> Active Directory >> Access Control >> Quick Create. Provide Namespace and location for your ACS service.
  • Once the service is created and activated, Select the ACS and Click on "Manage" link from the footer pane. This takes us to the ACS configuration page.
    Integrating Google Authentications with SharePoint 2013

Configure Azure ACS

There are four settings we got to configure in ACS.
  1. Identity providers
  2. Relying party applications
  3. Rule groups
  4. Certificates and keys
Proceed to the below configurations one by one.

1. Identity Providers:
  • To start with, click on "Identity Providers" link - You'll notice "Windows Live ID" already listed there. You can add additional providers by clicking "Add" link in Identity Providers Tab. Lets Add "Google"
  • From the list, Choose "Google" and click on "Next" button
  • Click Save button to complete the changes.

Integrate Facebook Authentication with SharePoint 2013:

For Facebook accounts integration with SharePoint 2013, We need to do one more step: Create New Application in Facebook and then add the provider as Facebook in ACS.
  • Go to Facebook Apps,
  • Create new Facebook Application
  • Give it a App Name and App Namespace. Click on "Continue"
  • Provide the Website with Facebook Log-in as: https://{your ACS Namespace}
  • Click Save Changes.
Now, in ACS:
  • Add new "Facebook Application" identity provider and Click Next 
    sharepoint 2013 facebook authentication
  • Enter Application ID, Application Secret values from Facebook application.sharepoint 2013 facebook integration
  • Click on save to complete your changes. Now our identity providers page contains these three identity providers:
2. Relying party applications:
Relying party application is generally a web site or application that uses ACS for Authentication. Here in our case, Its our SharePoint site. So, Lets create a Relying party Application.
  • Go to Relying Party Applications Tab, Click on "Add"
  • Enter the below parameters: Give it a Name (can be anything)
  • Specify the "Realm" as your SharePoint Web Application's URL (Say:")
  • In Return URL, Just append /_trust , So, in our case, Its:
  • Token format should be SAML 1.1
  • Set the Token timeout value to 3600
  • Make sure "Create new rule Group" is checked and click "Save" button
3. Rule groups:
  • Click on "Default Rule Group for"
  • Under rules, You'll get a message: "No rules have been added. Click on "Generate" link just above "Rules" section
  • Select the providers, Hit Generate button again on the apps presented. Click on "Save"
  • If you visit the default Rule group again, You will see the mapping fields used by these providers.
You can also map additional properties from providers.

4. Certificates and keys:
We have to Encrypt the traffic between ACS and our SharePoint environment by exchanging certificate between Azure ACS and SharePoint. So, we need a Digital certificate. You can create SSL certificate from development environments with MakeCert.exe.

MakeCert.exe is part of Windows SDK. You can download it from: .MakeCert lives under: C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\BinSo, in command prompt: enter:

C:\>cd "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin"

MakeCert.exe -r -pe -n "" -sky exchange -ss my -len 2048 -e 11/15/2014

This will generate the certificate and install it automatically to the trusted certificate store. Or you can use:
MakeCert.exe -r -pe -n "" -sky exchange -ss my -len 2048 -e 11/15/2014 -sv "c:\Extranet.pvk" "c:\Extranet.cer "

If makecert.exe is not available, Use IIS self signed certificate creation with the specified common name, and the export the .CER & PFX files from Certificates Snap-in through MMC.
Import the Certificate to ACS:
  • Once certificate is generate, on the certificates and keys tab, Click on "Add link"
  • Browse to the certificate created (.pfx), provide password of it and then click "Save"
Warning: MakeCert.exe is not recommended for Production environments!


Step 2: Add new Trusted identity Provider as Azure ACS

We've our authentication providers ready now! We've make SharePoint aware by creating a new "Trusted Authentication Provider". Here is the PowerShell script to create new trusted authentication provider.

Add-PSSnapin Microsoft.SharePoint.PowerShell
#Realm we created in Azure
$realm = ""

#Replace "" and "" with yours here!
$signinurl = ""

#Location of the certificate generated with Makecert.exe
$certloc = "C:\"
$rootcert = Get-PfxCertificate $certloc
New-SPTrustedRootAuthority "Windows Azure ACS" -Certificate $rootcert

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certloc)

#Map the Fields from Rules Created for All Providers: Facebook , Google & Live ID
# NameIdentifier Field
$NameIdentifier = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "UPN" -LocalClaimType ""
# Email Field
$Email = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Email" -SameAsIncoming
#Given Name Field
$GivenName = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Display Name" –LocalClaimType ""
$AccessToken = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Access Token" -SameAsIncoming
$Expiration = New-SPClaimTypeMapping -IncomingClaimType "" -IncomingClaimTypeDisplayName "Expiration" -SameAsIncoming

#Create New Trusted Identity Provider
New-SPTrustedIdentityTokenIssuer -Name "Live ID/Google/Facebook" -Description "Live ID/Google/Facebook" -Realm $realm -ImportTrustCertificate $cert -ClaimsMappings $NameIdentifier, $Email, $GivenName, $AccessToken, $Expiration -SignInUrl $signinurl -IdentifierClaim ""

# IdentifierClaim defines the Field to display on User Name
# E.g. If you use only Google: New-SPTrustedIdentityTokenIssuer -Name "Google Account" -Description "Google Account" -Realm $realm -ImportTrustCertificate $cert -ClaimsMappings $NameIdentifier,$Email,$GivenName  -SignInUrl $signinurl -IdentifierClaim $Email.InputClaimType
# Make sure that the IdentifierClaim is common for all providers, if you are using more than one!

Step 3: Authorize users by granting them access to the web application.

Associate Authentication provider to the target web Application:
  • Go to Central Admin >> Application Management >> Manage Web Applications
  • Select the web application you want to enable Federated Authentication
  • Click on "Authentication Providers" from Ribbon >> Click on 'the "Default" link >> Scroll down
  • Enable "Live ID/Google/Facebook" under "Trusted Identity Provider section
Grant Users Access:
So the authentication part is over. we've to handle authorization from SharePoint side, as we do for Windows AD accounts. Lets create a user policy to grant all users of the trusted identity provider to Read access to all sites in the web application (Otherwise, They'll get "Access denied" error message.
  • Go back to Manage web applications page, Click on "User Policy" button from the ribbon. 
  • Click on Add Users
  • Choose All zones and click Next
  • Under Uses section, Browse and select "All Users"
  • Select "Full Read" permission and Click Finish.
Unit Test:
That's all! we are done!!
  • Hit the SharePoint Web Application URL. Users presented with login page.
  • From the list, choose "Windows Live ID/Google/Facebook"Integrating Windows Live ID, Google and Facebook Authentications with SharePoint 2013
  • Choose the appropriate login provider which takes us to the appropriate login screens.
Verify users are able to access SharePoint site with Google & Facebook accounts. Here are some screen shots:

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.

Monday, November 18, 2013

Configure Managed Navigation in SharePoint 2013 - Step by Step

Managed navigation is a new feature in SharePoint 2013 that enables us to create SharePoint site collection's navigation from managed metadata. Managed navigation is consistent within the site collection, So that when you need to update the hierarchy, you update it once for the entire site collection and every site automatically updates its navigation.

Managed Navigation in SharePoint 2013 also provides Friendly URLs
We can show content from any complex URLs, different locations. But the end users even won’t actually know where actual content is stored. URLs will be rewritten to friendlier format and presented to end-users. E.g. while the actual page lives under, in Friendly URLs the address bar can set to:

So, Friendly URLs gives the flexibility how you want your site organized and optimizes your URLs for SEO without changing the structure of your site.

How to Enable Managed Navigation in SharePoint 2016?
Lets configure managed metadata navigation in SharePoint 2013 or 2016 in just two steps:
  1. Create the navigation structure in either Global (from Central Admin) or Local term store (from site collection)
  2. Edit the site collection's Navigation settings to use the navigation created in term store.
Step 1: Create Managed Navigation Structure in SharePoint 2013:
We need to define the Managed Metadata term set that will be used for navigation. So, let’s start creating a new Term Group called "Global Top Navigation" from Central Administration. You can also create it as "Local Term Store" from Site Settings >> Term store management under Site administration.
  • Go to Central Administration
  • Application Management >> Service Applications >> Click the link for Managed Metadata Service. (I'm assuming you have already created the Managed Metadata service application! If not, please create one)
  • We get Term store Management Tool now. You can create Terms to for your desired navigation. Here is mine:
     sharepoint 2013 managed metadata navigation
  • I've created a term group "Global Top Navigation" and Term set "Top Navigation" and few terms. 
  • Click on the term set "Top Navigation", In the right panel, click the tab for Intended use, Check the check box "Use this Term Set for Site Navigation" to enable the term set for navigation. Click the save button to save the changes.
     managed navigation in sharepoint 2013
  • For each Term you just created (Home, About Us, Overview, etc), use the "Navigation" tab to specify target links for each menu item.
  • Add the URL to each term as "Simple Link or Header", else in many scenarios, it will not appear in menu. 
  • For Friendly URLs: Managed navigation provides friendly URLs, meaning the actual URL E.g will be hidden from end user, but they see only: . You can configure the friendly URL assigned to a term and the target page URL in managed navigation. Here is how: 
    Set the Navigation tab option to "Term-Driven Page with Friendly URL" and Go to the term driven pages tab. This page shows the settings for friendly URLs for the term set.
  • and set the Friendly URL for the navigation item.

Configure Site Navigation to use Managed Metadata:
  1. Go to the root web of the site collection >> Site Settings  >> Click on "Navigation" link under Look and Feel (You need to have Publishing Feature activated first to get "Navigation" link!)
  2. In the Global and Current Navigation settings, You can choose "Managed Navigation" menu
  3. Choosing it enables you to reuse an existing term set or create a new one to represent your site;  Under the Managed Navigation Term Set, Specify the Term set we created earlier.
    sharepoint 2013 managed navigation term set
That's all! Here is the output:
sharepoint 2013 managed metadata navigation
That's all! We are done setting up managed navigation in SharePoint 2013.

Consistent top navigation across multiple site collections:
Unfortunately, Only one site collection can use a particular term set for Managed Navigation! Managed Navigation is limited to the current Site Collection and cannot be used across multiple Site Collections.

So, Its not possible to share the Navigation Term sets on different site collections to establish a global navigation across site collections.  If you try to use the same set on multiple site collections, you will get the following message:

If you continue and browse back to the site that used the original term set, you will receive an in-line error stating:

Error loading navigation: The Managed Navigation term set is improperly attached to the site. (Correlation ID: c0c8579c-d8aa-d07a-0000-015700cba279)

Managed navigation across Site Collections: Solutions
  1. Use a delegate control to replace the standard Global navigation. More info here:
  2. Create Copies of Navigation Term set: You can PIN the term set to another one, So that the changes will be replicated and you can specify different term sets with same nodes on each site collections. This works when you have very few site collections.
  3. Another alternate would be: copying terms to each site collection from Global term store (No worries, PowerShell can help here, I'll post one soon)
Security Trimming & audience targeting in sharepoint 2013 managed navigation:
Other limitation to note:  Managed Navigation neither provides Security Trimming nor audience targeting! I used to create a custom navigation provider to establish a consistent top navigation for all site collections in SharePoint 2010/2007 versions.

Managed Navigation order: From the "Custom Sort" tab, You can sort Metadata terms.
sharepoint 2013 managed navigation order

Overview of managed navigation in SharePoint Server 2013:

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.

Tuesday, November 12, 2013

Configure SharePoint 2013 Environment for Apps

As sandbox solutions are deprecated, SharePoint 2013 brings the new capability called "Apps" to extend SharePoint with client side code. Although the conventional SharePoint solution approach (Full Trust) is still there, Microsoft encourages the usage of Apps. Everything is an App, including Lists & Libraries, Web Parts, etc. 

This implementation guide walks through configuring apps for SharePoint 2013 step by step.

Steps In Summary:
  1. Create a forward Look-up zone and Wildcard Alias (CNAME) in your DNS Server.
  2. Start App Management Service and Subscription Services. Create Service Applications for them.
  3. Configure App management service by creating App catalog and providing App URLs.
  4. Install Apps to App Catalog from App Store / In-house. Add them to SharePoint sites.


 Step 1: Create New Forward look-up zone 

As SharePoint 2013 apps works on its own domain, we need to have a new domain created in DNS sever. So, lets create a new domain in DNS say: Login to your DNS server and create a new Forward Look-up zone.
sharepoint 2013 apps configuration
Create a Wildcard (*) CNAME in, Point it to your SharePoint site: there is a HOST A Record: is already created)
Prepare SharePoint 2013 for Apps
Verify that the zone created successfully by pinging it. Type in command prompt:
It should get the reply from

Step 2: Start App Services and Create Service Applications

Go to Central Admin >> System Settings >>  Manage services on server
Start these two services :
  • App management service
  • Microsoft SharePoint Foundation Subscription Settings Service  - which takes care of multi-tenancy feature for apps.
configure SharePoint 2013 Environment for Apps
and then two service application needs to be created. App Management service can be created via Central Administration . But the Subscription service application can't be created via Central Admin.

Create App Management Service Application
Go to Central Admin >> Application Management >> Service Applications >> New >> App Management Service. Provide necessary parameters and create new App Management service application.

Create Subscription Settings Service Application using PowerShell
Subscription settings service application can be created only with PowerShell and there is no Central Admin UI!
#Get the managed account to use.
$account = Get-SPManagedAccount "Crescent\SPSvcServApp" 

# Create New application pool for the Subscription Settings service application. 
$AppPoolSubSvc = New-SPServiceApplicationPool -Name SubSettingsServiceAppPool -Account $account

# Create Subscription Settings service application
 = New-SPSubscriptionSettingsServiceApplication –ApplicationPool 
$appPoolSubSvc –Name SubSettingsServiceApp –DatabaseName 

# Create a proxy for the Subscription Settings service application.

$proxySubSvc = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $appSubSvc

You can verify the subscription service application created from central admin:
How to create subscription service for Apps

3. Configure App management service by creating App catalog and providing App URLs.

Configure the App URL
Go to Central Admin >> Apps >> Click on App URL under App Management, Specify App Domain (Say: and App Prefix (say: App)
sharepoint 2013 apps url

Configure App Catalog - App catalog is the repository for Apps. In other words, Its actually is a site collection on the web application that hosts the apps.

Go to Central Admin >> Apps >>  Manage App Catalog >> Pick the relevant web application and create a new SharePoint 2013 app catalog site.
Create sharepoint 2013 app catalog
Grant access to "NT Authority\Authenticated users" under End-users section. That's all, we've done configure SharePoint 2013 apps environment.
sharepoint 2013 app catalog site

4. Install Apps to SharePoint site from App Store / In-house.

Install Apps:
Go to your App Catalog site, Click on "SharePoint Store" link from Quick launch.
SharePoint Store
Pick the desired application and Add the App. You may be prompted to Login with your Microsoft account (Hotmail/
How to add app from SharePoint store
Once installed, you can add that app to your SharePoint sites, by clicking "Add an app" from site settings menu.
How to Add an App to SharePoint site
Pick the desired app to create a new instance of it.
View All Apps


Let's Try this again Error Message:
You get this error message, when trying to install new App.
Lets try this again...
Everything is fine, but we had a small problem getting your license. Please go back to the SharePoint Store to get this app again and you won't be charged for it.
Lets try this again...  Everything is fine, but we had a small problem getting your license

Solution: Don't Install apps with Farm Admin account ( or System account). Login with the account other than Farm Admin account install again!

HTTP 404 The Web Page Cannot be Found error:
If you use path based site collections with Host header (which is other than the machine name),  it results page cannot be displayed error, When try adding apps..
sharepoint 2013 apps page cannot be displayed
Solution: Create a web application without host headers on Port 80!  Also Stop/Delete the Default Web Site from IIS (Thanks to Technet Forums!). It also happens for reasons such as: Forward lookup zone is not created, Your App Domain settings in Central Admin is Wrong, etc!

To create a new web application using PowerShell:
$ap = New-SPAuthenticationProvider

New-SPWebApplication -Name "SharePoint - 80" -ApplicationPool "SharePoint 80" -ApplicationPoolAccount (Get-SPManagedAccount "Crescent\Administrator") -Port "80" -AuthenticationProvider $ap -AuthenticationMethod NTLM -DatabaseName "WSS_Content_default"

Technet guide: Configure an environment for apps for SharePoint 2013
Configure an Environment for Apps for SharePoint 2013  

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.

You might also like:

Related Posts Plugin for WordPress, Blogger...