Monday, August 8, 2016

Create SharePoint 2013 Secure Store Service Application using PowerShell

PowerShell Script to Create SharePoint 2013/2016 Secure store Service application:
Secure Store Service was introduced as a replacement to the SSO feature since SharePoint 2010. Secure Store Service is a shared service that provides storage and mapping of credentials such as account names and passwords. It solves the problem of having to sign into many applications and entering different usernames and passwords. It enables you to securely store data that provides credentials required for connecting to external systems and associating those credentials to a specific identity or group of identities

Create Secure store Service application using PowerShell in SharePoint 2016:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
 
#Configuration Parameters
$ServiceAppName = "Secure Store Service Application"
$ServiceAppProxyName = "Secure Store Service Application Proxy"
$AppPoolAccount = "Crescent\SP16-AppPool"
$AppPoolName = "Service Application App Pool"
$DatabaseServer ="SP16-SQL001"
$DatabaseName = "SP16_Service_SecureStore"

Try {
    #Set the Error Action
    $ErrorActionPreference = "Stop"
 
    #Check if Managed account is registered already
    Write-Host -ForegroundColor Yellow "Checking if the Managed Accounts already exists"
    $AppPoolAccount = Get-SPManagedAccount -Identity $AppPoolAccount -ErrorAction SilentlyContinue
    if($AppPoolAccount -eq $null)
    {
        Write-Host "Please Enter the password for the Service Account..."
        $AppPoolCredentials = Get-Credential $AppPoolAccount
        $AppPoolAccount = New-SPManagedAccount -Credential $AppPoolCredentials
    }
 
    #Check if the application pool exists already
    Write-Host -ForegroundColor Yellow "Checking if the Application Pool already exists"
    $AppPool = Get-SPServiceApplicationPool -Identity $AppPoolName -ErrorAction SilentlyContinue
    if ($AppPool -eq $null)
    {
        Write-Host -ForegroundColor Green "Creating Application Pool..."
        $AppPool = New-SPServiceApplicationPool -Name $AppPoolName -Account $AppPoolAccount
    }
 
    #Check if the Service application exists already
    Write-Host -ForegroundColor Yellow "Checking if Secure Store Service Application exists already"
    $ServiceApplication = Get-SPServiceApplication -Name $ServiceAppName -ErrorAction SilentlyContinue
    if ($ServiceApplication -eq $null)
    {
        Write-Host -ForegroundColor Green "Creating Secure Store Service Application..."
        $ServiceApplication = New-SPSecureStoreServiceApplication -Name $ServiceAppName –ApplicationPool $AppPoolName –DatabaseName $DatabaseName –DatabaseServer $DatabaseServer -AuditingEnabled:$false
        $ServiceApplicationProxy = New-SPSecureStoreServiceApplicationProxy -Name $ServiceAppName" Proxy" -ServiceApplication $ServiceApplication -DefaultProxyGroup
    }
 
    #Start service instance 
    $ServiceInstance = Get-SPServiceInstance | Where-Object { $_.TypeName -like "*Secure Store Service*" }

    #Check the Service status
    if ($ServiceInstance.Status -ne "Online")
    {
        Write-Host -ForegroundColor Yellow "Starting the Secure Store Service Instance..."
        Start-SPServiceInstance $ServiceInstance
    }
 
    Write-Host -ForegroundColor Green "Secure Store Service Application created successfully!"
}
catch {
    Write-Host $_.Exception.Message -ForegroundColor Red
 }
 finally {
    #Reset the Error Action to Default
    $ErrorActionPreference = "Continue"
 }
Create Master Key for Secure Store Service using PowerShell:
#Config parameters
$Passphrase = "Password1"
$ServiceAppProxyName="Secure Store Service Application Proxy"

#Get the Service App Proxy
$ServiceAppProxy = Get-SPServiceApplicationProxy | where { $_.Name -eq $ServiceAppProxyName}

#Create Master key
Update-SPSecureStoreMasterKey -ServiceApplicationProxy $ServiceAppProxy -Passphrase $Passphrase

Don't forget to change the values in #Configuration Parameters section!

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Friday, August 5, 2016

Configuring Web Application User Policy in SharePoint 2013 / 2016

A SharePoint web application may have hundreds or thousands of site collections. Providing same access to all of those site collections for a set of users can be difficult task, isn't it? So here is where SharePoint Web application Policies comes to play. Consider these practical scenarios where:
  • Your SharePoint search crawl account needs read access on all site collections.
  • You'll have to provide Read access to all site collections to "Auditors" group of your organization
  • You may want to provide read access to all users for an Intranet web application.  
  • Your CIO wants to get Full control on all site collections. 
  •  Your fellow farm administrator needs full control over all site collections on the SharePoint 2013 web application, etc.
Web application user polices are the comprehensive way to apply to permission to all site collections in a web application. Web application policy either grant or deny permissions to a set of users. By default, a web application has these four permission policy levels predefined:
  • Full Control
  • Full Read
  • Deny Write
  • Deny All
In fact, the Web application User policy is basically a mapping between Active Directory user or group and certain Web Application Level Permission policy. 

Permissions applied using web application User Policy simply supersedes all other permissions applied at the individual site collection level. E.g., if a user has Read access to some site collections, granting the Full Control permission gives the user "Full Control" all site collections within the entire web application. With web application level permission policies you can control centrally manage access to all content in the web application without individually adding site collection administrators on each site.

Deny permission level takes precedence over any existing permissions applied. E.g. Applying Deny All to a user prevents any and all access to a web application and all its site collections. BTW, Deny policy at web application level is the only way to block someone's access to SharePoint.

To access the user policy for a web application using Central Administration:
  1. Open SharePoint 2016/2013/2010 Central Administration site as a Farm Administrator
  2. Click Application Management >> Select Manage Web Applications.
  3. Select your target web application >> Click the User Policy button from the ribbon.web application policy in sharepoint 2013
  4. This page lists all user policies created for the web application. Usually, you'll find the search service application crawl account here with full read access user policy to granted. web application user policy sharepoint 2016
How to add new Web application user Policy:
To add a new policy, click the Add Users link. Then perform the following steps:
  1. From the Policy for Web Application dialog box, click on "Add Users" link. 
  2. Select All Zones for the web application and click on Next (You can optionally select a single zone such as Internet and limit the policy with the zone)web application policy sharepoint
  3. Enter one or more user account names or security groups. You can enter multiple users or security groups.
  4. Select the permission policy levels that you want to apply. You can add custom permission policy levels from "Permission Policy".
  5. Optionally, you can select the "Account Operates As System" check box, which means if a user creates or modifies any item in this web application, the Created By and Modified by entries will be shown as: System Account.Add user to web application user policy sharepoint 2016
  6. Click Finish to save your changes. This ensures consistent security permissions across site collections of a web application.
By providing permissions policy at the web application level, Our purpose is to control who has access to the content within the site collections that are associated with the web application.
 
Edit Existing User Policies:
To edit any of the existing policy:
  • Click on the corresponding "Display Name" value (or you can check the policy and click the Edit Permissions Of Selected Users link). 
  • In the edit policy dialog box, adjust any required settings, such as permissions and click on Save once done..

To Delete a Web Application User Policy:
To remove a user policy, simply select the policy and click on "Delete Selected Users" link, Confirm when prompted.

As a best practice, use Active directory security groups in SharePoint web application user policies as adding individual users triggers search crawl to trigger. This procedure applies to all version of SharePoint SharePoint 2016, 2013, 2010, and 2007!

Related post: PowerShell script to Add Web Application User Policy in SharePoint

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Thursday, August 4, 2016

How to Add a New User Group in SharePoint 2016

It is best practice to assign permissions to groups and add users to those groups rather than granting permission directly. If the default groups do not suit your needs, you can create new groups.

Lets see how to create new SharePoint 2013 groups.
Make sure you logged in as a site collection administrator or Site owner to create a new group in SharePoint!

Create a New Group in SharePoint 2016:
  • Login to the site where the group needs to be created
  • From the home page, click on Settings gear icon and choose Site Settings from the drop-down menu.
  • Click on Site Permissions under users and permissions section.
  • Click on Create Group icon from the ribbon.
  • Give a Name of the group and Description on the Create group page
  • You can assign group owner or add an additional group owner Optionally. The owner will be able to edit group membership. Select who can view membership of the group and who can edit group members.
  • Select the appropriate setting for membership requests.
  • Select the appropriate permission levels(s) for the group. Any permissions selected here will apply to the entire site.
The new SharePoint group will be created and you will be taken to the People and Groups page where you can start adding users to the group created.

Related post: How to create a SharePoint group using PowerShell

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Tuesday, August 2, 2016

How to Create SharePoint 2016 Design Package using Design Manager

How to create a design package in SharePoint 2016:
The design package is a .wsp file that can be created through the Design Manager in SharePoint 2013 or SharePoint 2016, contains branding assets that are stored in Design Manager. With the packaging feature of Design manager, we can package all our branding artifacts into Re-deployable package (wsp) without using Visual studio.
Refer this article to create a custom master page using SharePoint 2016 design manager: How to Create a Custom Master Page Using Design Manager in SharePoint 2016 - Step by Step
Here are the steps to create and apply a design package:
  1. Create a design package using Design Manager in SharePoint 2016
  2. Export design package WSP file from the source site collection
  3. Import & Apply design package to the target site
Step 1: Create a design package in SharePoint 2013/2016:
Creating the design package is quite simple.
  • Go to Site Settings >> Design Manager 
  • Click on "Create Design Package" link from the design manager left navigation
    sharepoint 2013 create a design package
  • Design manager gives the name and version number for you automatically - You can rename it if required. Optionally you can include the Site Collection search configuration in the package. Click on "Create" button to create the WSP package.
    create a design package in sharepoint 2016
  • Wait for a while it generates the WSP package with all branding artifacts, including: MasterPages, Page Layouts, Display Templates, CSS Style Sheets, JavaScript files, Images, etc. Once the package creation is completed, you'll get the link to download the wsp file. This generates a WSP file that will live in the Solutions gallery
  • Export design package: Click on "Your Package is ready. Click here to download" link to download the wsp.
    sharepoint 2013 design package download
The design package will be stored in side solution gallery of the site collection that can be found here: http://site-collection-url/_catalogs/solutions


Step 3: SharePoint 2013 import design package (wsp)
Once the design package is ready, can be imported to any site through the "Import design package" option in Site Settings. we can port it to anywhere and apply the new design through this package. Here are the steps to apply the design package in the target site.
Make sure the destination site collection is a publishing site or have Publishing feature enabled!
  • Navigate to the site settings of the target site. Click on "Import Design Package" link under "Look and Feel" section
    upload design package sharepoint 2013
  • Click on "Browse" button and select the WSP file generated from the previous step. Click on "Import" button once.
    sharepoint 2013 import design package powershell
  • Wait for a while til it gives the message "import of package "your package name" succeeded".
    sharepoint online import design package
That's all. This actives the sandbox solution automatically and your new design should be live now!

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Monday, August 1, 2016

How to Create a Custom Master Page Using Design Manager in SharePoint 2016 - Step by Step

What is Design Manager in SharePoint 2013?
Design manager is a nifty tool introduced in SharePoint 2013 that uses HTML based approach to convert static HTML templates into SharePoint master pages and page layouts. Use Design manager, if you want to implement Branding and customization to your SharePoint sites. The overall idea of SharePoint design manager is: Have your web site template prototype designed by someone who is good at web design and then you use that HTML file to convert to SharePoint Master page. Lets have a SharePoint design manager walk-through.

Enable design manager in SharePoint 2013:
Design manager is enabled by default in SharePoint server publishing sites. You may have to activate publishing feature for other site templates to enable design manager in SharePoint 2013. Design manager is available only in SharePoint Server 2013/2016 and Office 365.

SharePoint 2013 design manager permissions
Make sure you have at least "Designer" permissions in order to start using the Design Manager.

How to open design manager SharePoint 2013?
You can access design manager either from Site actions menu or from site settings page as in the below screen! Design manager URL: /_layouts/15/DesignWelcomePage.aspx
design manager sharepoint 2013 missing
You'll get Design manager wizard with below steps:
  1.     Welcome
  2.     Manage Device Channels
  3.     Upload Design Files
  4.     Edit Master Pages
  5.     Edit Display Templates
  6.     Edit Page Layouts
  7.     Publish and Apply Design
  8.     Create Design Package
Among the above steps listed, we need only three steps to create/customize master pages in SharePoint 2013. Lets see how to use design manager SharePoint 2013 to create a custom master page.

Step 1: Upload Design files


Working with design manager in SharePoint 2013 is quite simple. Go to Upload Design Files: On this page it will ask you to map out your drive so that you will be able to use any HTML editor to access your design files in the future for editing. Here is how to map network drive setup for Master pages library:
  • In Design Manager, Click on "Upload Design Files" tab. You'll get the URL to map to network drive. Copy it to your clipboard.
    design manager in sharepoint 2013 step by step
  • SharePoint 2013: Design manager - map network drive: Go to Start >> Right Click on "Computer" and then choose "Map to network drive". Enter the URL you copied from SharePoint Design Manager and then click on "Finish" button.
    design manager tutorial sharepoint 2013
This opens your Master Pages library in Windows Explorer view: http://intranet.crescent.com/_catalogs/masterpage/
Its a good idea to create your own folder in Master Pages library to keep all your files in one single location. I've created my folder "Crescent" there!
In Windows Server 2008 or 2012, You have to install desktop experience feature in order to enable map network drive. Map Network Drive in Windows Server 2008 or 2012
Once you map you map a network drive to the Master Page Gallery folder, it gives you easier way to save files in the correct location.

Upload Design Files
Now upload the HTML version of your Master Page and all CSS, JS, image and any other design assets to the mapped location. The overall idea of Design manager is: You create a visual design for your website by using any web design tool or HTML editor, and then use Design Manager to import the design into SharePoint. To do this, you have to make sure that the design tool stores its files in your site’s Master Page Gallery,
sharepoint 2013 design manager step by step

Step 2: Edit Master Pages - Convert HTML template to SharePoint Master page

 A master page defines common elements across all the pages of your site. You can use the network drive you mapped earlier to edit your master pages using any HTML editor. To preview your master page, click on its file name or status. While previewing your HTML master page, use the Snippet Gallery to get code snippets for SharePoint functionality that you can copy and paste into your HTML file.
  • Go to "Edit Master Pages" tab, Click on "Convert HTML file to a SharePoint Master Page" link, 
  • Browse and locate the HTML template you uploaded in the previous step.
 design manager sharepoint 2013 tutorial
Do not edit the .master file, always edit .html file! SharePoint takes care of updating the .master page automatically.

Make sure your HTML template is XML compliant! You can use W3C Validator: https://validator.w3.org/

Wait for a while, and your HTML master page should be converted with an extension .master page. Once converted you will see the converted Master Page in the List with the status Conversion Successful. If you encounter any warnings or errors, use this link to troubleshoot: https://msdn.microsoft.com/en-us/library/office/jj822362.aspx

Modify the master page to wrap inside content place holder:
Now, Click on the "Index" file to see the preview of the HTML master page generated. If you scroll down, You'll find this below:
This div, which you should delete, represents the content area that your Page Layouts and pages will fill. Design your Master Page around this content placeholder.
Which simply tells you that this content place holder in the HTML file should be wrapped inside the appropriate content place holder of your HTML template file.
  • Open the HTML Master page file (Index.html) in SharePoint designer 2013 and find the DIV <div data-name="ContentPlaceHolderMain">
  • Move the above DIV completely inside to the content area of your HTML template file. Once moved, your HTML master page will look like:
    sharepoint design manager example
SharePoint 2013 design manager snippets 
Once the master page is generated, the next step is to add SharePoint functionality to the master page using snippets. Snippets allow you to take SharePoint widgets and plug it into your master page. E.g. Search box, Top Navigation Menu, etc.  To Access snippets, Click on your HTML master page generated, Click on "Snippets" link at the top, Pick the required component and then copy the code to your Master page using SharePoint designer or some other editing tools.

SharePoint Design Manager vs SharePoint Designer: Don't confuse SharePoint Designer with Design Manager! The Design Manager is a feature of Publishing sites and can be used to Design SharePoint Branding artifacts like Master Pages, Page Layouts, etc. 
sharepoint 2013 design manager snippets
Go to the Master Pages Library from SharePoint site, Locate and Publish the HTML Master page once.

Step 3: Apply the New Master page:

Now navigate to Site Settings >> Look and Feel >> Master Page, Select the master Page You created and click on OK to use it for the site collection.
using design manager sharepoint 2013
You can also create a package for your design to make it deployable to other site collections.

You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


You might also like:

Related Posts Plugin for WordPress, Blogger...