I’ve mentioned a few times on my blog that I was going to post a sample install script which can be used to set up and configure a basic MOSS install (will also work with WSS but you’ll need to pull a lot out) and now I’ve finally got around to actually doing it. I’ve created a zip file which contains two files that you can download. The first file, variables.bat, simply contains the core configuration settings that you’ll want to change as you build each of your environments. The second file, install.bat, is the main install file which calls the psconfig tool and numerous stsadm commands (there’s also a snapshot (WSP) of my custom extensions which the install.bat file will install immediately after psconfig does what it needs to do). You can use whatever accounts you want but I tend to follow a least priveledges model. The following list details the specific accounts typically needed as well as the actual configurations that must be manually made for each account (if applicable). Note that the sample script and the information below assumes that you are using Kerberos.
- SqlSvrSvc: SQL Server Service Account
- Machine SQL Server is running on must be trusted for delegation for Kerberos
- Needs an SPN for “MSSQLSvc/%DBSERVER%” (host and FQDN)
- SpAdmin: SharePoint Administrator
- Member of the local admin group on each server in which setup is run
- SQL Server logon requiring the following roles
- securityadmin
- dbcreator
- db_owner for each database that stsadm may need to interact with
- Should NOT be a member of the local admin group on the SQL Server servers
- SpFarm: SharePoint Server Farm Account
- Must be trusted for delegation for Kerberos
- Needs an SPN for “HTTP/%WEBSERVER%” (host and FQDN)
- Must be added to WSS_WPG group on WFE
- SspAppPool: SharePoint SSP Application Pool Account
- Must be trusted for delegation for Kerberos
- Needs an SPN for “HTTP/sspadmin” (host and FQDN)
- Must be added to WSS_WPG group on WFE
- SspSvc: SharePoint SSP Service Account
- SspSearch: SharePoint Server Search Service Account
- SspContent: SharePoint Default Content Access Account
- SspUserProfileSvc: SharePoint SSP Profile Import Default Access Account
- Must have read access to the directory service (AD)
- If “Enable Server Side Incremental” is selected for an Active Directory connection and the environment is Windows 2000 Server, the account must have the Replicate Changes permission in Active Directory (this permission is not required for Windows Server 2003 AD environments)
- Must be given the “Manage User Profiles” personalization services permission (this is a done within SharePoint)
- Must be given “View” permissions on entities used in BDC import connections (this is done within SharePoint)
- SspExcelSvc: SharePoint Excel Services Unattended Service Account
- SpHelpSearch: SharePoint Services Help Search Service Account
- SpContentSearch: SharePoint Services Search Content Access Account
- SpPortalAppPool: SharePoint Portal Application Pool Identity
- Must be trusted for delegation for Kerberos
- Needs an SPN for “HTTP/portal” (host and FQDN)
- Must be added to WSS_WPG group on WFE
- SpMySitesAppPool: SharePoint MySites Application Pool Identity
- Must be trusted for delegation for Kerberos
- Needs an SPN for “HTTP/mysites” (host and FQDN)
- Must be added to WSS_WPG group on WFE
- SpAdminitrators: SharePoint Administrators Security Group
- The spadmin account would be in this group along with any users who need full admin rights
The first thing you’ll want to do if you download the sample script is to modify the variables.bat file, shown below:
rem SET PATH=C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN;%PATH% rem ******* SERVERS ********* SET DOMAIN=spdev SET SERVER_MAIL="sharepoint1.spdev.com" SET SERVER_INDEX=sharepoint1 SET SERVER_DB=spsql1 rem ******* DATABASES ******** SET DB_CONFIG_NAME="SharePoint_ConfigDB" SET DB_CENTRALADMINCONTENT_NAME="SharePoint_CentralAdminContent" SET DB_SEARCHHELP_NAME="SharePoint_Search_HelpData" SET DB_SSPCONFIG_NAME="SharePoint_SSP_ConfigDB" SET DB_MYSITES_NAME="SharePoint_MySites" SET DB_SSPCONTENT_NAME="SharePoint_SSP_Content" SET DB_SEARCHCONTENT_NAME="SharePoint_SSP_SearchContent1" SET DB_PORTALCONTENT_NAME="SharePoint_PortalContent1" SET DB_TEAMSCONTENT_NAME="SharePoint_TeamsContent1" rem ******* FILE PATHS ******** SET PATH_HELPSEARCH_INDEXES="e:\MOSS\Indexes\HelpData" SET PATH_SSP_INDEXES="e:\MOSS\Indexes\Office Server\Applications" SET PATH_SSPVDIR="e:\MOSS\Webs\SSPAdmin" SET PATH_MYSITESVDIR="e:\MOSS\Webs\MySites" SET PATH_USAGELOGS="e:\MOSS\Usage" SET PATH_PORTALVDIR="e:\MOSS\Webs\Portal" SET PATH_TEAMSVDIR="e:\MOSS\Webs\Teams" SET PATH_LOGS="e:\MOSS\Logs" rem ******* ACCOUNTS ******** SET ACCT_SPFARM="%DOMAIN%\spfarm" SET ACCT_SPFARM_PWD="pa$$w0rd" SET ACCT_SPADMIN="%DOMAIN%\spadmin" SET ACCT_SPADMIN_EMAIL="no-reply@spdev.com" SET ACCT_SPADMIN_NAME="SharePoint Administrator" SET ACCT_SPADMIN_GROUPNAME="%DOMAIN%\spadministrators" rem *** SharePoint Server Search Service Account SET ACCT_SSPSEARCH="%DOMAIN%\sspsearch" SET ACCT_SSPSEARCH_PWD="pa$$w0rd" rem *** SharePoint Services Help Search Service Account SET ACCT_SEARCH_HELP="%DOMAIN%\sphelpsearch" SET ACCT_SEARCH_HELP_PWD="pa$$w0rd" rem *** content access account for windows sharepoint services help search set ACCT_CONTENT_HELP="%DOMAIN%\spcontentsearch" set ACCT_CONTENT_HELP_PWD="pa$$w0rd" rem *** Default content access account for office search SET ACCT_SSPCONTENT="%DOMAIN%\sspcontent" SET ACCT_SSPCONTENT_PWD="pa$$w0rd" rem *** SharePoint SSP Application Pool Account SET ACCT_SSPAPPPOOL="%DOMAIN%\sspapppool" SET ACCT_SSPAPPPOOL_PWD="pa$$w0rd" rem *** My sites application pool account SET ACCT_MYSITESAPPPOOL="%DOMAIN%\spmysitesapppool" SET ACCT_MYSITESAPPPOOL_PWD="pa$$w0rd" SET ACCT_MYSITESUSERS_GROUP="%DOMAIN%\SPMySiteUsers" rem *** SharePoint SSP Service Account SET ACCT_SSPSVC="%DOMAIN%\sspsvc" SET ACCT_SSPSVC_PWD="pa$$w0rd" rem *** User profile import account SET ACCT_SSPUSERPROFILESVC="%DOMAIN%\sspuserprofilesvc" SET ACCT_SSPUSERPROFILESVC_PWD="pa$$w0rd" rem *** Portal application pool account SET ACCT_SPPORTALAPPPOOL="%DOMAIN%\spportalapppool" SET ACCT_SPPORTALAPPPOOL_PWD="pa$$w0rd" rem *** Teams sites application pool account SET ACCT_SPTEAMSAPPPOOL="%DOMAIN%\spteamsapppool" SET ACCT_SPTEAMSAPPPOOL_PWD="pa$$w0rd" rem *** Excel Services unattended access account set ACCT_EXCEL_USER="%DOMAIN%\sspexcelsvc" set ACCT_EXCEL_PWD="pa$$w0rd" SET ACCT_PORTAL_SECONDARYSITEOWNER="%DOMAIN%\siteowner1" SET ACCT_PORTAL_SECONDARYSITEOWNER_EMAIL="siteowner1@spdev.com" SET ACCT_PORTAL_SECONDARYSITEOWNER_NAME="Site Owner1" SET ACCT_TEAMS_SECONDARYSITEOWNER="%DOMAIN%\siteowner1" SET ACCT_TEAMS_SECONDARYSITEOWNER_EMAIL="siteowner1@spdev.com" SET ACCT_TEAMS_SECONDARYSITEOWNER_NAME="Site Owner1" rem ******** WEB APPLICATIONS ********** SET CENTRALADMIN_PORT=1234 SET WEB_SSP_URL="http://sspadmin/" SET WEB_SSP_IISDESC="SharePoint Shared Services Admin (80)" SET WEB_SSP_APPIDNAME="SharePoint_SSP_AppPool" SET WEB_SSP_NAME="SSP1" SET WEB_MYSITES_URL="http://mysites/" SET WEB_MYSITES_IISDESC="SharePoint My Sites (80)" SET WEB_MYSITES_APPIDNAME="SharePoint_MySites_AppPool" SET WEB_PORTAL_URL=http://portal/ SET WEB_PORTAL_SITEDIR_URL="%WEB_PORTAL_URL%SiteDirectory" SET WEB_PORTAL_NAME="Portal" SET WEB_PORTAL_DESC="" SET WEB_PORTAL_IISDESC="SharePoint Portal (80)" SET WEB_PORTAL_APPIDNAME="SharePoint_Portal_AppPool" SET WEB_TEAMS_URL=http://teams/ SET WEB_TEAMS_SITEDIR_URL="%WEB_PORTAL_URL%SiteDirectory" SET WEB_TEAMS_NAME="Teams" SET WEB_TEAMS_DESC="" SET WEB_TEAMS_IISDESC="SharePoint Teams (80)" SET WEB_TEAMS_APPIDNAME="SharePoint_Collaboration_AppPool"
The variables.bat file details all the servers, accounts, web addresses and names, database names, etc. For the sample I’m assuming a single server (named "SharePoint1") which is acting as the database server, WFE and index/query server (typical of a single user development environment). Examine each line carefully and make sure that you set the variables to meet your needs. For this sample I’m assuming that four web applications will be created: Central Admin, Shared Services Provider Admin, My Sites, and a single Portal. The "Portal" web application is the one that will be almost definitely changed by everyone – if you need to add more web applications just follow the pattern for the "Portal" web application. The install.bat file executes all the commands necessary to build out the MOSS configuration. The install.bat file can be seen below:
echo off echo %DATE% %TIME%: Starting script call variables.bat goto startpoint :startpoint rem *** NOTE: The order of the following psconfig statements is critical - do not re-order. ECHO %DATE% %TIME%: Building configuration database psconfig -cmd configdb -create -server %SERVER_DB% -database %DB_CONFIG_NAME% -user %ACCT_SPFARM% -password %ACCT_SPFARM_PWD% -admincontentdatabase %DB_CENTRALADMINCONTENT_NAME% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Installing help content psconfig -cmd helpcollections -installall if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Securing resources psconfig -cmd secureresources if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Installing services psconfig -cmd services -install if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Installing features psconfig -cmd installfeatures if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Creating central admin site psconfig -cmd adminvs -provision -port %CENTRALADMIN_PORT% -windowsauthprovider enablekerberos if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Adding application content to central admin site psconfig -cmd applicationcontent -install if not errorlevel 0 goto errhnd pause ECHO %DATE% %TIME%: Installing custom stsadm extensions stsadm -o addsolution -filename "Lapointe.SharePoint.STSADM.Commands.wsp" stsadm -o deploysolution -local -allowgacdeployment -name "Lapointe.SharePoint.STSADM.Commands.wsp" stsadm -o execadmsvcjobs REM ==================================== REM ======= BEGIN SERVICES CONFIG ====== REM ==================================== echo %DATE% %TIME%: BEGINNING SERVICES CONFIGURATIONS... echo ECHO %DATE% %TIME%: Enabling sharepoint services help search service stsadm -o spsearch -action start -farmserviceaccount %ACCT_SEARCH_HELP% -farmservicepassword %ACCT_SEARCH_HELP_PWD% -farmperformancelevel maximum -farmcontentaccessaccount %ACCT_CONTENT_HELP% -farmcontentaccesspassword %ACCT_CONTENT_HELP_PWD% -indexlocation %PATH_HELPSEARCH_INDEXES% -databaseserver %SERVER_DB% -databasename %DB_SEARCHHELP_NAME% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Enabling the office sharepoint search service stsadm -o osearch -action start -role Index -farmcontactemail %ACCT_SPADMIN_EMAIL% -farmperformancelevel maximum -farmserviceaccount %ACCT_SSPSEARCH% -farmservicepassword %ACCT_SSPSEARCH_PWD% -defaultindexlocation %PATH_SSP_INDEXES% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Starting excel calculation services stsadm -o provisionservice -action start -servicetype "Microsoft.Office.Excel.Server.ExcelServerSharedWebService, Microsoft.Office.Excel.Server, Version = 12.0.0.0, Culture = neutral, PublicKeyToken = 71e9bce111e9429c" if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Starting Document Conversions Load Balancer Service stsadm -o provisionservice -action start -servicetype "Microsoft.Office.Server.Conversions.LoadBalancerService, Microsoft.Office.Server.Conversions, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" -servicename DCLoadBalancer if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Starting Document Conversions Launcher Service stsadm -o provisionservice -action start -servicetype "Microsoft.Office.Server.Conversions.LauncherService, Microsoft.Office.Server.Conversions, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" -servicename DCLauncher if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Resetting IIS iisreset /noforce if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Adding %ACCT_SPADMIN% to Farm Administrators group stsadm -o adduser -url "http://localhost:%CENTRALADMIN_PORT%" -userlogin %ACCT_SPADMIN% -group "Farm Administrators" -username %ACCT_SPADMIN_NAME% -useremail %ACCT_SPADMIN_EMAIL% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Adding %ACCT_SPADMIN_GROUPNAME% to Farm Administrators group stsadm -o gl-adduser2 -url "http://localhost:%CENTRALADMIN_PORT%" -userlogin %ACCT_SPADMIN_GROUPNAME% -group "Farm Administrators" -username %ACCT_SPADMIN_NAME% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting outbound email settings stsadm -o email -outsmtpserver %SERVER_MAIL% -fromaddress %ACCT_SPADMIN_EMAIL% -replytoaddress %ACCT_SPADMIN_EMAIL% -codepage 65001 if not errorlevel 0 goto errhnd echo echo %DATE% %TIME%: FINISHED SERVICES CONFIGURATIONS echo TODO: Set Load Balancer Server and Port pause REM ==================================== REM ======= END SERVICES CONFIG ======== REM ==================================== echo echo REM ==================================== REM ========= BEGIN SSP ================ REM ==================================== echo %DATE% %TIME%: BEGINNING SSP SETTINGS echo ECHO %DATE% %TIME%: Creating the My Sites web application stsadm -o gl-createwebapp -url %WEB_MYSITES_URL% -directory %PATH_MYSITESVDIR% -sethostheader -ownerlogin %ACCT_SPADMIN% -owneremail %ACCT_SPADMIN_EMAIL% -description %WEB_MYSITES_IISDESC% -apidname %WEB_MYSITES_APPIDNAME% -apidtype configurableid -apidlogin %ACCT_MYSITESAPPPOOL% -apidpwd %ACCT_MYSITESAPPPOOL_PWD% -databasename %DB_MYSITES_NAME% -donotcreatesite -timezone 12 if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Creating SSP Admin site. stsadm -o gl-createwebapp -url %WEB_SSP_URL% -directory %PATH_SSPVDIR% -sethostheader -ownerlogin %ACCT_SPADMIN% -owneremail %ACCT_SPADMIN_EMAIL% -description %WEB_SSP_IISDESC% -apidname %WEB_SSP_APPIDNAME% -apidtype configurableid -apidlogin %ACCT_SSPAPPPOOL% -apidpwd %ACCT_SSPAPPPOOL_PWD% -databasename %DB_SSPCONFIG_NAME% -donotcreatesite -timezone 12 if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Creating the Shared Service Provider stsadm -o createssp -title %WEB_SSP_NAME% -url %WEB_SSP_URL% -mysiteurl %WEB_MYSITES_URL% -ssplogin %ACCT_SSPSVC% -indexserver %SERVER_INDEX% -indexlocation %PATH_SSP_INDEXES% -ssppassword %ACCT_SSPSVC_PWD% -sspdatabaseserver %SERVER_DB% -sspdatabasename %DB_SSPCONTENT_NAME% -searchdatabaseserver %SERVER_DB% -searchdatabasename %DB_SEARCHCONTENT_NAME% -ssl no if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Resetting IIS iisreset /noforce if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting the new SSP as the default SSP stsadm -o setdefaultssp -title %WEB_SSP_NAME% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Giving %ACCT_SPADMIN_GROUPNAME% all permissions to SSP stsadm -o gl-setsspacl -sspname %WEB_SSP_NAME% -rights All -user %ACCT_SPADMIN_GROUPNAME% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Giving %ACCT_SSPUSERPROFILESVC% profile management permissions stsadm -o gl-setsspacl -sspname %WEB_SSP_NAME% -rights ManageUserProfiles -user %ACCT_SSPUSERPROFILESVC% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Giving %ACCT_SSPSEARCH% profile management permissions stsadm -o gl-setsspacl -sspname %WEB_SSP_NAME% -rights ManageUserProfiles -user %ACCT_SSPSEARCH% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting usage analysis settings mkdir %PATH_USAGELOGS% stsadm -o gl-setusageanalysis -enablelogging true -enableusageprocessing true -logfilelocation %PATH_USAGELOGS% -numberoflogfiles 30 -processingstarttime "10:00PM" -processingendtime "1:00AM" -sspname %WEB_SSP_NAME% -enableadvancedprocessing true -enablequerylogging true if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Enabling kerberos on the SSP stsadm -o setsharedwebserviceauthn -negotiate if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting delegation for excel services (to enable Kerberos) stsadm -o set-ecssecurity -ssp %WEB_SSP_NAME% -accessmodel delegation if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Updating excel services unattended service account stsadm -o set-ecsexternaldata -ssp %SSP% -unattendedserviceaccountname %ACCT_EXCEL_USER% -unattendedserviceaccountpassword %ACCT_EXCEL_PWD% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Updating default content access account stsadm -o gl-updatedefaultcontentaccessaccount -username %ACCT_SSPCONTENT% -password %ACCT_SSPCONTENT_PWD% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting user profile default access account stsadm -o gl-setuserprofiledefaultaccessaccount -username %ACCT_SSPUSERPROFILESVC% -password %ACCT_SSPUSERPROFILESVC_PWD% -sspname %WEB_SSP_NAME% if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Running pending jobs stsadm -o execadmsvcjobs if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting user profile full import schedule stsadm -o gl-setuserprofileimportschedule -sspname %WEB_SSP_NAME% -type full -occurrence weekly -hour 3 -dayofweek Saturday -enabled true -runjob if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Setting user profile incremental import schedule stsadm -o gl-setuserprofileimportschedule -sspname %WEB_SSP_NAME% -type incremental -occurrence daily -hour 22 -enabled true if not errorlevel 0 goto errhnd ECHO %DATE% %TIME%: Executing pending timer jobs stsadm.exe -o execadmsvcjobs if not errorlevel 0 goto errhnd echo echo %DATE% %TIME%: FINISHED SSP SETTINGS REM ==================================== REM =========== END SSP ================ REM ==================================== echo echo REM ==================================== REM =========== BEGIN PORTAL ============= REM ==================================== :portal echo %DATE% %TIME%: BEGINNING PORTAL CORE SETTINGS echo call portal.bat echo echo %DATE% %TIME%: FINISHED PORTAL CORE SETTINGS pause REM ==================================== REM ============ END PORTAL ============== REM ==================================== echo echo REM ==================================== REM =========== BEGIN TEAMS ============= REM ==================================== :teams echo %DATE% %TIME%: BEGINNING TEAMS CORE SETTINGS echo call teams.bat echo echo %DATE% %TIME%: FINISHED TEAMS CORE SETTINGS pause goto end REM ==================================== REM ============ END TEAMS ============== REM ==================================== echo echo REM ==================================== REM ======= BEGIN MY SITES ============= REM ==================================== :mysites echo %DATE% %TIME%: BEGINNING MY SITES SETTINGS echo call mysites.bat echo echo %DATE% %TIME%: FINISHED MY SITES SETTINGS pause REM ==================================== REM ========= END MY SITES ============= REM ==================================== echo echo ECHO ******************* Run Connect.bat on each WFE ************************** pause ECHO %DATE% %TIME%: Setting log file path mkdir %PATH_LOGS% stsadm -o gl-tracelog -logdirectory %PATH_LOGS% if not errorlevel 0 goto errhnd echo echo ECHO %DATE% %TIME%: TODO 1 - Configure searching (http://sspadmin/ssp/admin/_layouts/listcontentsources.aspx) goto end :errhnd echo An error occured - terminating script. :end
If you look at the file you’ll see that the first thing it does is "goto startpoint" and that "startpoint" marker is right below the goto statement. I put that there so that if the file should fail for any reason I can simply move the startpoint marker to the next command I want to have run and then re-execute the script (I often find that the "setuserprofiledefaultaccessaccount" command will fail on the first run if I haven’t loaded the SSP in the browser before it runs – moving the startpoint to right before this command I can re-run the batch file and it will continue right on). The next thing the script does is call psconfig. There’s tons of help/guidance on how to script psconfig so I won’t bother hear – just make sure you review the settings and make any necessary changes to suit your environment. Once psconfig completes you now have a farm created with a working Central Admin site. The script then goes on to enable services and build out the SSP, MySites, and Portal web applications making various configurations to each. Again, there’s lots of resources on how to use the various commands that this sample script uses (including my own blog) so I won’t go through all the steps that it does. Just make sure that you review every line of this script and make sure you understand what it is doing (this is meant to get you started and various assumptions are made with the configuration so that I can demonstrate what can be done so make sure you look at every settings and adjust/remove as needed). One final note – I’ve never been a fan of batch files or command line "programming" (despite the subject of this blog) and I am certainly no expert at creating batch files – there’s probably considerably better ways to do some of what I’ve done in my samples. If you have any suggestions as to how this can be done better I’m all ears 🙂
34 thoughts on “Sample Install Script”
Gary
This code is awesome. It will definitely make my job easier as I can have the user modify the variables file and then kick off the install.bat. The only other thing I might do is create a gui for the variables to be entered. If I do I will send the files to you for you to add if you want.
-Robert
Awesome stuff Gary thanks!
Any chance you have restore extenstion in the works that will take all of the parameters on the -directory “new” option.
I’m not sure I’m following what you are looking for…
Sorry for the ambigous question:
What I meant was:
If running a RESTORE operation via STSADM…..There are prompts during the operation; I have tried to suppress the prompting by using the process class and pass the args with no luck.
Here is the command I am using.
Just wondering the best way to get this to run and be able to pass parameters so there is no prompting.
stsadm -o restore -directory \\hostname\temp -restoremethod new -newdatabaseserver 191.111.111.111
Thanks,
Dennis White
I see – I haven’t tried this but have you tried using the “lt;” operator?
stsadm -o restore -directory \\hostname\temp -restoremethod new -newdatabaseserver 191.111.111.111lt;y
Thanks for the response.
It seems to hang when I use the “lt;” operator.
I suspect it would accept all of the defaults but I am looking to change url and database server.
For whatever reason even when you specify “new database server” from the RESTORE operation, it prompts for the DB server during the operation.
I am using many of your extensions thanks for sharing..It’s greatly appreciated.
Thanks,
Dennis
Gary
Really gj!!
Just going through the script, found that when your setting the scheduled jobs for the profile import in the script you using -occurance parameter where as in the updated wsp you’ve changed this to -occurrence
Thanks for pointing that out – I need to start using a spell checker 🙂 I’ll try to get the script updated this week some time.
Hi Gary,
very nice article.
I want to run the script with a domain account Domain\MossSetupAccount. So, i add the account to the local Administrators group of the MOSS server, create a new sql login with the appropriate server roles (db_owner and security_admin).
Whenever i run the psconfig command line tool loged in as the Domain\MossSetupAccount, i get the message that i don’t have the appropriate permissions to run the Moss Configuration and that i need Administrator priveleges. However, no such problem exists when i login as the buit-in Domain\Administrator.
Any ideas?
thanks a lot,
Dimitris
Dimitris – did you give your setup account db_creator rights on the SQL box?
Great script and instructions. However after setting up the accounts, I have SpFarm and SPAdmin account with the same SPN. This gives KDC 11 errors in eventlog.
I probely misunderstood something, can someone tell me where??
Thanks
Remko
Remko – you need to remove the SPN for the SpAdmin account – I just noticed that i had a typo stating that you needed this but that’s not the case as you can’t have multiple SPNs for the same service using different accounts.
Today I removed the SPN from the SpAdmin Account. However after that nobody is able to access the sharepoint site anymore!?
When I restore the SPN to SpAdmin the sharepoint is accessible as it used to be.
Can you explain why the site is not accessible when I remove the SPN for SpAdmin?
Thanks for your help
Remko – most likely your spadmin account is being used as an app pool account. If that’s the case then you need that SPN or you need to change accounts. I always recommend that your spadmin account is used only for setups and installs and that you use the spfarm account as your central admin app pool account and timer service account and then use another account for your other web application app pool accounts.
Do you know if its possible to set the Default Content Access Account for the office search service from stsadm, using one of your extensions or otherwise?
This is the setting on the “Search Settings” page of an SSP in central admin.
I haven’t created a command to set that yet – not sure if anyone else has (haven’t looked). I’ve plans to create one eventually, just hasn’t come up yet.
I did some decompiling, and the business end of the code for future reference, if you do ever implement this as a command, is:
using Microsoft.Office.Server;
using Microsoft.Office.Server.Search;
using Microsoft.Office.Server.Search.Administration;
Content content = new Content(SearchContext.GetContext(ServerContext.GetContext(sspname)));
content.SetDefaultGatheringAccount(user, CreateSecureString(password));
Gary
Great job with the extensions but
the following command does not seem to work when I try to use non default ports
stsadm -o gl-createwebapp -url %WEB_SSP_URL%:8089 -directory %PATH_SSPVDIR% -sethostheader -ownerlogin %ACCT_SPADMIN% -owneremail %ACCT_SPADMIN_EMAIL% -description %WEB_SSP_IISDESC% -apidname %WEB_SSP_APPIDNAME% -apidtype configurableid -apidlogin %ACCT_SSPAPPPOOL% -apidpwd %ACCT_SSPAPPPOOL_PWD% -databasename %DB_SSPCONFIG_NAME% -donotcreatesite -timezone 12
Im trying to create a SSP on port 8088 but when using your command it ends up as port 80.
Everything goes fine while executing the command but it is created as port 80 in IIS.
Is it possible to fix this?
Are you using the -port parameter?
Are you creating all the accounts manually or do you have any script? Aslo do you have a swcript for SPN?
wolf
It depends on the environment but for my own stuff I use a script to create the accounts and I almost always use a script for the SPNs (at client sites I usually hand that script off to an IT admin with domain admin rights).
Great post, thanks. Just tried creating an install script, but failed using stsadm -o createssp. It seems Microsoft changed behaviour and possible settings with Service Pack 2:
Before:
stsadm -o createssp
-title #SSP name#
-url #Web application url#
-mysiteurl #MySite Web application url#
-ssplogin #username#
-indexserver #index server#
-indexlocation #index file path#
[-ssppassword #password#]
[-sspdatabaseserver #SSP database server#]
[-sspdatabasename #SSP database name#]
[-sspsqlauthlogin #SQL username#]
[-sspsqlauthpassword #SQL password#]
[-searchdatabaseserver #search database server#]
[-searchdatabasename #search database name#]
[-searchsqlauthlogin #SQL username#]
[-searchsqlauthpassword #SQL password#]
[-ssl #yes|no#]
After:
stsadm -o createssp
-title #SSP name#
-url #Web application url#
-ssplogin #username#
[-ssppassword #password#]
[-sspdatabaseserver #SSP database server#]
[-sspdatabasename #SSP database name#]
[-sspsqlauthlogin #SQL username#]
[-sspsqlauthpassword #SQL password#]
[-ssl #yes|no#]
I think thats a big problem for a lot people running installs by scripts.
Christoph
That’s strange because I have SP2 and I’m not seeing those differences. Are you running a post SP2 CU?
Gary, love the script. How would I go about installing SSP Admin and Mysites like the GUI does by default? The script seems to install them, but they are inaccessable.
Are you using kerberos? The script defaults to kerberos so you’ll need to make sure you have all the requirements configured – if not then change the script parameters to use ntlm.
Hi Gary, Great scripts … i’m almost finished using them to set up my 64-bit env ready for SP2010 … One question though … In Portal.bat the line:
stsadm -o gl-setsitegeneralsettings -url %WEB_PORTAL_URL%sitedirectory -title “Site Directory”
throws an error. I think it should read:
stsadm -o gl-setsitegeneralsettings -url %WEB_PORTAL_URL% -title “Site Directory”
Paste error possibly ???
cheers
Warren
No, it’s correct as is – just depends on whether you have a site directory or not (if you’re not using a template that has one or you’re not creating one in the script then this line will error).
Hi Gary,
Excellent script! Just though I’d point out a couple of issues that arose with me in case anyone else finds them useful.
All the service accounts were newly created and the script failed on the first task (creating the config db). Once I had logged in to the WFE server with that account, the script ran fine, until the Profile Import line (which you mentioned occasionally fails). At that point I opened the SSP Admin site in the browser and reseumed the script. After that it ran through to then end.
One thing that’s bothering me is the “Server Farm Configuration Not Complete” message that still appears in Central Admin. I’ve had this problem with other scripted installs in the past and never found a way to get rid of it.
Anyone got any ideas?
Stuart.
Not sure why you had to log on with the account – I’ve never had to do that before. As for the farm config not complete – make sure you have excel services started and both an index and query role for search.
Thanks Gary, managed to get rid of the message.
Central Administration > Application Management > Search Service, the Query and Index Servers section reported that it was not running on any server on the farm. I clicked the “Office SharePoint Server Search Indexing and Query” link, entered the password, saved and the message went away.
Any reason why this didn’t get set up as part of the script?
Thanks,
Stuart.
Hi,
I’ve tried to run this configuration script, but for the command that configures the admin database there is one parameter missing (for SharePoint 2010). This parameter is “-passphrase ####”.
Otherwise is a very nice script.
Regards,
Voicu Seiche
Don’t use this for SP2010 – use the powershell script that I provide.
Hi Gary,
Thanks for the scripts, But do you have powershell scripts to install on multiple server farm and define roles and server names in seperate CSV or XML file? any help would be much appreciated.
Thanks
Pramod
Pramod – I don’t have anything like what you are looking for that will work with 2007, only 2010.
Comments are closed.