Deploy a simple farm on the Windows Server 2008 operating system (Office SharePoint Server)
Applies To: Office SharePoint Server 2007
This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.
Topic Last Modified: 2016-11-14
In this article:
Deployment overview
Deploy and configure the server infrastructure
Perform additional configuration tasks
Create a site collection and a SharePoint site
Configure the trace log
As of the release of Microsoft Office SharePoint Server 2007 Service Pack 1 (SP1), you can install Office SharePoint Server 2007 on a server running Windows Server 2008. As with the Windows Server 2003 operating system, you must download and run Setup and the SharePoint Products and Technologies Configuration Wizard. You cannot install Office SharePoint Server 2007 without service packs on Windows Server 2008.
Important
Office SharePoint Server 2007 requires the following components: the Web Server role, Windows Internal Database, and the Microsoft .NET Framework. Office SharePoint Server 2007 will cease to run if you uninstall these components.
Deployment overview
You can deploy Office SharePoint Server 2007 in a server farm environment if you are hosting a large number of sites, if you want the best possible performance, or if you want the scalability of a multi-tier topology. A server farm consists of one or more servers dedicated to running Office SharePoint Server 2007.
Note
There is no direct upgrade from a stand-alone installation to a farm installation.
Important
This article discusses how to perform a clean installation of Office SharePoint Server 2007 with SP1 in a server farm environment on Windows Server 2008. It does not cover upgrading the operating system from Windows Server 2003 to Windows Server 2008.
Note
This article does not cover installing Office SharePoint Server 2007 on a single computer as a stand-alone installation on Windows Server 2008. For more information, see Perform a stand-alone installation of Office SharePoint Server 2007 on Windows Server 2008.
Because a server farm deployment of Office SharePoint Server 2007 is more complex than a stand-alone deployment, we recommend that you plan your deployment. Planning your deployment can help you to gather the information you need and to make important decisions before beginning to deploy. For information about planning, see Planning and architecture for Office SharePoint Server 2007.
Deploying Office SharePoint Server 2007 in a DBA environment
In many IT environments, database creation and management are handled by the database administrator (DBA). Security and other policies might require that the DBA create the databases required by Office SharePoint Server 2007. For more information about deploying using DBA-created databases, including detailed procedures that describe how the DBA can create these databases, see Deploy using DBA-created databases (Office SharePoint Server).
Suggested topologies
Server farm environments can encompass a wide range of topologies and can include many servers or as few as two servers.
A server farm typically consists of a database server and one or more servers running Internet Information Services (IIS) and Office SharePoint Server 2007. In this configuration, the front-end servers are configured as Web servers. The Web server role provides Web content and services such as search.
A large server farm typically consists of two or more clustered database servers, several load-balanced front-end Web servers running IIS and Office SharePoint Server 2007, and two or more servers providing Search services.
When you install Office SharePoint Server 2007, you can decide if you want to perform a complete installation, which results in an application server, or to install just a front-end Web server. The main difference between an application server installation and a front-end Web server installation is the ability to run services such as the Search service. Since the front-end Web server installation is a subset of the application server installation, if necessary, you can use an application server as a front-end Web server; however, you should note that this configuration increases the attack surface area on the server.
Before you begin deployment
This section provides information about actions that you must perform before you begin deployment.
To deploy Office SharePoint Server 2007 in a server farm environment on computers running Windows Server 2008, you must provide credentials for several different accounts. For information about these accounts, see Plan for administrative and service accounts (Office SharePoint Server).
All the Office SharePoint Server 2007 installations in the server farm must be in the same language. For example, you cannot have both an English version of Office SharePoint Server 2007 and a Japanese version of Office SharePoint Server 2007 in the same server farm.
Note
We recommend that you read the Known Issues and the Readme documentation before you install Office SharePoint Server 2007 on a domain controller. Installing Office SharePoint Server 2007 on a domain controller requires additional configuration steps that are not discussed in this article.
All of the Office SharePoint Server 2007 installations must be running the same software update. For example, if one of the servers is updated to Post Service Pack 1 rollup, you should update all of the Office SharePoint Server 2007 servers in the server farm to that software update.
Overview of the deployment process
The deployment process consists of two phases: deploying and configuring the server infrastructure, and deploying and configuring SharePoint site collections and sites.
Phase 1: Deploy and configure the server infrastructure
Deploying and configuring the server infrastructure consists of the following steps:
Preparing the database server.
Pre-installing databases (optional).
Verifying that the servers meet hardware and software requirements.
Running Setup on all servers you want to be in the server farm, installing SP1, and then running the SharePoint Products and Technologies Configuration Wizard.
Starting the Windows SharePoint Services Search service. This is an optional step, but we recommend you start the Search service because it is used to search the Office SharePoint Server 2007 Help.
Phase 2: Deploy and configure SharePoint site collections and sites
Deploying and configuring SharePoint site collections and sites consists of the following steps:
Creating site collections.
Creating SharePoint sites.
Deploy and configure the server infrastructure
Prepare the database server
The Office SharePoint Server 2007 Setup program automatically creates the necessary databases when you install and configure Office SharePoint Server 2007. Optionally, if your IT environment or policies require, you can preinstall the required databases.
For more information about prerequisites, see Determine hardware and software requirements (Office SharePoint Server).
We recommend that you run Microsoft SQL Server 2005 on the database server. However, both Microsoft SQL Server 2005 and Microsoft SQL Server 2000 database software with the most recent service pack are supported. If you are using SQL Server 2005, you must also change the surface area settings.
Configure surface area settings in SQL Server 2005
Click Start, point to All Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Surface Area Configuration.
In the SQL Server 2005 Surface Area Configuration dialog box, click Surface Area Configuration for Services and Connections.
In the tree view, expand the node for your instance of SQL Server, expand the Database Engine node, and then click Remote Connections.
Select Local and Remote Connections, select Using both TCP/IP and named pipes, and then click OK.
SQL Server and database collation
The SQL Server collation must be configured for case-insensitive. The SQL Server database collation must be configured for case-insensitive, accent-sensitive, Kana-sensitive, and width-sensitive. This is used to ensure file name uniqueness consistent with the Windows operating system. For more information about collations, see Selecting a SQL Collation (https://go.microsoft.com/fwlink/?LinkId=121667&clcid=0x409) or Collation Settings in Setup (https://go.microsoft.com/fwlink/?LinkId=121669&clcid=0x409) in SQL Server 2005 Books Online.
Required accounts
The following table lists the accounts used to configure SQL Server and to install Office SharePoint Server 2007. For detailed information about the required accounts, including specific role memberships and permissions required for these accounts, see Plan for administrative and service accounts (Office SharePoint Server).
Account | Purpose | Requirements |
---|---|---|
SQL Server Service Account |
This account is used as the service account for the following SQL Server services:
If you are not using the default instance, these services will be shown as:
|
SQL Server prompts for this account during SQL Server Setup. You have two options:
|
Setup user account |
The Setup user account is used to run the following:
|
If you run Stsadm command-line tool commands that read from or write to a database, this account must be a member of the db_owner fixed database role for the database. |
Server farm account/Database access account |
The Server farm account is used to:
|
Additional permissions are automatically granted for this account on Web servers and application servers that are joined to a server farm. This account is automatically added as a SQL Server login on the computer running SQL Server and added to the following SQL Server security roles:
|
If you use a domain user account for the SQL Server service account, you must make sure that a valid service principal name (SPN) for that account and instance of SQL Server on their database server exists in their environment. This is the case regardless of whether you use NTLM or Kerberos authentication for Office SharePoint Server 2007.
You must configure the SPN for that account in the domain using the Setspn.exe command-line tool. Setspn.exe is installed by default on computers running Windows Server 2008. Run the following command on a computer that is joined to the same domain as the user/service account.
setspn -a <http/
<farmclusterdnsname> <serviceaccountname>
You only have to complete this task once for this account.
Verify that servers meet hardware and software requirements
Before you install and configure Office SharePoint Server 2007, be sure that your servers have the recommended hardware and software. To deploy a server farm, you need at least one server computer acting as a Web server and an application server, and one server computer acting as a database server. For more information about these requirements, see Determine hardware and software requirements (Office SharePoint Server). Also, make sure the Management Compatibility role service is added to your server and the .NET Framework is installed, as described below.
Important
Office SharePoint Server 2007 requires Active Directory Domain Services for farm deployments in a Windows Server 2008 environment.
IIS 6.0 Management Compatibility role service
If you use the Windows Server 2008 Server Manager to perform a default Internet Information Services (IIS) 7.0 installation, the IIS 6.0 Management Compatibility role service is not included. Since this is a required role service, you must use the following procedure.
Add the IIS 6.0 Management Compatibility role service
Click Start, point to Administrative Tools, and then click Server Manager.
In the left navigation pane, expand Roles, and then right-click Web Server (IIS) and select Add Role Services.
In the Add Role Services wizard, in the Role services area, select IIS 6 Management Compatibility.
In the Select Role Services pane, click Next, and then in the Confirm Installations Selections pane, click Install.
To complete the Add Role Services wizard, click Close.
Install Microsoft .NET Framework
Before you install Office SharePoint Server 2007 on Windows Server 2008, you must install the Microsoft .NET Framework. You do not need to install the Web Server role or the Windows Process Activation Service; these are installed automatically, along with the Windows Internal Database when you install Office SharePoint Server 2007 SP1. Use the following procedure to install Microsoft .NET Framework version 3.0.
Install Microsoft .NET Framework version 3.0
Click Start, point to Administrative Tools, and then click Server Manager.
In Server Manager, on the Action menu, click Add features.
In the Features list, select the .NET Framework 3.0 Features check box, and then click Next.
Follow the wizard steps to install Microsoft .NET Framework version 3.0.
Note
You can also use the Microsoft .NET Framework version 3.5. You can download the .NET Framework version 3.5 from the Microsoft Web site (https://go.microsoft.com/fwlink/?LinkId=110508).
Run Setup on all servers in the farm
You can only install Office SharePoint Server 2007 with SP1 on Windows Server 2008, so on each server in the server farm you must run the Office SharePoint Server 2007 Setup and then install SP1 before you run the SharePoint Products and Technologies Configuration Wizard. To save time and effort on setup tasks, we recommend that you create a slipstreamed installation source for Office SharePoint Server 2007. This installation source must include the files from both Windows SharePoint Services 3.0 SP1 and Office SharePoint Server 2007 SP1. For more information about using the updates folder to create a slipstreamed source, see the topic Create an installation source that includes software updates (Office SharePoint Server 2007).
Note
If you have not created an updated installation source, you must first install Office SharePoint Server 2007 without any software updates, and then, without running the SharePoint Products and Technologies Configuration Wizard at the end of the installation, install SP1. After the installations are complete, you can run the SharePoint Products and Technologies Configuration Wizard.
The server farm is established when you configure Office SharePoint Server 2007 on the first server. You must join additional servers in the server farm to this farm.
Setting up the first server involves two steps: installing the Office SharePoint Server 2007 and SP1 components on the server, and configuring the farm. After Setup finishes, you can use the SharePoint Products and Technologies Configuration Wizard to configure Office SharePoint Server 2007. The SharePoint Products and Technologies Configuration Wizard automates several configuration tasks, including: installing and configuring the configuration database, installing Office SharePoint Server 2007 services, and creating the Central Administration Web site.
The first server
We recommend that you install and configure Office SharePoint Server 2007 and Office SharePoint Server 2007 SP1 on all of the servers in your server farm before you configure Office SharePoint Server 2007 services and create sites. You must have SQL Server database software running on at least one back-end database server before you install Office SharePoint Server 2007 on your farm servers.
Note
Setup installs the Central Administration Web site on the first server on which you run Setup. Therefore, we recommend that the first server on which you install Office SharePoint Server 2007 be a server on which you want to run the Central Administration Web site.
Run Setup on the first server
From the slipstreamed installation source, run Setup.exe on one of your Web servers. For more information about slipstreaming, see Create an installation source that includes software updates (Office SharePoint Server 2007).
On the Enter your Product Key page, enter your product key, and then click Continue.
Note
Setup automatically verifies the product key, places a green check mark next to the text box, and enables the Continue button after it validates the key. If the key is not valid, Setup displays a red circle next to the text box and alerts you that the key is incorrect.
On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue.
On the Choose the installation you want page, click Advanced. (The Basic option is for stand-alone installations.)
On the Server Type tab, select Complete.
Optionally, to install Office SharePoint Server 2007 at a custom location, select the File Location tab, and then type the location or Browse to the location.
Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information.
When you have chosen the correct options, click Install Now.
When Setup finishes, a dialog box prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is not selected.
Click Close.
Note
You should wait to run the SharePoint Products and Technologies Configuration Wizard until you have installed Office SharePoint Server 2007 and Office SharePoint Server 2007 SP1 and performed the rest of the procedures in this section on all the servers in the server farm.
Use the following procedure to add the SharePoint Central Administration Web site to the list of trusted sites.
Add the SharePoint Central Administration Web site to the list of trusted sites.
In Windows Internet Explorer, on the Tools menu, click Internet Options.
On the Security tab, in the Select a Web content zone to specify its security settings box, click Trusted sites, and then click Sites.
Clear the Require server verification (https:) for all sites in this zone check box.
In the Add this Web site to the zone box, type the URL for the SharePoint Central Administration Web site, and then click Add.
Click Close to close the Trusted sites dialog box.
Click OK to close the Internet Options dialog box.
Use the following procedure to configure proxy server settings to bypass the proxy server for local addresses.
Configure proxy server settings to bypass the proxy server for local addresses
In Internet Explorer, on the Tools menu, click Internet Options.
On the Connections tab, in the Local Area Network (LAN) settings area, click LAN Settings.
In the Automatic configuration section, clear the Automatically detect settings check box.
In the Proxy Server section, select the Use a proxy server for your LAN check box.
Type the address of the proxy server in the Address box.
Type the port number of the proxy server in the Port box.
Select the Bypass proxy server for local addresses check box.
Click OK to close the Local Area Network (LAN) Settings dialog box.
Click OK to close the Internet Options dialog box.
Additional servers
We recommend that you install and configure Office SharePoint Server 2007 on all of your front-end Web servers and the index server before you configure Office SharePoint Server 2007 services and create sites. If you want to build a minimal server farm configuration, and incrementally add front-end Web servers to expand the farm, you can install and configure Office SharePoint Server 2007 on a single Web server, and configure the Web server as both a front-end Web server and an application server. Regardless of how many servers you have in your server farm, you must have SQL Server 2005 running on at least one back-end database server before you install Office SharePoint Server 2007 on your front-end Web servers.
Important
If you uninstall Office SharePoint Server 2007 from the first server on which you installed it, your farm might experience problems. It is not recommended that you install Office SharePoint Server 2007 on an index server first.
Run Setup on additional servers — front-end Web servers
From the slipstreamed installation source, run Setup.exe on one of your Web servers.
On the Enter your Product Key page, enter your product key, and then click Continue.
Note
Setup automatically verifies the product key, places a green check mark next to the text box, and enables the Continue button after it validates the key. If the key is not valid, Setup displays a red circle next to the text box and prompts you that the key is incorrect.
On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue.
On the Choose the installation you want page, click Advanced.
On the Server Type tab, click Web Front End.
Optionally, to install Office SharePoint Server 2007 at a custom location, select the File Location tab, and then type the location or Browse to the location.
Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information.
When you have chosen the correct options, click Install Now.
When Setup finishes, a dialog box prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected.
Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the following section.
Use the following procedure to run Setup on additional servers in your server farm.
Run Setup on additional servers — index or query server
From the slipstreamed installation source, run Setup.exe on one of your Web servers.
On the Enter your Product Key page, enter your product key, and then click Continue.
Note
Setup automatically verifies the product key, places a green check mark next to the text box, and enables the Continue button after it validates the key. If the key is not valid, Setup displays a red circle next to the text box and prompts you that the key is incorrect.
On the Read the Microsoft Software License Terms page, review the terms, select the I accept the terms of this agreement check box, and then click Continue.
On the Choose the installation you want page, click Advanced.
On the Server Type tab, click Complete.
Optionally, to install Office SharePoint Server 2007 at a custom location, select the File Location tab, and then type the location or Browse to the location.
Optionally, to participate in the Customer Experience Improvement Program, select the Feedback tab and select the option you want. To learn more about the program, click the link. You must have an Internet connection to view the program information.
When you have chosen the correct options, click Install Now.
When Setup finishes, a dialog box prompts you to complete the configuration of your server. Be sure that the Run the SharePoint Products and Technologies Configuration Wizard now check box is selected.
Click Close to start the configuration wizard. Instructions for completing the wizard are provided in the next set of steps.
Run the SharePoint Products and Technologies Configuration Wizard
After you have run Setup and both Office SharePoint Server 2007 and Office SharePoint Server 2007 SP1 are installed on all the servers in your server farm, you can use the SharePoint Products and Technologies Configuration Wizard to configure Office SharePoint Server 2007. The configuration wizard automates several configuration tasks, including installing and configuring the configuration database, installing Office SharePoint Server 2007 services, and creating the Central Administration Web site. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard.
Run the SharePoint Products and Technologies Configuration Wizard to configure Office SharePoint Server 2007
Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint Products and Technologies Configuration Wizard.
On the Welcome to SharePoint Products and Technologies page, click Next.
In the dialog box that notifies you that some services might need to be restarted during configuration, click Yes.
On the Connect to a server farm page, click No, I want to create a new server farm, and then click Next.
In the Specify Configuration Database Settings dialog box, in the Database server box, type the name of the computer that is running SQL Server.
Type a name for your configuration database in the Database name box, or use the default database name. The default name is SharePoint_Config.
In the User name box, type the user name of the server farm account. (Be sure to type the user name in the format <DOMAIN>\<user name>.)
Important
The server farm account is used to access your configuration database. It also acts as the application pool identity for the SharePoint Central Administration application pool, and it is the account under which the Windows SharePoint Services Timer service runs. The SharePoint Products and Technologies Configuration Wizard adds this account to the SQL Server Logins, the SQL Server Database Creator server role, and the SQL Server Security Administrators server role. The user account that you specify as the service account must be a domain user account, but it does not need to be a member of any specific security group on your Web servers or your back-end database servers. We recommend that you follow the principle of least privilege, and specify a user account that is not a member of the Administrators group on your Web servers or your back-end servers.
In the Password box, type the user's password, and then click Next.
On the Configure SharePoint Central Administration Web Application page, select the Specify port number check box; type a port number if you want the SharePoint Central Administration Web application to use a specific port, or leave the Specify port number check box cleared if it does not matter which port number the SharePoint Central Administration Web application uses.
In the Configure SharePoint Central Administration Web Application dialog box, do one of the following:
If you want to use NTLM authentication (the default), click Next.
If you want to use Kerberos authentication, click Negotiate (Kerberos), and then click Next.
Note
In most cases, use the default setting (NTLM). Use Negotiate (Kerberos) only if Kerberos authentication is supported in your environment. Using the Negotiate (Kerberos) option requires you to configure a service principal name (SPN) for the domain user account. To do this, you must be a member of the Domain Admins group. For more information, see How to configure a Windows SharePoint Services virtual server to use Kerberos authentication and how to switch from Kerberos authentication back to NTLM authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409).
On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next.
On the Configuration Successful page, click Finish.
The SharePoint Central Administration Web site home page opens.
Note
If you are prompted for your user name and password, you might need to add the SharePoint Central Administration Web site to the list of trusted sites, and configure user authentication settings in Internet Explorer. Instructions for configuring these settings are provided in the next set of steps.
If a proxy server error message appears, you might need to configure your proxy server settings so that local addresses bypass the proxy server. Instructions for configuring this setting are provided later in this section.
Run the SharePoint Products and Technologies Configuration Wizard on additional servers
After Setup finishes, use the SharePoint Products and Technologies Configuration Wizard to configure Windows SharePoint Services 3.0. The configuration wizard automates several configuration tasks, including: installing and configuring the configuration database, and installing Windows SharePoint Services 3.0 services. Use the following instructions to run the SharePoint Products and Technologies Configuration Wizard.
Run the SharePoint Products and Technologies Wizard
Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint Products and Technologies Configuration Wizard.
On the Welcome to SharePoint Products and Technologies page, click Next.
Click Yes in the dialog box that notifies you that some services might need to be restarted during configuration.
On the Connect to a server farm page, click Yes, I want to connect to an existing server farm, and then click Next.
In the Specify Configuration Database Settings dialog box, in the Database server box, type the name of the computer that is running SQL Server.
Click Retrieve Database Names, and then from the Database name list, select the database name that you created when you configured the first server in your server farm.
In the User name box, type the user name of the account used to connect to the computer running SQL Server. (Be sure to type the user name in the format <DOMAIN>\<user name>.) This must be the same user account you used when configuring the first server.
In the Password box, type the user's password, and then click Next.
On the Completing the SharePoint Products and Technologies Configuration Wizard page, click Next.
On the Configuration Successful page, click Finish.
Start the Windows SharePoint Services Search Service
You must start the Windows SharePoint Services Search service on every computer that you want to search content. You must start it on at least one of your servers.
Start the Windows SharePoint Services Search service on computers used to search content
On the SharePoint Central Administration home page, click the Operations tab on the top link bar.
On the Operations page, in the Topology and Services section, click Servers in farm.
On the Servers in Farm page, click the server on which you want to start the Windows SharePoint Services Search service.
Next to Window SharePoint Services Search, click Start.
On the Configure Windows SharePoint Services Search Service Settings page, in the Service Account section, specify the user name and password for the user account under which the Search service will run.
In the Content Access Account section, specify the user name and password for the user account that the Search service will use to search content. This account must have read access to all the content you want it to search. If you do not enter credentials, the same account used for the Search service will be used.
In the Indexing Schedule section, either accept the default settings, or specify the schedule that you want the Search service to use when searching content.
After you have configured all the settings, click Start.
Configure Windows Firewall with Advance Security
After you create Web applications in your server farm, you must use Windows Firewall with Advanced Security in Windows Server 2008 to open ports on computers that host Web Applications. You only need to open the ports for the SSP on computers that do not host any Web applications.
By default, port 80 is open on Web servers, but to be able to communicate with other computers you must open the port for Central Administration and, for the SSP, you must open ports 56737 and 56738. You must also open the ports for any additional Web applications that you create in your server farm.
The default configuration of the Windows Server 2008 firewall is to deny all connections unless there is an exception. Make sure you create the exceptions for the currently enabled profile (Private, Public, or Domain) when you are making changes to ports. If you create the exceptions in the wrong profile they will not work.
Note
If you configure host headers in IIS, the ports for the Web Applications will be created on port 80 and you may not have to perform the procedures in this section. If, however, you use the host header mode in Windows SharePoint Services 3.0 to create multiple domain-named sites in a single Web application you will need to perform the procedures in this section to determine which ports the Web applications, including Central Administration, will use in your server farm.
Determine ports used by Web Applications
Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration.
On the Central Administration site, click Application Management.
On the Application Management Web page, in the SharePoint Web Application Management section, click Web application list.
On the Web Application List Web page, in the URL column, the server name with port number is listed for each Web application.
You should use Windows Firewall with Advanced Security to open the ports required for your server farm as identified in the Determine ports used by Web Applications procedure.
For ease in managing the rules, we recommend that you create one rule per Web application and one for the two SSP ports. Alternatively, for more centralized rule management you can create one rule to manage all the ports.
For Web applications you only need to create a rule to open a port for incoming connections, the rule for the two SSP ports must be configured to enable both incoming and outgoing traffic.
Configure Windows Firewall with Advanced Security
Click Start, point to All Programs, point to Administrative Tools, and then click Windows Firewall with Advanced Security.
In the User Account Control dialog box, click Continue.
On the details pane, in the Overview section, verify that the domain profile is active by noting if the domain network location entry displays Domain Profile is Active.
In the Domain Profile is Active area, depending on how the inbound connections rule is configured, choose one of these options.
If it is Inbound connections that do not match a rule are allowed, then you do not need to complete this procedure.
If it is Inbound connections that do not match a rule are blocked, then you must proceed to the next step in this procedure to configure the firewall to allow Office SharePoint Server 2007 traffic.
On the Console Tree, select Inbound Rules, and then in the Actions pane click New Rule.
Complete the New Inbound Rule Wizard using the settings from the following table.
Wizard page Settings Rule Type
Select Port.
Protocol and Ports
Select TCP.
Select Specific local ports. In the Specific local ports text box, type all the port numbers that you need.
Action
Select Allow the connection.
Profile
Enable Domain.
Clear Private and Public.
Name
In the Name and Description text boxes, type information that is both descriptive and meaningful for your network administrators. As a best practice, we recommend that you assign each firewall rule a unique name. When unique names are assigned, it is easier to use Windows Server 2008 Network Shell (Netsh) commands to manage the network.
On the Console Tree, select Outbound Rules, in the Actions pane click. New Rule.
Complete the New Outbound Rule Wizard using the settings from the following table.
Wizard page Settings Rule Type
Select Port.
Protocol and Ports
Select TCP.
Select Specific local ports. In the Specific local ports text box, type all the port numbers that you need.
Action
Select Allow the connection.
Profile
Enable Domain.
Clear Private and Public.
Name
In the Name and Description text boxes, type information that is both descriptive and meaningful for your network administrators. As a best practice, we recommend that you assign each firewall rule a unique name. When unique names are assigned, it is easier to use Windows Server 2008 Network Shell (Netsh) commands to manage the network.
For more information about Windows Firewall with Advanced Security, see Windows Firewall.
Perform additional configuration tasks
After the initial installation and configuration of Office SharePoint Server 2007, you can configure several additional settings. The configuration of additional settings is optional, but many key features are not available unless these settings are configured.
Configure incoming e-mail settings You can configure incoming e-mail settings so that SharePoint sites accept and archive incoming e-mail. You can also configure incoming e-mail settings so that SharePoint sites can archive e-mail discussions as they happen, save documents, and send meeting requests to site calendars. In addition, you can configure the SharePoint Directory Management Service to provide support for e-mail distribution list creation and management. For more information, see Configure incoming e-mail settings (Office SharePoint Server).
Configure outgoing e-mail settings You can configure outgoing e-mail settings so that your Simple Mail Transfer Protocol (SMTP) server sends e-mail alerts to site users and notifications to site administrators. You can configure both the "From" e-mail address and the "Reply" e-mail address that appear in outgoing alerts. You can also configure outgoing e-mail settings for all Web applications or for only one Web application. For more information, see Configure outgoing e-mail settings (Office SharePoint Server) and Configure outgoing e-mail settings for a specific Web application (Office SharePoint Server).
Configure workflow settings You can configure workflow settings to enable end users to create their own workflows by using code pre-generated by administrators. You can also configure whether internal users without site access can receive workflow alerts, and whether external users can participate in workflows by receiving copies of documents by e-mail. For more information, see Configure workflow settings.
Configure diagnostic logging settings You can configure several diagnostic logging settings to help with troubleshooting. These include enabling and configuring trace logs, event messages, user-mode error messages, and Customer Experience Improvement Program events. For more information, see Configure diagnostic logging settings.
Configure single sign-on You can configure single sign-on settings in the farm. Single sign-on enables you to connect to external data sources by using Excel Calculation Services or the Business Data Catalog. For more information, see Configure single sign-on (Office SharePoint Server).
Configure antivirus settings You can configure several antivirus settings if you have an antivirus program that is designed for Office SharePoint Server 2007. Antivirus settings allow you to control whether documents are scanned on upload or on download, and whether users can download infected documents. You can also specify how long you want the antivirus program to run before it times out, and you can specify how many execution threads the antivirus program can use on the server. For more information, see Configure antivirus settings.
You can use the following procedure to configure optional administrative settings using SharePoint Central Administration.
Configure administrative settings using SharePoint Central Administration
Click Start, point to All Programs, point to Administrative Tools, and then click SharePoint 3.0 Central Administration.
On the SharePoint Central Administration home page, in the Administrator Tasks list, click the administrative task that you want to perform.
On the Administrator Tasks page, next to Action, click the task.
Create a site collection and a SharePoint site
This section guides you through the process of creating a single site collection containing a single SharePoint site. You can create many site collections and many sites under each site collection. For more information, see Chapter overview: Deploy and configure SharePoint sites . For information about planning SharePoint sites and site collections, see Plan Web site structure and publishing (Office SharePoint Server).
Before you can create a site or a site collection, you must first create a Web application. A Web application is composed of an Internet Information Services (IIS) site with a unique application pool. When you create a new Web application, you also create a new database and define the authentication method used to connect to the database.
If you are in an extranet environment where you want different users to access content by using different domains, you might also need to extend a Web application to another IIS Web site. This action exposes the same content to different sets of users by using an additional IIS Web site to host the same content.
Create a new Web application
Click Start, point to All Programs, then point to Microsoft Office Server, and then click SharePoint 3.0 Central Administration.
On the Central Administration home page, click Application Management.
On the Application Management page, in the SharePoint Web Application Management section, click Create or extend Web application.
On the Create or Extend Web Application page, in the Adding a SharePoint Web Application section, click Create a new Web application.
On the Create New Web Application page, in the IIS Web Site section, you can configure the settings for your new Web application.
To choose to use an existing Web site, select Use an existing Web site, and specify the Web site on which to install your new Web application by selecting it from the drop-down menu.
To create a new Web site, select Create a new IIS Web site, and then type the name of the Web site in the Description box.
In the Port box, type the port number you want to use to access the Web application. If you are creating a new Web site, this field is populated with a suggested port number. If you are using an existing Web site, this field is populated with the current port number.
In the Host Header box, type the URL you wish to use to access the Web application. This is an optional field.
In the Path box, type the path to the site directory on the server. If you are creating a new Web site, this field is populated with a suggested path. If you are using an existing Web site, this field is populated with the current path.
In the Security Configuration section, configure authentication and encryption for your Web application.
In the Authentication Provider section, choose either Negotiate (Kerberos) or NTLM.
Note
To enable Kerberos authentication, you must perform additional configuration tasks. For more information about authentication methods, see Plan authentication methods (Office SharePoint Server).
In the Allow Anonymous section, choose Yes or No. If you choose to allow anonymous access, this enables anonymous access to the Web site using the computer-specific anonymous access account (that is, IUSR_<computername>).
Note
If you want users to be able to access any site content anonymously, you must enable anonymous access for the entire Web application. Later, site owners can configure how anonymous access is used within their sites. For more information about anonymous access, see Determine which Windows security groups and accounts to use for granting access to sites.
In the Use Secure Sockets Layer (SSL) section, select Yes or No. If you choose to enable SSL for the Web site, you must configure SSL by requesting and installing an SSL certificate.
Important
If you use SSL, you must add the appropriate certificate on each server by using IIS administration tools. For more information about using SSL, see Plan for secure communication within a server farm (Office SharePoint Server).
In the Load Balanced URL section, type the URL for the domain name for all sites that users will access in this Web application. This URL domain will be used in all links shown on pages within the Web application. By default, the box is populated with the current server name and port.
The Zone box is automatically set to Default for a new Web application, and cannot be changed from this page. To change the zone for a Web application, see Extend an existing Web application.
In the Application Pool section, choose whether to use an existing application pool or create a new application pool for this Web application. To use an existing application pool, select Use existing application pool. Then select the application pool you wish to use from the drop-down menu.
To create a new application pool, select Create a new application pool.
In the Application pool name box, type the name of the new application pool, or keep the default name.
In the Select a security account for this application pool section, select Predefined to use an existing application pool security account, and then select the security account from the drop-down menu.
Select Configurable to use an account that is not currently being used as a security account for an existing application pool. In the User name box, type the user name of the account you wish to use, and then, in the Password box, type the password for the account.
In the Reset Internet Information Services section, choose whether to allow Windows SharePoint Services to restart IIS on other farm servers. The local server must be restarted manually for the process to finish. If this option is not selected, and you have more than one server in the farm, you must wait until the IIS Web site is created on all servers and then run iisreset /noforce on each Web server. The new IIS site is not usable until that action is completed. The choices are unavailable if your farm only contains a single server.
In the Database Name and Authentication section, choose the database server, database name, and authentication method for your new Web application.
Item Action Database Server
Type the name of the database server and SQL Server instance you want to use in the format <SERVERNAME>\<instance>. You may also use the default entry.
Database Name
Type the name of the database, or use the default entry.
Database Authentication
Choose whether to use Windows authentication (recommended) or SQL authentication.
If you want to use Windows authentication, leave this option selected.
If you want to use SQL authentication, select SQL authentication. In the Account box, type the name of the account you want the Web application to use to authenticate to the SQL Server database, and then type the password in the Password box.
Click OK to create the new Web application, or click Cancel to cancel the process and return to the Application Management page.
Use the following procedure to create a site collection.
Create a site collection
On the top link bar, click Application Management.
On the Application Management page, in the SharePoint Site Management section, click Create site collection.
On the Create Site Collection page, in the Web Application menu, if the Web application in which you want to create the site collection is not selected, click Change Web Application on the Web Application, and then on the Select Web Application page, click the Web application in which you want to create the site collection.
In the Title and Description section, type the title and description for the site collection.
In the Web Site Address section, in the URL area, select the path to use for your URL (such as an included path like /sites/ or the root directory, /).
If you select a wildcard inclusion path, such as /sites/, you must also type the site name to use in your site's URL.
Note
The paths available for the URL option are taken from the list of managed paths that have been defined as wildcard inclusions. For more information about managed paths, see “Define managed paths” in the Central Administration Help system.
In the Template Selection section, in the Select a template list, select the template that you want to use for the top-level site in the site collection.
In the Primary Site Collection Administrator section, enter the user name (in the form DOMAIN\user name) for the user who will be the site collection administrator.
If you want to identify a user as the secondary owner of the new top-level Web site (recommended), in the Secondary Site Collection Administrator section, enter the user name for the secondary administrator of the site collection.
If you are using quotas to limit resource use for site collections, in the Quota Template section, click a template in the Select a quota template list.
Click OK.
Use the following procedure to create a SharePoint site.
Create a SharePoint site
On the SharePoint Central Administration home page, click the Application Management tab on the top link bar.
On the Application Management page, in the SharePoint Site Management section, click Site collection list.
On the Site Collection List page, in the URL column, click the URL for the site collection to which you want to add a site. The full URL path for the site collection appears in the URL box.
Copy and paste the full URL path into your browser, and then, on the home page of the top-level site for the site collection, on the Site Actions menu, click Create.
On the Create page, in the Web Pages section, click Sites and Workplaces.
On the New SharePoint Site page, in the Title and Description section, type a title and description for the site.
In the Web Site Address section, type a URL for the site.
In the Template Selection section, select a template from the tabbed template control.
Either change other settings, or click Create to create the site.
The new site opens.
After creating sites, you might want to configure alternate access mappings. Alternate access mappings direct users to the correct URLs during their interaction with Office SharePoint Server 2007 (while browsing to the home page of a Office SharePoint Server 2007 Web site, for example). Alternate access mappings enable Office SharePoint Server 2007 to map Web requests to the correct Web applications and sites, and they enable Office SharePoint Server 2007 to display the correct site. For more information, see Plan alternate access mappings (Office SharePoint Server).
Configure the trace log
Trace log files can help you to troubleshoot issues related to configuration changes of the Windows SharePoint Services Search service. The trace log can also be useful for analyzing problems that might occur. For example, you can use events that are written to the trace log to identify what configuration changes were made in Office SharePoint Server 2007 before the problem occurred.
Because problems related to configuration changes are not always immediately discovered, we recommend that you save all trace log files that the system creates on any day that you make any configuration changes related to the Search service. Store these log files for an extended period of time in a safe location that will not be overwritten.
By default, Office SharePoint Server 2007 saves two days of events in the trace log files; trace log files that contain events that are older than two days are deleted. When using the Windows SharePoint Services Search service, we recommend that you configure the trace log to save seven days of events.
You can use the Diagnostic Logging page in Central Administration to configure the maximum number of trace log files to maintain and the duration (in minutes) to capture events to each log file. By default, 96 log files are kept, each one containing 30 minutes of events.
96 log files * 30 minutes of events per file = 2880 minutes or two days of events.
You can also specify where the log files are written or accept the default path. See step 3 in this procedure to determine where the system stores trace log files for your system.
Configure the trace log to save seven days of events
In Central Administration, on the Operations tab, in the Logging and Reporting section, click Diagnostic logging.
On the Diagnostic Logging page, in the Trace Log section, do the following:
In the Number of log files box, type 336.
In the Number of minutes to use a log file box, type 30.
Tip
To save 10,080 minutes (seven days) of events, you can use any combination of number of log files and minutes to store in each log file.
Ensure that the path specified in the Path box has enough room to store the extra log files, or change the path to another location.
Tip
We recommend that you store log files on a hard drive partition that is used to store log files only.
Click OK.
Configure Windows Server Backup
If you want to use Windows Server Backup with Windows SharePoint Services 3.0, you must configure the following registry keys. If you do not configure these registry keys, Windows Server Backup will not work properly with Windows SharePoint Services 3.0.
Important
You must be logged on as a member of the Administrators group on the local server computer to edit the registry. Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Configure registry keys for Windows Server Backup
Click Start, click Run, and in the Open box, type regedit, and then click OK.
In the User Account Control dialog box, click Continue to open the Registry Editor.
In the Registry Editor, locate the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
On the Edit menu, click New, and then click Key.
Type WindowsServerBackup, and then press ENTER.
Select the WindowsServerBackup key, and then on the Edit menu, click New, and then click Key.
Type Application Support, and then press ENTER.
Select the Application Support key, and then on the Edit menu, click New, and then click Key.
Type {c2f52614-5e53-4858-a589-38eeb25c6184} as the key name, and then press ENTER.
This is the GUID for the WSS Writer.
Select the new key, and then on the Edit menu, click New, and then click String Value.
Type Application Identifier as the new value, and then press ENTER.
Right-click the Application Identifier value, and then click Modify.
In the Value Data box, type Windows SharePoint Services, and then click OK.
On the Edit menu, click New, and then click DWORD (32-bit) Value.
Type UseSameVssContext as the new value name, and then press ENTER.
Right-click the UseSameVssContext value, and then click Modify.
In the Value Data box, type 00000001, and then click OK.
Download this book
This topic is included in the following downloadable book for easier reading and printing:
See the full list of available books at Downloadable books for Office SharePoint Server 2007.