Before You Start
This document describes the steps needed for installing the various Aspire components of the SharePoint 2013 Publisher Endpoint.
This installation is done through a powershell script that will setup and configure the following components:
- Intermediate Repository. Shared folder created to be used as a SharePoint External Source.
- (IIS Service) Aspire Service. Acts as a data source for the Aspire ECT.
- Reads XML files from the Repository using a separate timestamp file to managed updated content.
- Protected using NTLM authentication mechanism.
- Any user accessing this service must be member of the AspireUsers Active Directory or local Windows group.
- (SharePoint Solution) Notification Endpoint. Receives requests for crawling the Aspire Content Source.
- Creates the Content Source specific directory in the publisher file share.
- Creates the Search Service Application Content Source.
- Creates the BDC Model and External Content Type (ECT) in SharePoint Business Data Connectivity Services.
- Security Trimmer. Used to enhance the search query in SharePoint Search using group expansion from Aspire.
- Error Crawl Logs. Used to get crawled document logs from a content source.
IMPORTANT RECOMMENDATIONS
- Aspire to SharePoint 2013 Publisher consists of few components which can be installed on multiple servers. These components require domain user accounts specified for communicating between each other. Therefore first step of the installation is to plan which servers will host the components and which user accounts are to be used.
- All hosts and user accounts should be in the same AD domain.
- The user that executes the script should be Member of the Administrators user group and also part of the same AD domain.
- Since there are some known issues with the SharePoint 2013 Endpoint, it is recommended that you use the same user for all the services involved.
- It is recommended as well, that you keep the intermediate repository in the same server that is running the Aspire service (we are currently working on identifying the cause of these issues, and will update this page accordingly).
Installation and Prerequisites
- SharePoint 2013 Publisher EndPoint Prerequisites
- SharePoint 2013 Publisher EndPoint Installation
- Removing the SharePoint 2013 Publisher EndPoint
SharePoint 2013 Aspire Components Installation
Publisher Installation
Single Server Installation
- Download the latest version of the installation files from our repository
- Log in to a SharePoint 2013 server
- Copy the installation package (Deploy file) to that server
- Extract it to some directory (i.e.: C:\Deploy)
- Fill up the configurationParameters.xml
- Start PowerShell as administrator
- cd to scripts directory (cd “C:\Deploy\scripts”)
Run
.\DeployPublisher.ps1 -configurationFilePath ..\config\configurationParameters.xml
(Optional) Install the Security Trimmer. Run
.\DeployAspireSecurityTrimmer.ps1 -configurationFilePath ..\config\configurationParameters.xml
- Reboot the server to ensure security group memberships are updated
- Deploy and configure Aspire component (SharePoint 2013 Publisher Configuration Tutorial)
Multi-Server Installation
- Install the intermediate repository
- Log in to the server that you plan to install the intermediate repository
- Copy the installation package Deploy File to that server
- Extract it to some directory (C:\DeployRepository)
- Fill up the configurationParameters.xml
- Start PowerShell as administrator
- cd to scripts directory (cd “C:\ DeployRepository\scripts”)
Run
.\DeployIntermediateRepository.ps1 -configurationFilePath ..\config\configurationParameters.xml
- Reboot the server to ensure security group memberships are updated
- Deploy Aspire BDC Service
- Copy the extracted installation folder content (C:\DeployRepository\...) with updated configuration file, from Intermediate Repository server
- Log in to the server that you planned to install Aspire Service, and paste copied content to some directory (C:\DeployAspireService)
- Make sure the configuration file has been updated from the previous installation and filled piped parameters inside Aspire BDC Service inputs.
- Start PowerShell as administrator
- cd to scripts directory (cd “C:\DeployAspireService\scripts”)
Run
.\DeployAspireBDCService.ps1 -configurationFilePath ..\config\configurationParameters.xml
- Reboot the server to ensure security group memberships are updated
- Deploy Notification Service
- Copy the installation package (C:\DeployAspireService) with updated configuration file, from Aspire Service server
- Log in to any SharePoint server that you planned to install Notification Service, and paste copied content to some directory (C:\DeployEndpoint)
- Make sure the configuration file has been updated from the previous installation and filled piped parameters inside Notification Service inputs.
- Start PowerShell as administrator
- cd to scripts directory (cd “C:\DeployEndpoint\scripts”)
Run
.\DeployNotificationService.ps1 -configurationFilePath ..\config\configurationParameters.xml
- Reboot the server to ensure security group memberships are updated
- Deploy and Configure Aspire Component
Security Trimmer Installation
- Fill up the configurationParameters.xml
- Start the SharePoint Management Shell as Administrator.
- cd to scripts directory (cd “C:\DeployEndpoint\scripts”).
Run
.\DeployAspireSecurityTrimmer.ps1 -configurationFilePath ..\config\configurationParameters.xml
- RESTART The SharePoint Search Host Controller service
Configuration Parameters Example
The configuration file is found here "..\Deploy\config\configurationParameters.xml".
The next is an example on how to fill up the configuration file using the QA\spadmin for all the services.
Section Description
Security
<security> <usersGroupName>AspireUsers</usersGroupName> <ldapGroupQuery>CN=Users,DC=QA,DC=local</ldapGroupQuery> </security>
The security section is an initial approach to have the users group name configurable. Right now it is hardwired to AspireUsers and cannot be changed due to code limitations.
Right now this configuration is used to determine if the AspireUsers group exists as an Active Directory group and if not, it will create it locally.
| Field | Description |
|---|---|
| Users Group Name | User group to which the users must belong to. |
| LDAP Group Query | The LDAP query (minus the group name) that will be used to check for the existence of the group. |
Users
<users> <aspireServiceAppPool>QA\spadmin</aspireServiceAppPool> <contentAccess>QA\spadmin</contentAccess> <aspirePropertyRepositoryUser>QA\spadmin</aspirePropertyRepositoryUser> <aspirePropertyEndpointUser>QA\spadmin</aspirePropertyEndpointUser> </users>
The users section specifies the users for each component.
| Field | Description |
|---|---|
| Aspire Service app pool user | User who runs the app pool of Aspire BDC Service |
| Content access user | SharePoint default content access account |
| Aspire property repository user | Intermediate Repository user, which is specified in Aspire PublishToSP2013 application properties. This can be any domain user |
| Aspire property endpoint user | Endpoint user, which is specified in Aspire PublishToSP2013 application properties. This can be any domain user |
Repository
<repository>
<inputs>
<folderPath>C:\Repository</folderPath>
<shareName>IntermediateRepository</shareName>
</inputs>
<outputs>
<repositorySharePath></repositorySharePath>
</outputs>
</repository>
The Repository section defines the directory where the batches that Aspire generates will be stored until SharePoint crawls them and then get cleaned up.
Only the properties under the inputs node must be defined.
| Field | Description |
|---|---|
| Folder Path | Location used to map the Shared folder |
| Share Name | Name of the Shared folder that will be exposed to the smb protocol |
Aspire BDC Service
<aspireService>
<inputs>
<folderPath>C:\inetpub\wwwroot\AspireBDCService</folderPath>
<repositorySharePath piped="true"></repositorySharePath>
</inputs>
<outputs>
<aspireServiceUrl></aspireServiceUrl>
</outputs>
</aspireService>
The Aspire BDC Service section defines the destination of the service's assemblies and the url to the intermediate repository.
Only the properties under the inputs node that don't have the piped attribute as true must be defined.
| Field | Description |
|---|---|
| Folder Path | Destination of the service's assemblies |
Repository Share Path | The repository's url. This value is generated when running the script to set the repository. |
Notification Service
<notificationService>
<inputs>
<webAppUrl></webAppUrl>
</inputs>
<outputs>
<notificationServiceUrl></notificationServiceUrl>
</outputs>
</notificationService>
The Notification Service section defines the SharePoint web application where the Notification Service will be deployed.
Only the properties under the inputs node can be defined.
| Field | Description |
|---|---|
| Web App Url | Optional. Defines the SharePoint web application where the notification service will be deployed. If no web app is defined it will deploy in all web apps in the farm. It can be deployed in the central admin as long as a Web Front End service is enabled in that server.
|
Security Trimmer
<securityTrimmer>
<inputs>
<groupExpansionService>http://localhost:50505/groupExpansion</groupExpansionService>
<groupExpansionTimeout>15000</groupExpansionTimeout>
<useDomain>false</useDomain>
<claimIssuer>aspire</claimIssuer>
<searchApplicationName>Search Service Application</searchApplicationName>
<id>1</id>
<assemblyVersion>2.2.0.2</assemblyVersion>
</inputs>
</securityTrimmer>
The Security Trimmer section defines the properties that the Trimmer component needs to access the group expansion service in order to verify the claims of a user requesting documents.
| Field | Description |
|---|---|
| Group Expansion Service | Url of the Aspire Group Expansion service |
| Group Expansion Timeout | Timeout to wait for Group Expansion response |
| Use Domain | Use domain in security trimmer |
| Claim Issuer | If you are using "Use Aspire" option in the SharePoint2013 Publisher, type "aspire" |
| Search Application Name | Name of the Seach Application |
| Id | The trimmer instance Id in SharePoint. Default is 1. |
| Assembly Version | Version of the trimmer dll registered on the GAC |
Installation Verification
Repository
Check in your drive that the folder was created. The location can be found in the output parameter <repositorySharePath>.
Aspire BDC Service
- Go to IIS.
- On the left side (on the Connections Panel).
- Expand in your server, the "Sites" folder.
- Check that "AspireBDCService" is in there.
- Right click on it -> Manage WebSite -> Browse.
- You should see something like this:
Notification Service
- Go to http://<sp2013_server>/_vti_bin/AspireNotificationService/AspireNotificationService.svc
- Verify that the URL provided by the Notification Service installation is the correct one. In some cases you'll have to use the fully quallified DNS name instead of hostname only or change the URL protocol (http/https). It should be the root site of an existing web application or the Central Administration web application site.
- You should see something like:
Security Trimmer
- Open SharePoint 2013 Management Shell
- Run the following command: Get-SPEnterpriseSearchServiceApplication -Identity MySSA | Get-SPEnterpriseSearchSecurityTrimmer
- You should see something like this:
Overview
Content Tools