Deploy sql express and share point foundation

  • Published on

  • View

  • Download

Embed Size (px)


Sharepoint with reporting service


  • 1.Deploy SQL Express and SharePoint Foundation on Window Server 2008 R2 I. Hardware Requirements - SQL server Processor 64 bit, 4 cores (small deployments) and 8 cores (medium deployment) RAM: 8 GB (small deployments) and 16 GB (medium deployment) Hard disk 80 GB - Application Server + Front-end Web Server (SharePoint Foundation) Processor 64 bit, 4 cores RAM: 8 GB Hard disk: 80 GB (System drive) + storage depending on your requirement II. Software Requirement - Microsoft SQL Server 2008 R2 Express - Microsoft SharePoint Foundation 2010 - Window Server 2008 R2 SP1, 64 bit III. Lap Set Up We need three servers - ADDS Server - SQL Server - SharePoint Server 1. ADDS Sever - Sever Name: ADDS - IP Address: - Server Role: Active directory domain service In this server we need to create 4 user to use with SQL server and SharePoint server List of the users - Spadmin (administrator role) - Spappol (user) - Spfarm (administrator role) - SQLSVC (user) 2. SQL Server - Server Name: SQL - IP Address: - Server Role: DB Server 3. SharePoint Server - Server Name: SPS - IP Address: IV. Installation Quid Note: All server are all the member of Domain Server (Join Domain) 1. Step 1 (Deploy on SQL Server) Install SQL Server Express On SQL Server a. On this server we need to add .Net Framwork 3.5.1 for SQL Server Express requirement - Open Server Management near Start Menu, when the Server Management appear On the left Menu click on Features and the detail menu click Add Features

2. - When the Add Features Wizard Appear and on Select Feature click on .Net Framework 3.5.1 and then click Next - On the Confirm Installation Selection click on Install Button 3. - On the installation Progress page wait until installation completed - On the installation Result click close to finish installation b. After we have added features already we can install SQL Server Express on it - Double click the soft setup 4. - On the SQL Server installation page appear click on New installation or add features to an existing installation - SQL Server 2008 R2 Setup and on the License terms page appear click on I accept the license terms box and then click next - Setup support file is in progress 5. - On the Features selection page select all features and then click Next - On the Install configuration page tick on Default instance and in the instance root directory change part to D:Programe fileMicrosoft SQL Server - On the Server configuration page click on Use the same account for all SQL Server services 6. - On the Use the same account for all SQL Server services page appear type the User Name and the password - On the Server configuration page again on the SQL Browser rule chose Automatic and click Next - Click Next 7. - Click Next - On the Installation progress page wait utile it completed - On the Complete page Your SQL Server 2008 R2 installation completed successfully and click close to finish installation 8. c. Install SQL Management Studio - Double click on SQL Management studio 64bit soft - On the SQL installation Center page click on the New installation or add features to an existing installation - Sep up supporting Rules is in progress 9. - On the Installation Type choose New installation or add shared features and click Next - On the License Terms Page tick on the I accept the license terms box and then click Next - On the Features Selection page select all the features and then click next 10. - On Error Report page click Next - Install is in progress - Your SQL Server 2008mR2 installation completed successfully and then click close to complete installation 11. d. Connect to SQL Server 2008 R2 Management studio to add user Logon - Open SQL Server 2008 R2 Management studio and then click connect - Expand security and right click on Logon folder and click New Login - On Login New page and Login name box click on Search button 12. - On the Select User or Group choose Spfarm ( and click OK - Click on the Server Role and in the Server roles tick on the dbcreator, public and sysadmin box and click OK 2. Step 2 (Deploy SharePoint Foundation Sever on SPS Sever) a. Install prerequisite - Run command on Window PowerShell 13. - Double click on PrerequisiteInstaller - On the welcome to the Microsoft SharePoint 2010 Products Preparation Tool page click Next - On the License Terms for software products page tick on I accept the terms of the License Agreements and click Next 14. - Installation is in progress - All required prerequisites have been installed or enabled and click finish b. Install SharePoint Foundation Server - Double click on SharePoint Foundation soft 15. - SharePoint Foundation 2010 appear click on Install SharePoint Foundation - On the Read the Microsoft Software License Terms page tick on I accept the terms of this agreement box and click Continue button - On the Choose the installation you want choose Server Farm button 16. - On Server Type page choose complete Install all components. Can add servers to form a SharePoint farm and click Install Now button - Installation in progress - On Run Configuration Wizard click close 17. c. Configuration Note: Restart Server is requirement - SharePoint Products Configuration Wizard page click Next - And then click yes on this message - On the Connect to a Server farm tick on Create a new farm and click next 18. - Specify configuration database settings in the Database Server box type the name of database server and username and password and click Next - On the Specify farm security settings type the password - Specify port number and click next 19. - On the Complete the SharePoint products configuration wizard click Next - Configuring SharePoint Products is in progress - On the Configuration Successful click finish 20. - Login to Central Administration Page with System Account user and click OK - Home page of central Administration page 21. Integrate SharePoint Server and Reporting Server I. The structure of the System 22. II. Understanding the Authentication 1. Client Authentication (SharePoint Integrated Mode) In a SharePoint Server 2010 integrated mode deployment, the authentication process is similar to authentication in a native mode deployment, with one additional authentication point, as shown in Figure 5. After the user is authenticated when accessing the SharePoint site, the SharePoint site's application pool identity must be authenticated before connecting to the site's content database to retrieve the requested content. Then, just as in native mode, the user's request for a report requires a connection to the report server database and a connection to the data source host. The Web application associated with the SharePoint site determines the authentication method used for the client connection. When you create the Web application in Central Administration, you can specify either classic mode authentication or claims-based authentication. a. Classic mode authentication This authentication method relies on Windows integrated security. The client application presents the SharePoint server with the credentials used to run the browser or, in the case of a custom application, the credentials used to run the current thread. When you select this method, you must further specify Kerberos or NTLM as the authentication type. b. Claims-based authentication This authentication method relies on the use of a token for an identity that has been issued by a trusted authority so that private information doesn't need to be passed around. By using claims-based authentication, you can more easily support access to a SharePoint site by internal and external users. Claims-based authentication can be used in combination with more familiar authentication methods. For example, you can configure claims-based authentication to use Windows authentication 23. (NTLM, Negotiate, or Basic) to translate a Windows identity into a claims identity. Another option is using forms-based authentication to prompt the user for credentials in a login page that uses ASP.NET membership and role providers to establish the claims identity. A third option is identifying a Trusted Identity Provider that issues tokens to a client that the SharePoint server will accept for authentication. 2.SSRS Authentication (SharePoint Integrated Mode) When you configure SSRS to run in SharePoint integrated mode, you must specify an authentication mode on the Reporting Services Integration page in Central Administration. You can find this page in the General Application Settings section. SharePoint uses either Windows authentication or Trusted Account mode to authenticate with the report server. a. Windows authentication With this authentication mode, SharePoint uses a delegation model to perform its own authentication when a user accesses a site. SharePoint also uses the delegation model to forward the authenticated identity to the report server for another round of authentication, which requires the user to have a login for the report server. If Kerberos is enabled on your network, Windows authentication is a good option. You can then configure report data sources to use Windows integrated security to pass the user's identity to the database server. Kerberos /k rbrs/ is a computer network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a clientserver model, and it provides mutual authenticationboth the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks. Kerberos builds on symmetric key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication. Kerberos uses port 88 by default. b. Trusted Account mode When the report server uses Trusted Account mode for authentication, SharePoint doesn't send the client identity but instead uses the application pool identity assigned to the SharePoint Web application hosting the requested site. The account assigned as the application pool identity must be in the list of service accounts in the Security Configuration section on the Operations page of Central Administration. SharePoint also generates a token, which it sends with the request to the report server. The token is passed back to SharePoint to provide the security context for the response. This token is valid only for the originating site to reduce the surface area for attacks. Data sources must use stored credentials or prompted credentials because Windows integrated security isn't supported when the report server is in Trusted Account mode. If you configure a Web application to use claims-based authentication, the SSRS proxy in SharePoint will use Trusted Account mode authentication (even if you configured it to use Windows authentication) and forward a SharePoint user token to the report server. The report server, in turn, generates the appropriate security context for the user token and returns the request. 24. 3.Reporting Services Service Authentication (Both Modes) Whether you're running SSRS in native mode or SharePoint integrated mode, the Reporting Services service must be authenticated when connecting to the report server database in response to a report request or content management task. In fact, any activity that requires the report server to store the application state, retrieve reports, or retrieve other report-related data (but not including execution of queries for reports) also requires authentication of the Reporting Services service. You configure the identity and the authentication mode on the Database page of Reporting Services Configuration Manager. There are three authentication options: Windows CredentialsYou must supply a valid Windows account and password to use for authenticating the report server's connection to the report server database. SQL Server CredentialsYou need to provide a SQL Server login and password. Service CredentialsThe service account that you're using to run the Reporting Services service is automatically selected for authentication. If you later change the service account, you must also reconfigure the report server database credentials to ensure that the authentication process works properly. 4.Data Source Authentication (Both Modes) When a report executes, the report server provides credentials for authentication to the server hosting the data source for the report. When you configure the data source, you need to choose one of the following authentication types. a. Windows integrated security You should use this authentication type in only two scenarios. You'd use it when your data source and the report server are located on the same server. You'd also use it when your network is configured for Kerberos and the report server is configured to use Negotiate or Kerberos authentication. Otherwise, the report server won't pass user credentials to the data source, nor will the report server prompt the user for credentials. b. User-supplied credentials You can prompt the user for credentials when the report executes, although users might grow weary of this method if they frequently request a report. By default, the report server assumes the credentials represent a database login, but you can select a check box to change the usage to Windows credentials. If database credentials are used, the report server connects to the database server using the service account or the unattended execution account specified in Reporting Services Configuration Manager. c. Stored credentials If you need to execute reports on a scheduled basis for caching, snapshots, or subscriptions, you must use stored credentials and supply the credentials in the data source. If you don't need to send the user's identity to the data source to apply row-level security to query results, using stored credentials is a good option. As with user-supplied credentials, you can specify whether the database server 25. or Windows will authenticate the credentials. In addition, you can specify whether the report server can impersonate the user after making the connection to the database. d. No credentials You can use this option for data sources that don't require authentication or if you provide credentials in the data source connection string (which isn't a recommended approach) as long as the unattended execution account is configured. The report server connects to the data source server using the unattended execution account, although authentication will fail if SQL Server Analysis Services (SSAS) is the data source. III. Install and Configure Reporting Service We begin by installing SQL Reporting Services for SharePoint on our Application Server or on a dedicated Reporting Services Server with SharePoint running. Launch the SQL Server Installation Center an...


View more >