Multi-tenancy with Service Farm

Service farm provide the following partitioned service applications: SSS, MMS, BCS, Search, UPA

Consuming farm one web application http://hosting.litware.local hosting several host header site collections for tenant

  • Steps to create partitioned service applications
    • PowerShell with either PartitionMode or Partitioned switch
  • Publish service applications
    • trust Root authority and STS cert from consuming farm
    • grant consuming farm ID full trust to Application Discovery and Load Balancer Service App and related service apps to be published
    • publish service applications from UI and get all Uri from the publishing screen
    • Permissions
      • UPA
        • setup account full control and administrators full control, consuming farm account and webapp account full control
      • Search
      • BCS
      • SSS
      • MMS
  • Consuming service applications
    • trust publishing farm Root authority cert
    • use powershell New-SPXXXProxy cmdlet with Partitioned or PartitionMode to create proxy, the –Uri is the Uri you got from the publishing screen
    • note: when connects to remote BCS and SSS you cannot specify partitionmode so you need to fix the proxy afterward using following scripts:
    • -- SSS
      $proxy = Get-SPServiceApplicationProxy fb99edae-1b27-49c2-82bf-60bf6b9e91a
      $prop = $proxy.Properties
      $type = $prop["Microsoft.Office.Server.Utilities.SPPartitionOptions"].GetType()
      $partition = [enum]::Parse( $type, 1 )
      $prop["Microsoft.Office.Server.Utilities.SPPartitionOptions"] = $partition

      -- BCS
      $proxy = Get-SPServiceApplicationProxy db0f1f9f-aec4-45c1-a149-47f105278304
      $prop = $proxy.Properties
      $type = $prop["Microsoft.SharePoint.Utilities.SPPartitionOptions"].GetType()
      $partition = [enum]::Parse( $type, 1 )
      $prop["Microsoft.SharePoint.Utilities.SPPartitionOptions"] = $partition

  • Create a named proxy group to group all partitioned service proxy, then use UI to add those proxies into this named group
    • New-SPServiceProxyGroup “Partioned Service Applications”
    • associate the named proxy group to web application http://hosting.litware.local
  • Turn on multi-tenancy
    • create Settings Service Application and start the service instance
    • Get-spserviceinstance | ? {$_.GetType().Name -eq "SPSubscriptionSettingsServiceInstance"} | Start-SPServiceInstance

      $acc = Get-SPManagedAccount  "LITWARE\sp_service"
      $appPool = New-SPServiceApplicationPool -Name "Settings Service App Pool" -Account $acc
      $app = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $appPool –Name "Settings Service App" -DatabaseServer LITSQL1 –DatabaseName Internet_SettingsServiceDB
      $proxy = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $app

    • create a host header site collection and test if the site collection is working before adding to subscription
      • New-SPSite -Url http://aw.local -OwnerAlias "litware\aw1" -HostHeaderWebApplication "http://hosting.litware.local" -Template "STS#0"
      • Note: To avoid manually creating IIS host header for host header site collections on the web application, you should not use host header when creating the web application that will be used for the host named site collections. What I did not make it work is to stop default website which is using the port 80, created a web application on port 80 (http://litsp1) and then create host header site collections using http://litsp1 and this works without manually adding host header to the IIS website; I further extended http://litsp1 to http://host2.litware.local to different zone, then I used the http://host2.litware.local to create host header site collection (http://pursca.local) and this works too – I checked the SPSite.WebApplication for http://pursca.local is still pointed to http://litsp1 even I used the http://host2.litware.local in the New-SPSite command to create the second site collection.  So the question is how do we make host header site collections load balanced on multiple servers if the SPSite.WebApplication always pointed to the physical box name? (to be researched on this)
      • good reading from Kirkk Evans on Host Named Site Collections
    • create subscription and add the site collection into subscription
      • $sub = Get-SPSiteSubscription <Guid>
      • $site = Get-SPSite http://aw.local
      • $sub.Add($site)
    • create tenant management site
    • create hostheader managed path for mysite (http://aw.local/my) and a mysite host
      • New-SPManagedPath “my” –hostheader –Explicit
      • New-SPSite -Url http://aw.local/my -OwnerAlias "litware\aw1" -HostHeaderWebApplication "http://hosting.litware.local" -SiteSubscription $sub -Template "SPSMSITEHOST#0"
      • new-spmanagedpath "/my/personal" -hostheader
    • create search center (if your aw.local is using publishing portal, you will have a subsite named as search so to avoid confusion you might want use /sites/searchcenter for cross site collections search)
    • Import user profile after adding first tenant
      • $sub = Get-SPSiteSubscription <Guid>
      • $upaProxy = Get-SPServiceApplicationProxy <Guid>
      • Add-SPSiteSubscriptionProfileConfig -id $sub –SynchronizationOU “AdventureWorks” –MySiteHostLocation "http://aw.local/my" -MySiteManagedPath "/my/personal" -SiteNamingConflictResolution "None" -ProfileServiceApplicationProxy $upaProxy
      • note: by some reason the sp_farm are imported for each tenant as an user – need to do some investigation 
    • MySite settings (http://aw.local/my/username)
      • enable self-site creation on http://hosting.litware.local – root site collection must be created before you can enable self-site creation
    • Search

Comments (0)

Skip to main content