Publishing service applications in sharepoint

Publishing service applications in sharepoint

                                                                                                   

          

               

Follow the below steps to publish the service applications between different farms.

Setting Up the Farm Trust

1. On the publishing server, create a folder at c:\PubCerts.

2. From the publishing server, open the SharePoint 2013 Management Shell. To get the certificate, type the following line and press Enter

        $rootCert = (Get-SPCertificateAuthority).RootCertificate

3. To export the certificate, type the following line and press Enter:

$rootCert.Export("Cert") | Set-Content C:\PubCerts\PublishingRoot.cer

-Encoding byte

4. Copy the c:\PubCerts folder from the publishing server to the consuming server.

5. On the consuming server, create a folder at c:\ConsumerCerts.

6. From the publishing server, open the SharePoint 2013 Management Shell.

7. To get the certificate, type the following line and press Enter:

          $rootCert = (Get-SPCertificateAuthority).RootCertificate

8. To export the certificate, type the following line and press Enter:

$rootCert.Export("Cert") | Set-Content C:\ConsumerCerts\ConsumingRoot.cer

-Encoding byte

9. To get the STS certificate, type the following line and press Enter:

$stsCert =(Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate

10. To export the STS certificate, type the following line and press Enter:

$stsCert.Export("Cert") | Set-Content "C:\ConsumerCerts\ConsumingSTS.cer"

-Encoding byte

11. Copy the c:\ConsumerCerts folder to the publishing server.

12. Still on the consuming server, to load the publishing server’s certificate, type the following line and press Enter:

$trustCert = Get-PfxCertificate "C:\PubCerts\PublishingRoot.cer"

13. To set up the trust using the certificate, type the following line and press enter:

New-SPTrustedRootAuthority PublishingFarm -Certificate $trustCert

14. Return to the Management Shell on the publishing server.

15. To load the consuming server’s certifi cate, type the following line and press Enter:

$trustCert = Get-PfxCertificate "c:\ConsumerCerts\ConsumingRoot.cer"

16. To set up the trust using the certificate, type the following line and press Enter:

New-SPTrustedRootAuthority Collaboration -Certificate $trustCert

17. To load the consuming server’s STS certificate, type the following line and press Enter:

$stsCert = Get-PfxCertificate "c:\ConsumerCerts\ConsumingSTS.cer"

18. To add the STS certificate to the trust, type the following line and press Enter:

New-SPTrustedServiceTokenIssuer Collaboration -Certificate $stsCert

19. Return to the Management Shell on the consuming server.

20. Type the following line and press Enter:

Get-SPFarm | Select Id

21. Record that GUID for use later.

22. Return to the Management Shell on the publishing server.

23. To get the security object for the Application Discovery and Load Balancer service

application, type the following line and press Enter:

$security = Get-SPTopologyServiceApplication |

Get-SPServiceApplicationSecurity

24. To get the farm’s claim provider object, type the following line and press Enter:

$claimProvider = (Get-SPClaimProvider System).ClaimProvider

25. To set up the new claim principal for the consuming farm, type the following line and press

Enter:

$principal = New-SPClaimsPrincipal -ClaimType "http://schemas.microsoft.com

/sharepoint/2009/08/claims/farmid"

-ClaimProvider $claimProvider

-ClaimValue <Type the ID from Step 21, don't include the <>>

26. To give that principal permission in your publishing farm to the Application Discovery and

Load Balancer service application, type the following line and press Enter:

 Grant-SPObjectSecurity -Identity $security -Principal $principal

-Rights "Full Control"

27. To set the access just given, type the following line and press Enter:

 Get-SPTopologyServiceApplication | Set-SPServiceApplicationSecurity

-ObjectSecurity $security

That completes the process of establishing a trust between the two farms so that the publishing server can serve up service applications to the consuming farm. If you want to look at the trusts or possibly remove one, you can do that through the GUI by navigating to Central Administration ➪Security ➪ Manage trust.

Publishing a Service Application

For this task, you could dive back into Power Shell or you could use the GUI in Central

For this example, you will publish a Managed Metadata service application:

1. On the publishing server, open Central Administration.

2. Navigate to Application Management ➪ Manage service applications.

3. Click to the right of the service application you want to make available.

4. In the Ribbon, click Publish.

5. On the Publish Service Application page, check the box for “Publish this Service Application to other farms.”

6. For the Publish URL, copy all of the string that begins with “urn:” and ends with “.svc.”

For example, it will be similar to the following:

urn:schemas-microsoft-com:sharepoint:service:ac40e8f87daa43d9bec93f9fa99360c7

#authority=urn:uuid:de389296913c4f00b7970f50ea298fd4&authority=

https://server:32844/Topology/topology.svc

7. Scroll down the page and click OK.

8. Click to the right of the service application.

9. From the Ribbon, click Permissions.

10. Enter the farm ID of the consuming farm (refer to step 21 in the previous section, “Setting

Up the Farm Trust”). Click Add.

11. Highlight the remote farm: <Your Farm ID>.

12. For permissions, check the box to assign the permissions you wish to give to the remotefarm. The permissions available will vary according to the service application being published.

13. Open Central Administration on the consuming farm and navigate to Application

Management ➪ Manage service applications.

14. From the Ribbon, click Connect.

15. Enter the URL for the service application you want to access from step 6 in this section.

Click OK.

16. Click the service application name so that it is highlighted in yellow.

17. You can specify whether this service application should be included in the default service application group. When you are done, click OK.

18. Either accept the default connection name or enter your own. When you are fi nished,

click OK.

19. At the Success screen, click OK.

You can now work with the service application just as if it were part of your farm. 

Please Comment if you need Any Help.Your Feed back is always Welcome.I Am Happy to Help !!!!!