Installation WSS 3.0

This document will walk you through an WSS 3.0 installation.
Start by creating the following users in an OU in AD
Required Users and Groups

Group/Name
Account
Description
MOSS

SPAdmins
Group
The SharePoint administrators security
WSS/MOSS

SPConfigAcct
Account
The account used to connect to the configuration database, run the administration application pool, and run the timer service
WSS/MOSS

SPContentPool
Account
The account used for the site collection application pool
WSS/MOSS

SPSearchAcct
Account
The account used to perform searches
WSS/MOSS

SPCrawlAcct
Account
The account used to crawl and index Content
WSS/MOSS

SPSharedServicesPool
Account
The account used for the Shared Services application pool
WSS/MOSS

SPSharedServicesAcct
Account
The account under which Shared Services run
MOSS Only

This guide assumes that you installed Windows 2003 Server and that you have completed Windows Update.

You can follow the steps in this section if you do not plan on deploying MOSS. If you are going to deploy MOSS, you can skip this section and move on to the MOSS deployment.MOSS 2007 Installation.aspx

Add the Application Server Role

You need ASP.NET to run WSS 3.0. In this section, you will install .NET Framework 2.0, but first you need to configure your server to run the Application Server role.

Follow these steps to configure the server:

1. From the Manage Your Server applet, select the right-facing arrow to add or remove a role to the server.

2. On the Preliminary Steps screen, click the Next button.

3. On the Server Role screen, select Application Server (IIS, ASP.NET) from the list of available roles and click the Next button.

4. On the Application Server Options screen, leave both boxes unchecked and click the Next button.

5. On the Summary of Selections screen, click the Next button.

Installing the .NET Framework 2.0

.NET Framework 2.0 is required to run WSS 3.0. Access and download the framework using Windows Update (If Windows Update hasn't been run).

Follow these steps to install the .NET Framework 2.0:

1. Launch the Microsoft .NET Framework Version 2.0 Redistributable Package DOTNETFX.EXE.
2. Follow the simple steps in the wizard to complete the installation.
3. When the installation completes, select Start Administrative Tools Internet Information Services (IIS) Manager.
4. In the IIS Manager applet, click the Web Service Extensions folder.
5. Select ASP.NET 2.0.50727 from the list of extensions and click the Allow button.

Installing the .NET Framework 3.0

WSS 3.0 requires the .NET Framework 3.0 for workflow support. You can access and download the framework using Windows Update. The installation is straightforward and requires no special considerations.

Installing WSS Software

Installing WSS on the server requires installation and then configuration. The installation is straightforward and only requires a few steps through a wizard interface. Configuration is performed after the software is installed.

Follow these steps to install Windows SharePoint Services:

1. Run SETUP.EXE for WSS v3.
2. On the License Agreement screen, accept the agreement and click the Continue button.
3. On the next screen, click the Advanced button.
4. On the Server Type tab, select the Web Front End option.
5. Click the Install Now button.
6. When the installation is complete, check the box to run the Configuration Wizard and to configure WSS:

1. On the welcome screen, click the Next button.
2. In the warning dialog, click the Yes button to acknowledge that the listed services will be stopped.
3. On the Connect to a Server Farm screen, select No, I Want to Create a New Server Farm and click the Next button.
4. On the Configuration Database Settings screen, enter NameOfServer in the Database Server field.
5. Enter WSS_Config in the Database Name field.
6. Enter DOMAIN\SPConfigAcct in the Username field.
7. Enter the password for the SPConfigAcct in the Password field.
8. Click the Next button.
9. On the Configure SharePoint Central Administration Web Application, select either NTLM or Kerberos as the authentication provider and click the Next button.

If you choose to use Kerberos authentication, further steps will be necessary to configure the authentication provider. Do not use Kerberos authentication if you do not have the ability to access and modify Active Directory.

On the completion screen, click the Next button to apply the configuration settings.

11. After closing the configuration wizard, the Central Administration site will open automatically.

If prompted with a login dialog, enter the administrator credentials.

12. When prompted, add the Central Administration site to the list of trusted sites.
13. After the Central Administration site opens, close it until you have finished configuring security.

Turning Off Internet Explorer Enhanced Security

Windows Server 2003 installs Internet Explorer with Enhanced Security activated. Although this is a good default setting for production machines, it can and will prevent content from being rendered in SharePoint. You’ll want to disable Enhanced Security in the development environment to make sure you have complete access to administrative functions.

Follow these steps to disable Internet Explorer Enhanced Security:

1. Select Start Control Panel Add or Remove Programs.
2. Click the Add/Remove Windows Components button on the Add/Remove Programs screen.
3. Uncheck the Internet Explorer Enhanced Security Configuration box.
4. Click the Next button.

Adding WSS to the List of Trusted Sites

You may find that when you access WSS sites that you are prompted for a username and password.

You can eliminate this behavior by adding the”WSS_SERVERNAME” server to the list of trusted sites or the Local Intranet zone. In either case, you should also ensure that the browser settings are configured to automatically log the user on to the site.

Follow these steps to add the server to the list of trusted sites:

1. In the Internet Explorer, select Tools Internet Options.
2. On the Security tab, click the Trusted Sites icon.
3. Click the Sites button.
4. Clear the box titled Require Server Verification (https) for All Sites in this Zone.
5. Verify that http://”WSS_ServerName” is in the Websites list. If not, add it to the list.
6. Click the Close button.
7. Click the Custom Level button.
8. In the Settings list, under User Authentication, select Automatic Logon with Current
Username and Password.
9. Click the OK button.
10. Click the OK button to close the options dialog

Configuring Kerberos Authentication

If you selected to use Kerberos as the authentication provider, you must perform additional configuration steps. The steps involve the definition of a Service Principal Name (SPN) for the application pool account. The SPN is used to authenticate the server to the client.

Follow these steps to configure Kerberos authentication:

1. Log in to the domain controller as a domain administrator.
2. Select Start Administrative Tools Active Directory Users and Computers.
3. In the Active Directory Users and Computers applet, click the Computers folder.
4. Right-click”WSS_SERVERNAME” and select Properties from the context menu.
5. On the General tab, check the box labeled Trust Computer for Delegation and then click the OK button.
6. Click the Users folder.
7. Right-click the SPConfigAcct account and select Properties from the context menu.
8. On the Account tab, check the box labeled Account is Trusted for Delegation and click the OK button.
9. Repeat steps 7 and 8 for the SPContentPool account.
10. Download the SPN tool from the following URL: http://195.90.105.218/Documents/useful%20files/setspn_Setup.rar
11. Create the SPN for the SPConfigAcct by running the following command:

SETSPN –A HTTP/”WSS_ServerName”.DOMAIN.LOCAL DOMAIN\SPConfigAcct

12. Repeat step 11 for the SPContentPool account.

Configuring WSS Components

Once you have the security settings properly configured, you can open the SharePoint Central Administration site on ”WSS_SERVERNAME” by selecting Start Administrative Tools SharePoint 3.0 Administration. On the home page, you will see a task list of recommended actions you should take to configure WSS.

The following sections will help you get the basic WSS configuration completed.

Designating the SharePoint Administrators Group

By adding a group to the list of administrators you can easily grant others administration capabilities through Active Directory.

Follow these steps to designate an administrator group:

1. Select Start Administrative Tools SharePoint 3.0 Administration.
2. On the SharePoint Central Administration page, click the Operations tab.
3. Under the Security Configuration section, click the link titled Update Farm Administrator’s Group.
4. On the People and Groups: Farm Administrators page, select New Add Users.
5. On the Add Users page, enter DOMAIN\SPAdmins in the Users field.
6. Click the OK button.

Starting the Search Service

The WSS Search Service is not running initially. In order to use search functions, you must configure the service with an appropriate account for searching and one for crawling. In this section, you will use the accounts you created earlier to configure the Search Service.

Follow these steps to configure the Search Service:

1. On the SharePoint Central Administration page, click the Operations tab.
2. In the Topology and Services section, click the link titled Services on Server.
3. On the Services on Server page, click the Start link next to the Windows SharePoint Services Search.
4. In the Service Account section, enter DOMAIN\SPSearchAcct in the User Name field.
5. Enter the account password in the Password field.
6. In the Content Access Account section, enter DOMAIN\SPCrawlAcct in the User Name field.
7. Enter the account password in the Password field.
8. Click the Start button.

Configuring Outgoing E-Mail

WSS uses an SMTP server to send alerts and messages to users. In this section, you will enter the e-mail settings for WSS. Follow these steps to configure the e-mail settings:

1. On the SharePoint Central Administration page, click the Operations tab.
2. In the Topology and Services section, click the link titled Outgoing E-mail Settings.
3. On the Outgoing E-Mail Settings page, enter VSPDC in the Outbound SMTP Server field.
4. Enter administrator@domain.local in the From Address field.
5. Enter administrator@domain.local in the Reply To field.
6. Click the OK button.

Creating a New Web Application and Site Collection

Once WSS is properly configured, you can finally create your first site. In this section, you will create a site collection based on the team site template. Follow these steps to create your first site:

1. On the SharePoint Central Administration page, click the Application Management tab.
2. On the Application Management page, click the link titled Create or Extend Web Application.
On the Create or Extend Web Application page, click the link titled Create a New Web Application.
4. On the Create a New Web Application page, select the option Use an Existing IIS Web Site.
5. Choose Default Web Site in the drop-down list.
6. Under the Authentication Provider, choose either Negotiate (Kerberos) or NTLM, depending upon the choice you made earlier.
7. In the Application Pool section, select Create a New Application Pool.
8. Enter WSS_Pool as the pool name.
9. Select the Configurable option for the application pool security account.
10. In the User Name field, enter DOMAIN\SPContentPool.
11. In the Password field, enter the account password.
12. In the Reset Internet Information Services section, select the option to Restart IIS Automatically.
13. In the Search Server section, select”WSS_SERVERNAME” from the drop-down list.
14. Click the OK button.
15. On the Application Created page, click the link titled Create Site Collection.
16. On the Create Site Collection page, enter Home Site in the Title field.
17. Use the drop-down list in the Web Site Address section and verify that just the single forward slash is selected. This will create the site at the root for the server.
18. Under the Primary Site Collection Administrator section, enter DOMAIN\Administrator in the User Name field.
19. Click the OK button to create the new site collection.
20. Once the Site Collection is created, return to the Application Management tab.
21. Click the link titled Policy for Web Application under the Application Security section.
22. On the Policy for Web Application page, click the Add Users button.
23. On the Add Users page, click the Next button.
24. Under the Choose Users section, enter any accounts that should have administrative control over the Site Collection. Be sure to include the DOMAIN\Administrator and”WSS_SERVERNAME”\Administrator accounts.
25. In the Choose Permissions section, check the box labeled Full Control.
26. Click the Finish button. You should now have full access to the new Site Collection.