Configuring MOSS 2007 for SQL Authentication

Posted: September 21, 2006 in Technical

          MOSS 2007 has been one of my latest all consuming learning tasks as of late. It has a lot of improvements over the previous version (SharePoint Portal server 2003). In going through my studies one huge issue has been enabling SQL Authentication for connections to all the databases.
          So why is this a big deal? Well let’s say I would like an external portal ou in my DMZ however, what I do not want is a SQL farm, with all my configuration info sitting out in the DMZ. I also do not want to go through the exercise of properly configuring trusts between my public domain and private domain(s) and having to manage the potential security issue associated with that. Now I am NOT a windows security expert and I would not even be able to play on on TV so anytime I can avoid needing a windows ecurity expert or mucking with trusts and potentially messing up something a true expert has set up, I do.
           After plenty of searching and a half a dozen unsuccesful attempts to install and configure MOSS 2007  to use SQL Auth instead of Windows I had just about given up until I came across a blog from Marcus Hass (http://blogs.technet.com/mhass/comments/444052.aspx ) that indicated that it was in fact possible to do what I wanted to do. So I set about attemping on my own to once again accomplish this holy grail of installs. Once again after a few additional installs I was unable to accomplish this. So I once again went to Mr. Hass for assistance, as luck would have it he was in the midst of doing a new install and checked  it out. Fortunately, he was successful in his endevour and provided me the following info:

Command-line reference for the SharePoint Products and Technologies Configuration Wizard

In SharePoint Products and Technologies, you can use the psconfig.exe command-line tool as an alternate interface to perform several operations that control how the SharePoint Products and Technologies are configured. You must be a member of the Administrators group on the local computer to perform these operations.

In this article

How to use psconfig.exe commands
Available commands and parameters

How to use psconfig.exe commands

When you run psconfig.exe from the command line, you can specify commands to control how the tool runs. To run psconfig.exe from the command line, navigate to the %WINDIR%Program FilesCommon FilesMicrosoft Sharedweb server extensions12bin folder, and then type the commands by using the following syntax:

psconfig.exe -cmd <command> [optional parameters]

The reference table in the next section contains several examples. There is also Help available from the command-line interface. To view Help, on the command line, type:

psconfig.exe -?

To get Help about a specific command, type:

psconfig.exe -help <command name>

The commands in psconfig.exe need to be run in a specific order to run successfully. If you use the SharePoint Products and Technologies Configuration Wizard to configure your installation, it calls the commands (also called configuration tasks) in the correct order for you. However, if you use the command line to run psconfig.exe, you need to be sure you are performing the tasks in the correct order. The psconfig.exe commands must be performed in the following order:

  1. configdb
  2. helpcollections
  3. secureresources
  4. services
  5. installfeatures
  6. adminvs
  7. evalprovision (only for stand-alone installations)
  8. applicationcontent

Important  If psconfig.exe detects that the server farm needs to be upgraded, it will automatically start an upgrade when run (even if you did not choose the upgrade command).

You can specify all of the commands to run in a single command-line string. If you do this, then psconfig.exe runs all of the commands in the correct order. For example, on the command line, you can run a command similar to the following:

psconfig.exe –cmd configdb <parameters> 
 
–cmd helpcollections <parameters> 
 
–cmd secureresources <parameters> 
 
–cmd services <parameters> 
 
–cmd installfeatures <parameters> 
 
–cmd adminvs <parameters> 
 
–cmd evalprovision <parameters> 
 
–cmd applicationcontent <parameters>

For more information about configuring your server or server farm from the command line, see the Windows SharePoint Services TechCenter.

 Top of Page

Available commands and parameters

In the SharePoint Products and Technologies Configuration Wizard, the following command-line options are recognized.

Command

Description, parameters, and examples

?

Displays the commands available for use with psconfig.exe.

Example

psconfig.exe -?

help <command name>

Displays the commands available for use with psconfig.exe. If a command name is specified, displays help for that command.

Example

psconfig.exe -help adminvs

adminvs

Manages the SharePoint Central Administration Web application on the local computer. Takes the following optional parameters:

[-provision]

Provisions the SharePoint Central Administration Web application on this server. Provisioning creates a new SharePoint Central Administration Web application and an application pool running under the server farm administrator’s account.

[-unprovision]

Unprovisions the SharePoint Central Administration Web application from this server. Unprovisioning removes the SharePoint Central Administration Web application and its application pool.

[-port <port number>]

The SharePoint Central Administration Web application port is a global setting to the server farm. When changing the port, a SharePoint Timer service job is dispatched to synchronize the port for all SharePoint Central Administration Web applications in the server farm. If a port is not specified, the port used for existing SharePoint Central Administration Web applications in the server farm is used. If a SharePoint Central Administration web Application has not been provisioned in the server farm, the default port chosen will be random if a port is not specified.

[-windowsauthprovider <enablekerberos | onlyusentlm>]

The SharePoint Central Administration Web application authentication provider is a global setting to the server farm. When changing the authentication provider, a SharePoint Timer service job will be dispatched to synchronize the provider on all SharePoint Central Administration Web aApplications in the server farm. If onlyusentlm is specified, NTLM will be the exclusive authentication provider for all SharePoint Central Administration Web applications. All other authentication providers are disabled and NTLM will be the only authentication provider allowed. If enablekerberos is specified, Kerberos authentication is enabled for all SharePoint Central Administration Web applications. If an authentication provider is not specified, the provider used for existing SharePoint Central Administration Web applications in the server farm will be used. If a SharePoint Central Administration Web application has not been provisioned in the server farm, then the Kerberos authentication provider will be enabled if an authentication provider is not specified.

Examples

psconfig.exe -cmd adminvs -provision -port 8080 -windowsauthprovider onlyusentlm

psconfig.exe -cmd adminvs -unprovision

applicationcontent

Manages shared application content. Takes the following required parameter:

-install

Copies shared application data (for example, resource files, Web application binaries) to existing Web application virtual directories.

Example

psconfig.exe -cmd applicationcontent -install

configdb

Creates, connects, or disconnects this server from the server farm. Takes the following optional parameters:

[-create]

Creates a new configuration database and thus establishes a new server farm. If this server is already connected to a configuration database, the server will be disconnected first, and then the new configuration database will be created.

[-disconnect]

Disconnects this server from the configuration database and thus disconnects this server from the server farm.

[-connect]

Connects to an existing configuration database and thus joins this server to an existing server farm. If this server is already connected to a configuration database, the server will be disconnected first, and then connected to the existing configuration database.

[-server <SQLServerName>]

The computer running SQL Server where the configuration database is located.

[-database <SQLDatabaseName>]

The configuration database name.

[-dbuser <value>]

The user name used for SQL authentication.

[-dbpassword <value>]

The password used for SQL authentication.

[-user <DomainUser>]

The server farm administrator user account.

[-password <Password>]

The server farm administrator user account password.

[-addomain <value>]

The Active Directory domain name used for the server farm.

[-adorgunit <value>]

The Active Directory organization unit name used for the server farm.

[-admincontentdatabase <SQLAdminContentDatabaseName>]

The Central Administration Web application content database name.

Examples

psconfig.exe -cmd configdb -create -server Server_name -database Database_name -dbuser DOMAINusername -dbpassword password -user DOMAINusername -password password -addomain domain_name -adorgunit org_unit -admincontentdatabase Database_name

psconfig.exe -cmd configdb -disconnect

psconfig.exe -cmd configdb -connect -server Server_name -database Database_name -dbuser DOMAINusername -dbpassword password

evalprovision

Provisions this server as a stand-alone (evaluation mode) server. Takes the following required and optional parameters:

-provision

Performs stand-alone mode provisioning on this server.

[-port <port number>]

The port number assigned to the default SharePoint Web application. If not specified, then port 80 is used. If a SharePoint Web application already exists using the port, the existing site will be overwritten. If an existing site is using the port and is not a SharePoint Web application, the site will be disabled and a new SharePoint Web application will be created using the port.

[-overwrite]

Specifies whether to overwrite any existing Microsoft Windows SharePoint Services 3.0 Web site during installation. If not specified, the site is not deleted.

Example

psconfig.exe -cmd evalprovision -provision -port 1100

helpcollections

Managed help collections. Takes the following required parameter:

-installall

Installs all available help collections.

Example

psconfig.exe -cmd helpcollections -installall

installfeatures

Registers any SharePoint Products and Technologies features located on the file system of this server with the server farm.

Example

psconfig.exe -cmd installfeatures

quiet

Runs the SharePoint Products and Technologies Configuration Wizard in quiet mode. Output is written to to the log file named PSCONFIG.EXE_MM_DD_YY_HH_MM_SS_MS.log, where "_MM_DD_YY_HH_MM_SS_MS" is the full date and time that the utility was run. The log file is stored in the %WINDIR%Program FilesCommon FilesMicrosoft Sharedweb server extensions12LOGS directory.

Example

psconfig.exe -cmd quiet

secureresources

Performs SharePoint Products and Technologies resource security enforcement on the server. For example, security is enforced on files, folders, and registry keys.

Example

psconfig.exe -cmd secureresources

services

Manages SharePoint Products and Technologies services. Takes the following optional parameters:

[-install]

Registers the services in the server farm that are located on this server.

[-provision]

Provisions the services that are located on this server and sets the services as online if SharePoint Products and Technologies are installed in stand-alone mode. Provisioning services also ensures that they are registered.

Example

psconfig.exe -cmd services -install

psconfig.exe -cmd services -provision

setup

Performs configuration for SharePoint Products and Technologies based on the installation mode. Also repairs the configuration. If the product or technology is installed in stand-alone mode, then stand-alone configuration is done. If the product or technology is not in stand-alone mode, you must complete the initial configuration by using the SharePoint Products and Technologies Configuration Wizard instead of the psconfig.exe command-line utility. To run the wizard, on the Start menu, point to All Programs, point to Administrative Tools, and then click SharePoint Products and Technologies Configuration Wizard.

If you want to repair a stand-alone installation, first run setup /repair (for more information, see the Setup Help system), and then psconfig.exe -setup. For server farm installations, after running setup /repair, use the SharePoint Products and Technologies Configuration Wizard instead of the psconfig.exe command-line utility.

Takes the following optional parameter:

[-lcid <1033>]

The locale ID (LCID) that specifies the installation language.

Example

psconfig.exe -cmd setup

standaloneconfig

Performs a stand-alone configuration for SharePoint Products and Technologies. Takes the following optional parameters:

[-lcid <1033>]

The locale ID (LCID) that specifies the installation language.

Example

psconfig.exe -cmd standaloneconfig

upgrade

Performs an upgrade of SharePoint Products and Technologies. This command is automatically run when running the SharePoint Products and Technologies Configuration Wizard if the product or technology needs to be upgraded. Takes the following optional parameters:

[-wait]

If specified, the SharePoint Products and Technologies Configuration Wizard does not return until upgrade completes. If not specified, the wizard returns after dispatching a SharePoint Timer Service job to perform upgrade. To view the upgrade job status, you can access the SharePoint Central Administration Web application by using your Web browser.

[-force]

If specified, the SharePoint Products and Technologies Configuration Wizard stops any currently running upgrade actions, and then restarts upgrade.

[-reghostonupgrade]

If specified, the SharePoint Products and Technologies Configuration Wizard will reset all content to the site definition version during the upgrade.

[-finalize]

If specified, the SharePoint Products and Technologies Configuration Wizard will finalize the current upgrade. Perform this action only when you have successfully upgraded all sites and no longer need a connection to the previous version. You will not be able to undo this action.

[-inplace <v2v|b2b>]

If specified, the SharePoint Products and Technologies Configuration Wizard will perform an in-place upgrade. If v2v is specified, then an in-place version to version upgrade is performed. If b2b is specified, then an in-place build to build upgrade is performed.

[-sidebyside]

If specified, the SharePoint Products and Technologies Configuration Wizard will perform a gradual upgrade.

Examples

psconfig.exe -cmd upgrade -inplace v2v -wait

psconfig.exe -cmd upgrade -sidebyside -reghostonupgrade

psconfig.exe -cmd upgrade -finalize

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s