Home > Architecture, SharePoint Server 2010 > Publish Service Applications

Publish Service Applications

Publishing service applications enables remote farms to consume the services of the primary farm. SharePoint Server 2010 supports publication of the following services :-

  1. Managed Metadata Service.
  2. User Profile.
  3. Search
  4. Secure Store Service.
  5. Business Data Connectivity.
  6. Web analytics.

The consuming and publishing farms have to be hosted within domains that share a trust.

Once the infrastructure requirements have been met, publishing service applications requires exchanging trust certificates between the farms. These trust certificates include one root and one Security Token Service (STS) certificate. Exchanging trust certificates ensures that each farm acknowledges that the other farm can be trusted.

The following steps for exchanging the trust certificates between farms :-

  1. Export the root certificate from the consuming farm.
  2. Export the STS certificate from the consuming farm.
  3. Export the root certificate from the publishing farm.
  4. Import the root certificate and create a trusted root authority in the consuming farm.
  5. Import the root certificate and create a trusted root authority in the publishing farm.
  6. Import the STS certificate and create a trusted service token issuer on the publishing farm.

First step: – Export the root certificate from the consuming farm

  1. From start menu, find Microsoft SharePoint 2010 Products, then select SharePoint 2010 Management Shell , then write the following commands

    $certificate=(Get-SPCertificateAuthority).RootCertificate

    $certificate.Export(“Cert”) | Set-Content <drive>:\<path>\Root-Consuming.cer -Encoding byte

    Note : <drive>:\<path> here write any path in your environment .

Second step : export the STS certificate from the consuming farm

  1. From start menu, find Microsoft SharePoint 2010 Products, then select SharePoint 2010 Management Shell , then write the following commands

    $certificate = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate

    $certificate.Export(“Cert”) | Set-Content d:\Certificates\STS-Consuming.cer -Encoding byte

Third Step : export the root certificate from the publishing farm

  1. From start menu, find Microsoft SharePoint 2010 Products, then select SharePoint 2010 Management Shell , then write the following commands

    $certificate=(Get-SPCertificateAuthority).RootCertificate

    $certificate.Export(“Cert”) | Set-Content d:\Certificates\Root-Publishing.cer -Encoding byte

Fourth Step: Import the root certifi cate and create a trusted root authority on the consuming farm

  1. From start menu, find Microsoft SharePoint 2010 Products, then select SharePoint 2010 Management Shell , then write the following command

    $certificate = Get-PfxCertificate d:\Certificates\Root-Publishing.cer

    New-SPTrustedRootAuthority -Name WFEFarm1 -Certificate $certificate

    -Name paramte represent a new trusted root authority

Fifth step: import the root certifi cate and create a trusted root authority on the publishing farm

  1. From start menu, find Microsoft SharePoint 2010 Products, then select SharePoint 2010 Management Shell , then write the following commands

    $certificate = Get-PfxCertificate <drive>:\<path>\Root-Consuming.cer

    New-SPTrustedRootAuthority -Name WFEFarm2 -Certificate $certificate

    -Name parameter represents a new trusted root authority

Sixth Step: import the STS certifi cate and create a trusted service token issuer on the publishing farm

  1. From start menu, find Microsoft SharePoint 2010 Products, then select SharePoint 2010 Management Shell , then write the following commands

    $certificate = Get-PfxCertificate <drive>:\<path>\STS-Consuming.cer

    New-SPTrustedServiceTokenIssuer -Name WFEFarmTrust1 -Certificate $certificate

    -Name parameter represents the name of the trust.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: