Configure the primary Shared Services Provider

Applies To: Office SharePoint Server 2007

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.

 

Topic Last Modified: 2016-11-14

Create the Shared Services Provider

  1. On the SharePoint Central Administration home page, click the Application Management tab on the top navigation bar.

  2. On the Application Management page, in the Office SharePoint Server Shared Services section, click Create or configure this farm's shared services.

  3. On the Manage this Farm's Shared Services page, click New SSP.

    Important

    If you have not created a Web application for the SSP administration site, you need to create one before you create the SSP. If you have already created a Web application for the SSP administration site, skip to step 14.

  4. On the New Shared Services Provider page, click Create a new Web application.

  5. On the Create New Web Application page, in the IIS Web Site section, click Create a new IIS web site, and do not modify the default settings in this section.

  6. In the Security Configuration section, under Authentication provider, select the appropriate option for your environment, and do not modify the default settings in the remainder of this section.

    Note

    By default, the authentication provider is set to NTLM. Use the Negotiate (Kerberos) setting only if Kerberos is supported in your environment. This option will require configuring a Service Principal Name for the domain user account, for which you must have Domain Administrator credentials. For more information about configuring Kerberos, see Microsoft Knowledge Base article KB 832769: HOW TO: Configure Windows SharePoint Services to Use Kerberos Authentication (http://support.microsoft.com/?kbid=832769).

  7. In the Load Balanced URL section, do not modify the default settings.

  8. In the Application Pool section, click Create new application pool.

  9. In Application pool name, enter the name of your application pool or use the default name.

  10. Click Configurable, and in User name and Password, type the user name and password for the user account that you want to act as the application pool identity for your SSP Web application.

    The user account must be a domain user account, but the user account does not have to be a member of any particular security group. It is recommended that you use the principle of least privilege and select a unique user account that does not have administrative rights on your front-end servers or on your back-end database servers. You can use the user account that you specified as the Microsoft Office SharePoint Server 2007 service account; however, if that user account is a member of a security group that has administrative rights on your front-end servers or your back-end database servers, you will not be following the principle of least privilege. The user name must be in the format DOMAIN\username.

  11. In the Database Name and Authentication section, verify the database information and make sure that Windows Authentication (recommended) is selected.

  12. In the Search Server section, do not modify the default settings.

  13. Click OK.

    Upon successful creation of the Web application, the New Shared Services Provider page appears.

  14. In the SSP Name section, in Web Application, select the Web application that you created for the SSP, and do not modify any of the default settings in this section.

  15. In My Site Location section, choose the correct Web application.

    Note

    It is recommended that you run My Sites and the SSP administration site in different Web applications so that you can back up and restore My Sites separately from the SSP administration site.

  16. In the SSP Service Credentials section, in User name and Password, type the user name and password for the user account under which you want the SSP to run.

    The user account must be a domain user account, but the user account does not have to be a member of any particular security group. It is recommended that you use the principle of least privilege and select a unique user account that does not have administrative rights on your front-end servers or on your back-end database servers. You can use the user account that you specified as the Office SharePoint Server 2007 service account; however, if that user account is a member of a security group that has administrative rights on your front-end servers or your back-end database servers, you will not be following the principle of least privilege. The user name must be in the format DOMAIN\username.

  17. In the SSP Database section, you can either accept the default settings (recommended), or specify your own settings for the database server, the database name, or the SQL authentication credentials.

  18. In the Search Database section, you can either accept the default settings (recommended), or specify your own settings for the search database server, the database name, or the SQL Server authentication credentials.

  19. In the Index Server section, in Index Server, click the server on which you configured the Search service.

    If there is no index server listed in the Index Server section, then no server in your farm has been assigned the index server role. To assign the index server role to a server in your farm, follow the instructions in Configure a dedicated front-end Web server for crawling (Office SharePoint Server 2007).

  20. In the SSL for Web Services section, click No.

  21. Click OK.

    Upon successful creation of the SSP, the Success page appears.

  22. On the Success page, click OK to return to the Manage this Farm's Core Services page.

For information about how to perform this procedure using the Stsadm command-line tool, see Shared Services Provider: Stsadm operations (Office SharePoint Server).

Create a new SSP

Important

To configure an SSP, you must have already configured an index server for the farm. Without an index server, creation of a new SSP will fail. For more information about configuring an index server, see the topic Chapter overview: Configure the primary Shared Services Provider.

To create and configure a new SSP:

  1. In a Web browser, open the Central Administration page for your farm.

  2. On the top navigation bar, click Application Management.

  3. On the Application Management page, under Office SharePoint Server Shared Services, click Create or configure this farm's shared services.

  4. On the Manage this Farm's Shared Services page, on the top navigation bar, click New SSP.

  5. In the SSP Name section, specify a unique, descriptive name for this SSP. This name will be used to identify the SSP in administration pages.

  6. In the My Site location section, select the Web application for this SSP.

  7. In the SSP Service Credentials section, specify the credentials which will be used by SSP Web services for inter-server communication and for the SSP timer service to run jobs.

  8. In the SSP Database section, specify the database server and database name for storing session data. Use of the default database server and database name is recommended for most cases.

  9. In the Index Server section, select the index server which will crawl content in all Web applications associated with this SSP. You may also specify the path on the index server where the indexes will be located if you do not want to use the default path.

  10. In the SSL for Web Services section, choose whether or not to use SSL to protect communications to and from Web services.

    Note

    If you choose to enable SSL for Web services, you must add the certificate on each server in the farm by using the IIS administration tool. Until this is done, the Web services will not be available.

  11. Click OK to create the SSP.

Associate an SSP with a Web application

A Web application may be associated with only one SSP, but each SSP may be associated with multiple Web applications.

To associate an SSP with a Web application:

  1. On the taskbar, click Start, point to Administrative Tools, and then click SharePoint 3.0 Central Administration.

  2. In the Quick Launch, click Shared Services Administration.

  3. On the Manage this Farm's Shared Services page, on the top navigation bar, click Change Associations.

    Note

    In the SSP Name column in the SSP list, you will see all the Web applications with which each SSP is currently associated.

  4. On the Change Association between Web Applications and SSPs page, under Shared Services Provider, select the SSP you want to configure.

  5. In the Web applications section, select the Web applications you want to associate with the SSP.

  6. Click OK to associate the SSP with the selected Web applications.

Download this book

This topic is included in the following downloadable book for easier reading and printing:

See the full list of available books at Office SharePoint Server technical library.