SharePoint 2010 Creating Web Applications pt. 2
SharePoint 2010 provides a number of ways to create a new web application. We looked at the instructions on TechNet here.
Yesterday, we created a new web app using the pages in Central Admin and a non-standard port number. The TechNet page tells us we can use the new SharePoint Management Shell (SMS) application that is intended to replace stsadmin.exe. It’s available on the server under Start | Programs | SharePoint 2010 Products | SharePoint Management Shell.
TechNet also tells us the SMS command to create a new web app is:
New-SPWebApplication -ApplicationPool <Name of the application pool> -Name <Name of the new Web application> [-Port<Port on which the Web application can be accessed>] [-HostHeader<Valid URL assigned to the Web application that must correlate to the alternate access mapping configuration>] [-URL<Load-balanced URL for the Web application>] [-ApplicationPoolAccount<User account that this application pool will run as>]
So I composed mine like this:
New-SPWebApplication -Name "Contoso Internet Site" -Port 80 -HostHeader http://sharepoint.contoso.com -URL https://www.contoso.com -ApplicationPool ContosoAppPool -ApplicationPoolAccount (Get-SPManagedAccount MyServer\Administrator)
And, obviously, we need to look into managed accounts in a little more detail because the error is:
Get-SPManagedAccount : No matching accounts were found.
In fact, I’m not sure I know what a managed account is.
For my money, no one explains it better than our new best friend Furuknap here. Furuknap tells us that SharePoint 2010 can take over the management of the password of accounts used as application pool IDs. This is convenient because every IIS web site will refer to an app pool and every app pool refers to an ID. When these scale out, managing the passwords can be difficult, particularly when they expire. This new SharePoint 2010 feature eliminates this headache.
So we need a managed account for our SMS create web app script to work.
So we go into Central Admin and visit the Security page. Here, there’s a linkgroup for General Security. I click Configure Managed Accounts.
There’s a Register Managed Account link at the top. I click it and enter an account I made earlier for this purpose MyServer\ManagedAccount. Furuknap explains the benefits of letting SharePoint now support your password requirement but I leave them blank all the same.
Now, I return to my SMS session and change my command to reflect the new managed account. I press Enter and it runs and runs and returns some output indicating my Site name and URL. I enter the URL in my browser and press Enter. It runs for a second and prompts me for a user name and password.
I try the only accounts on the machine: The Administrator account and the managed account. Neither works.
So I tracked down some input on Technet here. They pointed me to the KB article here talking about the trackback loops when trying to hit web sites on the local server with non-standard host headers.
-robot
Tags: