Create SharePoint 2016 Dev/test farm in Azure

In this post, we’ll discuss the steps required to create SharePoint Server 2016 dev/test farm hosted in Microsoft Azure. We’ll have minimum configuration which is to have a domain controller, a sql server and a SharePoint server. Do note that all of the 3 servers need to be in the same subnet and vnet so that they can connect to each other using internal IP address for them. We off course  don’t want to redirect our traffic through firewalls for NSG (network security group). So all of these 3 servers will be in the same NSG for simplicity of deployment.

There are four major phases to setting up this dev/test environment:

  1. Create a basic Azure environment (resource groups, storage account, subnet etc.)
  2. Set up the domain controller (metavrseadvm01)
  3. Configure the SQL Server (metavrsesqlvm01)
  4. Configure the SharePoint server (metavrsespvm01)

Do note that we need to have a azure subscription for performing these steps.

1. Create basic Azure environment

First login into your azure account using below command:

Login-AzureRMAccount

Get subscription name using the following command:

Get-AzureRMSubscription | Sort SubscriptionName | Select SubscriptionName

Set Azure subscription with the following command:

$subscr=""
Get-AzureRmSubscription -SubscriptionName $subscr | Select-AzureRmSubscription

Next, we’ll need to create a new resource group. First, let’s list your existing resource groups using this command:

Get-AzureRMResourceGroup | Sort ResourceGroupName | Select ResourceGroupName

Then we can create a new resource group using these command:

$rgName=""
$locName=""
New-AzureRMResourceGroup -Name $rgName -Location $locName

Next we need to create a storage account with a globally unique name. For this we can use below commands:

$rgName=""
$locName=""
$saName=""
New-AzureRMStorageAccount -Name $saName -ResourceGroupName $rgName `
-Type Standard_LRS -Location $locName

Note that we have selected the storage type as the standard_lrs. Now we’ll create a the Azure Virtual Network named SP2016Vnet with address prefix of 10.0.0.0/16 and subnt named sp2016subnet using address prefix of 10.0.0.0/24 using below commands:

$rgName=""
$locName=""
$spSubnet=New-AzureRMVirtualNetworkSubnetConfig -Name SP2016Subnet -AddressPrefix 10.0.0.0/24
New-AzureRMVirtualNetwork -Name SP2016Vnet -ResourceGroupName $rgName -Location $locName -AddressPrefix 10.0.0.0/16 -Subnet $spSubnet -DNSServer 10.0.0.4

After this, we’ll create a azure virtual network security group using below commands:

$rule1=New-AzureRMNetworkSecurityRuleConfig -Name "RDPTraffic" -Description "Allow RDP to all VMs on the subnet" -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389

$rule2 = New-AzureRMNetworkSecurityRuleConfig -Name "WebTraffic" -Description "Allow HTTP to the SharePoint server" -Access Allow -Protocol Tcp -Direction Inbound -Priority 101 -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix "10.0.0.6/32" -DestinationPortRange 80

New-AzureRMNetworkSecurityGroup -Name SP2016Subnet -ResourceGroupName $rgName -Location $locShortName -SecurityRules $rule1, $rule2
$vnet=Get-AzureRMVirtualNetwork -ResourceGroupName $rgName -Name SP2016Vnet
$nsg=Get-AzureRMNetworkSecurityGroup -Name SP2016Subnet -ResourceGroupName $rgName
Set-AzureRMVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name SP2016Subnet -AddressPrefix "10.0.0.0/24" -NetworkSecurityGroup $nsg

Note that we have configured firewall rules to allow traffic for ports 3389 for rdp and port 80 for allowing http traffic.

2. Set up the domain controller

We’ll create a domain controller named metavrseadvm01 for containing active directory for corp.metavrse.com domain. Our AD server will also have a F: drive of 20 GB to store domain data. We can use below PowerShell commands for same:

$rgName=""
$locName=""

# Get the Azure storage account name
$sa=Get-AzureRMStorageaccount | where {$_.ResourceGroupName -eq $rgName}
$saName=$sa.StorageAccountName

# Create an availability set for domain controller virtual machines
New-AzureRMAvailabilitySet -Name dcAvailabilitySet -ResourceGroupName $rgName -Location $locName

# Create the domain controller virtual machine
$vnet=Get-AzureRMVirtualNetwork -Name SP2016Vnet -ResourceGroupName $rgName
$pip = New-AzureRMPublicIpAddress -Name metavrseadvm01-NIC -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic
$nic = New-AzureRMNetworkInterface -Name metavrseadvm01-NIC -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -PrivateIpAddress 10.0.0.4

$avSet=Get-AzureRMAvailabilitySet -Name dcAvailabilitySet -ResourceGroupName $rgName 
$vm=New-AzureRMVMConfig -VMName metavrseadvm01 -VMSize Standard_D1_v2 -AvailabilitySetId $avSet.Id

$storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName
$vhdURI=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/metavrseadvm01-SP2016Vnet-ADDSDisk.vhd"
Add-AzureRMVMDataDisk -VM $vm -Name ADDS-Data -DiskSizeInGB 20 -VhdUri $vhdURI -CreateOption empty
$cred=Get-Credential -Message "Type the name and password of the local administrator account for metavrseadvm01."

$vm=Set-AzureRMVMOperatingSystem -VM $vm -Windows -ComputerName metavrseadvm01 -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
$vm=Set-AzureRMVMSourceImage -VM $vm -PublisherName MicrosoftWindowsServer -Offer WindowsServer -Skus 2012-R2-Datacenter -Version "latest"
$vm=Add-AzureRMVMNetworkInterface -VM $vm -Id $nic.Id
$osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/metavrseadvm01-SP2016Vnet-OSDisk.vhd"
$vm=Set-AzureRMVMOSDisk -VM $vm -Name metavrseadvm01-SP2016Vnet-OSDisk -VhdUri $osDiskUri -CreateOption fromImage
New-AzureRMVM -ResourceGroupName $rgName -Location $locName -VM $vm

Note that the script will ask for username and password for local administrative account. Azure Portal requires 12 characters for password and administrator as username is not allowed. It’ll take few mins to provision the VM. Once this is done, we can use azure portal to download the rdp file for connection and connect to server.

After connecting to the server, go to server manager -> file and storage services -> disks. Format the disk named disk 2 and create a volume named F:

Once this is done, we need to run below commands on a PowerShell prompt(in administrative mode) inside our virtual server:

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName corp.metavrse.com -DatabasePath "F:\NTDS" -SysvolPath "F:\SYSVOL" -LogPath "F:\Logs"

This will need a reboot to complete the process. Once its rebooted, we’ll need to login again inside domain controller using administrative username and password.

Now we’ll need to add remote management tools for active directory services and create a single user account named sp_farm for SP server and single user account sql_admin for SQL account. For this, run below commands on a PowerShell admin prompt:

Add-WindowsFeature RSAT-ADDS-Tools
New-ADUser -SamAccountName sp_admin -AccountPassword (read-host "Set user password" -assecurestring) -name "sp_farm_db" -enabled $true -PasswordNeverExpires $true -ChangePasswordAtLogon $false
New-ADUser -SamAccountName sql_admin -AccountPassword (read-host "Set user password" -assecurestring) -name "sp_farm_db" -enabled $true -PasswordNeverExpires $true -ChangePasswordAtLogon $false

3. Configure the SQL Server virtual machine

We’ll now prepare a SQL server to host databases for SharePoint server. We’ll only go with a D1 size vm as D3 size is not available on free trial on azure subscription. Also we’ll add a separate drive of 100 GB for hosting databases. We can use following commands for this:

# Create the SQL Server virtual machine
$vmName="metavrsesqlvm01"
$vmSize="Standard_D1_V2"
$vnet=Get-AzureRMVirtualNetwork -Name "SP2016Vnet" -ResourceGroupName $rgName

$nicName=$vmName + "-NIC"
$pipName=$vmName + "-PublicIP"
$pip=New-AzureRMPublicIpAddress -Name $pipName -ResourceGroupName $rgName -DomainNameLabel $dnsName -Location $locName -AllocationMethod Dynamic
$nic=New-AzureRMNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -PrivateIpAddress "10.0.0.5"
$avSet=Get-AzureRMAvailabilitySet -Name sqlAvailabilitySet -ResourceGroupName $rgName 
$vm=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $avSet.Id

$diskSize=100
$diskLabel="SQLData"
$storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName
$vhdURI=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + "-SQLDataDisk.vhd"
Add-AzureRMVMDataDisk -VM $vm -Name $diskLabel -DiskSizeInGB $diskSize -VhdUri $vhdURI -CreateOption empty

$cred=Get-Credential -Message "Type the name and password of the local administrator account of the SQL Server computer." 
$vm=Set-AzureRMVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
$vm=Set-AzureRMVMSourceImage -VM $vm -PublisherName MicrosoftSQLServer -Offer SQL2014SP1-WS2012R2 -Skus Standard -Version "latest"
$vm=Add-AzureRMVMNetworkInterface -VM $vm -Id $nic.Id
$storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName
$osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + "-OSDisk.vhd"
$vm=Set-AzureRMVMOSDisk -VM $vm -Name "OSDisk" -VhdUri $osDiskUri -CreateOption fromImage
New-AzureRMVM -ResourceGroupName $rgName -Location $locName -VM $vm

Once the server is provisioned, login into server using local administrator user. Run below commands on administrative powershell prompt to join server to domain controller:

Add-Computer -DomainName "corp.metavrse.com"
Restart-Computer

Once the server is joined to domain and rebooted, we’ll go ahead and create directories for SQL server to store files. For this, create a new volume by going to server manager -> file and storage services -> disks. Format the disk named disk 2 and create a volume named F:.After this, run below commands:

New-Item -ItemType Directory -Path F:\Data
New-Item -ItemType Directory -Path F:\Log
New-Item -ItemType Directory -Path F:\Backup

SQL Server requires a port that clients use to access the database server. So we need to create a firewall rule for same. For this, we can use below PowerShell command:

New-NetFirewallRule -DisplayName "SQL Server ports 1433, 1434, and 5022" -Direction Inbound -Protocol TCP -LocalPort 1433,1434,5022 -Action Allow

Now go to SSMS -> Connect to local sql server -> Server properties -> Database Settings. Then configure the location for storing database, log files and backups as created above and restart sql service.

Also go to security -> Logins -> New login. First grant, corp\sql_admin as sysadmin and corp\sp_admin as dbcreator and securityadmin roles.

4. Configure the SharePoint server

We’ll now prepare a SQL server to host databases for SharePoint server. We’ll only go with a D1 size vm as D3 size is not available on free trial on azure subscription. We can use following commands for this:

# Specify the virtual machine name and size
$vmName="metavrsespvm01"
$vmSize="Standard_D1_V2"
$vm=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize

# Create the NIC for the virtual machine
$nicName=$vmName + "-NIC"
$pipName=$vmName + "-PublicIP"
$pip=New-AzureRMPublicIpAddress -Name $pipName -ResourceGroupName $rgName -DomainNameLabel $dnsName -Location $locName -AllocationMethod Dynamic
$vnet=Get-AzureRMVirtualNetwork -Name "SP2016Vnet" -ResourceGroupName $rgName
$nic=New-AzureRMNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -PrivateIpAddress "10.0.0.6"
$avSet=Get-AzureRMAvailabilitySet -Name spAvailabilitySet -ResourceGroupName $rgName 
$vm=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $avSet.Id

# Specify the image and local administrator account, and then add the NIC
$pubName="MicrosoftSharePoint"
$offerName="MicrosoftSharePointServer"
$skuName="2016"
$cred=Get-Credential -Message "Type the name and password of the local administrator account."
$vm=Set-AzureRMVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
$vm=Set-AzureRMVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
$vm=Add-AzureRMVMNetworkInterface -VM $vm -Id $nic.Id

# Specify the OS disk name and create the VM
$diskName="OSDisk"
$storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName
$osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
$vm=Set-AzureRMVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage
New-AzureRMVM -ResourceGroupName $rgName -Location $locName -VM $vm

Once the server is provisioned, login into server using local administrator user. Run below commands on administrative powershell prompt to join server to domain controller:

Add-Computer -DomainName "corp.metavrse.com"
Restart-Computer

Once the server is joined to domain and rebooted, login back as local administrator user. Now go to local users and groups snap-in -> groups -> administrators and add sp_admin as local admin on the server.

Now our environment is ready to use. In next few blog posts, we’ll see how to configure and use SharePoint server.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s