Service Provider Foundation – Part 3: Installation

In the last post, we covered the Requirements for installing Service Provider Foundation (SPF). Now we will walk through the installation of Service Provider Foundation.

 

You can install Service Provider Foundation on a single server or on multiple servers, with at least one server that has Microsoft SQL Server installed to contain the Service Provider Foundation database.

A side-by-side installation of different Service Provider Foundation versions that are on the same server is not supported.

The Setup wizard configures Service Provider Foundation along with the web services that you select for that computer. Installation of Service Provider Foundation onto a virtual machine is supported.

Before you install Service Provider Foundation, do the following:

  • Make sure that each computer has sufficient RAM and hard disk space for all the web services that you intend to install. Also, be sure to have the prerequisite software installed.
  • Make sure that you have a domain user account with administrative privileges on the computers on which you want to install Service Provider Foundation.
  • Close any open programs, and make sure that the computer does not have a restart pending.

If there is a problem with the installation completing successfully, refer to the log files, named “Microsoft Service Provider*.log”, in the %SYSTEMDRIVE%%TEMP% folder.

You can also run a silent, unattended, installation.

To install Service Provider Foundation

On the server where you want to install Service Provider Foundation, double-click SetupOrchestrator.exe on the installation media to start the System Center 2012 – Orchestrator 2012 R2 Setup Wizard.

Note: We recommend that you run setup as Administrator. Doing so allows Customer Experience and Microsoft Update choices to be retained later in the setup.

Install SPF - 01 - SetupOrchestratorEXE

On the main Setup page, click Service Provider Foundation.

Install SPF - 02 - Install Screen

On the Service Provider Foundation Setup page, click Install.

Install SPF - 03 - Setup Screen

On the License Terms page, review the license agreement. If you agree with the terms, select the I have read, understood, and agree with the terms of the license agreement check box, and then click Next.

Install SPF - 04 - License Terms

On the Prerequisites page, wait for the wizard to complete the prerequisite verification, and then review the results. If any of the prerequisites are missing, install the missing prerequisites, and then click Check prerequisites again.

When all of the prerequisites are met, click Next.

Install SPF - 05 - Prerequisites

On the Configure the database server page, in the server text box, enter the name of the server that hosts SQL Server, or accept the default localhost. In Port Number, type the port number that accesses the database, or accept the default of 1433, and then click Next.

Install SPF - 06 - Configure Database Server

On the Specify a location for the SPF files page, accept or change the location for the web service files by using the Change Folder button. Optionally, change Website name. In the Port Number section, enter the Internet Information Services (IIS) port number that you want to use, or accept the default of 8090.

The Server certificate refers to a certificate to configure the site bindings for the Service Provider Foundation website in Internet Services Information (IIS) Manager. You can either generate a self-signed certificate or use an existing certificate.

Important: We recommend that generated self-signed certificates be used only for a testing purposes in a non-production environment.

Click Next.

Install SPF - 07 - SPF Files Location

On the Configure the Admin web service page, in the Domain security groups or users text box, type the domain and user name of each security group or user who will use this web service. Use the format domainuser name, and use a semicolon to separate multiple entries, for example, SC.LABJohnDoe; SC.LABTestGroup.

For application pool credentials, select the type of account that you want to use:

  • Select Service Account, and then type the domain name, user name, and password of the account that you want the application pool to use.

Make sure that the application pool account exists in the domain and that it has sufficient permissions to manage the server.

  • To use an internal system account, select Network Service.

We recommend that you do not use Network Service but instead use a Service Account using domain credentials.

If you select Network Service, the account must be a System Center 2012 R2 Virtual Machine Manager administrator, or it must have enough permission to perform the Service Provider Foundation requests.

Click Next.

Install SPF - 08 - Admin Web Service

In the same manner, specify the settings for Configure the Provider web service, and then click Next.

Install SPF - 09 - Provider Web Service

In the same manner, specify the settings for Configure the VMM web service, and then click Next.

Install SPF - 10 - VMM Web Service

In the same manner, specify the settings for Configure the Usage web service, and then click Next.

Install SPF - 11 - Usage Web Service

Choose the desired options on the Help improve Microsoft System Center Service Provider Foundation and Microsoft Update page, and then click Next.

Choices made on this page are not retained unless setup was run as Administrator.

Install SPF - 12 - CEIP

On the Installation summary page, review your selections, and then do one of the following:

  • Click Previous to change any selections.
  • Click Install to install Service Provider Foundation.

Install SPF - 13 - Summary

After you click Install, the installation progress indicator appears.

Install SPF - 13B - Progress

Click Close when the message “Setup is complete” appears.

Install SPF - 14 - Finished

Repeat this procedure for each installation, such as for a web farm.

NOTE: When I opened Internet Information Manager (IIS), and attempted to browse the SPF website, I encountered the following error.

Install SPF - 15 - IIS

Install SPF - 16 - HTTP Error

Notice that the error message says: “A default document is not configured for the requested URL, and directory browsing is not enabled on the server.”

And the solution? Enable directory browsing using IIS Manager by doing the following.

Open IIS Manager. In the Features view, double-click Directory Browsing.

Install SPF - 17 - Directory Browsing

On the Directory Browsing page, in the Actions pane, click Enable.

Install SPF - 18 - Enable Directory Browsing

After enabling Directory Browsing, I was then able to browse the SPF site successfully.

Install SPF - 19 - Localhost

 

Post Installation

The Service Account(s) that we configured for the Application Pools need to be added into the Security Group(s) we used for each Service.

In my lab example, the Application Pool account used is: SCSPF_AppPool, and the Security Groups are: SCSPF_Admins, SCSPF_Providers, SCSPF_VMM, and SCSPF_Usage.

SPF_AppPool Group Membership

Also, the Service Account(s) we used, needs to be added as an Administrator within SCVMM. In the SCVMM console, navigate to Settings > Security > User Roles > Administrator, and add the Service Account(s).

SCVMM Administrator Properties

You will also need to grant the Service Account permissions in SQL Server that is running the Service Provider Foundation database. Open the SQL Server Management Studio, and connect to the SQL Server running the SPF database. Navigate to Security > Logins, and add the Service Account.

SQL Permissions

Open the account properties, navigate to User Mapping, and select the “SysAdmin” server role. Then click OK.

SQL User Mapping

 

 

So that’s the installation of Service Provide Foundation (SPF). Now what? Well, SPF can be used with Portal systems like System Center App Controller, and Windows Azure Pack, to deliver Infrastructure As A Service (IaaS). In a related series, I will write about deploying the Windows Azure Pack.

%d bloggers like this: