SharePoint 2016 MinRole FAQ

Last week, I covered this topic as part of an Office 365 Saturday SP2016 for IT Pro session in Melbourne, Australia. Minrole generated the most questions/discussions in the room hence why I am putting this post together…

I would recommend taking a look at this post from Bill Baer. It’s a comprehensive overview of MinRole. There is no point rehashing the info as I couldn’t say it better myself.

Instead, I thought I would document some of the questions/discussion topics I have encountered thus far… I hope it helps…

Question 1: What is MinRole?

The short answer: A pre-configured (code based) mapping between SharePoint services and server Roles.

The long answer: A few years ago, SharePoint 2013 was released with Topology Design guidance. Although this was a great step in the right direction, it still allowed a lot of Administrators to make their own mistakes… for some it was a case of “choose your own adventure”.

Minrole is about baking this guidance into the code itself to provide these advantages:

  • Simplify the on-premises farm deployment.
  • Simplify capacity planning and provide predictable performance characteristics (e.g. Low latency for Web front end servers, high throughput for Application servers).
  • Simplify farm manageability for Admins by not having to pick and choose which services should run where. SharePoint will monitor and ensure it is configured properly and in compliance.
  • Predefined template that affects the SharePoint services running/stopped in a given role.
  • Make troubleshooting easier by having the right services running on the right servers.
  • Quickly provision a new server within a given role to replace a malfunctioning one during an outage.

Note: It does not impact Database naming conventions for Service Applications.

Question 2: How many Roles are there?

MinRole is made up of 5 (+SingleServerFarm) predefined configurations:

Role name Description
Distributed cache Serving distributed cache for the farm. Optionally, the server assigned to this role can load balance end user requests among the web front ends.
Web front end Serving the requests from end user. The servers assigned to this role should be optimized for low latency.
Application Serving the backend jobs or the requests triggered by backend jobs. The servers assigned to this role should be optimized for high throughput.
Search Reserved for Search.
Special Load Reserved for services that needed to be isolated from other services.
Single Server Farm All services are provisioned on the server assigned to this role. Designed for development and eval.

Question 3: When do I get to choose my server’s role?

[From GUI]During the configuration wizard, the Specify Server Role screen will appear between Passphrase and Configure SP Central Admin pages.

(It isn’t a choice you have to make during the installation itself)

[From Command-line] A new parameter localserverrole is also available from psconfig or New-SPConfigurationDatabase for scripted installs.

Question 4: Can we mix roles? E.g. Application and Search?

Technically you can. For instance, you can start the Search services on an Application server (via powershell) however new Health Analyser Health Rules will generate a warning indicating the server is out of compliance. Also an option to programmatically resolve the issue and bring the server back within compliance with its configured role definition will be available.

Personally rather than “breaking the rules” I would leverage the “Special Load” role to avoid the warnings (for instance if I didn’t have enough servers – explained in detail in the next question).

Question 5: How many servers do I need to build a compliant farm?

Without High Availability (HA)

Role name No. of servers
distributed cache 1
Web front end 1
Application 1
SEARCH 1
SPECIAL LOAD 1 (optional)

Total: 5-6 (inc 1 for SQL)

With min High Availability (HA)

Role name No. of servers
distributed cache 2
Web front end 2
Application 2
SEARCH 2
SPECIAL LOAD 2 (optional)

Total: 10-12 (inc 2 for SQL)

Question 6: Can a server switch role if I change my mind or am I locked in?

Absolutely. Role Conversion is available from Central Administration (CA).

URL:    http://server:port/_admin/RoleConversion.aspx

Question 7: Do I have to use MinRole? I know what I’m doing and don’t want to me “boxed in”.

Refer to the next question and leverage the “Special Load” role.

Question 8: Is MinRole the only topology available in SharePoint 2016?

This is the OOB topology but not the only topology. SharePoint Admins can still tweak services to suit their specific requirements (Refer to Question 4).

Question 9: Which role should I deploy first?

Personally I would deploy the Application role first to default Central Administration (CA) on that box. In saying that refer to Spence’s blog post here and here for CA best practices.

Question 10: I see there is a new role called “Special Load”. What’s so special about it?

Special Load role is un-usual for the following reasons:

  • SharePoint will not provision any services.
  • SharePoint Admins have full control of services.
  • Health Rules will not scan this role.
  • Vendors can integrate with other MinRoles if they choose to however if they don’t this is a great spot for 3rd party tools and other workloads such as Project Server 2016 (Service Application).

Question 11: How can I check if my roles are in compliance?

New Health rules (Role Enforcement and Monitoring) have been created to check on a daily basis (timing can be changed).

The rules are on by default but can be disabled in the event that it doesn’t suit your business requirements.

Question 12: I heard App Fabric was deprecated. Will the Distributed Cache Role still support App Fabric?

Yes, App Fabric is deprecated but supported in SharePoint 2013 and 2016.

Question 13: Can I add servers to an existing “Single Server role” farm?

No, once a farm is created using the “Single Server role”, you will not be able to add additional servers to that farm. This role is specifically designed for Dev environments or evaluation purposes.

Question 14: Will Search role host Web Applications to support crawling?

Yes.

Question 15: Can a server have two roles?

No, a server can only have one role however additional services can be started via Powershell. Of course by doing so, your server may not be compliant.

Question 16: is there a Central Administration (CA) role?

No there isn’t. Also, the Central Administration site will run on all roles.

Question 17: Will there be any UI changes in CA to support MinRole?

Yes.

New options under System Settings

New column added called Roles (under Services)

Services in farm

Question 18: Does MinRole impact licensing?

Although it’s too early to tell, MinRole is unlikely to impact licensing. At this point, MinRole will be available in STD/ENT.

On a side note, SharePoint Foundation is no longer available in SharePoint 2016.

Question 19: Does MinRole impact the database tier?

No, MinRole only impacts SharePoint servers/services.

Question 20: Will MinRole impact the ability to Publish/Consume Service Applications to/from other farms?

No it doesn’t. SharePoint 2016 will still support shared services infrastructure.

Question 21: Which role do we use for Project server 2016?

The Special Load role (Refer to Question 10).

Question 22: Is Office Web Apps (WAC) impacted by MinRole?

No it isn’t. Office Web Apps continues to live in its own farm external to the SharePoint farm.

FAST Search site collection features are not activated

Are you missing these links under “Site Actions” > “Site Settings” ?…

 

… and when you try to access the pages via URL /_layouts/contextualkeywordmanagement.aspx you get this ?…

Here’s how I fixed it. Simply run…(replace “SiteURL” with your actual URL)

Enable-SPFeature -id “5EAC763D-FBF5-4d6f-A76B-EDED7DD7B0A5” -Url SiteURL

Voila!

Could not create client proxy for backend component ‘fds/configservice’.

I came across the error below when running Get-FASTSearchContentCollection -name “sp”

Error: Get-FASTSearchContentCollection : Could not create client proxy for backend component ‘fds/configservice’.

Simple Fix: Ensure there isn’t a proxy server configured in Internet Explorer on the FAST server.

Additional event log error:

Log Name:      Application
Source:        System.ServiceModel 3.0.0.0
Date:          22/05/2011 9:05:21 PM
Event ID:      3
Task Category: WebHost
Level:         Error
Keywords:      Classic
User:          DOMAIN\FAST_SVC
Computer:      FS01.company.com.au
Description:
WebHost failed to process a request.
 Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/33711845
 Exception: System.ServiceModel.ServiceActivationException: The service '/SchemaService.svc' cannot be activated due to an exception during compilation.  The exception message is: Exception has been thrown by the target of an invocation.. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> no.fast.middleware.SystemException: The remote server returned an error: (504) Gateway Timeout. ---> System.Net.WebException: The remote server returned an error: (504) Gateway Timeout.
   at System.Net.HttpWebRequest.GetResponse()
   at no.fast.middleware.ConnectionManager.ExecuteMethod(HttpWebRequest request, MemoryStream dataStream)
   at no.fast.dsinterfaces.nameservice.NameserverStub.Resolve(String Name, String InterfaceType, String Version)
   --- End of inner exception stack trace ---
   at no.fast.dsinterfaces.nameservice.NameserverStub.Resolve(String Name, String InterfaceType, String Version)
   at no.fast.dsinterfaces.configservice.ConfigFactory.ResolveConfig(IMiddleware middleware, String name)
   at no.fast.dsinterfaces.configservice.ConfigFactory.CreateConfig(IMiddleware middleware, String name, Int32 retries, Int32 retryIntervalSeconds, Int32 clientTimeoutMs)
   at no.fast.dsinterfaces.configservice.ConfigFactory.CreateConfig(IMiddleware middleware, String name)
   at Microsoft.SharePoint.Search.Extended.Administration.WCF.SchemaServiceImpl.verifyMiddlewareConfig()
   at Microsoft.SharePoint.Search.Extended.Administration.WCF.SchemaServiceImpl..ctor()
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.ServiceModel.Description.ServiceDescription.CreateImplementation(Type serviceType)
   at System.ServiceModel.Description.ServiceDescription.SetupSingleton(ServiceDescription serviceDescription, Object implementation, Boolean isWellKnown)
   at System.ServiceModel.Description.ServiceDescription.GetService(Type serviceType)
   at System.ServiceModel.ServiceHost.CreateDescription(IDictionary`2& implementedContracts)
   at System.ServiceModel.ServiceHostBase.InitializeDescription(UriSchemeKeyedCollection baseAddresses)
   at System.ServiceModel.ServiceHost..ctor(Type serviceType, Uri[] baseAddresses)
   at System.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(Type serviceType, Uri[] baseAddresses)
   at System.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
   --- End of inner exception stack trace ---
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
 Process Name: w3wp
 Process ID: 2060

SharePoint Diagnostics Studio

The SharePoint Diagnostics Studio available in the SharePoint 2010 Administration Toolkit v2.0, presents server diagnostic information in a visual and structured way that enables Developers and IT Professionals to quickly diagnose and act upon intermittent performance, reliability and functionality problems in a SharePoint 2010 environment – surfacing every request, across every machine, remotely, with minimal permissions.

The SharePoint Diagnostics Studio gathers and consolidates Event and Diagnostic (ULS) logs in addition to information from the Usage database and presents it through a graphical user interface supporting clarity and a single view into issues impacting a deployment.

For more information see http://sharepoint.microsoft.com/blog/Pages/BlogPost.aspx?pID=971.

Microsoft White Paper – Perform Search First Migration (SharePoint 2010)

Check out this new MS White paper  – Perform a search-first migration (SharePoint Server 2010)

Introduction to search-first migration

Upgrading to Microsoft® SharePoint® Server 2010 from Microsoft SharePoint Server 2007 provides significant improvements in enterprise search capability. However, policy or resource constraints in an organization sometimes pose challenges that can prevent or postpone a complete upgrade. If your organization is not ready to perform a complete upgrade from SharePoint Server 2007, you can still take advantage of end-user enterprise search capabilities of SharePoint Server 2010 by deploying a solution that is known as search-first migration.

What is search-first migration?

To implement a search-first migration, you migrate only the search settings from a SharePoint Server 2007 farm to a new SharePoint Server 2010 farm. You then configure the SharePoint Server 2007 farm to forward search queries to the new farm, where the queries will be processed. When the search-first migration is complete, the new farm provides search functionality of SharePoint Server 2010 for end users when they submit search queries in the SharePoint Server 2007 farm. For example, as users type search queries in search boxes on sites in the SharePoint Server 2007 farm, they can take advantage of SharePoint Server 2010 features such as prefix matching, Boolean query syntax, phonetic name matching, and query suggestions. Users view the search results on a site in the new farm, where they can use search features such as results refinement, social tags integration, and relevance improvements.

After the search-first migration, the organization can complete the product upgrade at any time that is convenient. In the meantime, the SharePoint Server 2007 farm can continue to provide other SharePoint Server 2007 functionality for the organization as usual. SharePoint Server 2007 features such as sites and content databases are not migrated or upgraded as part of a search-first migration. Functionality that is not related to search does not have to be configured in the new SharePoint Server 2010 farm.

Contents

Introduction to search-first migration     4

What is search-first migration?  4

Supported and unsupported paths for search-first migration      4

High-level steps for performing a search-first migration 5

Plan a new farm for search-first migration            7

Plan to configure search in the new farm              9

Plan Search Center deployment                9

Plan people search          10

Configure the original farm for search-first migration      12

Configure crawling          12

To configure crawling in the original farm              13

Configure search boxes and related search links                13

Configure the delegate-control search box for each site collection            14

Configure search boxes on Search Centers          15

Configure other non-custom search boxes          17

Configure custom search boxes                17

Modify links to Search Centers or Advanced Search pages in the original farm     18

Optional: Enable query suggestions and custom scopes by using the Search Box Replacement Control    18

Query suggestions          18

Search scopes   19

Migrate search settings to the new farm               20

Migrating SSP–level scopes         23

Migrating site collection–level scopes     23

To map a site collection–level scope to a service application–level scope               24

Train end users to use the search-first environment        25

Search-related navigation            25

SharePoint Server 2010 functionality for search queries 26

SharePoint Server 2010 functionality for viewing and interacting with search results         26

Other user interface differences              27

Additional Resources     28

My experience with Deploying FAST Server in a Multi Server environment

The following blog post is my way of quickly sharing with you some of my real life experiences with the deployment of FAST in a multi server environment.

I’ve specifically picked the “multi server” scenario as single server deployments are much simpler and therefore less prone to issues.

It isn’t meant to be a “Deployment Guide” as it already exists but rather my summarised list of tips and tricks for potential issues you may encounter on the FAST “side”.

Tips for “Deployment.xml”

  1. Reference TechNet article > http://technet.microsoft.com/en-au/library/ff354931.aspx
  2. The following link will provide you with a couple of multi nodes examples http://technet.microsoft.com/en-us/library/ff381247.aspx.
  3. Check out the following link if you plan on using Visual Studio to build your file. FAST Search Server Configuration Wizard fails during IPSec portion of multi-node installation

You may want to copy and paste the contents into Notepad prior to saving your Deployment.xml.

Tips for Installing the Admin server

I didn’t encounter too many issues here providing you follow all the steps in the Deployment Guide and prepare your Deployment.xml file with care.

  1. Turn on the firewall.
  2. Enable PowerShell scripts to run “Set-ExecutionPolicy RemoteSigned
  3. Use Powershell with “Run as Administrator“.
  4. If you plan on using HTTP communication and have manually configured a proxy server, verify that Bypass proxy servers for local addresses is selected. Not using a Proxy works too.

 

Tips for adding a Non-Admin server

Error – The file ‘E:\FASTSearch\etc\middleware.cfg’ was not found

The main error encountered whilst trying to add a Non-Admin server to the farm during the Configuration Wizard was:

Log Name:      FAST Search
Source:        FAST Search Monitoring Service
Date:          28/02/2011 2:17:34 PM
Event ID:      1000
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FS02.company.com
Description:
ApplicationBase: The file 'E:\FASTSearch\etc\middleware.cfg' was not found.

Resolution

  1. Ensure  firewall is on.
  2. Run Set-FASTSearchIpsec -create -verbose on both the Admin and Non-admin nodes. This is a great command to help you by yielding a more descriptive error.
  3. Consider/Look into applying the following registry change:
  4. The FAST Server Administrators may potentially override the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxTokenSize setting manually in the Registry (to a value of 0x0000FFFF), and subsequently lock it down such that future Group Policy applications do not overwrite this setting
  5. More information at the bottom of this link >  http://blogs.msdn.com/b/scottos/archive/2010/07/16/we-need-to-talk-aka-it-s-not-me-it-s-you.aspx  – In my experience, I still had to apply the registry chance despite even when there wasn’t a Group Policy change (Root Cause section)
  6. Consider/Look into turninf off TCP/IP chimney offloading >http://blogs.msdn.com/b/scottos/archive/2010/09/10/leave-the-chimney-for-santa-claus-not-for-fast-search-server-2010.aspx)
  7. http://blogs.msdn.com/b/scottos/archive/2010/09/29/ensuring-a-successful-fast-search-server-2010-installation.aspx
  8. Try using the following PS script: .\psconfig.ps1 -action i -roleName nonadmin -userName DOMAIN\FAST_SVC -adminBasePort 13000 -localMachineName FS02.COMPANY.COM -adminMachineName FS01.COMPANY.COM -logFileName D:\Fast-ConfigWiz.log -logLevelAsString Info

 

 Error – XML Validation error: Data at the root level is invalid

 

Resolution:

More of an oversight on my behalf. I simply added the following line at the start of the Deployment.xml file.

<?xml version=”1.0″ encoding=”utf-8″ ?>

Error – The remote server returned an error: (504) Gateway Timeout.

Resolution:

If you plan on using HTTP communication and have manually configured a proxy server, verify that Bypass proxy servers for local addresses is selected. Not using a Proxy works too.

My experience with Deploying FAST Server in a Multi Server environment

The following blog post is my way of quickly sharing with you some of my real life experiences with the deployment of FAST in a multi server environment.

I’ve specifically picked the “multi server” scenario as single server deployments are much simpler and therefore less prone to issues.

It isn’t meant to be a “Deployment Guide” as it already exists but rather my summarised list of tips and tricks for potential issues you may encounter on the FAST “side”.

Tips for “Deployment.xml”

  1. Reference TechNet article > http://technet.microsoft.com/en-au/library/ff354931.aspx
  2. The following link will provide you with a couple of multi nodes examples http://technet.microsoft.com/en-us/library/ff381247.aspx.
  3. Check out the following link if you plan on using Visual Studio to build your file. FAST Search Server Configuration Wizard fails during IPSec portion of multi-node installation

You may want to copy and paste the contents into Notepad prior to saving your Deployment.xml.

Tips for Installing the Admin server

I didn’t encounter too many issues here providing you follow all the steps in the Deployment Guide and prepare your Deployment.xml file with care.

  1. Turn on the firewall.
  2. Enable PowerShell scripts to run “Set-ExecutionPolicy RemoteSigned”
  3. Use Powershell with “Run as Administrator”.
  4. If you plan on using HTTP communication and have manually configured a proxy server, verify that Bypass proxy servers for local addresses is selected. Not using a Proxy works too.

 

Tips for adding a Non-Admin server

Error – The file ‘E:\FASTSearch\etc\middleware.cfg’ was not found

The main error encountered whilst trying to add a Non-Admin server to the farm during the Configuration Wizard was:
Log Name:      FAST Search
Source:        FAST Search Monitoring Service
Date:          28/02/2011 2:17:34 PM
Event ID:      1000
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FS02.company.com
Description:
ApplicationBase: The file 'E:\FASTSearch\etc\middleware.cfg' was not found.

Resolution

  1. Ensure  firewall is on.
  2. Run Set-FASTSearchIpsec -create -verbose on both the Admin and Non-admin nodes. This is a great command to help you by yielding a more descriptive error.
  3. Consider/Look into applying the following registry change:
  4. The FAST Server Administrators may potentially override the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxTokenSize setting manually in the Registry (to a value of 0x0000FFFF), and subsequently lock it down such that future Group Policy applications do not overwrite this setting
  5. More information at the bottom of this link >  http://blogs.msdn.com/b/scottos/archive/2010/07/16/we-need-to-talk-aka-it-s-not-me-it-s-you.aspx
  6. In my experience, I still had to apply the registry chance despite even when there wasn’t a Group Policy change (Root Cause section)
  7. Consider/Look into turninf off TCP/IP chimney offloading >http://blogs.msdn.com/b/scottos/archive/2010/09/10/leave-the-chimney-for-santa-claus-not-for-fast-search-server-2010.aspx)
  8. http://blogs.msdn.com/b/scottos/archive/2010/09/29/ensuring-a-successful-fast-search-server-2010-installation.aspx
  9. Try using the following PS script: .\psconfig.ps1 -action i -roleName nonadmin -userName DOMAIN\FAST_SVC -adminBasePort 13000 -localMachineName FS02.COMPANY.COM -adminMachineName FS01.COMPANY.COM -logFileName D:\Fast-ConfigWiz.log -logLevelAsString Info

 

Error – XML Validation error: Data at the root level is invalid 

Resolution:

More of an oversight on my behalf. I simply added the following line at the start of the Deployment.xml file.<?xml version=”1.0″ encoding=”utf-8″ ?>

Error – The remote server returned an error: (504) Gateway Timeout.

 

Resolution:

If you plan on using HTTP communication and have manually configured a proxy server, verify that Bypass proxy servers for local addresses is selected. Not using a Proxy works too.