Preparing SharePoint On-Premises
The SharePoint server must be set up correctly before using the K2 for SharePoint app. Listed below is everything that needs to be done before installing K2 and using the K2 for SharePoint app.
The following table shows what is required and needs to be set up before you to use K2 for SharePoint 2013 in an on-prem environment:
SharePoint on-premises |
SharePoint July 2016 Cumulative Update
A root site in the site collection with which you are integrating K2 for SharePoint. |
Other Software | There are additional software requirements for K2 for SharePoint, these are listed below:
|
Supported Browsers |
SharePoint users / participants need a SharePoint-compatible Internet Browser to view and use K2 for SharePoint features. |
K2 for SharePoint supports any SharePoint environment that has the following required features and capabilities:
- Claims-based Authentication
- OAuth
- App Catalog
- App Deployment: Cloud-Hosted apps
- App Deployment: SharePoint-Hosted apps
- Client Object Model (OM)
- JavaScript Object Model
- List and Library APIs
- Managed Metadata Service
- User Profile Service
- Remote Event Receiver
- REST API
- SharePoint Lists
- SharePoint Ribbon
- Windows PowerShell Support
Typically the SharePoint Server 2013 Standard and SharePoint Server 2013 Enterprise Editions contain these features and capabilities. For more information see:
SharePoint feature availability across Microsoft 365 plans
SharePoint feature availability across SharePoint Online standalone plans
SharePoint feature availability across on-premises solutions
Microsoft 365 Service Comparison
The SharePoint App Domain needs to be set up prior to using the K2 for SharePoint App. For steps on how this can be achieved, see the following Microsoft TechNet article for information: Configure an environment for apps for SharePoint.
- As a minimum requirement, the SharePoint July 2016 Cumulative Update is required especially if:
- You are using web apps or site collections with host headers (domain names / 'friendly' URLs).
- You have other server software installed on the SharePoint server that is using the Default Web Site (i.e. port 80/443).
- You are not using port 80/443 for your web apps.
For more information, see: July 2016 Cumulative Update for SharePoint Server 2013
See this link for information on how to reduce the 5 hours usually needed to install cumulative updates to 30 minutes.
K2 recommends that your SharePoint farm is updated to the latest public and / or cumulative update.
- SharePoint 2013 Apps must be enabled for the K2 for SharePoint App to work (Configure an environment for apps for SharePoint (SharePoint 2013) https://technet.microsoft.com/en-us/library/fp161236.aspx).
For more information see the Microsoft Technet page: http://technet.microsoft.com/en-us/library/fp161232.aspx- For an index of useful resources for installing and managing apps in SharePoint 2013, see: http://technet.microsoft.com/en-us/library/fp161232.aspx
Specifically:- Configure an environment for apps for SharePoint 2013: http://technet.microsoft.com/en-us/library/fp161236.aspx
- Enable apps in AAM or host-header environments for SharePoint 2013: http://technet.microsoft.com/en-us/library/dn144963.aspx
- How to: Set up an app catalog on SharePoint: http://msdn.microsoft.com/en-us/library/office/fp123530.aspx
- Manage the App Catalog in SharePoint 2013: http://technet.microsoft.com/en-us/library/fp161234.aspx
- Host webs, add-in webs, and SharePoint components in SharePoint: https://dev.office.com/sharepoint/docs/sp-add-ins/host-webs-add-in-webs-and-sharepoint-components-in-sharepoint
- Tenancies and deployment scopes for SharePoint Add-ins: https://dev.office.com/sharepoint/docs/sp-add-ins/tenancies-and-deployment-scopes-for-sharepoint-add-ins
- For an index of useful resources for installing and managing apps in SharePoint 2013, see: http://technet.microsoft.com/en-us/library/fp161232.aspx
- Host Web – the host web is the SharePoint site where the K2 for SharePoint application has been enabled, K2 manages integration details via the host web.
- App Web – an app web is an isolated SharePoint subsite that is provisioned automatically by SharePoint when K2 for SharePoint is installed on the App Catalog site. The K2 for SharePoint application contains both SharePoint-hosted and provider-hosted components. The SharePoint-hosted components are the application pages, such as Application.aspx, Settings.aspx and WorklistAppPart.aspx, which are rendered via the provisioned app web site. The K2 for SharePoint application is tenant-scoped which will limit the number of potentially provisioned app webs to, at most, one per application catalog.
-
User Profile Service: For on-premises SharePoint apps, correct set up and population of the User Profile Service is required in order for OAuth tokens to be validated by SharePoint.
While detailed steps on configuring User Profile Services is outside of the scope of this document, the following excerpt taken from http://technet.microsoft.com/en-us/library/jj729797(v=office.15).aspx describes the requirement for UPA when using SharePoint on-premises apps.
Server-to-server authentication allows for servers that are capable of server-to-server authentication to access and request resources from one another on behalf of users. Therefore, the server that runs SharePoint Server 2013 and that services the incoming resource request must be able to complete two tasks:
- Resolve the request to a specific SharePoint user.
- Determine the set of role claims that are associated with the user, a process known as re-hydrating the user’s identity.
To rehydrate a user’s identity, a server that can perform server-to-server authentication requests access to SharePoint resources. SharePoint Server 2013 takes the claims from the incoming security token and resolves it to a specific SharePoint user. By default, SharePoint Server 2013 uses the built-in User Profile service application to resolve the identity.
The key user attributes for locating the corresponding user profile are as follows:
- The Windows Security Identifier (SID).
- The Active Directory Domain Services (AD DS) user principal name (UPN).
- The Simple Mail Transfer Protocol (SMTP) address.
- The Session Initiation Protocol (SIP) address.
Therefore, at least one of these user attributes must be current in user profiles. We recommend a periodic synchronization from identity stores to the User Profile service application.
- When AppDeployment.exe runs through the Config Analysis, a warning is issued concerning the User Profile Tasks > User Profile Sync Connection Task. This may occur because the installation account does not have Full Control permissions, but can be ignored if the SP Farm user (used post-installation) does have full control.
If you want to avoid the warning, add the installation account (for example the K2Service account) to the User Profile Service (UPS), Service Applications, Administrators with Full Control set. Connection permissions for UPS must be granted with Full Control. This is done by following these steps:- In Central Admin, select Manage service applications from the Application Management menu.
- Select the User Profile Service Application row (click on the empty line, not on the text).
- In the Service Application ribbon, select Administrators from the Operations block.
- Add the installation account and assign Full Control permissions, then click OK.
- Again in the Service Application ribbon, select Permissions in the Sharing block.
- Add the installation account and assign Full Control permissions, then click OK.
For the prerequisite hardware and software necessary for the SharePoint 2013 server, see the Hardware and software requirements for SharePoint 2013 on the Microsoft TechNet website.