Prerequisites: Smart Previews with SharePoint O365

Refer to the topic Network Security and Ports to in addition to the following prerequisites to ensure optimum product functionality.

BA Insight Products

Component

 Requirement

Description

Completed (Yes/No)
Web Server: OS
 Operating System
Microsoft Windows Server
  • 2012 R2: 64-bit
  • 2016
  • 2019
  • 2022
Installation on desktop operating systems (Windows 7 or Windows 8) is not supported.
Web Server: Windows Roles and Features Windows Roles and Features

Must have Web Server (IIS) role enabled with the following Roles and Features selected:

Server Roles

  • Common HTTP Features
    • Default Document
    • Directory Browsing
    • HTTP Errors
    • Static Content
  • Health and Diagnostics
    • HTTP Logging
  • Performance
    • Static Content Compression
  • Security
    • Request Filtering
    • Windows Authentication
  • Application Development
    • .NET Extensibility 4.6
    • ASP.NET 4.6 
    • ISAPI Extensions
    • ISAPI Filters
  • Management Tools
    • IIS Management Console

Server Features

  • .NET Framework 4.6 Features
    • .NET Framework 4.6
    • ASP.NET 4.6
    • WCF Services
      • HTTP Activation
      • TCP Port Sharing
  • Windows PowerShell
    • Windows PowerShell 5.1

Web Server: .NET Framework .NET Framework

  • .NET Framework 4.7.2

    .NET Framework Versions

    You can have multiple instances of .NET Framework installed on your server.

    • To use later versions of .NET Framework with Smart Previews, local web.config settings must be modified. Contact Upland BA Insight for assistance.

Windows Features Services and PowerShell

The following features must be installed/enabled, running, and properly configured (most can be found under Windows>"Programs and Features"):

  • SharePoint PowerShell: v3.0, or higher

  • Microsoft Visual C++ Redistributable for Visual Studio 2012
  • Microsoft Visual C++ Redistributable for Visual Studio 2015, 2017 and 2019

Registry Display Scaling

To set default 100% Display scaling at 96 DPI, perform the following:

  1. First, log in to the Smart Previews Import Server as the service account.

  2. Change the following registry keys:

    • HKEY_CURRENT_USER\Control Panel\Desktop\Win8DpiScaling – Set to 1, to enable default DPI override
    • HKEY_CURRENT_USER\Control Panel\Desktop\LogPixels – Create and set DPI value to 96 (decimal)
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\IgnoreClientDesktopScaleFactor - Set to 1, to enable scaling on server side when using RDP

Security Settings: Network Access

Disable Network Access setting

  1. To open Local Security Policy, on the Start screen, type, secpol.msc
  • Local security policy:
    • Disable the Network access setting "Do not allow storage of passwords and credentials."
    • This is the default Windows setting.

Database
Supported Databases

The following databases and tools are supported:

  • Microsoft SQL Server 2008 R2 SP1 or later: 64-bit

SQL Server Express is not supported.

  • Azure SQL service*
  • Azure table and BLOB storage*
* Smart Previews for SharePoint O365 and Smart Previews for SmartHub only.

  • Azure table and BLOB storage can only be used to store PreviewCache database.

  • Other databases should be deployed either to Microsoft SQL Server or to Azure SQL service.

Network File Share
Transfer Folder

You must have a shared network directory set up for file sharing purposes.

The network directory must have the following characteristics:
    Accessible by:
    • Smart Previews service account
    • Smart Preview Fast Proxy service account.
    Service accounts must have READ/WRITE access to the directory

Network Requirements

Check the table here for Smart Preview website SSL certificate, web service port requirements, and more:

Smart Previews Web site Exposed to End Users Public DNS

Certificate Required

(runs on SSL)

 Database Server Access Network Ports Used by Web Services

Web resources site

X X X X Set at Installation.
Typically, 443 (user defined)

Hybrid site



X X Set at Installation. 
Typically, 8443 (user defined)
Import Server Web Admin and Preview Generation Service

1234 and 1238
Content Enrichment Service
1237

User Account Permissions

  • Admin Account Requirements
  • Installation Account Requirements

Administrative Account Requirements

  • All accounts must have READ and WRITE access to the locations that are specified in the configuration steps.
  • Smart Previews for SharePoint 2013/16/19 only:
    • Following accounts require the "FULL Control" permission on the "Features" folder under "SharePoint Hive 15/16":
      • SharePoint Timer service
      • Central Admin app pool account (SharePoint 2013/16/19)

Service Account Requirements

Smart Previews requires a service account with the following permissions.
Use the table below:

Permission Import Server Service account Fast Proxy and CEWS account Hybrid Preview Service App Pool account

SQL server login

X

X

X

Member of IIS_IUSRS group

X




Log on as Batch

This permission is automatically provided by Windows when trying to start a service, unless the user is specifically denied Log on as Service.

X

Log on as Service

This permission is automatically provided by Windows when trying to start a service, unless the user is specifically denied Log on as Service.

X

X



Membership in "Local Admin" group on the server where these services will be installed:

  • Import Server
  • Fast Proxy
  • CEWS

X

X

Installation Account Requirements

To install Smart Previews to your server a Local Administrator user account with permissions is required.
Use the table below:

Permission Import Server Service account Fast Proxy and CEWS account Hybrid Preview Service App Pool account

dbcreator role on the SQL server instance where the databases will reside

X


SQL server login

X

X

X

Member of IIS_IUSRS group

X




Log on as Batch

This permission is automatically provided by Windows when trying to start a service, unless the user is specifically denied Log on as Service.

X

Log on as Service

This permission is automatically provided by Windows when trying to start a service, unless the user is specifically denied Log on as Service.

X

X



Membership in "Local Admin" group on the server where these services will be installed:

  • Import Server
  • Fast Proxy
  • CEWS

X

X

Environment Variables

Smart Previews does not encrypt passwords stored in configuration by default.

To secure passwords, configure the following environment variables before installing the product:

  • BAInsightSecurityEncriptionKey 
    • The value of this environment variable is used as encryption key for the Rijndael AES Encryption algorithm.
    • Example: RgUkXp2s5v8y/B?E(H+KbPeShVmYq3t6
  • BAInsightSecuritySaltKey
    • The value of this environment variable is used as a salt key for the Rijndael algorithm.
    • Example: TjWnZr4u7x!A%D*G-KaPdRgUkXp2s5v8
Note 1: If you want to change your encryption and / or salt keys later, you must completely reinstall and reconfigure the product.

Note 2: If you use more BA Insight products that use this encryption mechanism, the same keys are used for all such products.
If you don't know this information, please contact BA Insight Support Team.

Note 3: If you install Smart Previews in a multi-server environment, you need to set up the same environment variables on all the servers running Smart Previews.

Note 4: The priority of reading the values from the environment variables is User Environment Variables and then, if user variables are not set, the System Environment Variables are checked.
If you want to have multiple user accounts running multiple BA Insight products that use this encryption mechanism, you can either set up the environment variables for each of the users, or set up the system environment variables.
Note that System environment variables are accessible for all users and this may not align with your security policy.

Creating the Azure Web App

The steps below create the Azure web app. 

This only creates the app service in Azure; configuring and uploading the code takes place in a later section.

  1. Login to the Azure Portal https://portal.azure.com.
  2. Under "App Services" click "Add" and choose "Web App".
  3. Provide the details needed for the Web App:
    1. Provide a name for your app.
    2. Subscription: Select per your Azure strategy / policy. See the Note below.
    3. Resource Group: Select per your Azure strategy / policy. See the Note below.
    4. OS: "Windows" 
    5. Publish: "Code"
    6. App Service plan: Select per your Azure strategy / policy. See the Note below.
  4. Once the Web App is created, view the "Overview" for the new web app.
    1. Copy the URL for later use.
    2. Download the publishing profile for later use.

Note: These settings are highly dependent on your IT policies and network environment. 

Contact BA Insight Support for guidance or to discuss how best to deploy Smart Previews into your network.