Setting up an Office Online Server farm with HTTPS without SSL offloading

If you are reading this post it means you are already familiar with the Microsoft article describing the way to deploy an Office Online farm. They provide instruction on how to set up a single server farm whether on HTTP or HTTPS but also how to deploy a multi-server, load-balanced Office Online Server farm that uses HTTPS. All nice but this guide assumes you will install a certificate on the load balancer in order to offload the SSL processing from your web server.

What if you do not want to offload the SSL processing form your server? In my case I have to always ask a certificate per server, even though my farm will be load balanced and it will run under its own DNS name I still need to request from the department managing the certificates a certificate for each server with a subject alternate name for my Office Online farm. As a result I end up with two certificates, one for each of my farm servers.  This is where the problem starts, because you will create the Office Online farm on node 1 let’s say when you try to add the second node to the farm you will get a message that the certificate is missing from the certificate store.  Of course it is missing, each server has its own certificate, my website FQDN is only specified in the alternate access mapping. The trick here is to change the friendly name of the certificate on each server to be the same. When you will add the second node to your Office Online farm, the certificate will be found and used as it is on the second node, meaning on node 1 you will encrypt the communication with certificate 1 and on node 2 you will encrypt the traffic with certificate 2. Since the certificate is only used to encrypt the data between the client and the server and it is not used for other internal tasks in the Office Online server farm there is no issue encrypting data with two different certificates depending on the node where you are connected to.


Office Web Apps Server 2013 available updates list

I find it quite difficult to find all the Office Web Apps Server 2013 updates in one place. As a result I will try to add all the updates here, based on the research I did. Comments are welcome.

According to this article you must install in this order updates:

SP1 then April 2014 PU then May 2014 PU, then June 2014 CU.

Then you can continue at will with the updates I provided here.

List of updates available until 27.03.2015, starting with SP1

SP1 patched 15.0.4571.1502: 



April 2014 PU – 15.0.4605.1001



May 2014 PU – 15.0.4615.1001: 



June 2014 CU: 


Download: Office Web Apps Server 2013/sp1/wacserver2013kb2881051fullfilex64glb/15.0.4623.1001/free/476105_intl_x64_zip.exe

July 8 2014



August 12 2014 


Download: Office Web Apps Server 2013/sp1/wacserver2013kb2883093fullfilex64glb/15.0.4641.1001/free/477601_intl_x64_zip.exe

October 14 2014


Download: Office Web Apps Server 2013/sp1/wacserver2013kb2889898fullfilex64glb/15.0.4659.1001/free/479136_intl_x64_zip.exe

December 9 2015


Download security updates:

Download CU: Office Web Apps Server 2013/sp1/wacserver2013kb2899574fullfilex64glb/15.0.4673.1000/free/480642_intl_x64_zip.exe

February 10 2015



March 10 2015


Download :

SharePoint 2013, initial farm configuration with PowerShell, the short version

A few months ago I did a small guide about starting up a SharePoint 2013 farm by using only PowerShell.  There are several reasons why I prefer this approach instead of the available “SharePoint 2013 Products Configuration Wizard”. The wizard is fine but if you do not have a dedicated instance for your SharePoint installation it brings too many problems instead of solving. Also having a script as a reference which can also be used on other nodes/farms with minimal adjustments is an added bonus.

I recently paid a subscription to Pluralsight and they have a dedicated training for setting up a farm with PowerShell, well this training takes the same approach I did in my old post but it is far from being perfect.

After researching I found that the same wizard can be used using psconfig.exe with a lot of switches. This is the TechNet reference if you need to adjust the script I will provide.

Here is the PowerShell script you can use to setup a new farm, specify the farm admin, a passphrase, create the Central Administration and the config DB’s, installs all services, installs all features, provisions a new Central Administration Web Application with NTLM authentication.

Add-PSSnapin "Microsoft.SharePoint.PowerShell"

psconfig.exe -cmd configdb -create -server SERVERNAME\INSTANCE_NAME -database CONFIG_DB_NAME -passphrase “YOUR PASSPHRASE” -user DOMAIN\FARM_ACCOUNT -password FARM_ADMIN_PASSWORD -admincontentdatabase CENTRAL_ADMIN_DB_NAME -cmd helpcollections -installall -cmd secureresources -cmd services -install -cmd installfeatures -cmd adminvs -provision -port YOUR_PORT -windowsauthprovider onlyusentlm -cmd applicationcontent -install

Save the above script(psconfig should be on one row with all the switches) and make modifications based on your needs. This will be used only on the first server of the farm, on the other nodes you will need to use the [-connect] switch with the  configdb option like here:

psconfig.exe -cmd configdb -connect -server <Server_name> -database <Database_name> -dbuser <DOMAIN\username> -dbpassword <password>

-dbuser can be used to specify an account with SQL database access in case the account you use to setup has no privileges on the SharePoint SQL databases/SQL instance.

SharePoint 2010 Applying April 2013 Cumulative Update, procedure and problems

This will be a very short post, last time when I applied CU for SharePoint 2010 was in June 2012 and I almost forgot what the procedure was. Of course every time there is a new error to keep you connected, I’ll get into this later.

Step one:

Download SharePoint 2010 CU from here

Step two:

Make sure you have a very good backup, don’t play!

Step three:

Install the CU binaries to your server hosting Central Administration.

Step four:

Install the CU binaries to the remaining servers in your farm.

Step five:

In my case when the CU finished installing on the server hosting the Central Administration required a restart. I did the restart after all the other servers in the farm had the binaries installed.

Step six:

Run the SharePoint Products 2010 Configuration Wizard on the server hosting the CA.

First problem was at this step, for whatever reason running this wizard in GUI did not work, I switched to running it from Power Shell.

Run the following command: PSCONFIG.EXE -cmd upgrade -inplace b2b -wait -force

stsadm upgrade

Step seven:

Run the same command on the remaining servers in the farm but only after you were successful on the server hosting the CA.

This is when I ran into the second problem. The first attempt to run psconfig on the second application server threw an error about

05/09/2013 18:33:52 12 WRN Unable to create a Service Connection Point in the current Active Directory domain. Verify that the SharePoint container exists in the current domain and that you have rights to write to it.
Microsoft.SharePoint.SPException: The object LDAP://CN=Microsoft SharePoint Products,CN=System,DC=yourdomain,DC=com doesn’t exist in the directory.
at Microsoft.SharePoint.Administration.SPServiceConnectionPoint.Ensure(String serviceBindingInformation)
at Microsoft.SharePoint.PostSetupConfiguration.UpgradeTask.Run()

This is when I did a restart of this server, but I’m not sure it helps, I do not think you should do it.

On my second attempt to run PSCONFIG on this server I received this error, and then again:

Exception: Microsoft.SharePoint.Administration.SPUpdatedConcurrencyException: An update conflict has occurred, and you must re-try this action. The object SPUpgradeSession Name=Upgrade-20110604-023550-824 was updated by Topgear\administrator, in the PSCONFIG (4272) process, on machine SharePoint2010. View the tracing log for more information about the conflict

I used the information on this blog to reset the value of the “command-line-upgrade-running” property from Power Shell:

stsadm -o setproperty -pn command-line-upgrade-running -pv Yes


You need to reset this property in case an upgrade stopped responding and there is no upgrade running according to TechNet (see the example lower in the TechNet page) and then I went ahead with the PSCONFIG command from above.

Keep in mind it takes a long time to apply this cumulative update, I think I’ve spent about eight  hours doing the upgrade on the staging and production farm, each with two application and two web servers.

If you still did not solve this, read the logs again, the answers are in there!

Restoring a Windows 8 hard drive image to a RAID 0 failed

Just want to let everyone know that if you plan on restoring an image of Windows 8 taken on a hard drive and you want to restore it to a RAID array (I tested with Stripe, RAID0) you will encounter problems when booting. In my case the image was taken from an SSD Samsung 830 and restored to a RAID0 array made by two Samsung 840 SSDs. Don’t have any explanation and instead of searching for a solution I installed everything from scratch.  Strangely enough the RAID array can be accessed without any problem by Windows 8, the partitions are all there but the problem happens during the boot, a strange Windows error with a smiley, something similar to the attachment. I used Macrium Reflect for imaging and restoring.

Plan it in case you want to do it, you might have the same problem!