SharePoint 2016 Min Roles

The following table outlines each role that is available:

Server role Description
Front end Service applications, services, and components that serve user requests belong on front-end web servers. These servers are optimized for fast performance.
Application Service applications, services, and components that serve back-end requests, such as background jobs or search crawl requests, belong on Application servers. These servers are optimized for high throughput.
Distributed Cache Service applications, services, and components that are required for a distributed cache belong on Distributed Cache servers. Optionally, you can configure these servers to also load balance farm traffic using the SharePoint Request Manager.
Search Service applications, services, and components that are required for search belong on Search servers.
Custom Custom service applications, services, and components that do not integrate with MinRole belong on Custom servers. The farm administrator has full control over which service instances can run on servers assigned to the Custom role. MinRole will not control which service instances are provisioned on this role.
Single-Server Farm Service applications, services, and components required for a single-machine farm belong on a Single-Server Farm. A Single-Server Farm is meant for development, testing, and very limited production use. A SharePoint farm with the Single-Server Farm role cannot have more than one SharePoint server in the farm.




The Standalone Install mode is no longer available in SharePoint Server 2016 IT Preview. The Single-Server Farm role replaces the Standalone Install mode available in previous SharePoint Server releases. Unlike Standalone Install, the SharePoint administrator must separately install and prepare Microsoft SQL Server for SharePoint. The SharePoint administrator must also configure the SharePoint farm services and web applications, either manually or by running the Farm Configuration Wizard.

Tutorial: Setup SharePoint 2016 on Azure

Follow this tutorial to setup a development environment for 2016 on Azure.  The setup is essentially the same as it was for 2013 with the exception of Min-Roles (we will discuss this later).  Assuming its the first time for you using Azure, the steps are:

  1. Setup virtual network and DNS
  2. Create a new Cloud Service
  3. Create three VMs
    1. Domain Controller
    2. SQL
    3. SharePoint
  4. Create new AD forest on DC VM and domain join the VMs
  5. Create farm, setup and services accounts and add to SQL server logins and add as Administrators on SharePoint VM
  6. Install SharePoint


Setup virtual network and DNS

Login to your Azure portal at then click Networks and New:

new network

Create a new virtual network with the following settings. As for Location I’ve selected West Europe, choose whatever works for you. Note we have selected to create a new DNS server, if you’ve already got one you can use that.


Once created go to Configure and create 3 subnets for AD, SQL and SharePoint and press Save.



Create Cloud Service

For information on cloud services see link.

On the left hand navigation select Cloud Services > New > Quick  create.   Enter a unique url. Ive gone with


Create three VMs

Go to virtual machines section in azure portal and select New > From gallery.  Create the virtual machines with the following settings:

Domain controller:
OS: Windows Server 2012
VM name: Whatever you like, I chose DC1
Hardware: Standard tier, 2 cores 3.5 GB (A2)
Cloud service: Choose the one created earlier
Virtual network: Choose the one created earlier
Subnet: Choose the AD Subnet


Machine: SQL Server 2014 SP1 Enterprise, Windows Server 2012 R2
VM name: Whatever you like, I chose sql1
Hardware: Standard tier, 4 cores 7 GB (A3)
Cloud service: Choose the one created earlier
Virtual network: Choose the one created earlier
Subnet: Choose the SQL Subnet


SharePoint 2016:
Machine: SharePoint Server 2016 IT Preview
VM name: Whatever you like, I chose sp1
Hardware: Standard tier, 4 cores  16 GB
Cloud service: Choose the one created earlier
Virtual network: Choose the one created earlier
Subnet: Choose the SharePoint Subnet



Create new AD forest on Domain Controller VM and domain join the VMs

Remote connect to the Domain controller VM, add AD DS features. After it installs promote create new forest and promote machine to domain controller.

Once done create AD accounts as SPFarm, SPSetup, SPServices


Add to SQL server logins

Connect to SQL server VM and open SQL management studio. Once open expand logins and add the 3 accounts above with Sysadmin role.


Install SharePoint

Connect to the SharePoint VM and add the 3 accounts as administrators on the machine.

Log off and log back in as the setup account.

Run the sharepoint configuration wizard just the same as you would for SP2013, with exception of Min-Roles. We will create single server farm with all the roles however in production environment you would need to select Custom and choose the roles that work for you.

Once complete you have SharePoint 2016 ready to go.  Access it using your cloud service url.

Get a users followed sites using JSOM in SP2013 or SharePoint Online

SP.SOD.executeOrDelayUntilScriptLoaded(loadUserData, ‘SP.UserProfiles.js’);

function loadUserData()


var clientContext = SP.ClientContext.get_current();


var followingManager;

var followed;



followingManager = new SP.Social.SocialFollowingManager(clientContext);



Next we need to get the sites followed by the current user. For this we need to pass the actor ID of 4. For a list of all actor Ids see this.


followed = followingManager.getFollowed(4);

clientContext.executeQueryAsync(showFollowed, requestFailed);



function showFollowed() {

for (var i = 0; i < followed.length; i++) {

//get whatever you need from the followed array




function requestFailed(sender, args) {

$(‘#message’).html(‘Error: ‘ + args.get_message());


Configure SharePoint 2013 for App Development by setting up isolated domain

If your not sure what needs to be configured for app development on ​SP2013 on premise or you receive the “Apps are disabled on this site” error, then follow these steps:

  1. Ensure the user profile service application is running and has at least one profile in it
  2. Ensure the application management service app is running.
  3. Ensure timer service is running: net start sptimerv4
  4. Ensure you have created an isoloated domain

SharePoint hosted apps run must run in their own domain. For Visual Studio to be able to deploy apps you need to first setup the domain. To do this run the following powershell scripts in the SharePoint Management Shell. Hopefully they should be self explanatory:

Set-SPAppDomain “”

Get-SPServiceInstance | where{$_.GetType().Name -eq “AppManagementServiceInstance

Get-SPServiceInstance | where{$_.GetType().Name -eq “AppManagementServiceInstance” -or $_.GetType().Name -eq “SPSubscriptionSettingsServiceInstance”}


The below scripts are to setipt the application pools. You need to provide a sharepoint managed account.

$account = Get-SPManagedAccount “domain\user”
$appPoolSubSvc = New-SPServiceApplicationPool -Name SettingsServiceAppPool -Account $account
$appPoolAppSvc = New-SPServiceApplicationPool -Name AppServiceAppPool -Account $account
$appSubSvc = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $appPoolSubSvc –Name SettingsServiceApp –DatabaseName SettingsServiceDB $proxySubSvc = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $appSubSvc
$appAppSvc = New-SPAppManagementServiceApplication -ApplicationPool $appPoolAppSvc -Name AppServiceApp -DatabaseName AppServiceDB
$proxyAppSvc = New-SPAppManagementServiceApplicationProxy -ServiceApplication $appAppSvc


Specify your tenant name by typing the following code in the SharePoint Management Shell:

Set-SPAppSiteSubscriptionName -Name “app” -Confirm:$false

Finally your isolated app domain to your bypass list in Internet Explorer

  1. In Internet Explorer, go to Tools.
  2. Choose Internet options.
  3. On the Connections tab, choose the LAN Settings
  4. Clear the Automatically detect settings check box.
  5. Select the Use a proxy server for your LAN check box.
  6. Choose the Advanced button, and then add * to the Exceptions
  7. Choose the OK
  8. Choose the OK button to close the Local Area Network (LAN) Settings dialog box.
  9. Choose the OK button to close the Internet Options dialog box.

You may get a 401 when launching you app. For this you’ll need to disable loop back checking:

To set the DisableLoopbackCheck registry key, follow these steps:

  1. Set the


registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:


( )

Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:


  1. Right-click Lsa, point to New, and then click DWORD Value.
  2. Type DisableLoopbackCheck, and then press ENTER.
  3. Right-click DisableLoopbackCheck, and then click Modify.
  4. In the Value data box, type 1, and then click OK.
  5. Quit Registry Editor, and then restart your computer.


SharePoint App Permissions

Apps for SharePoint have permissions just as users and groups do. This enables an app to have a set of permissions that are different from the permissions of the user who is executing the app. You must request, in the app manifest file, the permissions that an app needs to run. The user who adds the app must grant these requests, and the user can only grant permissions that he or she has as a user. The grant must be for all the requested permissions or none of them to simplify the management of permissions for users and developers. (The app principal always has full control rights to the app web, so it only needs to request permissions to SharePoint resources in the host web or other locations outside the app web.)

What are Host Webs and App Web

SharePoint 2013 introduces the concept of ‘host webs’ and ‘app webs’.

Apps are deployed to the App Web.

Apps are installed to the Host Web.


What are App Webs

In SharePoint 2010 when creating a webpart you could create and use and SharePoint components such as lists, libraries or workflows just about anywhere in the scope of where the webpart was being activated.

SharePoint 2013 adds an additional level of isolation (for security) whereby if an App is to need a SharePoint component such as list then it must contain this list within the apps own subweb – that app’s own App Web.  App Webs are usually inside the same site collection as the Host Web, except in tenant environments where they are in the App Catalog.  Apps that require their own web are reffered to as SharePoint hosted apps.

Apps that dont need access to any SharePoint objects such as lists, can exists without an App Web. e.g. those webparts which consume data from webservices etc. These are referred to as Provider Hosted Apps.

See example below where App 1 doesnt use any SharePoint component and therefore has no App Web, whereas App 2 uses lists and workflow and requires its own App Web:


Also, although the app web is typically in the same site collection as the host web it will have its own isolated domain.

For example, suppose that an app, with SharePoint components beyond
just the UI elements that can be deployed to a host web, is installed on
a host website at the following URL:

The app for SharePoint will be deployed to a newly created website with a URL like the following:

Note that this URL has the following structure:


  • Domain_Relative_URL_of_Host_Web is the relative URL of the parent host web, in this case sites/Marketing.
  • App_Name is the value of the Name attribute of the app element in the appmanifest.xml file.


Why to apps have their own web

Microsoft states two reason for requiring App Webs for Apps. Both are for security Enforcement of App permissions (see blog post) and Protecting against Cross-domain scripting attacks.

For more detailed information see the MSDN whitepaper