Updates from: 07/21/2021 03:11:39
Service Microsoft Docs article Related commit history on GitHub Change details
SharePoint Enhanced People Picker For Trusted Authentication Method https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/administration/enhanced-people-picker-for-trusted-authentication-method.md
+
+ Title: "Enhanced People Picker for modern authentication"
++++ Last updated : 7/2/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid:
+
+description: "In SharePoint Server Subscription Edition, People Picker is enhanced to search and pick user in User Profile service application to help you avoid creating a customized claim provider."
++
+# Enhanced People Picker for modern authentication
++
+When modern authentication (trusted identity provider) such as SAML 1.1 or OIDC 1.0 is used, the People Picker control canΓÇÖt search, resolve, and validate users and groups without writing a custom claim provider through C#.
+
+In SharePoint Server Subscription Edition, People Picker is enhanced to search and pick user in User Profile service application to help you avoid creating a customized claim provider. Rather than writing a piece of C# code to implement a new claim provider, customers can simply synchronize user profiles from their identity provider to the User Profile service application to make People Picker work.
+
+Follow these configuration steps to make People Picker work:
+
+1. Create a new token issuer using the [New-SPTrustedIdentityTokenIssuer](/powershell/module/sharepoint-server/new-sptrustedidentitytokenissuer) PowerShell cmdlet.
+ ```powershell
+ $tokenissuer= New-SPTrustedIdentityTokenIssuer
+ -ClaimsMappings <SPClaimMappingPipeBind[]>
+ -Description <String>
+ -IdentifierClaim <String>
+ -Name <String>
+ -Realm <String>
+ -SignInUrl <String>
+ [-AssignmentCollection <SPAssignmentCollection>]
+ -ImportTrustCertificate <X509Certificate2>
+ [-UseWReply]
+ [-Confirm] [-RegisteredIssuerName <String>]
+ [-SignOutUrl <String>]
+ [-WhatIf] [<CommonParameters>]
+ [-UseUPABackedClaimProvider]
+ ```
+
+ Following three parameters need special attention:<br/>
+
+ - **ClaimsMappings**<br/>
+ `ClaimsMappings` specifies the mapping of claims from the original token to a SharePoint token. By using this parameter, SharePoint understands how to generate a SharePoint token when given a specific token from a user profile service application property.<br/>
+ It accepts a list of `ClaimTypeMapping` objects, which are created by the [New-SPClaimTypeMapping](/powershell/module/sharepoint-server/new-spclaimtypemapping) cmdlet. Following are examples of `ClaimTypeMapping` objects, that can be to the `ClaimsMappings` parameter:
+ ```powershell
+ $emailClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming
+ $upnClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" -IncomingClaimTypeDisplayName "UPN" -SameAsIncoming
+ $roleClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Role" -SameAsIncoming
+ $sidClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" -IncomingClaimTypeDisplayName "SID" -SameAsIncoming
+ ```
+
+ - **IdentifierClaim** <br/>
+ The `IdentifierClaim` parameter specifies which claim type from the trusted STS will be used for the new identity provider. It can be set to the `InputClaimType` of the `ClaimTypeMapping` object created from the [New-SPClaimTypeMapping](/powershell/module/sharepoint-server/new-spclaimtypemapping) cmdlet.
+ ```powershell
+ -IdentifierClaim $emailClaimMap.InputClaimType
+ ```
+
+ - **UseUPABackedClaimProvider** <br/>
+ This switch parameter enables the People Picker to search and select users and groups from the User Profile service application.
+2. After `$tokenissuer` is created, you can create a claim provider that uses the User Profile service application to search and resolve users and groups in the People Picker and specify that this claim provider will use the created token issuer.
+ ```powershell
+ $claimprovider = New-SPClaimProvider
+ - AssemblyName "Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, publicKeyToken=71e9bce111e9429c"
+ - Description
+ - DisplayName
+ - Type "Microsoft.SharePoint.Administration.Claims.SPTrustedBackedByUPAClaimProvider"
+ - TrustedLoginProvider $tokenissuer
+ ```
+ Following three parameters need special attention:
+ - **AssemblyName**<br/>
+ Specify this parameter as `Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, publicKeyToken=71e9bce111e9429c`
+ - **Type** <br/>
+ Specify this parameter as `Microsoft.SharePoint.Administration.Claims.SPTrustedBackedByUPAClaimProvider` so this command knows that it needs to create a claim provider, which uses User Profile service application as the claim source.
+ - **TrustedLoginProvider** <br/>
+ Specify this parameter as the token issuer that uses this claim provider. This is a new parameter that the user needs to provide when the type of the claim provider is `Microsoft.SharePoint.Administration.Claims.SPTrustedBackedByUPAClaimProvider`
+3. Identify which claim provider must be used for searching and resolving users and groups and add to `SPTrustedIdentityTokenIssuer`.
+ ```powershell
+ Set-SPTrustedIdentityTokenIssuer <token issuer name> -ClaimProvider <claim provider object>
+ ```
+ An example of this command is:
+ ```powershell
+ Set-SPTrustedIdentityTokenIssuer "ADFS Provider" -ClaimProvider $claimprovider
+ ```
+4. You can, now, start synchronizing profiles into the SharePoint User Profile service application from the identity provider that are used in the organization, so that the newly created claim provider can work on the correct data set.<br/><br/>
+Following are the two ways to synchronize user profiles into the SharePoint User Profile service application:
+ - Use SharePoint Active Directory Import (AD Import) with **Trusted Claims Provider Authentication** as the **Authentication Provider Type** in the synchronization connection setting. To use AD Import, see [Manage user profile synchronization in SharePoint Server](/sharepoint/administration/manage-profile-synchronization).
+ - Use Microsoft Identity Manager (MIM). To use MIM, see [Microsoft Identity Manager in SharePoint Servers 2016 and 2019](/sharepoint/administration/microsoft-identity-manager-in-sharepoint-server-2016).
+ - There should be two agents inside the MIM synchronization Manager UX after MIM is set up. One agent is used to import user profiles from the source IDP to the MIM database. And another agent is used to export user profiles from the MIM database to the SharePoint User Profile service application.
+
+ During the synchronization, provide the following properties to the User Profile service application:
+
+ 1. **SPS-ClaimID** <br/>
+ - Choose unique identity property in the source that will map to the **SPS-ClaimID** property in the User Profile service application (preferred **Email** or **User Principal Name**).
+ - Set the corresponding **IdentifierClaim** value while creating a token issuer from the [New-SPTrustedIdentityTokenIssuer](/powershell/module/sharepoint-server/new-sptrustedidentitytokenissuer) cmdlet.<br/>
+
+ For AD Import synchronization, the **Central Administration -> Application Management -> Manage service applications -> User Profile Service Application -> Manage User Properties** UX will allow administrators to edit the **SPS-ClaimID** to indicate which property in the source identity provider should be synchronized to **SPS-ClaimID**. For example, if the **SPS-ClaimID** is email, set **Claim User Identifier** as **Email** in this UX.
+ > [!Note]
+ > The display name of **SPS-ClaimID** is **Claim User Identifier** in the UX and administrator can customize the display names.
+
+ ![Claim User Identifier](../media/claim-user-identifier.png)
+
+ ![Property Settings](../media/property-settings.png)
+
+ ![Property Mapping for Synchronization](../media/property-mapping-for-sync.png)
+
+ For MIM synchronization, map **Email** or **User Principal Name** to **SPS-ClaimID** in the MIM database to the SharePoint User Profile service application agent:
+ - In the MIM synchronization Service Manager, select the agent and open the **Configure Attribute Flow** UX. You can map **mail** to **SPS-ClaimID**.
+
+ ![Build Attribute Flow](../media/build-attribute-flow.png)
+
+ 2. **SPS-ClaimProviderID** and **SPS-ClaimProviderType**<br/>
+ - Set **SPS-ClaimProviderID** to the provider name as created in step #1 by the [New-SPTrustedIdentityTokenIssuer](/powershell/module/sharepoint-server/new-sptrustedidentitytokenissuer) cmdlet.<br/>
+ - Set **SPS-ClaimProviderType** to **SPTrustedBackedByUPAClaimProvider**
+
+ For AD Import synchronization, modify the following 2 properties in the **User Profile Service Application -> Configure Synchronization Connections -> Create New Connection** UX while creating a new AD Import synchronization connection.
+ - Set **SPS-ClaimProviderType** by setting **Authentication Provider Type** to **Trusted Claims Provider Authentication**
+ - Set SPS-ClaimProviderID to the new token issuer name created by the [New-SPTrustedIdentityTokenIssuer](/powershell/module/sharepoint-server/new-sptrustedidentitytokenissuer) cmdlet.
+
+ ![Add new synchronization connection](../media/add-new-sync-connection.png)
+
+ For MIM synchronization, set these 2 properties in the **Configure Attribute Flow** UX for the MIM database to SharePoint User Profile service application agent:
+ - Set **SPS-ClaimProviderType** to **Trusted** as Constant type
+ - Set **SPS-ClaimProviderID** to the new token issuer name created [New-SPTrustedIdentityTokenIssuer](/powershell/module/sharepoint-server/new-sptrustedidentitytokenissuer) cmdlet.
+
+ ![Configure Attribute Flow](../media/configure-attribute-flow.png)
+
+5. Make groups searchable. <br/>
+ To enable the People Picker control to work with groups:
+ 1. Ensure that the Group object has a property named **SID** of type **groupsid** in the identity provider.<br/>
+ You can create a `ClaimTypeMapping` object by using [New-SPClaimTypeMapping](/powershell/module/sharepoint-server/new-spclaimtypemapping) and then provide this object to [New-SPTrustedIdentityTokenIssuer](/powershell/module/sharepoint-server/new-sptrustedidentitytokenissuer) cmdlet with `-ClaimsMappings` parameter.
+
+ ```powershell
+ $sidClaimMap = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" -IncomingClaimTypeDisplayName "SID" -SameAsIncoming
+ $tokenissuer = New-SPTrustedIdentityTokenIssuer -ClaimsMappings $sidClaimMap, $emailClaimMap …
+ ```
+
+ This sample cmdlets creates a `claimmap` object of type `groupsid` and indicates that it works with the **SID** property of the group. Then it creates a new identity issuer, which can understand this mapping.
+
+ 2. Synchronize **SID** property of groups from the identity provider to the **SID** property in User Profile service application.
+ - For AD Import synchronization, SID will synchronize automatically from the source identity provider to the SharePoint User Profile service application.
+ - For MIM synchronization, take the property mapping from the identity provider to MIM and then from MIM to the SharePoint User Profile service application so that MIM can synchronize the group **SID** from the identity provider to the SharePoint User Profile service application. ItΓÇÖs like how we do user profile synchronization for the **SPS-ClaimID** property for user profiles.
+ > [!Note]
+ > For MIM synchronization, map **sAMAccountName** to **accountName** from MIM to the SharePoint User Profile service application.
+6. Change the default User Profile searchable properties so that users can choose which properties can be used to match keywords in the People Picker control.<br/>
+Users can set which properties are searched by the People Picker by following this sample PowerShell script.
+ 1. Get the property list of the User Profile service application, which is connected with a given web application.
+ ```powershell
+ $site = $(Get-SPWebApplication $WebApplicationName).Sites[0]
+ $context= Get-SPServiceContext $site
+ $psm = [Microsoft.Office.Server.UserProfiles.ProfileSubTypeManager]::Get($context)
+ $ps = $psm.GetProfileSubtype([Microsoft.Office.Server.UserProfiles.ProfileSubtypeManager]::GetDefaultProfileName([Microsoft.Office.Server.UserProfiles.ProfileType]::User))
+ $properties = $ps.Properties
+ ```
+
+ 2. Search for a list of given property names and set them as searchable. In this example, we set **First Name** and **Last Name** in the User Profile service application as searchable for the People Picker.
+ ```powershell
+ $PropertyNames = 'FirstName', 'LastName'
+ foreach ($p in $PropertyNames) {
+ $property = $properties.GetPropertyByName($p)
+ if ($property) {
+ $property.CoreProperty.IsPeoplePickerSearchable = $true
+ $property.CoreProperty.Commit()
+ $property.Commit()
+ }
+ }
+ ```
SharePoint Appliesto 2013 2016 2019 SUB SPO Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-2013-2016-2019-SUB-SPO-md.md
+<Token>**APPLIES TO:** ![yes-img-13](../media/yes.png)2013 ![yes-img-16](../media/yes.png)2016 ![yes-img-19](../media/yes.png)2019 ![yes-img-se](../media/yes.png)Subscription Edition ![yes-img-sop](../media/yes.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto 2013 2016 2019 SUB Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-2013-2016-2019-SUB-xxx-md.md
+<Token>**APPLIES TO:** ![yes-img-13](../media/yes.png)2013 ![yes-img-16](../media/yes.png)2016 ![yes-img-19](../media/yes.png)2019 ![yes-img-se](../media/yes.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto 2013 2016 Xxx Xxx Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-2013-2016-xxx-xxx-xxx-md.md
+<Token>**APPLIES TO:** ![yes-img-13](../media/yes.png)2013 ![yes-img-16](../media/yes.png)2016 ![no-img-19](../media/no.png)2019 ![no-img-se](../media/no.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto 2013 Xxx 2019 Xxx Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-2013-xxx-2019-xxx-xxx-md.md
+<Token>**APPLIES TO:** ![yes-img-13](../media/yes.png)2013 ![no-img-16](../media/no.png)2016 ![yes-img-19](../media/yes.png)2019 ![no-img-se](../media/no.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto 2013 Xxx Xxx Xxx Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-2013-xxx-xxx-xxx-xxx-md.md
+<Token>**APPLIES TO:** ![yes-img-13](../media/yes.png)2013 ![no-img-16](../media/no.png)2016 ![no-img-19](../media/no.png)2019 ![no-img-se](../media/no.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx 2016 2019 SUB Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-2016-2019-SUB-xxx-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![yes-img-16](../media/yes.png)2016 ![yes-img-19](../media/yes.png)2019 ![yes-img-se](../media/yes.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx 2016 2019 Xxx Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-2016-2019-xxx-xxx-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![yes-img-16](../media/yes.png)2016 ![yes-img-19](../media/yes.png)2019 ![no-img-se](../media/no.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx 2016 Xxx Xxx Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-2016-xxx-xxx-xxx-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![yes-img-16](../media/yes.png)2016 ![no-img-19](../media/no.png)2019 ![no-img-se](../media/no.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx Xxx 2019 SUB Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-xxx-2019-SUB-xxx-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![no-img-16](../media/no.png)2016 ![yes-img-19](../media/yes.png)2019 ![yes-img-se](../media/yes.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx Xxx 2019 Xxx Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-xxx-2019-xxx-xxx-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![no-img-16](../media/no.png)2016 ![yes-img-19](../media/yes.png)2019 ![no-img-se](../media/no.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx Xxx Xxx SUB SPO Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-xxx-xxx-SUB-SPO-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![no-img-16](../media/no.png)2016 ![no-img-19](../media/no.png)2019 ![yes-img-se](../media/yes.png)Subscription Edition ![yes-img-sop](../media/yes.png)SharePoint in Microsoft 365</Token>
SharePoint Appliesto Xxx Xxx Xxx SUB Xxx Md https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/includes/appliesto-xxx-xxx-xxx-SUB-xxx-md.md
+<Token>**APPLIES TO:** ![no-img-13](../media/no.png)2013 ![no-img-16](../media/no.png)2016 ![no-img-19](../media/no.png)2019 ![yes-img-se](../media/yes.png)Subscription Edition ![no-img-sop](../media/no.png)SharePoint in Microsoft 365</Token>
SharePoint Hardware And Topology Requirements For Sharepoint Server Subscription Editon https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/hardware-and-topology-requirements-for-sharepoint-server-subscription-editon.md
+
+ Title: "Hardware and topology requirements for SharePoint Server Subscription Edition"
++++ Last updated : 6/22/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Priority
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+
+ms.assetid: 4d88c402-24f2-449b-86a6-6e7afcfec0cd
+description: "Find out the minimum hardware requirements that you need for installing and running SharePoint Server Subscription Edition."
++
+# Hardware and topology requirements for SharePoint Server Subscription Edition
++
+
+> [!IMPORTANT]
+> If you contact Microsoft Customer Support Services about a production system that does not meet the minimum hardware specifications described in this document, support will be limited until the system is upgraded to the minimum requirements.
+
+
+## Hardware requirements for SharePoint servers
+
+The values in the following table are minimum values for installations on servers that are running SharePoint Server in a multiple server farm installation.
+
+Ensure the following before you proceed with deployment of SharePoint environment:
+
+- For all installation scenarios:
+ - You have sufficient hard disk space for the base installation.
+ - You have sufficient hard disk space for diagnostics such as logging, debugging,
+ creating memory dumps, and so on.
+- For production environment
+ - You have additional free disk space for day-to-day operations.
+ - Maintain two times as much as free space as you have RAM
+
+|**Installation scenario**|**Deployment type and scale**|**Processor**|**RAM**|**Hard disk**|
+|:--|:--|:--|:--|:--|
+|Single server role that uses SQL Server <br/> |Development or evaluation installation with the minimum recommended services for development environments. <br/> |64-bit, 4 cores <br/> |16 GB <br/> |80 GB for system drive <br/> 100 GB for second drive <br/> |
+|Single server role that uses SQL Server <br/> |Pilot or user acceptance test installation running all available services. <br/> |64-bit, 4 cores <br/> |24 GB <br/> |80 GB for system drive <br/> 100 GB for second drive and additional drives <br/> |
+|SharePoint server in amulti-tier farm <br/> |Development or evaluation installation with a minimum number of services. <br/> |64-bit, 4 cores <br/> |12 GB <br/> |80 GB for system drive <br/> 80 GB for second drive <br/> |
+|SharePoint server in a multi-tier farm <br/> |Pilot or user acceptance test installation running all available services. <br/> |64-bit, 4 cores <br/> |16 GB <br/> |80 GB for system drive <br/> 80 GB for second drive and additional drives <br/>
+
+> [!NOTE]
+> Hard disk space and number of drives depends on the amount of content and the way you choose to distribute data for a SharePoint environment.
+
+## Hardware requirements: Location of physical servers
+
+Some enterprises have datacenters that are in close proximity to one another and are connected by high-bandwidth fiber optic links. In this environment, you can configure the two datacenters as a single farm. This distributed farm topology is called a stretched farm. Stretched farms for SharePoint Server Subscription Edition are supported.
+
+For a stretched farm architecture to work as a supported high-availability solution, the following prerequisites must be met:
+
+- There is a highly consistent intra-farm latency of <1 ms one way, 99.9% of the time over a period of 10 minutes. (Intra-farm latency is commonly defined as the latency between the front-end web servers and the database servers.
+- The bandwidth speed must be at least 1 gigabit per second.
+
+To provide fault tolerance in a stretched farm, use the standard best practice guidance to configure redundant service applications and databases.
+
+> [!NOTE]
+> The intra-farm latency of <1 ms one way, 99.9% of the time over a period of ten minutes is also required for SharePoint environments with servers that are located in the same datacenter. The bandwidth speed should also be in this case at least 1 gigabit per second.
+
+## Deployment requirements for farm topology
+<a name="hwforwebserver"> </a>
+
+SharePoint Server supports the same farm topologies as SharePoint Server 2019. For more information, see [Planning for a MinRole server deployment in SharePoint Server 2019](planning-for-a-minrole-server-deployment-in-sharepoint-server.md).
+++++
+
SharePoint Install Or Uninstall Language Packs 0 https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/install-or-uninstall-language-packs-0.md
Word breakers and stemmers enable you to search efficiently and effectively acro
> [!IMPORTANT] > If you are uninstalling SharePoint Server, you must uninstall all language packs before you uninstall SharePoint Server.
-
## About language IDs and language packs <a name="section1"> </a>
Folders for the language-specific components are identified by the language tag
SharePoint Servers 2016 and 2019 support the following languages: |Language|Language tag|LCID|
-|:--|:--|:--|:--
+|:--|:--|:--|
Arabic <br/>|ar-sa <br/> | 1025 <br/> Azerbaijani <br/> |az-latn-az <br/> |1068 <br/> Basque <br/> |eu-es <br/> |1069 <br/>||
SharePoint Install Or Uninstall Language Packs Subscription https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/install-or-uninstall-language-packs-subscription.md
+
+ Title: "Install or uninstall language packs for SharePoint Servers Subscription Edition"
++++ Last updated : 7/24/2018
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid:
+description: "Learn how to download, install, and uninstall language packs for SharePoint Server Subscription Edition."
++
+# Install or uninstall language packs for SharePoint Servers Subscription Edition
+
+
+Language packs enable site owners and site collection administrators to create SharePoint sites and site collections in multiple languages without requiring separate installations of SharePoint Server. You install language packs, which contain language-specific site templates, on each SharePoint server in your farm. When an administrator creates a site or a site collection that is based on a language-specific site template, the text that appears on the site or the site collection is displayed in the site template's language. Language packs are typically used in multinational deployments where a single server farm supports users in different locations, or when sites and web pages must be duplicated in one or more languages.
+
+Word breakers and stemmers enable you to search efficiently and effectively across content on SharePoint sites and site collections in multiple languages without requiring separate installations of SharePoint Server. Word breakers and stemmers are automatically installed on SharePoint servers by Setup.
+
+> [!IMPORTANT]
+> If you are uninstalling SharePoint Server, you must uninstall all language packs before you uninstall SharePoint Server.
+
+## About language IDs and language packs
+<a name="section1"> </a>
+
+Site owners or site collection administrators who create sites or site collections can select a language for each site or site collection.
+
+The language that they select has a language identifier (ID). The language ID determines the language that is used to display and interpret text that is on the site or site collection. For example, when a site owner creates a site in French, the site's toolbars, navigation bars, lists, and column headings appear in French. Similarly, if a site owner creates a site in Arabic, the site's toolbars, navigation bars, lists, and column headings appear in Arabic. In addition, the default left-to-right orientation of the site changes to a right-to-left orientation to correctly display Arabic text.
+
+The language packs that are installed on the SharePoint servers determine the list of available languages that you can use to create a site or site collection. By default, sites and site collections are created in the language in which SharePoint Server was installed. For example, if you install the Spanish version of SharePoint Server, the default language for sites, site collections, and web pages is Spanish. If someone has to create sites, site collections, or web pages in a language other than the default SharePoint Server language, you must install the language pack for that language on the SharePoint servers. For example, if you are running the French version of SharePoint Server, and a site owner wants to create sites in French, English, and Spanish, you must install the English and Spanish language packs on the SharePoint servers.
+
+By default, when a site owner creates a new web page in a site, the site displays text in the language that is specified by the language ID.
+
+Language packs are not bundled into multilingual installation packages. You must install a specific language pack for each language that you want to support. Also, language packs must be installed on each SharePoint server to make sure that each SharePoint server can display content in the specified language.
+
+> [!IMPORTANT]
+> You cannot change an existing site, site collection, or web page from one language to another by applying different language-specific site templates. After you use a language-specific site template for a site or a site collection, the site or site collection always displays content in the language of the original site template. For example, SharePoint can render the same site in multiple languages based on the preferred language of the userΓÇÖs web browser. But for this to work, the SharePoint language pack that matches the userΓÇÖs preferred language must be installed on each server in the SharePoint farm.
+
+Although a site owner specifies a language ID for a site, some user interface elements such as error messages, notifications, and dialogs do not display in the language that was specified. This is because SharePoint Server relies on several supporting technologies ΓÇö for example, the Microsoft .NET Framework, Microsoft Windows Workflow Foundation, Microsoft ASP.NET, and SQL Server ΓÇö some of which are localized into only a limited number of languages. If a user interface element is generated by any of the supporting technologies that are not localized into the language that the site owner specified for the site, the user interface element appears in English. For example, if a site owner creates a site in Hebrew, and the .NET Framework component displays a notification message, the notification message will not display in Hebrew because the .NET Framework is not localized into Hebrew. This situation can occur when sites are created in any language except the following: Chinese, French, German, Italian, Japanese, Korean, and Spanish.
+
+Each language pack that you install creates a folder at `%COMMONPROGRAMFILES%\Microsoft Shared\Web Server Extensions\16\TEMPLATE\LAYOUTS\Locale_ID` that contains language-specific data. In each locale_ID folder, you must have only one HTML error file that contains the error information that is used when a file cannot be found. Anytime a file cannot be found for any site in that language, this file will be used. You can specify the file to use by setting the **FileNotFoundPage()** for each web application.
+
+In some cases, some text might originate from the original installation language, which can create a mixed-language experience. This kind of mixed-language experience is typically seen only by content creators or site owners and is not seen by site users.
+
+## Downloading language packs
+<a name="section2"> </a>
+
+Follow these steps for each language that you want to support. If you decide to download more than one language, please be aware that a unique file that has a common name is downloaded for each language. Therefore, make sure that you download each language pack to a separate folder on the hard disk so that you do not overwrite a language pack of a different language.
+
+> [!IMPORTANT]
+> By default, the Microsoft PowerShell Help files are installed in English (en-us). To view these files in the same language as the operating system, install the language pack for the same language in which the operating system was installed.
+
+
+## Installing language packs on the SharePoint servers
+<a name="section4"> </a>
+
+Language packs are available as individual downloads (one download for each supported language). If you have a server farm environment and you are installing language packs to support multiple languages, you must install the language packs on each SharePoint server.
+
+> [!IMPORTANT]
+> The language pack is installed in its native language. The procedure that follows is for the English language pack.
+
+ **To install a language pack**
+
+ Verify that the user account that is performing this procedure is the Setup user account. For information about the Setup user account, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+1. Mount the **ISO disc images** to download disc images for the language pack installers.
+
+2. Run the setup.exe (`setup.exe`) on your servers.
+
+3. On the **Read the Microsoft Software License Terms** page, review the terms, select the **I accept the terms of this agreement** check box, and then click **Continue**.
+4. The Setup wizard runs and installs the language pack.
+
+5. Rerun the SharePoint Products Configuration Wizard by using the default settings. If you do not run the SharePoint Products Configuration Wizard after you install a language pack, the language pack will not be installed correctly.
+
+ The SharePoint Products Configuration Wizard runs in the language of the base installation of SharePoint Server, not in the language of the language pack that you just installed.
+
+ **To rerun the SharePoint Products Configuration Wizard**
+
+Verify that the user account that is performing this procedure is the Setup user account. For information about the Setup user account, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+1. Click **Start**, point to **Microsoft SharePoint Products** folder, click **SharePoint Products Configuration Wizard**.
+
+2. On the **Welcome to SharePoint Products** page, click **Next**.
+
+3. Click **Yes** in the dialog that alerts you that some services might have to be restarted during configuration.
+
+4. On the **Modify Server Farm Settings** page, click **Do not disconnect from this server farm**, and then click **Next**.
+
+5. If the **Modify SharePoint Central Administration Web Administration Settings** page appears, do not change any of the default settings, and then click **Next**.
+
+6. After you complete the **Completing the SharePoint Products Configuration Wizard**, click **Next**.
+
+7. On the **Configuration Successful** page, click **Finish**.
+
+8. After you install a new language pack and rerun the **SharePoint Products Configuration Wizard**, you must deactivate and then reactivate any language-specific features before you use the new language pack.
+
+When you install language packs, the language-specific site templates are installed in the `%COMMONPROGRAMFILES%\Microsoft Shared\Web Server Extensions\16\TEMPLATE\ _LanguageID_` directory,
+where,
+`_LanguageID_` is the Language ID number for the language that you are installing.
+
+For example, the United States English language pack installs to the `%COMMONPROGRAMFILES%\Microsoft Shared\Web Server Extensions\16\TEMPLATE\1033` directory. After you install a language pack, site owners and site collection administrators can create sites and site collections based on the language-specific site templates by specifying a language when they are creating a new SharePoint site or site collection.
+
+## List of Languages
+
+Each folder name has a language tag appended to it, in the form ll-cc. That tag identifies the language and culture. For example, U.S. English language folders are identified by the folder name extension en-us.
+
+Folders for the language-specific components are identified by the language tag that is shown in the table. The Windows operating system uses locale identifiers (LCIDs) to identify languages in the Windows registry.
+
+SharePoint Servers Subscription Edition, 2019, and 2016 support the following languages:
+
+|Language|Language tag|LCID|
+|:--|:--|:--|
+Arabic <br/>|ar-sa <br/> | 1025 <br/>
+Azerbaijani <br/> |az-latn-az <br/> |1068 <br/>
+Basque <br/> |eu-es <br/> |1069 <br/>||
+Bosnian (Latin) <br/> |bs-latn-ba <br/> |5146 <br/>
+Bulgarian <br/> |bg-bg <br/> |1026 <br/>||
+Catalan <br/> |ca-es <br/> |1027 <br/>||
+Chinese (Simplified) <br/> |zh-cn <br/> |2052 <br/>
+Chinese (Traditional) <br/> |zh-tw <br/> |1028 <br/>||
+Croatian <br/> |hr-hr <br/> |1050 <br/>||
+Czech <br/> |cs-cz <br/> |1029 <br/>||
+Danish <br/> |da-dk <br/> |1030 <br/>||
+Dutch <br/> |nl-nl <br/> |1043 <br/>||
+English <br/> |en-us <br/> |1033 <br/>||
+Estonian <br/> |et-ee <br/> |1061 <br/>||
+Finnish <br/> |fi-fi <br/> |1035 <br/>||
+French <br/> |fr-fr <br/> |1036 <br/>
+Galician <br/> |gl-es <br/> |1110 <br/>||
+German <br/> |de-de <br/> |1031 <br/>||
+Greek <br/> |el-el <br/> |1032 <br/>||
+Hebrew <br/> |he-il <br/> |1037 <br/>||
+Hindi <br/> |hi-in <br/> |1081 <br/>||
+Hungarian <br/> |hu-hu <br/> |1038<br/>||
+Indonesian <br/> |id-id <br/> |1057 <br/>||
+Irish <br/> |ga-ie <br/> |2108 <br/>||
+Italian <br/> |it-it <br/> |1040 <br/>||
+Japanese <br/> |ja-jp <br/> |1041 <br/>||
+Kazakh <br/> |kk-kz <br/> |1087 <br/>||
+Korean <br/> |ko-kr <br/> |1042 <br/>||
+Latvian <br/> |lv-lv <br/> |1062 <br/>
+Lithuanian <br/> |lt-lt <br/> |1063 <br/>||
+Macedonian (FYROM) <br/> |mk-mk <br/> |1071 <br/>||
+Malay (Malaysia) <br/> |ms-my <br/> |1086 <br/>||
+Norwegian (Bokmål) <br/> |nb-no <br/> |1044 <br/>||
+Polish <br/> |pl-pl <br/> |1045 <br/>
+Portuguese (Brazil) <br/> |pt-br <br/> |1046 <br/>||
+Portuguese (Portugal) <br/> |pt-pt <br/> |2070<br/>||
+Romanian <br/> |ro-ro <br/> |1048 <br/>||
+Russian <br/> |ru-ru <br/> |1049 <br/>||
+Serbian (Cyrillic) <br/> |sr-cyrl-rs <br/> |10266 <br/>||
+Serbian (Latin) <br/> |sr-latn-rs <br/> |9242 <br/>||
+Slovak <br/> |sk-sk <br/> |1051 <br/>||
+Slovenian <br/> |sl-si <br/> |1060 <br/>||
+Spanish <br/> |es-es <br/> |3082 <br/>||
+Swedish <br/> |sv-se <br/> |1053 <br/>||
+Thai <br/> |th-th <br/> |1054 <br/>||
+Turkish <br/> |tr-tr <br/> |1055 <br/>||
+Ukrainian <br/> |uk-ua <br/> |1058<br/>||
+Vietnamese <br/> |vi-vn <br/> |1066 <br/>||
+Welsh <br/> |cy-gb <br/> |1106 <br/>||
+
SharePoint Install Overview Spserver Se https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/install-overview-spserver-se.md
+
+ Title: "Installation overview for SharePoint Server Subscription Edition"
++++ Last updated : 6/24/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Critical
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid:
+description: "Learn how to install SharePoint Subscription edition in various topologies."
++
+# Installation overview for SharePoint Server Subscription Edition
++
+
+Testing and implementing SharePoint Server Subscription edition solutions at different stages of the deployment life cycle requires deployments in various topologies.
+
+The following articles provide information about how to deploy SharePoint Server Subscription edition on one or more servers to create different topologies that you can use for testing and implementing SharePoint Server Subscription edition solutions at different stages of the deployment life cycle.
+
+
+|**Content**|**Description**|
+|:--|:--|
+|[System requirements for SharePoint Subscription edition](system-requirements-for-sharepoint-subscription-edition.md) <br/> |Learn system requirements of SharePoint Subscription edition in various topologies. <br/>|
+|[Hardware and Topology Requirements for SharePoint Server Subscription Edition](hardware-and-topology-requirements-for-sharepoint-server-subscription-editon.md)<br/> |Find out the minimum hardware requirements that you need for installing and running SharePoint Server Subscription Edition. <br/> |
+|[Software Requirements for Database Servers for SharePoint Server Subscription Edition](software-requirements-for-database-servers-for-sharepoint-server-subscription-edition.md)<br/> |Learn about the software and other requirements for SharePoint Server Subscription Edition. <br/> |
+|[Software Requirements for SharePoint Servers for SharePoint Server Subscription Edition](software-requirements-for-sharepoint-servers-for-sharepoint-server-subscription-edition.md)<br/> |Learn about the software requirements for SharePoint Server. <br/> |
+|[Install or uninstall language packs for SharePoint Servers Subscription Edition](install-or-uninstall-language-packs-subscription.md)<br/> |Learn how to download, install, and uninstall language packs for SharePoint Server Subscription Edition. <br/> |
+|[Installing SharePoint Server Subscription Edition on one server](installing-sharepoint-subscription-edition-on-one-server.md)<br/> |Learn how to install SharePoint Server Subscription Edition on one server. <br/> |
+|[Installing SharePoint Server Subscription Edition on Windows Server Core](installing-sharepoint-server-subscription-edition-on-windows-server-core.md) <br/> |Learn how to install SharePoint Server Subscription Edition on windows server core. <br/>
+|[Repair SharePoint Server Subscription edition](repair-sharepoint-server-subscription-edition.md) <br/> |Learn how to repair SharePoint Subscription edition in various topologies. <br/> |
+|[Uninstall SharePoint Server Subscription edition](uninstall-for-sharepoint-server-subscription-edition.md) <br/> |Learn how to uninstall SharePoint Subscription edition in various topologies. <br/> |
+
+
SharePoint Install https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/install.md
description: "Deployment articles help you install and configure SharePoint Serv
# Install SharePoint Server
-The following articles include information about how to prepare for installation, step-by-step installation instructions, post-installation configuration steps, and upgrade information. Two sections are listed, one for SharePoint Servers 2016 and 2019 which describes MinRole and its configuration, and the other is SharePoint Server 2013.
+The following articles include information about how to prepare for installation, step-by-step installation instructions, post-installation configuration steps, and upgrade information. Three sections are listed, one for SharePoint Subscription edition, one for SharePoint Servers 2016 and 2019 which describes MinRole and its configuration, and the other is SharePoint Server 2013.
+
+## Articles about SharePoint Server Subscription edition
+
+|**Content**|**Description**|
+|:--|:--|
+|[Installation Overview for SharePoint Server Subscription Edition](install-overview-spserver-se.md) <br/> |Learn how to install SharePoint Subscription edition in various topologies. <br/>|
+|[System requirements for SharePoint Subscription edition](system-requirements-for-sharepoint-subscription-edition.md) <br/> |Learn system requirements of SharePoint Subscription edition in various topologies. <br/>|
+|[Hardware and Topology Requirements for SharePoint Server Subscription Edition](hardware-and-topology-requirements-for-sharepoint-server-subscription-editon.md)<br/> |Find out the minimum hardware requirements that you need for installing and running SharePoint Server Subscription Edition. <br/> |
+|[Software Requirements for Database Servers for SharePoint Server Subscription Edition](software-requirements-for-database-servers-for-sharepoint-server-subscription-edition.md)<br/> |Learn about the software and other requirements for SharePoint Server Subscription Edition. <br/> |
+|[Software Requirements for SharePoint Servers for SharePoint Server Subscription Edition](software-requirements-for-sharepoint-servers-for-sharepoint-server-subscription-edition.md)<br/> |Learn about the software requirements for SharePoint Server. <br/> |
+|[Installing SharePoint Server Subscription Edition on one server](installing-sharepoint-subscription-edition-on-one-server.md)<br/> |Learn how to install SharePoint Server Subscription Edition on one server. <br/> |
+|[Installing SharePoint Server Subscription Edition on Windows Server Core](installing-sharepoint-server-subscription-edition-on-windows-server-core.md) <br/> |Learn how to install SharePoint Server Subscription Edition on windows server core. <br/>
+|[Install or uninstall language packs for SharePoint Servers Subscription Edition](install-or-uninstall-language-packs-subscription.md)<br/> |Learn how to download, install, and uninstall language packs for SharePoint Server Subscription Edition. <br/> |
+|[Repair SharePoint Server Subscription edition](repair-sharepoint-server-subscription-edition.md) <br/> |Learn how to repair SharePoint Subscription edition in various topologies. <br/> |
+|[Uninstall SharePoint Server Subscription edition](uninstall-for-sharepoint-server-subscription-edition.md) <br/> |Learn how to uninstall SharePoint Subscription edition in various topologies. <br/> |
++ ## Articles about SharePoint Servers 2016 and 2019 installation and configuration
SharePoint Installing Sharepoint Server Subscription Edition On Windows Server Core https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/installing-sharepoint-server-subscription-edition-on-windows-server-core.md
+
+ Title: "Installing SharePoint Server Subscription Edition on Windows Server Core"
++++ Last updated : 06/23/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Priority
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- Strat_SP_server
+- SP2019
+
+ms.assetid:
+description: "Learn how to install SharePoint Server Subscription Edition on Windows Server Core."
+
+
+# Installing SharePoint Server Subscription Edition on Windows Server Core
+<a name="section1"> </a>
+++
+Compared to classic Windows Server with Desktop Experience, Windows Server Core is a leaner deployment mode for SharePoint Server Subscription Edition as server core minimizes the number of OS features and services that are installed and running only those that are truly needed for a server. This deployment option reduces the demand on system resources (CPU, RAM, and disk space) and the potential attack surface for security vulnerabilities. Microsoft encourages Windows Server customers to move to this installation option as and when feasible for better support.
+
+Windows Server Core support has been introduced with the SharePoint Server release. This support makes SharePoint Server Subscription Edition an even better citizen in the Windows Server ecosystem and makes easier to host SharePoint Server in datacenters that have standardized on Server Core. We encourage customers to start testing this installation option in addition to the classic Windows Server with Desktop Experience.
++
+Perform the following steps to install SharePoint Server Subscription Edition on Windows Server Core:
+
+1. Mount the ISO file to your server by using the `Mount-DiskImage` cmdlet, or by specifying it as a virtual drive in your virtual machine manager.
+
+ ```powershell
+ Mount-DiskImage -ImagePath "C:\SharePoint Files\16.0.14131.10000_OfficeServer_none_ship_x64_en-us.iso
+ ```
+
+2. Run the SharePoint prerequisite installer (`prerequisiteinstaller.exe`) on your servers.
+
+3. Copy the **\Files\SetupSilent\config.xml** file from your mounted ISO disk image to a writable location.
+
+ ```powershell
+ Copy-Item -Path "D:\Files\SetupSilent\config.xml" -Destination "C:\SharePoint Files"
+ ```
+
+4. If the `config.xml` file in your writable location has a read-only file attribute, remove it.
+
+ ```powershell
+ Set-ItemProperty -Path "C:\SharePoint Files\config.xml" -Name IsReadOnly -Value $false
+ ```
+
+5. Open the `config.xml` file in your writable location for editing.
+
+ ```powershell
+ notepad.exe "C:\SharePoint Files\config.xml"
+ ```
+
+6. Find and remove the `<!--` and `-->` text strings within the file. Don't remove the text in between these two text strings.
+
+7. Replace the **Enter Product Key Here** text string in the file with your SharePoint Server product key.
+
+8. Save your changes to the `config.xml` file.
+
+9. Run SharePoint setup (`setup.exe`) on your servers in command-line mode. Add the following command-line parameters when launching `setup.exe`:
+ - `/config <config file>` (Where `<config file>` is the path to your writable `config.xml` file)
+ - `/IAcceptTheLicenseTerms` (Specifying this parameter signifies that you have read, understand, and agree to the license terms of SharePoint Server and Project Server.)
+
+ ```powershell
+ D:\setup.exe /config "C:\SharePoint Files\config.xml" /IAcceptTheLicenseTerms
+ ```
+10. Once SharePoint setup has completed, reboot your server.
+
+11. Run the following SharePoint PowerShell cmdlets with their appropriate parameters to create or join a farm.
+
+ 1. `New-SPConfigurationDatabase` to create a farm or `Connect-SPConfigurationDatabase` to join a farm
+ 2. `Install-SPHelpCollection -All`
+ 3. `Initialize-SPResourceSecurity`
+ 4. `Install-SPService`
+ 5. `Install-SPFeature -AllExistingFeatures`
+ 6. `New-SPCentralAdministration`
+ 7. `Install-SPApplicationContent`
+
+ > [!Note]
+ > You can also use the `PSCONFIG.EXE` command line tool or the `PSConfigUI.exe` GUI tool. However, `PSConfigUI.exe` will crash on Windows Server Core if it needs to display a summary of error messages at the end of the sequence due to a dependency on HTML rendering components.
+
+12. Configure the service applications and web applications in your farm through the **Farm Configuration Wizard**.
+
+ > [!Note]
+ > You must use a web browser from another computer to access the Central Administration website. Windows Server Core does not include a web browser.
+++
SharePoint Installing Sharepoint Subscription Edition On One Server https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/installing-sharepoint-subscription-edition-on-one-server.md
+
+ Title: "Installing SharePoint Server Subscription Edition on one server"
++++ Last updated : 06/23/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Priority
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- Strat_SP_server
+- SP2019
+
+ms.assetid:
+description: "Learn how to install SharePoint Server Subscription Edition on one server."
+
+
+# Installing SharePoint Server Subscription Edition on one server
+<a name="section1"> </a>
++
+ You can install and configure SharePoint Server Subscription Edition on a single server if you are hosting only a few sites for a limited number of users or if you want to create a trial or development environment. This configuration is also useful if you want to configure a farm to meet your needs first, and then add servers to the farm at a later stage.
+
+> [!NOTE]
+> In previous versions of SharePoint, a single server installation automatically installed SQL Server Express. In SharePoint Server Subscription Edition, a single server installation contains only SharePoint. SQL Server can be installed on the same server or on a separate server; both scenarios are supported. For better performance we recommend installing SQL Server on a separate server.
+
+
+## Overview
+<a name="section1"> </a>
+
+After you have completed setup and the SharePoint Products Configuration Wizard, you will have installed binaries, configured security permissions, configured registry settings, configured the configuration database, configured the content database, and installed the SharePoint Central Administration website. Next, you can choose to run the Farm Configuration Wizard to configure the farm, select the services that you want to use in the farm, and create the first site collection, or you can manually perform the farm configuration at your own pace.
+
+## Before you install SharePoint Server Subscription Edition on a single server
+<a name="section2"> </a>
+
+Before you begin to install and configure SharePoint Server Subscription Edition, do the following:
+
+- Ensure that you perform a clean installation of SharePoint Server Subscription Edition.
+
+- Ensure that you are prepared to set up the required accounts by using appropriate permissions. For detailed information, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+- Ensure the Max degree of parallelism is set to 1. For additional information about max degree of parallelism see, [Configure the max degree of parallelism Server Configuration Option](https://docs.microsoft.com/sql/database-engine/configure-windows/configure-the-max-degree-of-parallelism-server-configuration-option?view=sql-server-2017).
+
+> [!IMPORTANT]
+> As a security best practice, we recommend that you install SharePoint Server Subscription Edition by using least-privilege administration.
+
+> [!TIP]
+> If you decide to install prerequisites manually, you can still run the Microsoft SharePoint Products Preparation Tool to verify which prerequisites are required on each server.
+
+## Install SharePoint Server Subscription Edition on a single server
+<a name="section3"> </a>
+
+To install and configure SharePoint Server Subscription Edition on a single server, you will follow these steps:
+
+1. Run the **Microsoft SharePoint Products and Technologies Preparation Tool,** which installs all prerequisites to use SharePoint Server.
+
+2. Run Setup, which installs binaries, configures security permissions, and edits registry settings for SharePoint Server Subscription Edition.
+
+3. Run SharePoint Products Configuration Wizard, which installs and configures the configuration database, installs and configures the content database, and installs the SharePoint Central Administration website.
+
+4. Configure browser settings.
+
+5. Run the Farm Configuration Wizard, which configures the farm, creates the first site collection, and selects the services that you want to use in the farm.
+
+6. Perform post-installation steps.
+
+> [!IMPORTANT]
+> To complete the following procedures, the account that you use must be a member of the Administrators group on the computer on which you are installing SharePoint Server. For information about user accounts, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+### Run the Microsoft SharePoint Products Preparation Tool
+
+Because the prerequisite installer downloads components from the Microsoft Download Center, you must have Internet access on the computer on which you are running the installer. Use the following procedure to install software prerequisites for SharePoint Server Subscription Edition.
+
+ **To run the Microsoft SharePoint Products Preparation Tool**
+
+1. Verify that the user account that is performing this procedure is the farm administrator user account. For information about the farm administrator user account, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+2. In the SharePoint Server installation disc image software, mount the ISO file, and click the splash.hta file. The SharePoint Server splash screen is displayed.
+
+3. Click **Install software prerequisites**.
+
+4. On the **Welcome to the SharePoint Products Preparation Tool** page, click **Next**.
+
+5. On the **License Terms for software products** page, review the terms, select the **I accept the terms of the License Agreement(s)** check box, and then click **Next**.
+
+6. On the **Your system needs to restart to continue** page, click **Finish** to restart the computer.
+
+7. Repeat steps 2-4.
+
+8. On the **Installation Complete** page, click **Finish**.
+
+### Run Setup
+
+The following procedure installs binaries, configures security permissions, and edits registry settings for SharePoint Server. At the end of Setup, you can choose to start the SharePoint Products Configuration Wizard, which is described later in this section.
+
+ **To run Setup**
+
+1. Verify that the user account that is performing this procedure is the farm administrator user account. For information about the farm administrator user account, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+2. On the **SharePoint Server Start** page, click **Install SharePoint Server**.
+
+3. On the **Enter Your Product Key** page, enter your product key, and then click **Continue**.
+
+4. On the **Read the Microsoft Software License Terms** page, review the terms, select the **I accept the terms of this agreement** check box, and then click **Continue**.
+
+5. Optional: To install SharePoint Server at a custom location, or to store search index files at a custom location, click the **File Location** tab, and then either type the custom location or click **Browse** to find the custom location.
+
+ > [!NOTE]
+ > If you intend to use this computer as a search server, we recommend that you store the search index files on a separate storage volume or partition. Any other search data that needs to be stored is stored in the same location as the search index files. You can only set this location at installation time.
+
+6. Click **Install Now**.
+
+7. When Setup finishes, a dialog prompts you to complete the configuration of your server. Ensure that the **Run the SharePoint Products Configuration Wizard now** check box is selected.
+
+8. Click **Close** to start the configuration wizard.
+
+> [!NOTE]
+> If Setup fails, check log files in the Temp folder of the user account you used to run Setup. Ensure that you are logged in using the same user account and then type %temp% in the location bar in Windows Explorer. If the path in Windows Explorer resolves to a location that ends in a "1" or "2", you have to navigate up one level to view the log files. The log file name is SharePoint Server Setup (< _time stamp_>).
+
+### Run the SharePoint Products Configuration Wizard
+
+Use the following procedure to install and configure the configuration database and the content database, and to install the SharePoint Central Administration website.
+
+ **To run the SharePoint Products Configuration Wizard**
+
+1. Verify that the user account that is performing this procedure is the farm administrator user account. For information about the farm administrator user account, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+2. If you have closed the SharePoint Products Configuration Wizard, you can access it by clicking **Start**, point to **All Apps**, click **Microsoft SharePoint Products**, and then click **SharePoint Products Configuration Wizard**. If the **User Account Control** dialog appears, click **Continue**.
+
+3. On the **Welcome to SharePoint Products** page, click **Next**.
+
+4. In the dialog that notifies you that some services might have to be restarted during configuration, click **Yes**.
+
+5. On the **Connect to a server farm** page, click **Create a new server farm**, and then click **Next**.
+
+6. On the **Specify Configuration Database Settings** page, do the following:
+
+1. In the **Database server** box, type the name of the computer that is running SQL Server.
+
+2. In the **Database name** box, type a name for your configuration database or use the default database name. The default name is SharePoint_Config.
+
+3. In the **Username** box, type the user name of the farm administrator service account. Ensure that you type the user name in the format DOMAIN\username.
+
+> [!IMPORTANT]
+> The farm administrator service account is used to access your configuration database. It also acts as the application pool identity account for the SharePoint Central Administration application pool, and it is the account under which the Microsoft SharePoint Foundation Timer service runs. The SharePoint Products Configuration Wizard adds this account to the SQL Server Login accounts, the SQL Server **dbcreator** server role, and the SQL Server **securityadmin** server role. The user account that you specify as the farm administrator service account has to be a domain user account. However, it does not have to be a member of any specific security group on your SharePoint servers or your database servers. We recommend that you follow the principle of least-privilege and specify a user account that is not a member of the Administrators group on your SharePoint servers or your database servers.
+
+4. In the **Password** box, type the user password.
+
+7. Click **Next**.
+
+8. On the **Specify Farm Security Settings** page, type a passphrase, and then click **Next**.
+
+ Although a passphrase resembles a password, it is usually longer to improve security. It is used to encrypt credentials of accounts that are registered in SharePoint Server. For example, the SharePoint Server server farm administrator service account that you provide when you run the SharePoint Products Configuration Wizard. Ensure that you remember the passphrase, because you must use it every time that you add a server to the farm. Ensure that the passphrase meets the following criteria:
+
+ - Contains at least eight characters
+ - Contains at least three of the following four character groups:
+ - English uppercase characters (from A through Z)
+ - English lowercase characters (from a through z)
+ - Numerals (from 0 through 9)
+ - Nonalphabetic characters (such as !, $, #, %)
+
+9. On the **Specify Server Role** page, choose the appropriate role, click **Next**.
+
+ > [!NOTE]
+ > For a single server farm, we recommend choosing the **Single Server Farm** role, although you can select a **Custom** role if you want to individually manage the services instances that run on the server. You can change the role of a server later if you change your mind or want to expand your farm by adding additional servers.
+
+10. On the **Configure SharePoint Central Administration Web Application** page, do the following:
+ - Either select the **Specify port number** check box and type the port number that you want the SharePoint Central Administration web application to use, or leave the **Specify port number** check box cleared if you want to use the default port number.
+ - Click either **NTLM** or **Negotiate (Kerberos)**.
+
+11. Click **Next**.
+
+12. On the **Completing the SharePoint Products Configuration Wizard** page, review your configuration settings to verify that they are correct, and then click **Next**.
+
+13. On the **Configuration Successful** page, click **Finish**. When the wizard closes, setup opens the web browser and connects to Central Administration.
+
+ If the SharePoint Products Configuration Wizard fails, check the PSCDiagnostics log files, which are located on the drive on which SharePoint Server Subscription Edition are installed, in the`%COMMONPROGRAMFILES%\Microsoft Shared\Web Server Extensions\16\LOGS` folder.
+
+ If you are prompted for your user name and password, you might have to add the SharePoint Central Administration website to the list of trusted sites and configure user authentication settings in Internet Explorer. You might also want to disable the Internet Explorer Enhanced Security settings. If you see a proxy server error message, you might have to configure proxy server settings so that local addresses bypass the proxy server. Instructions for configuring proxy server settings are provided in the following section. For more information about how to configure browser and proxy settings, see [Configure browser settings](install-sharepoint-server-2016-on-one-server.md#configurebrowser).
+
+### Configure browser settings
+<a name="configurebrowser"> </a>
+
+After you run the SharePoint Products Configuration Wizard, you should confirm that SharePoint Server works correctly by configuring additional settings in Internet Explorer.
+
+If you are not using Internet Explorer, you might have to configure additional settings for your browser. For information about supported browsers, see [Plan browser support in SharePoint Servers 2016 and 2019](browser-support-planning-0.md).
+
+To confirm that you have configured browser settings correctly, log on to the server by using an account that has local administrative credentials. Next, connect to the SharePoint Central Administration web site. If you are prompted for your user name and password when you connect, perform the following procedures:
+- Add the SharePoint Central Administration website to the list of trusted sites
+- Disable Internet Explorer Enhanced Security settings
+
+If you receive a proxy server error message, perform the following procedure:
+- Configure proxy server settings to bypass the proxy server for local addresses
+
+
+ **To add the SharePoint Central Administration website to the list of trusted sites**
+
+1. Verify that the user account that completes this procedure has the following credentials:
+ - The user account is a member of the Administrators group on the computer on which you are performing the procedure.
+
+2. In Internet Explorer, on the **Tools** menu, click **Internet Options**.
+
+3. On the **Security** tab, in the **Select a zone to view or change security settings** area, click **Trusted Sites**, and then click **Sites**.
+
+4. Clear the **Require server verification (https:) for all sites in this zone** check box.
+
+5. In the **Add this web site to the zone** box, type the URL to your site, and then click **Add**.
+
+6. Click **Close** to close the **Trusted Sites** dialog.
+
+7. Click **OK** to close the **Internet Options** dialog.
+
+ **To disable Internet Explorer Enhanced Security settings**
+
+1. Verify that the user account that completes this procedure has the following credentials:
+ - The user account is a member of the Administrators group on the computer on which you are performing the procedure.
+
+2. Click **Start**, point to **All Apps**, point to **Administrative Tools**, and then click **Server Manager**.
+
+3. In **Server Manager**, select the root of **Server Manager**.
+
+4. In the **Security Information** section, click **Configure IE ESC**.
+
+ The **Internet Explorer Enhanced Security Configuration** dialog appears.
+
+5. In the **Administrators** section, click **Off** to disable the Internet Explorer Enhanced Security settings, and then click **OK**.
+
+ **To configure proxy server settings to bypass the proxy server for local addresses**
+
+1. Verify that the user account that completes this procedure has the following credentials:
+ - The user account is a member of the Administrators group on the computer on which you are performing the procedure.
+
+2. In Internet Explorer, on the **Tools** menu, click **Internet Options**.
+
+3. On the **Connections** tab, in the **Local Area Network (LAN) settings** area, click **LAN Settings**.
+
+4. In the **Automatic configuration** area, clear the **Automatically detect settings** check box.
+
+5. In the **Proxy Server** area, click the **Use a proxy server for your LAN** check box.
+
+6. Type the address of the proxy server in the **Address** box.
+
+7. Type the port number of the proxy server in the **Port** box.
+
+8. Select the **Bypass proxy server for local addresses** check box.
+
+9. Click **OK** to close the **Local Area Network (LAN) Settings** dialog.
+
+10. Click **OK** to close the **Internet Options** dialog.
+
+### Run the Farm Configuration Wizard
+<a name="configurebrowser"> </a>
+
+You have now completed setup and the initial configuration of SharePoint Server. You have created the SharePoint Central Administration web site. You can now configure your farm and sites, and you can select services by using the Farm Configuration Wizard.
+
+ **To run the Farm Configuration Wizard**
+
+1. Verify that the user account that is performing this procedure is the farm administrator user account. For information about the farm administrator user account, see [Initial deployment administrative and service accounts in SharePoint Server](initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+2. On the SharePoint Central Administration home page, on the **Quick Launch**, click **Configuration Wizards**, and then click **Launch the Farm Configuration Wizard**.
+
+3. On the **Help Make SharePoint Better** page, click one of the following options, and then click **OK**:
+
+ - **Yes, I am willing to participate (Recommended.)**
+ - **No, I don't want to participate.**
+
+4. On the **Configure your SharePoint farm** page, next to **Yes, walk me through the configuration of my farm using this wizard**, click **Start the Wizard**.
+
+5. On the **Service Applications and Services** page, in the **Service Account** section, click the service account option that you want to use to configure your services.
+
+ > [!IMPORTANT]
+ > For security reasons, we recommend that you use a different account from the farm administrator account to configure services in the farm.
+ If you decide to use an existing managed account ΓÇö that is, an account of which SharePoint Server Subscription Edition is aware ΓÇö make sure that you click that option before you continue.
+
+6. In the **Services** section, review the services that you want to use in the farm, and then click **Next**.
+
+7. On the **Create Site Collection** page, do the following:
+
+1. In the **Title and Description** section, in the **Title** box, type the name of your new site.
+
+2. Optional: In the **Description** box, type a description of what the site contains.
+
+3. In the **Web Site Address** section, select a URL path for the site.
+
+4. In the **Template Selection** section, in the **Select a template** list, select the template that you want to use for the top-level site in the site collection.
+
+ > [!NOTE]
+ > To view a template or a description of a template, click any template in the **Select a template** list.
+
+8. Click **OK**.
+
+9. On the **Configure your SharePoint farm** page, review the summary of the farm configuration, and then click **Finish**.
+
+## Post-installation steps
+<a name="section4"> </a>
+
+After you install and configure SharePoint Server, your browser window opens to the Central Administration web site of your new SharePoint site. Although you can start adding content to the site or customizing the site, we recommend that you first perform the following administrative tasks.
+
+- **Configure usage and health data collection** You can configure usage and health data collection in your server farm. The system writes usage and health data to the logging folder and to the logging database.
+
+- **Configure diagnostic logging** You can configure diagnostic logging that might be required after initial installation or upgrade. The default settings are sufficient for most situations. Depending upon the business needs and life-cycle of the farm, you might want to change these settings.
+
+- **Configure incoming e-mail** You can configure incoming e-mail so that SharePoint sites accept and archive incoming e-mail. You can also configure incoming e-mail so that SharePoint sites can archive e-mail discussions as they occur, save e-mailed documents, and show e-mailed meetings on site calendars. In addition, you can configure the SharePoint Directory Management Service to provide support for e-mail distribution list creation and administration.
+
+- **Configure outgoing email** You can configure outgoing email so that your Simple Mail Transfer Protocol (SMTP) server sends email alerts to site users and notifications to site administrators. You can configure both the "From" email address and the "Reply" email address that appear in outgoing alerts.
+
+- **Configure Search settings** You can configure Search settings to crawl the content in SharePoint Server.
+
SharePoint Repair Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/repair-sharepoint-server-subscription-edition.md
+
+ Title: "Repair SharePoint Server Subscription Edition"
++++ Last updated : 6/24/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Critical
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: 47db8aed-7e2b-4ccb-b248-d71df3bffa99
+
+description: "Learn how to repair SharePoint Server Subscription Edition in various topologies."
+
+# Repair SharePoint Server Subscription Edition
+<a name="section1"> </a>
+
+SharePoint Server repair steps are as follows:
+
+## Repair on Windows Server with Desktop Experience
+
+1. Click **Start**.
+
+2. Click **Settings**.
+
+3. Click **Apps**.
+
+4. Click **Microsoft SharePoint Subscription Edition Preview**.
+
+5. Click **Modify**.
+
+6. If prompted by the User Account Control (UAC) consent dialog, click **Yes** to allow the Microsoft Setup Bootstrapper app to make changes to your device.
+
+7. In the Microsoft SharePoint Server Subscription Edition Preview setup application, select **Repair** and then click **Continue**.
+
+8. After setup finishes repairing SharePoint, click **Close** to exit.
+
+9. If prompted to reboot your computer, click **Yes** to reboot.
+
+10. After the computer reboots, launch the SharePoint Products Configuration Wizard.
+
+11. Click **Next**.
+
+12. If prompted to automatically start or reset services, click **Yes**.
+
+13. In the Modify server farm Settings page, select **Do not disconnect from this server farm** and then click **Next**.
+
+14. If prompted whether to modify the SharePoint Central Administration web application settings, select **No, this machine will continue to host the web site** and then, click **Next**.
+
+15. Click **Next** to begin the repair operation.
+
+16. After the repair operation has finished, click **Finish**.
+
+## Repair on Windows Server Core
+
+1. Run SharePoint setup (`setup.exe`) from your **C:\Program Files\Common Files\Microsoft Shared\SERVER16\Server Setup Controller** directory with the following parameters:
+
+ - `/config <config file>` (Where `<config file>` is the path to your writable `config.xml` file)
+
+ - `/repair OSERVER`
+
+ ```powershell
+ "$env:CommonProgramFiles\Microsoft Shared\SERVER16\Server Setup Controller\setup.exe" /config "C:\SharePoint Files\config.xml" /repair OSERVER
+ ```
+
+2. Once SharePoint setup has completed, reboot your test server.
+
+3. Run the following SharePoint PowerShell cmdlets with their appropriate parameters to repair the server in the farm.
+
+ 1. `Install-SPHelpCollection -All`
+ 2. `Initialize-SPResourceSecurity`
+ 3. `Install-SPService`
+ 4. `Install-SPFeature -AllExistingFeatures`
+ 5. `New-SPCentralAdministration` (If hosting the Central Administration site on this server)
+ 6. `Install-SPApplicationContent`
+
+ > [!Note]
+ > You can also use the `PSCONFIG.EXE` command line tool or the `PSConfigUI.exe` GUI tool. However, `PSConfigUI.exe` will crash on Windows Server Core if it needs to display a summary of error messages at the end of the sequence due to a dependency on HTML rendering components.
SharePoint Software Requirements For Database Servers For Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/software-requirements-for-database-servers-for-sharepoint-server-subscription-edition.md
+
+ Title: "Software requirements for Database Servers for SharePoint Server Subscription Edition"
++++ Last updated : 7/10/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid:
+description: "Introduces articles that describe software and other requirements for SharePoint Server Subscription Edition."
++
+# Software requirements for Database Servers for SharePoint Server Subscription Edition
+
+
+## Operating systems
+
+SharePoint Server supports the following operating systems:
+- [Windows Server 2019](https://www.microsoft.com/en-in/evalcenter/evaluate-windows-server-2019) Standard or Datacenter
+- [Windows Server 2022](https://www.microsoft.com/en-in/evalcenter/evaluate-windows-server-2022-preview) Standard or Datacenter
+
+Earlier versions of windows server are not supported. SharePoint server supports both the Standard and Datacenter editions of windows server, as well as both the Windows Server with Desktop Experience and windows server core installation options.
+
+
+## Database versions
+
+SharePoint server supports the following database versions:
+
+- A Standard or Enterprise Edition of SQL Server for Windows that supports database compatibility level 150. This includes SQL Server 2019 and any future version of SQL Server for Windows that supports database compatibility level 150. For more information about database compatibility levels, see [Compatibility Certification](https://docs.microsoft.com/sql/database-engine/install-windows/compatibility-certification?view=sql-server-ver15) and [ALTER DATABASE (Transact-SQL) Compatibility Level](https://docs.microsoft.com/sql/t-sql/statements/alter-database-transact-sql-compatibility-level?view=sql-server-ver15).
+
+- Microsoft Azure SQL Managed Instance (MI). This is only supported if your SharePoint Server farm is hosted in Microsoft Azure. For more information, see [Deploy Azure SQL Managed Instance with SharePoint Servers 2016 and 2019](https://docs.microsoft.com/sharepoint/administration/deploy-azure-sql-managed-instance-with-sharepoint-servers-2016-2019).
+
+> [!NOTE]
+> SQL Server products and all future public updates are supported through the SQL Server product lifecycle.
+
+> [!NOTE]
+> SQL Server Express is not supported. Azure SQL Database (the non-Managed Instance DBaaS service) is also not supported for any SharePoint databases.
+
SharePoint Software Requirements For Sharepoint Servers For Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/software-requirements-for-sharepoint-servers-for-sharepoint-server-subscription-edition.md
+
+ Title: "Software requirements for SharePoint Servers for SharePoint Server Subscription Edition"
++++ Last updated : 7/10/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid:
+description: "This article introduces the topic that describes software requirements for SharePoint Server."
+++
+# Software requirements for SharePoint Servers for SharePoint Server Subscription Edition
++
+## Operating systems
+
+SharePoint Server supports the following operating systems:
+- [Windows Server 2019](https://www.microsoft.com/en-in/evalcenter/evaluate-windows-server-2019) Standard or Datacenter
+- [Windows Server 2022](https://www.microsoft.com/en-in/evalcenter/evaluate-windows-server-2022-preview) Standard or Datacenter
+
+Earlier versions of windows server are not supported. SharePoint server supports both the Standard and Datacenter editions of windows server, as well as both the Windows Server with Desktop Experience and windows server core installation options.
+
+> [!NOTE]
+> We don't support installing the Microsoft Office and SharePoint Server Subscription Edition on the same computer.
+
+> [!NOTE]
+> The minimum supported version is Office 2013 client.
+
+## Prerequisite
+
+SharePoint Server Subscription Edition also requires additional software prerequisites and those prerequisites can be installed either through the `prerequisiteinstaller.exe` or can be installed manually.
+
+### Installer operations and command-line options
+
+The SharePoint Server Subscription Edition prerequisite installer `prerequisiteinstaller.exe` installs the following software, if it has not already been installed on the target server, in the following order:
+
+1. Web Server (IIS) Role
+2. [Microsoft WCF Data Services 5.6](https://go.microsoft.com/fwlink/?LinkId=320724)
+3. [Microsoft .NET Framework 4.8](https://go.microsoft.com/fwlink/?LinkId=2085155)
+4. [Visual C++ Redistributable Package for Visual Studio 2015-2019](https://go.microsoft.com/fwlink/?linkid=2130438)
+
+You can run `prerequisiteinstaller.exe` at a command prompt with the following options. When you run `prerequisiteinstaller.exe` at a command prompt, you might be asked to restart the server one or more times during the installation process. After restarting, you should continue the prerequisite installation by running `prerequisiteinstaller.exe` with the /continue option.
+
+- /? This displays command-line options.
+
+- /continue This is used to tell the installer that it is continuing from being restarted.\
+
+- /unattended This indicates no user interaction.
+
+The installer installs from the file that you specify in the command-line options described in the following list. In this list, the "file" signifies the file from which you want to install. If you do not specify the `"file" option, the installer downloads the file from the Internet and installs it. If the option does not apply to the current operating system, it is ignored.
+
+- **/WCFDataServices56:<_file_>** Install Microsoft WCF Data Services 5.6 from <_file_>.
+
+- **/DotNet48:<_file_>** Install Microsoft .NET Framework 4.8 from <_file_>.
+
+- **/MSVCRT142:<_file_>** Install Visual C++ Redistributable Package for Visual Studio 2015-2019 from <_file_>.
+
+### Installation options
+
+Certain prerequisites are installed by the prerequisite installer with specific options. Those prerequisites with specific installation options are listed below with the options that are used by the prerequisite installer.
+- Microsoft WCF Data Services
+
+ /quiet
+
+The prerequisite installer creates log files at **%TEMP%\prerequisiteinstaller.<date>.<time>**.log. You can check these log files for specific details about all changes the installer makes to the target computer.
++
+### Manually configure Windows Server Roles and Features
+
+To manually configure the required Windows Server Roles and Features, you can use one of two methods: 1. Server Manager 2. Microsoft PowerShell
+
+To configure by using Server Manager, see [Install or Uninstall Roles, Role Services, or Features](/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features).
+
+To configure by using PowerShell, from a PowerShell command prompt window, type:
+
+```PowerShell
+`Install-WindowsFeature NET-WCF-Pipe-Activation45,NET-WCF-HTTP-Activation45,NET-WCF-TCP-Activation45,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net45,Web-Net-Ext45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,WAS,WAS-Process-Model,WAS-Config-APIs -IncludeManagementTools`
+```
+
+> [!NOTE]
+> Some Windows features being installed are ΓÇ£Features On Demand (FOD)ΓÇ¥, which are downloaded from Windows Update. If the computer doesnΓÇÖt have access to Windows Update, you can specify local installation files by adding the **Source** parameter and pointing to the \sources\sxs folder on the Windows Server installation media.
+>
+> For example: -Source D:\sources\sxs
SharePoint System Requirements For Sharepoint 2013 https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/system-requirements-for-sharepoint-2013.md
Last updated 7/18/2017
audience: ITPro f1.keywords: - NOCSH-+ ms.prod: sharepoint-server-itpro localization_priority: Normal
SharePoint System Requirements For Sharepoint Server 2016 https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/system-requirements-for-sharepoint-server-2016.md
- IT_Sharepoint_Server_Top ms.assetid: 64233599-f18c-4081-a3ce-450e878a1b9f
-description: "This article introduces topics that describe hardware, software, and other requirements for SharePoint Server."
+description: "This article introduces topics that describe hardware and other requirements for SharePoint Server."
# System requirements for SharePoint Servers 2016 and 2019
SharePoint System Requirements For Sharepoint Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/system-requirements-for-sharepoint-subscription-edition.md
+
+ Title: "System requirements for SharePoint Server Subscription edition"
++++ Last updated : 06/21/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid:
+
+description: "This article introduces topics that describe hardware, software, and other requirements for SharePoint Server."
++
+# System requirements for SharePoint Server Subscription Edition
+
+
+Before you install SharePoint Server Subscription Edition, you must make sure that you have installed all required hardware and software. To effectively plan your deployment, you must understand the level of support that is provided for the web browsers that you will be using in your environment and how support for IP versions 4 and 6 is implemented in SharePoint Servers. You must also understand the URL and path length restrictions in SharePoint Servers.
+
+The following articles help you prepare for the installation of SharePoint Server by providing information about the prerequisites that you must have in order to run SharePoint Server.
+
+
+||**Content**|**Description**|
+|:--|:--|:--|
+|![Checklist icon (not checked)](../medi)|Find out the minimum hardware requirements that you need for installing and running SharePoint Server Subscription Edition. <br/> |
+|![Checklist icon (not checked)](../medi)|This article introduces topics that describe software and database servers requirements for SharePoint Server. <br/> |
+|![Checklist icon (not checked)](../medi)|This article introduces topic that describe software requirements for SharePoint Server. <br/> |
+
+## Environments without an Internet Connection
+
+The SharePoint prerequisite installer requires an active Internet connection to download and install the prerequisites. In scenarios, where there is no access to the Internet, you can download the prerequisites and then install them from a network share. For more information, see [Hardware and software requirements for SharePoint Server 2019](hardware-and-software-requirements-2019.md).
++
SharePoint Uninstall For Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/install/uninstall-for-sharepoint-server-subscription-edition.md
+
+ Title: "Uninstall SharePoint Server Subscription Edition"
++++ Last updated : 7/24/2018
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Critical
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid:
+
+description: "Learn how to uninstall SharePoint Server Subscription Edition in various topologies."
++
+# Uninstall SharePoint Server Subscription Edition
+<a name="section1"> </a>
+
+SharePoint Server uninstallation steps are as follows:
+
+## Uninstall on Windows Server with Desktop Experience
+
+1. Click **Start**.
+
+2. Click **Settings**.
+
+3. Click **Apps**.
+
+4. Click **Microsoft SharePoint Subscription Edition Preview**.
+
+5. Click **Uninstall**.
+
+6. When prompted that this app and its related information will be uninstalled, click **Uninstall**.
+
+7. If prompted by the User Account Control (UAC) consent dialog, click **Yes** to allow the Microsoft Setup Bootstrapper app to make changes to your device.
+
+8. When prompted if you are sure you want to remove Microsoft SharePoint Server Subscription Edition Preview from your computer, click **Yes**.
+
+9. When prompted with a warning asking if you want to uninstall now, click **OK**.
+
+10. After setup finishes uninstalling SharePoint, click **Close** to exit.
+
+## Uninstall on Windows Server Core
+
+1. Run SharePoint setup (`setup.exe`) from your **C:\Program Files\Common Files\Microsoft Shared\SERVER16\Server Setup Controller** directory with the following parameters:
+ - `/config <config file>` (Where `<config file>` is the path to your writable `config.xml` file)
+ - `/uninstall OSERVER`
+
+ ```powershell
+ "$env:CommonProgramFiles\Microsoft Shared\SERVER16\Server Setup Controller\setup.exe" /config "C:\SharePoint Files\config.xml" /uninstall OSERVER
+ ```
+
SharePoint Oidc 1 0 Authentication https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/security-for-sharepoint-server/oidc-1-0-authentication.md
+
+ Title: "OpenID Connect 1.0 authentication"
++++
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+ms.assetid: 5cdce2aa-fa6e-4888-a34f-de61713f5096
+description: "Learn how to setup OIDC authentication in SharePoint Server."
++
+# OpenID Connect 1.0 authentication
++
+In SharePoint 2019 and prior versions, SharePoint Server supported three types of authentication methods:
+
+1. Windows authentication (NTLM, Kerberos, etc.)
+2. Forms-based authentication
+3. SAML 1.1-based authentication
+
+SharePoint Server Subscription Edition now supports OpenID Connect (OIDC) 1.0 authentication protocol. OIDC is a modern authentication protocol that makes it easy to integrate applications and devices with your organization's identity and authentication management solutions to better meet your evolving security and compliance needs.
+
+With this new capability, you can now set up an OIDC-enabled `SPTrustedIdentityTokenIssuer` that works with a remote identity provider to enable OIDC authentication.
+
+SharePoint Server Subscription Edition now supports basic manual OIDC configuration through PowerShell along with the support for OIDC metadata discovery capability during configuration.
+
+Using the metadata endpoint provided from OIDC identity provider, the following configurations can be retrieved from OIDC provider metadata endpoint directly:
+
+1. Certificate
+2. Issuer
+3. Authorization Endpoint
+4. SignoutURL
+
+This can simplify the configuration of OIDC token issuer.
+
+`New-SPTrustedIdentityTokenIssuer` PowerShell cmdlet is updated for OIDC metadata endpoint configuration using the following parameters:
+
+```powershell
+New-SPTrustedIdentityTokenIssuer -Name <issuer name> -Description <Issuer description> -ClaimsMappings <ClaimMappings> -IdentifierClaim <InputClaimType> -DefaultClientIdentifier <client_id> -MetadataEndPoint <metadata endpoint>
+```
+
+| Parameter | Description |
+||-|
+|Name | Giving a name to this new token issuer. |
+|Description | Giving a description to this new token issuer. |
+|ClaimsMappings | A `SPClaimTypeMapping` object which will be used to identify which claim in the `id_token` will be regarded as identifier in SharePoint. |
+|IdentifierClaim | Specifying which type the identifier is. |
+|DefaultClientIdentifier | Specify the `client_id` of SharePoint server which is assigned by OIDC identity provider. This will be validated against 'aud' claim in `id_token`. |
+|MetadataEndPoint | Specifying the well-known metadata endpoint from OIDC identity provider which can be used to retrieve latest certificate, issuer, authorization endpoint and sign out endpoint. |
+
+With SharePoint Server Subscription Edition, the **ImportTrustCertificate** parameter of the `New-SPTrustedIdentityTokenIssuer` cmdlet has been updated to support a list of certificate objects, that allows SharePoint to support a rotating list of signing certificates for `id_token` validation.
+
+## Setup OIDC authentication in SharePoint Server with AAD
+
+### Prerequisites
+
+To perform the configuration, you need the following resources when you configure with Azure Active Directory OIDC:
+
+1. A SharePoint Server Subscription Edition farm
+2. AAD administration privilege and M365 tenant
+
+This article uses the following values for AAD OIDC setup:
+
+| Value | Link |
+|||
+| SharePoint site URL | https://spsites.contoso.local/ |
+| OIDC site URL | https://sts.windows.net/< tenantid >/ |
+| AAD OIDC authentication endpoint | https://login.microsoftonline.com/< tenantid >/oauth2/authorize |
+| AAD OIDC RegisteredIssuerName URL | https://sts.windows.net/< tenantid >/ |
+| AAD OIDC SignOut URL | https://login.microsoftonline.com/>< tenantid >/oauth2/logout |
+| Identity claim type | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress |
+| Windows site collection administrator | contoso\yvand |
+| Email value of the federated (AD FS) site collection administrator | yvand@contoso.local |
+
+### Step 1: Setup Identity Provider
+
+If you choose to use AAD as federated identity provider, perform the following steps to setup AAD OIDC:
+
+1. Go to the **App Registration** page <https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps>.
+2. Enter the following for Redirect URL: <https://spsites.contoso.local/> and select **Register**.
+
+ :::image type="content" source="../media/register-an-app.PNG" alt-text="Register an application":::
+
+3. Save **Directory(tenant) ID** as it is the tenant ID that we will use in future and save **Application (client) ID** which will be used as **DefaultClientIdentifier** in SharePoint setup.
+
+ :::image type="content" source="../media/sharepoint-onprem-oidc-connection.png" alt-text="Save Application":::
+
+4. After registering, go to the **Authentication** tab and enable **ID tokens**, then select **Save**.
+
+ :::image type="content" source="../media/sharepoint-oidc-authentication.png" alt-text="Enable ID Tokens":::
+
+5. Go to the **API permissions** tab and add **email** and **profile** permissions.
+
+ :::image type="content" source="../media/sharepoint-oidc-api-permissions.png" alt-text="API Permissions":::
+
+6. Go to the **Token configuration** tab and add **email**, **groups** and **upn** optional claims.
+
+ :::image type="content" source="../media/sharepoint-oidc-token-configuration.png" alt-text="Token Configuration":::
+
+7. Go to the **Manifest** tab, and manually change **replyUrlsWithType.url** from <https://spsites.contoso.local/> to <https://spsites.contoso.local/>*. Then select **Save**.
+
+ :::image type="content" source="../media/sharepoint-oidc-manifest.png" alt-text="Manifest":::
+
+8. Get OIDC authentication information from OIDC discovery endpoint.
+
+In AAD, there are 2 versions of OIDC authentication endpoints. Therefore, there are 2 versions of OIDC discovery endpoints, respectively:
+
+- V1.0: <https://login.microsoftonline.com/< TenantID >/.well-known/openid-configuration>
+- V2.0: <https://login.microsoftonline.com/< TenantID >/v2.0/.well-known/openid-configuration>
+
+Replace TenantID with the **Directory(tenant) ID** saved in step #3, and connect to the endpoint by your browser. Then, save the following information:
+
+| Value | Link |
+|||
+| authorization_endpoint | https://login.microsoftonline.com/< tenantid >/oauth2/authorize |
+| end_session_endpoint | https://login.microsoftonline.com/< tenantid >/oauth2/logout |
+| issuer | https://sts.windows.net/< tenantid >/ |
+| jwks_uri | https://login.microsoftonline.com/common/discovery/keys |
+
+Open jwks_uri (<https://login.microsoftonline.com/common/discovery/keys>), and save **x5c** certificate string of the first **key** for later use in SharePoint setup (if the first key doesnΓÇÖt work, try the second or third key).
++
+### Step 2: Change SharePoint Farm properties
+
+In this step, it will need to modify farm properties. Start the SharePoint Management Shell and run the following script:
+
+```powershell
+# Setup farm properties to work with OIDC
+$cert = New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Provider 'Microsoft Enhanced RSA and AES Cryptographic Provider' -Subject ΓÇ£CN=SharePoint Cookie CertΓÇ¥
+$rsaCert = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert)
+$fileName = $rsaCert.key.UniqueName
+
+#if you have multiple SharePoint servers in the farm, you need to export certificate by Export-PfxCertificate and import certificate to all other SharePoint servers in the farm by Import-PfxCertificate.
+
+#After certificate is successfully imported to SharePoint Server, we will need to grant access permission to certificate private key.
+
+$path = "$env:ALLUSERSPROFILE\Microsoft\Crypto\RSA\MachineKeys\$fileName"
+$permissions = Get-Acl -Path $path
+
+#Please replace the <web application pool account> with real application pool account of your web application
+$access_rule = New-Object System.Security.AccessControl.FileSystemAccessRule(<Web application pool account>, 'Read', 'None', 'None', 'Allow')
+$permissions.AddAccessRule($access_rule)
+Set-Acl -Path $path -AclObject $permissions
+
+#Then we update farm properties
+$f = Get-SPFarm
+$f.Farm.Properties['SPO-SignInContextCertificateThumbprint']=$cert.Thumbprint
+$f.Farm.Properties['SPO-SignInGateKeeperHashSeed']='seed'
+$f.Farm.Update()
+```
+
+### Step 3: Configure SharePoint to trust Identity Provider
+
+You can configure SharePoint to trust Identity provider in the following two ways:
+
+- Configure SharePoint to trust AAD as OIDC provider manually
+- Configure SharePoint to trust AAD as OIDC provider by using metadata endpoint
+ - By using metadata endpoint, a lot of parameters you need in 'Configure SharePoint to trust AAD as OIDC provider manually' can be automatically retrieved by metadata endpoint.
+
+#### Configure SharePoint to trust AAD as OIDC provider manually
+
+In this step, you create a `SPTrustedTokenIssuer` that will store the configuration that SharePoint needs to trust AAD OIDC as OIDC provider. Start the SharePoint Management Shell and run the following script to create it:
+
+```powershell
+# Define claim types
+$email = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming
+
+# Public key of the AAD OIDC signing certificate. Please replace <x5c cert string> with the encoded cert string which you get from x5c certificate string of the keys of jwks_uri from Step #1
+$encodedCertStr = <x5c cert string>
+$signingCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 @(,[System.Convert]::FromBase64String($encodedCertStr))
+# Set the AAD OIDC URL where users are redirected to authenticate. Please replace <tenantid> accordingly
+$authendpointurl = "https://login.microsoftonline.com/<tenantid>/oauth2/authorize"
+$registeredissuernameurl = " https://sts.windows.net/<tenantid>/"
+$signouturl = " https://login.microsoftonline.com/<tenantid>/oauth2/logout"
+
+# Please replace <Application (Client) ID> with the value saved in step #3 in AAD setup section
+$clientIdentifier = <Application (Client)ID>
+
+# Create a new SPTrustedIdentityTokenIssuer in SharePoint
+New-SPTrustedIdentityTokenIssuer -Name "Contoso.local" -Description "Contoso.local" -ImportTrustCertificate $signingCert -ClaimsMappings $email -IdentifierClaim $email.InputClaimType -RegisteredIssuerName $registeredissuernameurl -AuthorizationEndPointUri $authendpointurl -SignOutUrl $signouturl -DefaultClientIdentifier $clientIdentifier
+```
+
+Here, `New-SPTrustedIdentityTokenIssuer` PowerShell cmdlet is extended to support OIDC by using the following parameters:
+
+| Parameter | Description |
+||-|
+|Name | Giving a name to this new token issuer. |
+|Description | Giving a description to this new token issuer. |
+|ImportTrustCertificate | It takes a list of X509 Certificates which will be used to validate `id_token` from OIDC identifier. If the OIDC IDP uses more than one certificate to digital sign the `id_token`, import these certificates and SharePoint will then validate `id_token` by matching the digital signature generated by using these certificates. |
+| ClaimsMappings | A `SPClaimTypeMapping` object which will be used to identify which claim in the `id_token` will be regarded as identifier in SharePoint. |
+| IdentifierClaim | Specifying which type the identifier is. |
+| RegisteredIssuerName | Specifying the issuer identifier which issues the `id_token`. It will be used to validate the `id_token`. |
+| AuthorizationEndPointUrl | Specifying the authorization endpoint of the OIDC identity provider. |
+| SignoutUrl | Specifying the sign out endpoint of the OIDC identity provider. |
+| DefaultClientIdentifier | Specify the `client_id` of SharePoint server which is assigned by OID identity provider. This will be validated against aud claim in `id_token`. |
+| ResponseTypesSupported | Specify the response type of IDP can be accepted by this token issuer. It can accept 2 strings, `id_token` and `code id_token`. If this parameter is not provided, it will use `code id_token` as default. |
+
+> [!IMPORTANT]
+> The relevant certificate must be added to the SharePoint root authority certificate store:
+>
+> `New-SPTrustedRootAuthority -Name "AAD OIDC signing root authority" -Certificate $signingCert`
+
+#### Configure SharePoint to trust AAD OIDC by using metadata endpoint
+
+SharePoint Server Subscription Edition now supports OIDC meta data discovery capability during configuration.
+
+By using the metadata endpoint provided from OIDC identity provider, some of the configuration will be retrieved from OIDC provider metadata endpoint directly, including:
+
+1. Certificate
+2. Issuer
+3. Authorization Endpoint
+4. SignoutURL
+
+This can simplify the configuration of OIDC token issuer.
+
+By using below PowerShell example, we can use metadata endpoint from AAD to configure SharePoint to trust AAD OIDC.
+
+```powershell
+# Define claim types
+$email = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming
+
+# Set the AAD metadata endpoint URL. Please replace <TenantID> with the value saved in step #3 in AAD setup section
+$metadataendpointurl = "https://login.microsoftonline.com/<TenantID>/.well-known/openid-configuration"
+
+# Please replace <Application (Client) ID> with the value saved in step #3 in AAD setup section
+$clientIdentifier = <Application (Client)ID>
+
+# Create a new SPTrustedIdentityTokenIssuer in SharePoint
+New-SPTrustedIdentityTokenIssuer -Name "Contoso.local" -Description "Contoso.local" -ClaimsMappings $email -IdentifierClaim $email.InputClaimType -DefaultClientIdentifier $clientIdentifier -MetadataEndPoint $ metadataendpointurl
+```
+
+```powershell
+New-SPTrustedIdentityTokenIssuer -Name <issuer name> -Description <Issuer description> -ClaimsMappings <ClaimMappings> -IdentifierClaim <InputClaimType> -DefaultClientIdentifier <client_id> -MetadataEndPoint <metadata endpoint>
+```
+
+| Parameter | Description |
+||-|
+|Name | Giving a name to this new token issuer. |
+|Description | Giving a description to this new token issuer. |
+|ImportTrustCertificate | A certificate which will be used to validate `id_token` from OIDC identifier. |
+| ClaimsMappings | A `SPClaimTypeMapping` object which will be used to identify which claim in the `id_token` will be regarded as identifier in SharePoint. |
+| IdentifierClaim | Specifying which type the identifier is. |
+| DefaultClientIdentifier | Specify the `client_id` of SharePoint server which is assigned by OID identity provider. This will be validated against aud claim in `id_token`. |
+| MetadataEndPoint | Specifying the well-known metadata endpoint from OIDC identity provider which can be used to retrieve latest certificate, issuer, authorization endpoint and sign out endpoint. |
+
+### Step 4: Configure the SharePoint web application
+
+In this step you configure a web application in SharePoint to be federated with the AAD OIDC, using the `SPTrustedIdentityTokenIssuer` that was created in the previous step.
+
+The important rules to respect here are:
+
+- The default zone of the SharePoint web application must have Windows authentication enabled. This is required for the Search crawler.
+- SharePoint URL that will use AAD OIDC federation must be configured with HTTPS.
+
+There are two possible configurations:
+
+- If you create a new web application and use both Windows and AAD OIDC authentication in the Default zone:
+
+ 1. Start the SharePoint Management Shell and run the following script to create a new `SPAuthenticationProvider`:
+
+ ```powershell
+ # This script creates a trusted authentication provider for OIDC
+
+ $sptrust = Get-SPTrustedIdentityTokenIssuer "Contoso.local"
+ $trustedAp = New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $sptrust
+ ```
+
+ 2. Follow [Create a web application in SharePoint Server](/sharepoint/administration/create-a-web-application) to create a new web application enabling HTTPS/SSL named SharePoint - OIDC on contoso.local.
+ 3. Open the SharePoint Central Administration site.
+ 4. Open the web application you just created and pick **contoso.local** as **Trusted Identity Provider**.
+
+ :::image type="content" source="../media/authentication-providers.jpg" alt-text="Authentication Providers":::
+
+ 5. Open the SharePoint Central Administration site.
+ 6. Navigate to **System Settings** > **Configure Alternate Access Mappings** > **Alternate Access Mapping Collection**.
+
+ 7. Filter the display with the new web application and confirm that you see something like this:
+
+ :::image type="content" source="../media/new-web-application.png" alt-text="New web application":::
+
+- If you extend an existing web application to set AD FS/AAD OIDC authentication on a new zone:
+
+ 1. Start the SharePoint Management Shell and run the following script:
+
+ ```powershell
+ # This script creates a trusted authentication provider for OIDC
+
+ $sptrust = Get-SPTrustedIdentityTokenIssuer "Contoso.local"
+ $ap = New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $sptrust
+ ```
+
+ 2. Open the SharePoint Central Administration site.
+ 3. Open the web application you want to extend OIDC authentication to and pick **contoso.local** as **Trusted Identity Provider**.
+
+ :::image type="content" source="../media/authentication-providers-2.jpg" alt-text="Authentication Providers 2":::
+
+ 4. Open the SharePoint Central Administration site.
+ 5. Navigate to **System Settings** > **Configure Alternate Access Mappings** > **Alternate Access Mapping Collection**.
+ 6. Filter the display with the web application that was extended and confirm that you see something like this:
+
+ :::image type="content" source="../media/sharepoint-administration-site.png" alt-text="SharePoint Administration Site":::
+
+### Step 5: Ensure that an HTTPS certificate is set in IIS
+
+As SharePoint URL uses HTTPS protocol (<https://spsites.contoso.local/>), a certificate must be set on the corresponding Internet Information Services (IIS) site. Perform the following steps to set a certificate on the corresponding IIS:
+
+- Generate the site certificate:
+
+ > [!NOTE]
+ > You may skip this step if you have already generated the certificate.
+ >
+ > 1. Open the Windows PowerShell console.
+ > 2. Run the following script to generate a self-signed certificate and add it to the computer's MY store:
+ >
+ > `New-SelfSignedCertificate -DnsName "spsites.contoso.local" -CertStoreLocation "cert:\LocalMachine\My"`
+ >
+
+ > [!IMPORTANT]
+ > Self-signed certificates are suitable only for test purposes. In production environments, we strongly recommend that you use certificates issued by a certificate authority instead.
+
+- Set the certificate:
+
+ 1. Open the Internet Information Services Manager console.
+ 2. Expand the server in the tree view, expand **Sites**, select the **SharePoint - ADFS** on contoso.local site, and select **Bindings**.
+ 3. Select https binding and then select **Edit**.
+ 4. In the TLS/SSL certificate field, choose spsites.contoso.local certificate and then select **OK**.
+
+### Step 6: Create the site collection
+
+In this step, you create a team site collection with two administrators: One as a Windows administrator and one as a federated (AAD) administrator.
+
+1. Open the SharePoint Central Administration site.
+2. Navigate to **Application Management** > **Create site collections** > **Create site collections**.
+3. Type a Title, Url, and select the template Team Site.
+4. In the Primary Site Collection Administrator section, click on the book icon to open the people picker dialog.
+5. In the people picker dialog, type the Windows administrator account, for example **yvand**.
+6. On the left, filter the list by selecting **Organizations**. Following is a sample output:
+
+ :::image type="content" source="../media/select-people.png" alt-text="Select people":::
+
+7. Select the account and choose **OK**.
+8. In the Secondary Site Collection Administrator section, select the book icon to open the people picker dialog.
+9. In the people picker dialog, type the exact email value of the AAD administrator account, for example **yvand@contoso.local**.
+10. On the left, filter the list by selecting **Contoso.local**. Following is a sample output:
+
+ :::image type="content" source="../media/select-people-2.png" alt-text="Select people 2":::
+
+11. Select the account and choose **OK**.
+12. Select **OK** to create the site collection.
+
+Once the site collection is created, you should be able to sign-in to it using either the Windows or the federated site collection administrator account.
+
+### Step 7: Set up people picker
+
+In OIDC authentication, the people picker does not validate the input, which can lead to misspellings or users accidentally choosing the wrong claim type. This can be addressed using the new UPA backed claim provider in SharePoint Server. For more information on the new people picker feature, see [Enhanced People Picker for modern authentication](../administration/enhanced-people-picker-for-trusted-authentication-method.md).
+
+## Setup OIDC authentication in SharePoint Server with AD FS
+
+### Prerequisites
+
+You would require the following resources when you configure with AD FS OIDC:
+
+1. A SharePoint Server farm.
+2. AD FS in Windows Server 2016 TP4 or later, already created, with the public key of the AD FS signing certificate exported in a .cer file.
+
+This article uses the following values for:
+
+| Value | Link |
+|||
+| SharePoint site URL | https://spsites.contoso.local/ |
+| AD FS site URL | https://adfs.contoso.local/adfs/ |
+| AD FS authentication endpoint | https://adfs.contoso.local/adfs/oauth2/authorize |
+| RegisteredIssuerName URL | https://adfs.contoso.local/adfs/ |
+| AD FS SignOut URL | https://adfs.contoso.local/adfs/oauth2/logout |
+| Identity claim type | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress |
+| Windows site collection administrator | contoso\yvand |
+| Email value of the federated (AD FS) site collection administrator | yvand@contoso.local |
+
+### Step 1: Setup Identity Provider
+
+If you choose to use AD FS as identity provider, perform the following steps to setup OIDC with AD FS:
+
+1. In AD FS Management, right-click on **Application Groups** and select **Add Application Group**.
+2. On the Application Group Wizard, enter **ADFSSSO** in the **Name** field and under **Client-Server applications**, select the **Web browser accessing a web application** template. Then, select **Next**.
+
+ :::image type="content" source="../media/add-application-group-wizard.png" alt-text="Add Application Group Wizard":::
+
+3. Copy the **Client Identifier** value. It will be used later as the value for `DefaultClientIdentifier` parameter during SharePoint configuration.
+4. Under the **Redirect URL** field, enter <https://spsites.contoso.local/> and choose **Add**. Then select **Next**.
+
+ :::image type="content" source="../media/add-application-group-wizard-2.png" alt-text="Add Application Group Wizard 2":::
+
+5. On the **Summary** screen, select **Next**.
+
+ :::image type="content" source="../media/add-application-group-wizard-3.png" alt-text="Add Application Group Wizard 3":::
+
+6. On the **Complete** screen, select **Close**.
+7. Export Token-signing certificate from AD FS. This token-signing certificate will be used in SharePoint setup.
+
+ :::image type="content" source="../media/adfs-certificates.png" alt-text="AD FS Certificate Export 1":::
+
+ :::image type="content" source="../media/adfs-certificate-export-2.png" alt-text="AD FS Certificate Export 2":::
+
+ :::image type="content" source="../media/adfs-certificate-export-3.png" alt-text="AD FS Certificate Export 3":::
+
+ :::image type="content" source="../media/adfs-certificate-export-4.png" alt-text="AD FS Certificate Export 4":::
+
+8. Ensure that the required claim ID is included in the `id_token` from AD FS. LetΓÇÖs take email as an example:
+
+ We assume that your AD FS has configured the rule that read identifier claim from attribute store, such as AD. Perform the following steps to create Issuance Transform Rule for this specific web application we created in AD FS above:
+
+ 1. Open the web application you just created and go to 'Issue Transformation Rule' tab.
+
+ :::image type="content" source="../media/issue-transformation-rule.jpg" alt-text="Issue Transformation Rule":::
+
+ :::image type="content" source="../media/issue-transformation-add-rule.JPG" alt-text="Issue Transformation Add Rule":::
+
+ 2. Select **Add Rule** followed by **Pass Through or Filter an Incoming Claim** from the **Claim rule template** options.
+
+ :::image type="content" source="../media/add-transform-claim-rule.JPG" alt-text="Add Transform Claim Rule":::
+
+ 3. Select **Next** and fill in the next form as shown.
+
+ :::image type="content" source="../media/add-transform-claim-rule-2.jpg" alt-text="Add Transform Claim Rule 2":::
+
+ 4. Select **Finish**.
+
+If you are setting OIDC with SharePoint Server, nbf claim must be configured in AD FS server side in the web application you just created. If nbf claim doesnΓÇÖt exist in this web application, perform the following steps to create it:
+
+1. Open the web application you just created and go to **Issue Transformation Rule** tab.
+
+ :::image type="content" source="../media/issue-transformation-rule.jpg" alt-text="Issue Transformation Rule":::
+
+ :::image type="content" source="../media/issue-transformation-add-rule.JPG" alt-text="Issue Transformation Add Rule":::
+
+2. Select **Add Rule** followed by **Send Claims Using a Custom Rule** from the **Claim rule template** options.
+
+ :::image type="content" source="../media/add-transform-claim-rule-3.JPG" alt-text="Add Transform Claim Rule 3":::
+
+3. Select **Next** and input the following string in the **Custom rule** field:
+
+ `c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"] => issue(Type = "nbf", Value = "0");`
+
+ :::image type="content" source="../media/add-transform-claim-rule-4.JPG" alt-text="Add Transform Claim Rule 4":::
+
+4. Select **Finish**.
+
+### Step 2: Change SharePoint Farm properties
+
+In this step, it will need to modify the farm properties. Start the SharePoint Management Shell and run the following script:
+
+```powershell
+# Setup farm properties to work with OIDC
+#Create a self-signed certificate in one SharePoint Server in the farm
+$cert = New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Provider 'Microsoft Enhanced RSA and AES Cryptographic Provider' -Subject ΓÇ£CN=SharePoint Cookie CertΓÇ¥
+
+#if you have multiple SharePoint servers in the farm, you need to export certificate by Export-PfxCertificate and import certificate to all the SharePoint servers in the farm by Import-PfxCertificate.
+
+#After certificate is successfully imported to SharePoint Server, we will need to grant access permission to certificate private key.
+
+$rsaCert = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert)
+$fileName = $rsaCert.key.UniqueName
+$path = "$env:ALLUSERSPROFILE\Microsoft\Crypto\RSA\MachineKeys\$fileName"
+$permissions = Get-Acl -Path $path
+#please replace the <web application pool account> with real application pool account of your web application
+$access_rule = New-Object System.Security.AccessControl.FileSystemAccessRule(<Web application pool account>, 'Read', 'None', 'None', 'Allow')
+$permissions.AddAccessRule($access_rule)
+Set-Acl -Path $path -AclObject $permissions
+
+#Then we update farm properties
+$f = Get-SPFarm
+$f.Farm.Properties['SPO-SignInContextCertificateThumbprint']=$cert.Thumbprint
+$f.Farm.Properties['SPO-SignInGateKeeperHashSeed']='seed'
+$f.Farm.Update()
+```
+
+### Step 3: Configure SharePoint to Identity Providers
+
+In this step you create a `SPTrustedTokenIssuer` that will store the configuration that SharePoint needs to trust AD FS as OIDC provider. Start the SharePoint Management Shell and run the following script to create it:
+
+```powershell
+# Define claim types
+$email = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming
+
+# Public key of the AD FS signing certificate
+$signingCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\Data\Claims\ADFS Signing.cer")
+# Set the AD FS URL where users are redirected to authenticate
+$authendpointurl = "https://adfs.contoso.local/adfs/oauth2/authorize"
+$registeredissuernameurl = "https://adfs.contoso.local/adfs"
+$signouturl = "https://adfs.contoso.local/adfs/oauth2/logout"
+
+#Please replace <Client Identifier> with the value you saved in step #3 of AD FS Setup section
+$clientIdentifier = <Client Identifier>
+
+# Create a new SPTrustedIdentityTokenIssuer in SharePoint
+New-SPTrustedIdentityTokenIssuer -Name "Contoso.local" -Description "Contoso.local" -ImportTrustCertificate $signingCert -ClaimsMappings $email -IdentifierClaim $email.InputClaimType -RegisteredIssuerName $registeredissuernameurl -AuthorizationEndPointUri $authendpointurl -SignOutUrl $signouturl -DefaultClientIdentifier $clientIdentifier
+```
+
+Here, `New-SPTrustedIdentityTokenIssuer` PowerShell cmdlet is extended to support OIDC by using the following parameters:
+
+| Parameter | Description |
+||-|
+|Name | Giving a name to this new token issuer. |
+|Description | Giving a description to this new token issuer. |
+|ImportTrustCertificate | It takes a list of X509 Certificates which will be used to validate `id_token` from OIDC identifier. If the OIDC IDP uses more than one certificate to digital sign the `id_token`, import these certificates and SharePoint will then validate `id_token` by matching the digital signature generated by using these certificates. |
+| ClaimsMappings | A SPClaimTypeMapping object which will be used to identify which claim in the `id_token` will be regarded as identifier in SharePoint. |
+| IdentifierClaim | Specifying which type the identifier is. |
+| RegisteredIssuerName | Specifying the issuer identifier which issues the `id_token`. It will be used to validate the `id_token`. |
+| AuthorizationEndPointUrl | Specifying the authorization endpoint of the OIDC identity provider. |
+| SignoutUrl | Specifying the sign out endpoint of the OIDC identity provider. |
+| DefaultClientIdentifier | Specify the `client_id` of SharePoint server which is assigned by OID identity provider. This will be validated against aud claim in `id_token`. |
+| ResponseTypesSupported | Specify the response type of IDP can be accepted by this token issuer. It can accept 2 strings, `id_token` and `code id_token`. If this parameter is not provided, it will use `code id_token` as default. |
+
+> [!IMPORTANT]
+> The relevant certificate must be added to the SharePoint root authority certificate store and there are two possible options to do this:
+>
+> - If the AD FS signing certificate is issued by a certificate authority (best practice for security reasons).
+>
+> The public key of the issuer's certificate (and all the intermediates) must be added to the store. Start the SharePoint Management Shell and run the following script to add it:
+>
+> ```powershell
+> $rootCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\Data\Claims\ADFS Signing issuer.cer")
+> New-SPTrustedRootAuthority -Name "adfs.contoso.local signing root authority" -Certificate $rootCert
+> ```
+>
+> - If the ADFS signing certificate is a self-signed certificate (not recommended for security reasons).
+>
+> The public key of the ADFS signing certificate itself must be added to the store. Start the SharePoint Management Shell and run the following script to add it:
+>
+> ```powershell
+> $rootCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\Data\Claims\ADFS Signing.cer")
+> New-SPTrustedRootAuthority -Name "adfs.contoso.local signing certificate" -Certificate $rootCert
+> ```
+
+### Step 4: Configure the SharePoint web application
+
+In this step you configure a web application in SharePoint to be federated with the AD FS OIDC, using the `SPTrustedIdentityTokenIssuer` that was created in the previous step.
+
+The important rules to respect here are:
+
+- The default zone of the SharePoint web application must have Windows authentication enabled. This is required for the Search crawler.
+- SharePoint URL that will use AD FS OIDC federation must be configured with HTTPS.
+
+There are 2 possible configurations:
+
+- If you create a new web application and use both Windows and AD FS OIDC authentication in the Default zone:
+ 1. Start the SharePoint Management Shell and run the following script to create a new `SPAuthenticationProvider`:
+
+ ```powershell
+ # This script creates a trusted authentication provider for OIDC
+
+ $sptrust = Get-SPTrustedIdentityTokenIssuer "Contoso.local"
+ $trustedAp = New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $sptrust
+ ```
+
+ 2. Follow [Create a web application in SharePoint Server](/sharepoint/administration/create-a-web-application) to create a new web application enabling HTTPS/SSL named SharePoint - OIDC on contoso.local.
+ 3. Open the SharePoint Central Administration site.
+ 4. Open the web application you just created and pick **contoso.local** as **Trusted Identity Provider**.
+
+ :::image type="content" source="../media/authentication-providers-3.jpg" alt-text="Authentication Providers 3":::
+
+ 5. Open the SharePoint Central Administration site.
+ 6. Navigate to **System Settings** > **Configure Alternate Access Mappings** > **Alternate Access Mapping Collection**.
+ 7. Filter the display with the new web application and confirm that you see something like this:
+
+ :::image type="content" source="../media/alternate-access-mapping-collection.png" alt-text="Alternate Access Mapping Collection":::
+
+- If you extend an existing web application to set AD FS OIDC authentication on a new zone:
+ 1. Start the SharePoint Management Shell and run the following script:
+
+ ```powershell
+ # This script creates a trusted authentication provider for OIDC
+
+ $sptrust = Get-SPTrustedIdentityTokenIssuer "Contoso.local"
+ $ap = New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $sptrust
+ ```
+
+ 2. Open the SharePoint Central Administration site.
+ 3. Open the web application you want to extend OIDC authentication to and pick **contoso.local** as **Trusted Identity Provider**.
+
+ :::image type="content" source="../media/authentication-providers-4.jpg" alt-text="Authentication Providers 4":::
+
+ 4. Open the SharePoint Central Administration site.
+ 5. Navigate to **System Settings** > **Configure Alternate Access Mappings** > **Alternate Access Mapping Collection**.
+ 6. Filter the display with the web application that was extended and confirm that you see something like this:
+
+ :::image type="content" source="../media/alternate-access-mapping-collection-2.png" alt-text="Alternate Access Mapping Collection":::
+
+### Step 5: Ensure that an HTTPS certificate is set in IIS
+
+As SharePoint URL uses HTTPS protocol (<https://spsites.contoso.local/>), a certificate must be set on the corresponding Internet Information Services (IIS) site. Perform the following steps to set a certificate on the corresponding IIS:
+
+- Generate the site certificate:
+
+ > [!NOTE]
+ > You may skip this step if you already generated the certificate.
+ >
+ > 1. Open the Windows PowerShell console.
+ > 2. Run the following script to generate a self-signed certificate and add it to the computer's MY store:
+ >
+ > `New-SelfSignedCertificate -DnsName "spsites.contoso.local" -CertStoreLocation "cert:\LocalMachine\My"`
+ >
+
+ > [!IMPORTANT]
+ > Self-signed certificates are suitable only for test purposes. In production environments, we strongly recommend that you use certificates issued by a certificate authority instead.
+
+- Set the certificate:
+
+ 1. Open the Internet Information Services Manager console.
+ 2. Expand the server in the tree view, expand **Sites**, select the **SharePoint - ADFS** on contoso.local site, and select **Bindings**.
+ 3. Select https binding and then select **Edit**.
+ 4. In the TLS/SSL certificate field, choose spsites.contoso.local certificate and then select **OK**.
+
+### Step 6: Create the site collection
+
+In this step, you create a team site collection with two administrators: One as a Windows administrator and one as a federated (AD FS) administrator.
+
+1. Open the SharePoint Central Administration site.
+2. Navigate to **Application Management** > **Create site collections** > **Create site collections**.
+3. Type a Title, Url, and select the template Team Site.
+4. In the Primary Site Collection Administrator section, click on the book icon to open the people picker dialog.
+5. In the people picker dialog, type the Windows administrator account, for example **yvand**.
+6. On the left, filter the list by selecting **Organizations**. Following is a sample output:
+
+ :::image type="content" source="../media/select-people-3.png" alt-text="Select People 3":::
+
+7. Select the account and choose **OK**.
+8. In the Secondary Site Collection Administrator section, select the book icon to open the people picker dialog.
+9. In the people picker dialog, type the exact email value of the AD FS administrator account, for example **yvand@contoso.local**.
+10. On the left, filter the list by selecting **Contoso.local**. Following is a sample output:
+
+ :::image type="content" source="../media/select-people-4.png" alt-text="Select People 4":::
+
+11. Select the account and choose **OK**.
+12. Select **Ok** to create the site collection.
+
+Once the site collection is created, you should be able to sign-in to it using either the Windows or the federated site collection administrator account.
+
+### Step 7: Set up people picker
+
+In OIDC authentication, the people picker does not validate the input, which can lead to misspellings or users accidentally choosing the wrong claim type. This can be addressed using the new UPA backed claim provider in SharePoint Server. For more information on the new people picker feature, see [Enhanced People Picker for modern authentication](../administration/enhanced-people-picker-for-trusted-authentication-method.md).
SharePoint Strong Tls Encryption https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/security-for-sharepoint-server/strong-tls-encryption.md
+
+ Title: "Strong Transport Layer Security (TLS) Encryption"
++++ Last updated : 6/28/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- IT_Sharepoint16
+ms.assetid:
+description: "This article describes the strong encryption of Transport Layer Security (TLS)."
++
+# Strong Transport Layer Security (TLS) Encryption
++
+Secure Socket Layer (SSL) / Transport Layer Security (TLS) encrypts data between a client and a server, but some types of encryption are stronger than others. SharePoint Server utilizes the advanced security capabilities of Windows Server 2022 to ensure that TLS connections made to the server use only the strongest encryption.
+
+SharePoint Server configures itself to enforce the minimum TLS version and cipher suite requirements specified by section 9.2 of RFC 7540 on its SSL bindings regardless of whether the connection ends up using HTTP/2.
+
+Specifically:
+
+- The SSL/TLS protocol version negotiated must be TLS 1.2 or higher. TLS protocol versions lower than TLS 1.2, and all SSL protocol versions, will be blocked for connections made to its SSL bindings.
+
+- The TLS cipher suite negotiated must support forward secrecy and Authenticated encryption with associated data (AEAD) encryption modes such as GCM. Cipher suites that do not offer forward secrecy, or cipher suites that are based on null, weak stream ciphers (such as RC4), or block cipher modes (such as CBC), will be blocked for connections made to its SSL bindings.
+
+These requirements will apply by default to all SharePoint web applications that use an SSL binding and the SSL binding of the "SharePoint Web Services" IIS website, which hosts SharePoint service application endpoints. If the customers need to continue supporting legacy encryption for backward compatibility (such as older TLS protocol versions and cipher suites), they can configure this through the "Allow Legacy Encryption" setting in Central Administration. It can also be configured through the -AllowLegacyEncryption parameter in the following `PowerShell cmdlets` and command-line tools:
+- `New-SPWebApplication`
+- `New-SPWebApplicationExtension`
+- `Set-SPWebApplication `("Zone" parameter set)``
+- `New-SPCentralAdministration`
+- `Set-SPCentralAdministration`
+- `Set-SPServiceHostConfig`
+- `PSConfig.exe -cmd adminvs`
+
+> [!NOTE]
+> Strong TLS encryption by default is not available when SharePoint Server Subscription Edition is deployed with earlier versions of Windows Server. Microsoft recommends deploying SharePoint Server Subscription Edition with Windows Server 2022 or higher.
SharePoint Tls Support 1.3 https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/security-for-sharepoint-server/tls-support-1.3.md
+
+ Title: "Transport Layer Security (TLS) 1.3 Support"
++++ Last updated : 6/28/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- IT_Sharepoint16
+ms.assetid:
+description: "This article describes the supported and unsupported components on Transport Layer Security (TLS) protocol version 1.3."
++
+# Transport Layer Security (TLS) 1.3 Support
+++
+TLS 1.3 is the latest version of the TLS encryption protocol. SharePoint Server Subscription Edition by default supports TLS 1.3 when deployed with Windows Server 2022 and 2021-06 Cumulative Update for .NET Framework 3.5, and 4.8 for Microsoft server operating system x64 (KB5003529)ΓÇ¥.
+
+> [!NOTE]
+> TLS 1.3 does not require any additional configuration and may not support all softwares and systems. Microsoft recommends you to contact your software and hardware administrator to check compatibility of TLS 1.3.
++
+> [!NOTE]
+> TLS 1.3 is not available and is not supported when SharePoint Server Subscription Edition is deployed with earlier versions of Windows Server. Microsoft recommends deploying SharePoint Server Subscription Edition with Windows Server 2022 or higher.
++++
SharePoint Copy Databases To The New Farm For Upgrade To Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md
+
+ Title: "Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: 93327a06-ed2c-43f2-a40a-d7257f61f915
+
+description: "How to copy SharePoint Server 2019 or SharePoint Server 2016 content and service databases to a SharePoint Server Subscription Edition farm."
++
+# Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition
++
+When you upgrade from SharePoint Server 2019 or SharePoint Server 2016 to SharePoint Server Subscription Edition, you must use a database-attach upgrade, which means that you upgrade only the content for your environment and not the configuration settings. After you have configured a new SharePoint Server Subscription Edition environment, you can copy the content and service application databases from the SharePoint Server 2019 or SharePoint Server 2016 environments to the SharePoint Server Subscription Edition environment. You use a backup and restore process to copy the database, and you can also choose to set the databases to read-only in the SharePoint Server 2019 or SharePoint Server 2016 environments so that users can continue to access their information, but not change it. This article contains the steps that you take to copy the databases.
+
+**Phase 2 of the upgrade process: Copy databases to the new farm**
+
+![Phase 2 of the upgrade process: Copy databases to the new farm](../media/CopyDatabaseToNewFarm_2019.png)
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
+
+## Before you begin
+<a name="begin"> </a>
+
+Before you copy the databases, review the following information and take any recommended actions.
+
+- Ensure that the account that you use to copy the databases has access to SQL Server Management Studio on the SharePoint Server 2019 and SharePoint Server 2016 as well as SharePoint Server Subscription Edition environments and has access to a network location that can be accessed from all the environments to store the copies of the databases.
+
+- Ensure that the account that you use to set the databases to read-only and read-write is a member of the **db_owner** fixed database role for the content databases that you want to upgrade.
+
+- Before you back up the databases, check for and repair all database consistency errors.
+
+## Set the earlier version databases to be read-only
+<a name="readonly"> </a>
+
+To maintain user access to your original environment, set the SharePoint Server 2019 and SharePoint Server 2016 databases to read-only before you back up the databases. Even if you don't want to maintain access over the long term, set the databases to read-only to make sure that you capture all the data in the backup so that you restore and upgrade the current state of the environment without allowing additional changes to be made. If the databases are set to read-only, users can continue to view content. However, they will be unable to add or change content.
+
+> [!NOTE]
+> Don't set search databases to read-only at this point. It's best not to interrupt the search experience until you're ready to upgrade the Search service applications. You will handle these databases when you [upgrade service applications](upgrade-service-applications-to-sharepoint-server-subscription-edition.md) (the fourth phase in the process to upgrade SharePoint Server 2019 or SharePoint Server 2016 data and sites to SharePoint Server Subscription Edition).
+
+> [!IMPORTANT]
+> Perform this step in the SharePoint Server 2019 or SharePoint Server 2016 environments.
+
+ **To set a database to read-only by using SQL Server tools**
+
+1. Verify that the user account that is performing this procedure is a member of the **db_owner** fixed database role for the databases.
+
+2. In SQL Server Management Studio, in Object Explorer, connect to an instance of the Database Engine, expand the server, and then expand **Databases**.
+
+3. Find the database that you want to configure to be read-only, right-click the database, and then click **Properties**.
+
+4. In the **Database Properties** dialog, in the **Select a page** section, click **Options**.
+
+5. In the details pane, under **Other options**, in the **State** section, next to **Database Read-Only**, click the arrow, and then select **True**.
+
+You can use Transact-SQL to configure the **READ_ONLY** database availability option. For more information about how to use the **SET** clause of the **ALTER DATABASE** statement, see [Setting Database Options](/previous-versions/sql/sql-server-2008-r2/ms190249(v=sql.105)).
+
+## Back up the SharePoint Server 2019 or SharePoint Server 2016 databases by using SQL Server tools
+<a name="backup"> </a>
+
+You back up the databases in SQL Server Management Studio. A backup copy of the database guarantees that you have the data in a safe state if you must enable the original farm again and is required for a database-attach upgrade. Repeat the procedure for the following databases in the SharePoint Server 2019 or SharePoint Server 2016 server farms:
+
+- All content databases (default database name: WSS_Content_ _ID_
+
+- The following service application databases:
+
+|**Service application**|**Default database name**|
+|:--|:--|
+|Business Data Connectivity <br/> |BDC_Service_DB_ _ID_ <br/> |
+|Managed Metadata <br/> |Managed Metadata Service_ _ID_ <br/> |
+|Secure Store <br/> |Secure_Store_Service_DB_ _ID_ <br/> |
+
+You do not have to back up the configuration or admin content databases, because you recreated these databases when you set up the SharePoint Server Subscription Edition server farm. Upgrading the configuration or admin content databases and the Central Administration site collection is not supported.
+
+After you complete this procedure, you will have created backups of the read-only content databases.
+
+> [!IMPORTANT]
+> Perform this step in the SharePoint Server 2019 or SharePoint Server 2016 environments.
+
+ **To back up a database by using SQL Server tools**
+
+1. Verify that the user account that is performing this procedure is a member of the **db_owner** fixed database role for the databases.
+
+2. In Management Studio, in Object Explorer, connect to an instance of the Database Engine, expand the server, and then expand **Databases**.
+
+3. Right-click the database that you want to back up, point to **Tasks**, and then click **Back Up**.
+
+ The **Back Up Database** dialog appears.
+
+4. In the **Source** area, in the **Database** box, verify the database name.
+
+5. In the **Backup type** box, select **Full**.
+
+6. Under **Backup component**, select **Database**.
+
+7. In the **Backup set** area, in the **Name** box, either accept the backup set name that is suggested or type a different name for the backup set.
+
+8. In the **Destination** area, specify the type of backup destination by selecting **Disk** or **Tape**, and then specify a destination. To create a different destination, click **Add**.
+
+9. Click **OK** to start the backup process.
+
+Repeat the previous procedure to back up all the content and appropriate service application databases that SharePoint Server Subscription Edition uses in your environment.
+
+## Copy the backup files to the SharePoint Server Subscription Edition environment
+<a name="backup"> </a>
+
+Copy the backup files that you created in the previous procedure from the SharePoint Server 2019 or SharePoint Server 2016 environments to the SharePoint Server Subscription Edition environment.
+
+## Restore a backup copy of the database
+<a name="restore"> </a>
+
+After you configure the new SharePoint Server Subscription Edition server farm, you can restore the backup copies of the databases to SQL Server. Start with one database, and then verify that the restoration has worked before you restore the other databases.
+
+> [!IMPORTANT]
+> Be sure to keep a copy of your original backups in reserve, just in case upgrade fails and you have to troubleshoot and try again. > Perform this step in the SharePoint Server 2019 and SharePoint Server 2016 environments.
+
+ **To restore a backup copy of a database by using SQL Server tools**
+
+1. Verify that the user account that is performing this procedure is a member of the **db_owner** fixed database role for the databases.
+
+2. After you connect to the appropriate instance of the SQL Server 2014 Database Engine, in Object Explorer, expand the server name.
+
+3. Right-click **Databases**, and then click **Restore Database**.
+
+ The **Restore Database** dialog appears.
+
+4. In the **Restore Database** dialog, on the **General** page, type the name of the database to be restored in the **To database** list.
+
+ > [!TIP]
+ > When you type the name for the restored database, you do not have to use the original name. If you want to change the database name from a name with a long GUID to a shorter, friendlier name, this is an opportunity to make that change. Be sure to also change the database and log file names in the file system (the MDF and LDF files) so that they match.
+
+5. In the **To a point in time** text box, keep the default **(Most recent possible)**.
+
+6. To specify the source and location of the backup sets to restore, click **From device**, and then use the ellipsis ( **...**) to select the backup file.
+
+7. In the **Specify Backup** dialog, in the **Backup media** box, be sure that **File** is selected.
+
+8. In the **Backup location** area, click **Add**.
+
+9. In the **Locate Backup File** dialog, select the file that you want to restore, click **OK**, and then, in the **Specify Backup** dialog, click **OK**.
+
+10. In the **Restore Database** dialog, under **Select the backup sets to restore** grid, select the **Restore** check box next to the most recent full backup.
+
+11. In the **Restore Database** dialog, on the **Options** page, under **Restore options**, select the **Overwrite the existing database** check box.
+
+12. Click **OK** to start the restore process.
+
+## Set the databases to read-write
+<a name="ReadWrite"> </a>
+
+You cannot upgrade a database that is set to read-only. You must set the databases back to read-write on your SharePoint Server Subscription Edition farm before you attach and upgrade them.
+
+> [!IMPORTANT]
+> Perform this step in the SharePoint Server Subscription Edition environment.
+
+ **To set a database to read-write by using SQL Server tools**
+
+1. In SQL Server Management Studio, in Object Explorer, connect to an instance of the Database Engine, expand the server, and then expand **Databases**.
+
+2. Select the database that you want to configure to be read-write, right-click the database, and then click **Properties**.
+
+3. In the **Database Properties** dialog, in the **Select a page** section, click **Options**.
+
+4. In the details pane, under **Other options**, in the **State** section, next to **Database Read-Only**, click the arrow, and then select **False**.
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
+
+## See also
+<a name="ReadWrite"> </a>
+
+#### Concepts
+
+[Create the SharePoint Server Subscription Edition farm for a database attach upgrade](create-the-sharepoint-server-subscription-edition-farm-for-a-database-attach-upgrade.md)
+
+[Upgrade service applications to SharePoint Server Subscription Edition](upgrade-service-applications-to-sharepoint-server-subscription-edition.md)
+
+[Upgrade content databases to SharePoint Server Subscription Edition](upgrade-content-databases-subscription-edition.md)
SharePoint Create The Sharepoint Server Subscription Edition Farm For A Database Attach Upgrade https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/create-the-sharepoint-server-subscription-edition-farm-for-a-database-attach-upgrade.md
+
+ Title: "Create the SharePoint Server Subscription Edition farm for a database attach upgrade"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: 99684f0b-f617-4c10-8420-d4d0adea3687
+
+description: "Create and configure a SharePoint Server Subscription Edition farm so that you can upgrade databases from SharePoint Server 2019 or SharePoint Server 2016."
++
+# Create the SharePoint Server Subscription Edition farm for a database attach upgrade
++
+When you upgrade from SharePoint Server 2019 or SharePoint Server 2016 to SharePoint Server Subscription Edition, you must use a database attach upgrade, which means that you upgrade only the content for your environment and not the configuration settings. Before you can upgrade the content, you must configure a new server or server farm by using SharePoint Server Subscription Edition. This article lists the items that you have to configure when you create that new environment.
+
+**Phase 1 of the upgrade process: Create SharePoint Server Subscription Edition farm**
+
+![Phase 1 of the upgrade process: Create SharePoint Subscription Edition farm](../media/CreateFarm_SP2019.png)
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../media/mod_icon_howTo_numeric_M.png)|This is the first phase in the process to upgrade SharePoint Server 2019 or SharePoint Server 2016 data and sites to SharePoint Server Subscription Edition. The process includes the following phases that must be completed in order: <li/> Create the SharePoint Server Subscription Edition farm for a database attach upgrade (this phase). <li/> Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition. <li/>Upgrade service applications to SharePoint Server Subscription Edition. <li/>Upgrade content databases to SharePoint Server Subscription Edition.
+<br/>For an overview of the whole process, see [Overview of the upgrade process to SharePoint Server Subscription Edition](upgrade-databases-subscription-edition.md). |
+
+## Before you begin
+<a name="begin"> </a>
+
+Before you create the SharePoint Server Subscription Edition farm, review the following information and take any recommended actions.
+
+- Ensure that the hardware and software that you are using meets the requirements in [Hardware and software requirements for SharePoint Server Subscription Edition](../install/system-requirements-for-sharepoint-subscription-edition.md).
+
+- Ensure that you have appropriately planned your logical and physical architecture to support the features and functionality that you want in the SharePoint Server Subscription Edition.
+
+- Ensure that you have planned for sufficient performance and capacity for the SharePoint Server Subscription Edition.
+
+- Ensure that you are prepared to set up the required accounts by using appropriate permissions. For detailed information, see [Initial deployment administrative and service accounts in SharePoint Server](../install/initial-deployment-administrative-and-service-accounts-in-sharepoint-server.md).
+
+## Collect information and settings
+<a name="Before"> </a>
+
+> [!IMPORTANT]
+> The section explains how to configure service applications, except for the Business Data Connectivity service application which applies to SharePoint Server 2019 and SharePoint Server 2016.
+
+Before you start to upgrade, you must collect information and settings about your existing environment. You have to know what is in your SharePoint Server 2019 environment before you can start to build your SharePoint Server Subscription Edition environment. Gather information such as the following:
+
+- Alternate access mappings
+
+- Authentication providers and authentication modes that are being used
+
+- Quota templates
+
+- Managed paths
+
+- Self-service site management settings
+
+- Incoming and outgoing e-mail settings
+
+- Customizations
+
+You also have to turn off or remove services or components in the SharePoint Server 2019 or SharePoint 2016 environments that could cause errors in the upgrade process. The following services or components should be removed or stopped before you back up your databases:
+
+- **PowerPoint Broadcast Sites** Office Online Server has changed into a separate server product which can serve multiple SharePoint farms for viewing and editing documents. Because of this change, PowerPoint Broadcast sites cannot be upgraded to SharePoint Server Subscription Edition.
+
+## Record the passphrase for the Secure Store service application
+<a name="passphrase"> </a>
+
+The Secure Store service application uses a passphrase to encrypt information. You have to know what this passphrase is so that you can use it in the new environment. Otherwise, you will not have access to the information in the Secure Store. If you do not know the passphrase, you can refresh the key, and then back up the Secure Store database. For more information, see **Work with encryption keys** in [ Configure the Secure Store Service in SharePoint Server ](../administration/configure-the-secure-store-service.md).
+
+## Install SharePoint Server Subscription Edition in a new environment
+<a name="Install"> </a>
+
+Before you can upgrade your databases, you must use SharePoint Server Subscription Edition to configure a new server or server farm. The first step in creating your new environment is to install SharePoint Server Subscription Edition and configure your new server or server farm. You must do the following:
+
+1. Run the Microsoft SharePoint Products Preparation Tool to install all required software.
+
+2. Run Setup to install the product.
+
+3. Install all language packs that you want in your environment.
+
+ > [!NOTE]
+ > For more information about how to install available language packs, see [Install or uninstall language packs for SharePoint Servers Subscription Edition](../install/install-or-uninstall-language-packs-subscription.md).
+
+4. Run the SharePoint Products Configuration Wizard to configure your server or servers.
+
+ > [!IMPORTANT]
+ > Some service applications can be upgraded by using a service application database upgrade. If you want to upgrade these service applications by upgrading the service application databases, do not use the Farm Configuration Wizard to configure these service applications when you set up your new farm.
+
+For step-by-step instructions for these tasks, see [Install SharePoint Server Subscription Edition](../install/install-overview-spserver-se.md).
+
+## Configure service applications
+<a name="configfarm"> </a>
+
+You must create the service applications on your new farm before you upgrade your content databases. There are some service applications that can be upgraded from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition. The steps in [Install SharePoint Server Subscription Edition](../install/install-overview-spserver-se.md) describe how to use the Farm Configuration Wizard to enable all service applications. However, you should not use the Farm Configuration Wizard to enable the service applications that you want to upgrade.
+
+The following service applications can be upgraded by performing a services database upgrade:
+
+- Business Data Connectivity service
+
+- Managed Metadata service
+
+- Search
+
+- Secure Store service
+
+- User Profile service
+
+For an overview of how to upgrade these service applications, see [Services upgrade overview for SharePoint Server](overview-of-the-services-upgrade-process-subscription-edition.md). For the specific steps to upgrade these service application databases, see [Upgrade service applications to SharePoint Server](upgrade-service-applications-to-sharepoint-server-subscription-edition.md).
+
+## Configure farm settings
+<a name="configfarmsettings"> </a>
+
+The next step in creating the new environment is to apply general farm settings. You must manually reapply configuration settings from your SharePoint Server 2019 or SharePoint Server 2016 farm, such as the following:
+
+- Incoming and outgoing e-mail settings
+
+- All farm-level security and permission settings, such as adding user or group accounts to the Farm Administrators group
+
+- Blocked file types
+
+And you must configure all new farm-level settings that you want to use, such as the following:
+
+- Usage and health data collection
+
+- Diagnostic logging
+
+- Settings and schedules for timer jobs
+
+> [!IMPORTANT]
+> If you had disabled the Workflow Auto Cleanup timer job in your SharePoint Server 2016 or SharePoint Server 2019 environment, make sure that you disable this timer job in your new environment also. If this timer job is enabled in the new environment and disabled in the SharePoint Server 2019 or SharePoint Server 2016 environment, you might lose workflow associations when you upgrade.
+
+In a standard installation, the next step would be to create web applications. However, for upgrade, you create web applications later in the process, after you upgrade the service application databases. For more information, see [Create web applications](upgrade-content-databases-subscription-edition.md#CreateWebApps).
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
SharePoint Get Started With Upgrade Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/get-started-with-upgrade-subscription-edition.md
+
+ Title: "Get started with upgrades to SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid: 40d265d9-dd16-405f-8c85-390975024bad
+description: "Complete your SharePoint upgrade. Find information on upgrading databases and site collections from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition."
++
+# Get started with upgrades to SharePoint Server Subscription Edition
++
+The first step in any upgrade process is to learn about the process itself so that you can plan and prepare appropriately. These articles help you understand how the SharePoint upgrade process works. These articles also include overviews of how to upgrade service applications.
+
+The following downloadable resources, articles, and related resources provide information about understanding the upgrade for SharePoint Server Subscription Edition.
+
+||**Content**|**Description**|
+|:--|:--|:--|
+|![Building blocks](../medi) <br/> |Get a visual overview of the steps involved in performing an upgrade. <br/> |
+|![Building blocks](../medi) <br/> |SharePoint Server 2019 and SharePoint Server 2016 included several service applications, some of which have databases that can be upgraded when you upgrade to SharePoint Server Subscription Edition. Find out which service application databases can be upgraded and what steps you must take before, during, and after the upgrade for your service applications. <br/> |
SharePoint Overview Of The Services Upgrade Process Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/overview-of-the-services-upgrade-process-subscription-edition.md
+
+ Title: "Services upgrade overview for SharePoint Server Subscription Edition"
++++ Last updated : 7/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: 5aeff319-0a8f-4d6b-86d5-6086611c48ed
+description: "Create a plan to upgrade data for service applications when you upgrade from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition."
++
+# Services upgrade overview for SharePoint Server Subscription Edition
++
+The upgrade process for SharePoint Server Subscription Edition uses the database attach upgrade method. When you move your databases to a new farm and upgrade the content, you must create your services infrastructure in the new farm, and configure the services appropriately for your new farm and new version. The following service applications have databases that can be upgraded when you upgrade from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition:
+
+- Business Data Connectivity service application
+
+- Managed Metadata service application
+
+- Search service application
+
+- Secure Store Service application
+
+- User Profile service application
+
+> [!NOTE]
+> Word Automation Services and Machine Translation Services can't be upgraded. A new service instance needs to be created.
+
+Attaching and upgrading these databases configures these service applications. Settings for other services will have to be reconfigured when you upgrade.
+
+## Database attach upgrade with services
+<a name="dbattach"> </a>
+
+You must create the service applications on your new farm before you upgrade your content databases. The steps included in the installation guide above describe how to use the Farm Configuration Wizard to enable all service applications. Some service applications can be upgraded by using a service application database upgrade. If you want to upgrade these service applications by upgrading the service application databases, you should not use the Farm Configuration Wizard to configure these service applications when you set up your new farm.
+
+The following service applications can be upgraded by performing a services database upgrade:
+
+- **Business Data Connectivity service**
+
+ The Business Data Connectivity service uses a database to store information about external data. This database must be upgraded as part of a services database attach upgrade. This service application is also available in SharePoint Foundation 2013.
+
+- **Managed Metadata service**
+
+ The Managed Metadata service uses a database to store metadata information. This database must be upgraded as part of a services database attach upgrade. You must attach and upgrade the database for this service and for the User Profile service before you can upgrade any My Sites.
+
+- **Secure Store service**
+
+ The Secure Store Service uses a database to store information. This database must be upgraded as part of a services database attach upgrade. You have to upgrade the data for this service application so that any connections from Excel Services Application and Business Connectivity Services can work with existing passwords.
+
+- **User Profile service**
+
+ The User Profile service uses databases to store profile, social, and sync information. These databases must be upgraded as part of a services database attach upgrade. You have to attach and upgrade the databases for this service and for the Managed Metadata service before you can upgrade any My Sites.
+
+- **Search**
+
+ The Search service uses several databases. The search administration database stores search configuration data, such as the topology, crawl rules, query rules, and the mappings between crawled and managed properties. The analytics reporting database stores the results of usage analytics and statistics information from the analyses.
+
+The search administration database must be upgraded as part of a services database attach upgrade, and you can optionally upgrade the analytics database as part of the services database attach upgrade. You have to attach and upgrade the database for the User Profile service and Managed Metadata service before you upgrade the search databases. You cannot use the database attach approach for the rest of the search databases, these databases are re-created when you upgrade the Search service application.
+
+Specifically, the following service application databases can be upgraded:
+
+|**Service application**|**Default database name**|
+|:--|:--|
+|Business Data Connectivity <br/> |BDC_Service_DB_\<GUID\> <br/> |
+|Managed Metadata <br/> |Managed Metadata Service_\<GUID\> <br/> |
+|Search <br/> |Search_Service_Application_DB_\<GUID\> <br/> Search_Service_Application_AnalyticsReportingStoreDB_\<GUID\> <br/> |
+|Secure Store <br/> |Secure_Store_Service_DB_\<GUID\> <br/> |
+|User Profile: Profile and Social databases <br/> |User Profile Service Application_ProfileDB_\<GUID\> <br/> User Profile Service Application_SocialDB_\<GUID\> <br/> User Profile Service Application_SyncDB_\<GUID\> <br/> |
+
+The steps to upgrade these service application databases are included in [Upgrade service applications to SharePoint Server Subscription Edition](upgrade-service-applications-to-sharepoint-server-subscription-edition.md).
+
+## Considerations for specific services
+<a name="Considerations"> </a>
+
+The following services in SharePoint Server 2019 and SharePoint Server 2016 also require additional steps to enable and configure when you upgrade:
+
+- **InfoPath Forms Service**
+
+ This service is not part of the Farm Configuration Wizard. If you want to use this service, you can use the **Configure InfoPath Forms Services** link on the **General Application Settings** page in SharePoint Central Administration to configure it. If you want to continue using form templates from your previous environment, you can export any administrator-deployed form templates (.xsn files) and data connection files (.udcx files) from your SharePoint Server 2019 and SharePoint Server 2016 environments, and then import them to your new SharePoint Server Subscription Edition environment by using the **Export-SPInfoPathAdministrationFiles** PowerShell cmdlet. If the URL of the new server differs from the URL of the previous server, you can run the **Update-SPInfoPathAdminFileUrl** PowerShell cmdlet to update links that are used in the upgraded form templates.
+
+## See also
+<a name="Considerations"> </a>
+
+#### Concepts
+
+[Overview of the upgrade process to SharePoint Server Subscription Edition](overview-of-the-upgrade-process-subscription-edition.md)
+
+[Upgrade content databases to SharePoint Server Subscription Edition](upgrade-content-databases-subscription-edition.md)
SharePoint Overview Of The Upgrade Process Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/overview-of-the-upgrade-process-subscription-edition.md
+
+ Title: "Overview of the upgrade process to SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- Strat_SP_server
+- SP2019
+
+ms.assetid: 4d7a8038-4b27-4bd8-a855-585db4e924a8
+description: "Learn about the process of upgrading databases, service applications, My Sites, and site collections to SharePoint Server Subscription Edition."
++
+# Overview of the upgrade process to SharePoint Server Subscription Edition
++
+To upgrade from Microsoft SharePoint Server 2019 and Microsoft SharePoint Server 2016 to SharePoint Server Subscription Edition, you use the database-attach method. In the database-attach method, you first create and configure a SharePoint Server Subscription Edition farm. Then you copy the content and service application databases from SharePoint Server 2019 and SharePoint Server 2016, and then attach and upgrade the databases. This upgrades the data to the new version. Site owners can then upgrade individual site collections.
+
+SharePoint Server Subscription Edition supports an upgrade from RTM version of SharePoint Server 2019 and SharePoint Server 2016.
+
+> [!NOTE]
+> All databases must be upgraded to version 16.0.4351.1000 or higher, otherwise upgrade to SharePoint Server Subscription Edition will be blocked.
+
+After you've configured a new SharePoint Server Subscription Edition environment, you can copy the content and service application databases from SharePoint Server 2019 and SharePoint Server 2016 to the SharePoint Server Subscription Edition environment. You use a backup and restore process to copy the database. You can also choose to set the databases to read-only in SharePoint Server 2019 and SharePoint Server 2016 environments so that users can continue to access their information, but not change it.
+
+Before you attach and upgrade the content databases, review the following information and take any recommended actions.
+
+- Ensure that the account that you use to attach the databases is a member of the **db_owner fixed** database role for the content databases that you want to upgrade.
+
+- Ensure that the account that you use to create web applications is a member of the Farm administrators group in the SharePoint Central Administration website.
+
+This article helps you to understand the upgrade sequence so that you can plan an upgrade project. To get detailed steps for an upgrade, see [Overview of the upgrade process to SharePoint Server Subscription Edition](upgrade-databases-subscription-edition.md) and [Upgrade site collections to SharePoint Server Subscription Edition](upgrade-a-site-collection-subscription-edition.md).
+
+## Create the SharePoint Server Subscription Edition farm
+<a name="CreateFarm"> </a>
+
+The first stage in the upgrade process creates the new SharePoint Server Subscription Edition farm:
+
+1. A server farm administrator installs SharePoint Server Subscription Edition to a new farm. The administrator configures farm settings and tests the environment.
+
+2. A server farm administrator sets the SharePoint Server 2019 and SharePoint Server 2016 farms to read-only so that users can continue to access the old farm while upgrade is in progress on the new farm.
+
+## Copy the SharePoint Server 2019 and SharePoint Server 2016 databases
+<a name="CopyDatabases"> </a>
+
+The second stage in the upgrade process copies the databases to the new environment. You use SQL Server Management Studio for these tasks.
+
+1. With the farm and databases in read-only mode, a server farm administrator backs up the content and service application databases from the SQL Server instance on the SharePoint Server 2019 and SharePoint Server 2016 farms.
+
+2. The server farm administrator restores a copy of the databases to the SQL Server instance on the SharePoint Server Subscription Edition farm and sets the databases to read-write on the new farm.
+
+## Upgrade SharePoint Server 2019 and SharePoint Server 2016 databases and service applications
+<a name="Databases"> </a>
+
+The third stage in the upgrade process upgrades the databases and service applications.
+
+1. A server farm administrator configures the service applications for the new farm. The following service applications have databases that you can upgrade during this process:
+
+ - Business Data Connectivity service application
+
+ - Managed Metadata service application
+
+ - Search service application
+
+ - Secure Store Service application
+
+ - User Profile service application
+
+2. A server farm administrator creates a web application on the SharePoint Server Subscription Edition farm for each web application on the SharePoint Server 2019 and SharePoint Server 2016 farms.
+
+3. A server farm administrator installs all server-side customizations.
+
+4. A server farm administrator then attaches the content databases to the new farm and upgrades the content databases for those web applications.
+
+5. A server farm administrator confirms that the upgrade is successful.
+
+## Upgrade SharePoint Server 2019 and SharePoint Server 2016 site collections
+<a name="UpgradeSites"> </a>
+
+The final stage in the upgrade process is to upgrade the site collections. The upgrade process for My Sites is slightly different from other types of site collections.
+
+### Upgrade My Sites
+<a name="MySites"> </a>
+
+> [!IMPORTANT]
+> This section applies to SharePoint Server Subscription Edition only.
+
+A server farm administrator upgrades the My Site host and then individual users can upgrade their My Sites or the farm administrator can upgrade them by using PowerShell. The following list shows four stages for the My Site host and My Sites during the upgrade process:
+
+1. The My Site host has not been upgraded. My Sites cannot be upgraded yet.
+
+2. A server farm administrator has upgraded the My Site host. No My Sites have been upgraded.
+
+3. Some users have upgraded their My Sites.
+
+4. All My Sites have been upgraded.
+
+> [!NOTE]
+> A server farm administrator can choose to force an upgrade of My Sites without waiting for users to upgrade them. For details and steps, read [Upgrade site collections to SharePoint Server Subscription Edition](upgrade-a-site-collection-subscription-edition.md).
+
+### Upgrade other SharePoint Server 2019 and SharePoint Server 2016 site collections
+<a name="SiteCollections"> </a>
+
+For information about how to upgrade a site collection, see [Upgrade site collections to SharePoint Server Subscription Edition](upgrade-a-site-collection-subscription-edition.md).
+
+> [!NOTE]
+> A server farm administrator can also force specific site collections to be upgraded without waiting for the site owners to upgrade them. For details and steps, read [Upgrade site collections to SharePoint Server Subscription Edition](upgrade-a-site-collection-subscription-edition.md).
SharePoint Troubleshoot Site Collection Upgrade Issues Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/troubleshoot-site-collection-upgrade-issues-subscription-edition.md
+
+ Title: "Troubleshoot site collection upgrade issues in SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid: 75113d71-7193-44ab-b79b-34cb9cf9aa94
+description: "Learn how to address problems that may occur after you upgrade a site to SharePoint Server Subscription Edition."
++
+# Troubleshoot site collection upgrade issues in SharePoint Server Subscription Edition
+
+
+When you upgrade a site collection to SharePoint Server Subscription Edition, errors can occasionally occur. This article helps you understand those errors and address them.
+
+## Check upgrade status and log files
+
+Upgrade status indicators and log files should give you an indication of what went wrong during the upgrade process. We recommend that you carefully review all the errors in the upgrade log files. Warnings might not always indicate an issue, but you should review them all to determine whether any of them are likely to cause even more issues.
+
+1. Review the upgrade status page for your site collection.
+
+ On the **Site Settings** page for the site collection, in the **Site Collection Administration** section, click **Site collection upgrade**. On the **Site Collection Upgrade** page, click **Review Site Collection Upgrade Status**.
+
+2. If pages don't render, check the **Site Settings** page. If the **Site Settings** page works and the upgrade has succeeded, there might be issues with the master page or home page. If the **Site Settings** page doesn't work, check the site collection upgrade log file for information about the problem.
+
+3. Review the site collection upgrade log files. You can review the site collection upgrade logs from the following locations:
+
+ - **For site collection administrators:** There are also log files for site collection upgrade stored inside the site collection itself, in the Maintenance Logs catalog at (http://<SiteName>/_catalogs/MaintenanceLogs/YYYYMMDD-HHMMSS-SSS.txt , where _YYYYMMDD_ is the date and _HHMMSS-SSS_ is the time (hours in 24-hour clock format, minutes, seconds, and milliseconds).
+
+ - **For farm administrators:** The site collection upgrade log file and the upgrade error log file are located at %COMMONPROGRAMFILES%\Microsoft Shared\Web server extensions\16\LOGS. The logs are named in the following format: SiteUpgrade- _YYYYMMDD-HHMMSS-SSS_.log, where _YYYYMMDD_ is the date and _HHMMSS-SSS_ is the time (hours in 24-hour clock format, minutes, seconds, and milliseconds). These file system logs have more information if you want details about issues.
+
+## Common issues
+
+Check to see whether any of the following issues are causing an upgrade error, a warning, or a problem in your site.
+
+### Q: I don't see a UI control on the page that used to be there
+<a name="UI"> </a>
+
+- **A:** Reset the page to the default version (that is, reghost it).
+
+Making changes to the site UI can cause problems in site upgrades. If a page was customized to place a UI control in a non-standard location, you can reset the page to the default version to recover the control.
+
+To reset the page, you can use the **Reset to site definition** link under **Site Actions** on the Site Settings page or use the **Reset to Template** command in SharePoint Designer.
+
+### Q: The view on a large list is not working any longer
+<a name="UI"> </a>
+
+- **A:** Create indexed columns, folders, or new views for large lists. You might have to add the indexed column to your existing views.
+
+If a list is very large, and users use a view or perform a query that exceeds the limit or throttling threshold, the view or query will not be permitted. You can create indexed columns with filtered views, organize items into folders, set an item limit on the page for a large view, or use an external list. For more information about large list throttling and how to address issues with large lists, see [Manage lists and libraries with many items](https://go.microsoft.com/fwlink/p/?LinkId=251456).
+
+### Q: I see an error about a duplicate content type name
+<a name="UI"> </a>
+
+- **A:** Rename content types or fields that conflict with default names.
+
+Occasionally, custom elements (such as a content type) may have a name that conflicts with a name in the new version.
+
+In the upgrade log files, you may see an error such as the following:
+
+> [!NOTE]
+> Either renaming or removing a content type can cause any customizations dependent on that content type to stop working.
+
+### Q: My site looks ugly, doesn't behave as expected, or I see script errors
+<a name="UI"> </a>
+
+- **A:** Either edit the page or reset the page to the default version, or remove or replace the custom files.
+
+ A problem with custom or inline JavaScript or CSS files can cause these issues.
+
+### Q: Custom content in my site disappeared or doesn't work
+<a name="UI"> </a>
+
+- **A:** Change the master page, or change the content so that it doesn't require specific zones.
+
+ The master page might have different zone layouts and the content might no longer reference it correctly. As a last resort, you can also reset the page to the default version. However, if you reset the page, you might lose zone specific content.
+
+### Q: I receive an error that says a control or page cannot render
+<a name="UI"> </a>
+
+- **A:** Do one of the following:
+
+ - If a Web Part was added that is not installed, contact the farm administrator to have it installed. If is a Web Part that is no longer available or not supported, then use the Web Part maintenance view to remove the Web Part from the page (remove, do not just close the Web Part).
+
+ - If a page was directly edited, either edit it again to remove the control or Web Part or reset the page to the default version.
+
+ A Web Part or other control might have been added to the page that is not installed or is no longer supported. Either a Web Part was added to a zone or the page was directly edited to add a control or Web Part reference directly inline (possibly on a master page).
+
+ A SharePoint feature may need to be activated. For more information, see [Enable or disable site collection features](https://office.microsoft.com/en-usoffice365-sharepoint-online-enterprise-help/enable-or-disable-site-collection-features-HA102772720.aspx?CTT=1) and [Open and use the Web Part Maintenance Page](https://office.microsoft.com/sharepoint-help/open-and-use-the-web-part-maintenance-page-HA104046809.aspx?CTT=1).
+
+### Q: My upgraded site does not render at all; instead, I see an "unexpected error" with a correlation ID
+<a name="UI"> </a>
+
+ **A:** Your custom branding may use a custom master page that contains a custom content placeholder.
+
+If your custom master page contains a custom content placeholder, and if custom page layouts also contain this custom content placeholder, then an error may prevent the home page of your site from rendering at all after upgrade. Instead, after upgrade, you may see the error message "An unexpected error has occurred."
+
+## See also
+
+#### Concepts
+
+[Upgrade a site collection to SharePoint Server Subscription Edition](upgrade-a-site-collection-subscription-edition.md)
SharePoint Upgrade A Site Collection Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/upgrade-a-site-collection-subscription-edition.md
+
+ Title: "Upgrade a site collection to SharePoint Server Subscription Edition"
++++ Last updated : 7/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: 78e2f208-e4b9-49cd-a036-89809fa24baf
+description: "Learn how site collection administrators can upgrade their sites to SharePoint Server Subscription Edition and then review site collections for issues."
++
+# Upgrade a site collection to SharePoint Server Subscription Edition
+
+
+In SharePoint Server Subscription Edition the way site collection upgrades are performed has changed. After a server farm administrator has upgraded the databases, site collections are automatically upgraded.
+
+> [!NOTE]
+> There is no concept of "site collection compatibility modes" in SharePoint Server Subscription Edition. You must be running the latest version at all times.
+
+## Upgrade a site collection
+
+There are three ways to upgrade a site collection:
+
+- In conjunction with content databases upgrade
+
+- On-browse upgrade
+
+- Manually triggered by using PowerShell.
+
+ **Content databases upgrade**- To upgrade the databases, run the [Mount-SPContentDatabase](/powershell/module/sharepoint-server/Mount-SPContentDatabase?view=sharepoint-ps) cmdlet. After the databases have been upgraded, the site collections are automatically upgraded during database upgrade process by default.
+
+> [!NOTE]
+> This is the default behavior and recommended method to upgrade databases.
+
+> [!IMPORTANT]
+> If you want to delay the sites upgrade, use the **SkipSiteUpgrade** parameter of the [Mount-SPContentDatabase](/powershell/module/sharepoint-server/Mount-SPContentDatabase?view=sharepoint-ps) cmdlet. When the parameter is provided, the site collection is upgraded when first browsed.
+
+ **On-browse upgrade** - You do not need to know whether the site collection has pending upgrade, SharePoint decides it for you during the upgrade process. Once the site is browsed, SharePoint checks if the site needs to be upgraded, if so, the site will be put in a queue and a timer job will pick it up for upgrade.
+
+Farm administrators can use PowerShell to upgrade a site collection.
+
+ **Manually trigger site upgrade** - You can use the [Upgrade-SPSite](/powershell/module/sharepoint-server/Upgrade-SPSite?view=sharepoint-ps) cmdlet to manually upgrade the site collections.
+
+> [!NOTE]
+> This is a legacy option to upgrade a site collection.
+
+This option is ideal for databases with large number of sites and for customers who use only a subset of all their sites.
+
+## Verify that site collection upgrade has succeeded
+<a name="ver"> </a>
+
+Site collection administrators can view the **Upgrade Status** page in Site Settings to verify that upgrade has succeeded for a site collection.
+
+ **To view upgrade status in Site Settings**
+
+1. Verify that the user account that performs this procedure is a site collection administrator.
+
+2. On the **Site Settings** page for the site collection, in the **Site Collection Administration** section, select **Site collection upgrade**.
+
+3. On the **Site Collection Upgrade** page, select **Review Site Collection Upgrade Status**.
+
+ The **Upgrade Status** page for the site collection is displayed.
+
+Farm administrators can use PowerShell to view site collection upgrade status.
+
+## Review site collections upgraded to SharePoint Server Subscription Edition
+<a name="ver"> </a>
+
+After the site collections have been upgraded to SharePoint Server Subscription Edition, review your upgraded sites to fix any issues after you have upgraded a site collection. Use the steps in this section to identify any issues before you upgrade your production environment.
+
+When you perform tests before upgrading your environment:
+
+- Begin by validating high-impact or high-profile sites, and then move on to lower-priority sites. As part of the planning process, you should have identified which sites are high-impact and high-profile and require immediate attention, and which can wait a bit longer.
+
+- To verify basic functionality, create a new site collection by using a representative set of lists, libraries, Web Parts, and so on. Review the new site to make sure that the common, basic elements of your sites are working.
+
+- If pages do not render, you can check the **Site Settings** page by going directly to the URL (http:// _siteurl_/_layouts/settings.aspx). If the **Site Settings** page works and the upgrade has succeeded, there might be issues with the master page or home page. If the **Site Settings** page does not work, go to the site collection upgrade log file to see whether you can get more information about the problem.
+
+You can review the site collection upgrade logs from the following locations:
+
+- **For site collection administrators:** If site collections are upgraded by using the [Mount-SPContentDatabase](/powershell/module/sharepoint-server/Mount-SPContentDatabase?view=sharepoint-ps) cmdlet, there are no separate SiteUpgrade*.log files. The SiteUpgrade logs are inside Upgrade*.log files.
+
+ > [!NOTE]
+ > You can retrieve the log files by using PowerShell. > From a PowerShell command prompt type the following syntax: `Get-SPSiteUpgradeSessionInfo -Site <siteUrl> OR $site.UpgradeInfo`
+
+- **For farm administrators:** The site collection upgrade log file and the upgrade error log file are located at %COMMONPROGRAMFILES%\Microsoft Shared\Web server extensions\16\LOGS. The logs are named in the following format: SiteUpgrade- _YYYYMMDD-HHMMSS-SSS_.log, where _YYYYMMDD_ is the date and _HHMMSS-SSS_ is the time (hours in 24-hour clock format, minutes, seconds, and milliseconds). These file system logs have more information if you want details about issues.
+
+ For additional information on how to troubleshoot error messages, see [Troubleshoot site collection upgrade issues in SharePoint Server Subscription Edition](troubleshoot-site-collection-upgrade-issues-subscription-edition.md).
+
+Use the following checklists to review your upgraded sites and look for issues for either trial upgrades or upgrades in a production environment.
+
+## Checklists for reviewing upgraded sites
+<a name="Review"> </a>
+
+### Large lists
+
+By default, large list query throttling is turned on in SharePoint Server Subscription Edition. If a list is very large, and users use a view or perform a query that exceeds the limit or throttling threshold, the view or query will not be permitted. Check any large lists in your environment and have the site administrator or list owner address the issue. For example, they can create indexed columns with filtered views, organize items into folders, set an item limit on the page for a large view, or use an external list. For more information about large list throttling and how to address issues with large lists, see [Manage lists and libraries with many items](https://go.microsoft.com/fwlink/p/?LinkId=251456).
+
+### Styles and appearance
+
+The following table lists common issues with the style and appearance of your website after upgrade and how to address them.
+
+> [!TIP]
+> Most of the issues in this section can be resolved by correcting the links to an item.
+
+|**What to check**|**What to do if there is a problem**|
+|:--|:--|
+|Are all the images on your pages displayed correctly? <br/> |Verify or fix the links to the images. <br/> |
+|Are the appropriate cascading style sheet colors and styles used in the appropriate locations? <br/> |Verify or fix the links to the cascading style sheet file. Verify the link on the master page. <br/> |
+|Theme choices are different in SharePoint Subscription Edition - which theme do you want to use? <br/> |Your site's home page, or other pages on your site, may look different after the site is upgraded. You may have to re-create or revise a theme and reapply it. <br/> |
+|Do you have any JavaScript controls that are not working? <br/> |Verify or fix the links to the controls. <br/> |
+|Are your pages displayed correctly in the browser? <br/> |Verify that any HTML on the page is in strict XHTML mode. <br/> |
+|Are any script errors displayed on any pages? <br/> |Verify the scripts and links, and verify that any HTML is in strict XHTML mode. <br/> |
+
+## See also
+<a name="Review"> </a>
+
+#### Concepts
+
+[Overview of the upgrade process to SharePoint Server Subscription Edition](overview-of-the-upgrade-process-subscription-edition.md)
SharePoint Upgrade And Update https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/upgrade-and-update.md
ms.assetid: 911adb7a-468e-4344-a403-d2968f8195eb
description: "Upgrading to a new version of SharePoint? The first step in any upgrade process is to learn about the process itself so that you can plan and prepare appropriately. These articles help you understand how the SharePoint upgrade process works. These articles also include overviews of how to upgrade service applications."
-# Upgrade and Update
+# Upgrade and update
[!INCLUDE[appliesto-2013-2016-2019-xxx-md](../includes/appliesto-2013-2016-2019-xxx-md.md)] Upgrading to a new version of SharePoint? The first step in any upgrade process is to learn about the process itself so that you can plan and prepare appropriately. These articles help you understand how the SharePoint upgrade process works. These articles also include overviews of how to upgrade service applications.
-Applying updates to a current version? Microsoft periodically releases software updates for SharePoint. These articles and related resources provide information about the software update process for SharePoint Server 2013, SharePoint Server 2016, and SharePoint Server 2019.
+Applying updates to a current version? Microsoft periodically releases software updates for SharePoint. These articles and related resources provide information about the software update process for SharePoint Server Subscription Edition, SharePoint Server 2019, SharePoint Server 2019, and SharePoint Server 2013.
-
SharePoint Upgrade Content Databases Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/upgrade-content-databases-subscription-edition.md
+
+ Title: "Upgrade content databases to SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: d0a50e40-5322-4f7a-a3a4-c4660c879666
+description: "Learn how to upgrade content databases from SharePoint Server 2019 or SharePoint Server 2016 to SharePoint Server Subscription Edition."
++
+# Upgrade content databases to SharePoint Server Subscription Edition
+
+
+When you upgrade from SharePoint Server 2019 or SharePoint Server 2016 to SharePoint Server Subscription Edition, you must use a database attach upgrade, which means that you upgrade only the content for your environment and not the configuration settings. After you have configured the SharePoint Server 2019 or SharePoint Server 2016 environments, copied the content and service application databases, and upgraded the service applications, you can attach and upgrade the content databases to SharePoint Server Subscription Edition. This article explains the steps you take to attach and upgrade the content databases to SharePoint Server Subscription Edition.
+
+**Phase 4 of the upgrade process: Upgrade content databases**
+
+![Phase 4 of the upgrade process: Upgrade content databases](../media/UpgradeContentDatabase_2019.png)
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
+
+## Before you begin
+
+Before you attach and upgrade the content databases, review the following information and take any recommended actions.
+
+- Ensure that the account that you use to attach the databases is a member of the **db_owner** fixed database role for the content databases that you want to upgrade.
+
+- Ensure that the account that you use to create web applications is a member of the Farm administrators group in Central Administration.
+
+## Create web applications
+<a name="CreateWebApps"> </a>
+
+Create a web application for each web application that existed in the SharePoint Server 2019 or SharePoint Server 2016 environments. For each web application, do the following:
+
+- Use the same URL (including name, port, and host header) and configure alternate-access mapping settings.
+
+ If you use a different URL, Office applications might not be redirected correctly to the new URLs and all bookmarks to the old URLs will not work.
+
+- Use the same authentication method.
+
+ Because claims-based authentication is now the default option for SharePoint Server Subscription Edition, you must use Microsoft PowerShell to create a web application that uses Windows Classic authentication. .
+
+- Recreate managed paths.
+
+- Recreate quota templates.
+
+- Configure email settings for the web application.
+
+- Enable self-service site creation for any web application that used it in the previous environment. Recreate any self-service site creation settings.
+
+- Create the managed path for the My Sites (/personal) on the web application that hosts My Sites. My Sites are available in SharePoint Server only.
+
+- Recreate any web application policies or other web application settings that you had configured in the previous environment.
+
+## Reapply customizations
+<a name="Customizations"> </a>
+
+One frequent cause of failures during upgrade is that the new environment does not have customized features, solutions, or other elements. Ensure that all custom elements from the SharePoint Server 2019 or SharePoint Server 2016 environment are installed on your front-end web servers before you upgrade any content databases.
+
+In this step, you manually transfer all customizations to your new farm. Make sure to install any components that your sites depend on to work correctly, such as the following:
+
+- Custom site definitions
+
+- Custom style sheets, such as cascading style sheets, and images
+
+- Custom Web Parts
+
+- Custom Web services
+
+- Custom features and solutions
+
+- Custom assemblies
+
+- Web.config changes (such as security)
+
+ Ensure that you transfer all unique settings from the Web.config files for each web application to the new servers.
+
+- Administrator-approved form templates (.xsn files) and data connection files (.udcx files) for InfoPath.
+
+- Any other components or files on which your sites depend.
+
+The installation for SharePoint Server Subscription Edition continues to use 16 as its major version number including in the file system paths.
+
+## Verify custom components
+<a name="VerifyCustom"> </a>
+
+To make sure that you have identified all custom components for your environment, use the **Stsadm -o enumallwebs** operation in the SharePoint Server 2019 and SharePoint Server 2016 environments and use the **includefeatures** and **includewebparts** parameters. This operation can report the templates, features, Web Parts, and other custom elements that are used for each site. For more information about how to use the **enumallwebs** operation, see [Enumallwebs: Stsadm operation (Office SharePoint Server)](/previous-versions/office/sharepoint-2007-products-and-technologies/dd789634(v=office.12)).
+
+You can also use the [Get-SPWeb](/powershell/module/sharepoint-server/get-spweb?view=sharepoint-ps) cmdlet in your SharePoint Server 2019 and SharePoint Server 2016 environments to see template that are associated with each site and then verify that the template is installed in your SharePoint Server Subscription Edition environment. For more information about this operation, see [Get-SPWeb](/powershell/module/sharepoint-server/get-spweb?view=sharepoint-ps).
+
+Before you attach the content databases to the web applications, use the [Test-SPContentDatabase](/powershell/module/sharepoint-server/Test-SPContentDatabase?view=sharepoint-ps) cmdlet to verify that you have all the custom components that you must have for that database.
+
+ **To verify custom components are available by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server 2019 and SharePoint Server 2016 cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. At the PowerShell command prompt, type the following command:
+
+ ```powershell
+ Test-SPContentDatabase -Name DatabaseName -WebApplication URL
+ ```
+
+ Where:
+
+ - DatabaseName_ is the name of the database that you want to test.
+
+ - URL_ is the URL for the web application that will host the sites.
+
+ For more information, see Test-SPContentDatabase.
+
+## Attach a content database to a web application and upgrade the database
+<a name="AddDB"> </a>
+
+When you attach a content database, you upgrade the database and add the site collections in that database to the web application that you specify. After the databases are upgraded, the site collection upgrade process is automatically started by default.
+
+When you attach a content database, for a web application that spans multiple content databases, make sure that you attach the content database that contains the root site collection first. In other words, before you continue, examine the root of the web application in the SharePoint Server 2019 and SharePoint Server 2016 server farms to determine the first site collection. After you attach the database that contains the root site, attach the other content databases for the web application in any order. You do not have to create any site collections to store the content before you attach the database. This process attaches the content databases and the site collections inside that database. Make sure that you do not add new site collections until you have restored all the content databases.
+
+> [!TIP]
+> Each site collection in a content database has a GUID that is registered in the configuration database and associated with the site collection. Therefore, you cannot add the same site collection two times to the farm, even in separate web applications. Although you can successfully attach the database in this situation, you will be unable to browse to the site collection. > If you must have a copy of a site collection in the same farm, first attach the database that contains the site collection to a separate farm, and then use the **Backup-SPSite** and **Restore-SPSite** PowerShell cmdlets to copy the site collection to the other farm. The backup and restore process creates a new GUID for the site collection. For more information about these cmdlets, see [Backup-SPSite](/powershell/module/sharepoint-server/Backup-SPSite?view=sharepoint-ps) and [Restore-SPSite](/powershell/module/sharepoint-server/Restore-SPSite?view=sharepoint-ps).
+
+For My Sites, attach the content database that contains the My Site host before attaching databases that contain the My Sites.
+
+By default, when you created the web applications in the new SharePoint Server Subscription Edition environment, a content database was created for each web application. You can ignore these default databases until after you have attached your SharePoint Server 2019 and SharePoint Server 2016 databases, and then you can delete the default databases.
+
+> [!IMPORTANT]
+> If you are moving the content databases across domains or forests or to another environment that has different service accounts, make sure that the permissions for the service accounts are still correct before you attach the databases.
+
+> [!NOTE]
+> One frequent cause of failures during upgrade is that the environment is missing customized features, solutions, or other elements. Be sure that all custom elements from the SharePoint Server 2019 and SharePoint Server 2016 environments are installed on your servers in the SharePoint Server Subscription Edition environment before you start the upgrade process. Use the [Test-SPContentDatabase](/powershell/module/sharepoint-server/Test-SPContentDatabase?view=sharepoint-ps) cmdlet to identify custom elements that your sites might be missing.
+
+ **To attach a content database to a web application by using PowerShell**
+
+1. You must use the [Mount-SPContentDatabase](/powershell/module/sharepoint-server/Mount-SPContentDatabase?view=sharepoint-ps) cmdlet to attach a content database to a web application. Using the SharePoint Central Administration pages to attach a content database is not supported for upgrading.
+
+ If you want to delay the sites upgrade, you can use the **SkipSiteUpgrade** parameter of the [Mount-SPContentDatabase](/powershell/module/sharepoint-server/Mount-SPContentDatabase?view=sharepoint-ps) cmdlet.
+
+ > [!NOTE]
+ > Using the [Mount-SPContentDatabase](/powershell/module/sharepoint-server/Mount-SPContentDatabase?view=sharepoint-ps) cmdlet to attach a content database is the recommended behavior and option for upgrading databases and site collections in SharePoint Server 2019 and SharePoint Server 2016.
+
+ Ensure that the account that you use to attach the databases is a member of the **db_owner** fixed database role for the content databases that you want to upgrade.
+
+ Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server Subscription Edition cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. At the PowerShell command prompt, type the following command and then press **ENTER**:
+
+ ```powershell
+ Mount-SPContentDatabase -Name DatabaseName -DatabaseServer ServerName -WebApplication URL
+ ```
+
+ Where:
+
+ - _DatabaseName_ is the name of the database that you want to upgrade.
+
+ - _ServerName_ is server on which the database is stored.
+
+ - _URL_ is the URL for the web application that will host the sites.
+
+For more information, see [Mount-SPContentDatabase](/powershell/module/sharepoint-server/mount-spcontentdatabase?view=sharepoint-ps). After the databases are upgraded, the site collections are automatically upgraded. For additional information on how to upgrade a site collection, see [Upgrade a site collection to SharePoint Server Subscription Edition](upgrade-a-site-collection-subscription-edition.md).
+
+## Verify upgrade for the first database
+<a name="Status"> </a>
+
+After you attach a database, you can use the **Upgrade Status** page in Central Administration to check the status of upgrade on your databases. After the upgrade process is complete, you can review the upgrade log file to see whether upgrade produced issues. You can use a PowerShell cmdlet to check the upgrade status for all the content databases. For more information about verifying and troubleshooting upgrade, see [Verify database upgrades in SharePoint Server Subscription Edition](verify-upgrade-for-databases-subscription-edition.md).
+
+ **To view the Upgrade Status page**
+
+- Verify that the user account that is performing this procedure is a member of the **db_owner** fixed database role for the databases.
+
+- In Central Administration, click **Upgrade and Migration**, and then click **Check upgrade status**.
+
+ **To view the upgrade log file**
+
+- The upgrade error log file and the upgrade log file are located at %COMMONPROGRAMFILES%\Microsoft Shared\web server extensions\16\LOGS. The upgrade log file contains more detailed information than the upgrade error log. Be sure to check the summary at the bottom of the log files for information about the overall status and a count of the warnings and errors in the file.
+
+ The logs are text files named in the following format:
+
+ - _Upgrade-YYYYMMDD-HHMMSS-SSS-error_.log
+
+ - _Upgrade-YYYYMMDD-HHMMSS-SSS_.log
+
+ Where
+
+ - _YYYYMMDD_ is the date
+
+ - _HHMMSS-SSS_ is the time (hours in 24-hour clock format, minutes, seconds, and milliseconds)
+
+ An example for an upgrade error log is Upgrade-20120105-132126-374-error.log, and an example for an upgrade log is Upgrade-20120105-132126-374.log.
+
+ > [!NOTE]
+ > The format of the upgrade log for SharePoint Server 2019 and SharePoint Server 2016 is based on the same structure as ULS. > The upgrade log file includes the name of the content database being upgraded.
+
+ **To view upgrade status for all databases by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server Subscription Edition cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. At the PowerShell command prompt, type the following command:
+
+ ```powershell
+ Get-SPContentDatabase | ft Name, NeedsUpgradeIncludeChildren
+ ```
+
+ This cmdlet returns a table-style list of databases in your farm and indicates whether the database needs an upgrade to SharePoint Server Subscription Edition.
+
+## Attach the remaining databases
+<a name="AddOtherDBs"> </a>
+
+After you restore the first content database and verify success, you can continue to restore and upgrade other databases. You can perform parallel database attach upgrades to upgrade more than one database at a time. Use separate Microsoft PowerShell command prompt to run multiple upgrades. It is recommended that you separate the start time for each new database upgrade session by several minutes to prevent issues with temporary locks set for the web application during attachment. Otherwise you might receive an error on the upgrade session. The wait time to clear temporary locks varies depending on the number of site collections, or the speed of the database server hardware.
+
+## Verify upgrade for additional databases
+<a name="ver"> </a>
+
+After you upgrade all additional databases, view the Upgrade Status page to monitor progress and verify that the upgrade process is complete. Review the log file to identify any other issues.
+
+## Next steps
+<a name="Next"> </a>
+
+After you upgrade the databases, you might want to perform additional steps to make sure that your farm is ready for use. For example:
+
+- Migrate user accounts to claims authentication, if it is necessary.
+
+ By default, new web applications in SharePoint Server Subscription Edition use claims authentication. If you were using classic authentication in the previous environment, you must migrate the users to claims authentication.
+
+- Update links that are used in any upgraded InfoPath form templates.
+
+ For a database-attach upgrade, you exported and imported all InfoPath form templates in your environment when you created the new environment. After upgrade, you can now update the links that are used in those upgraded form templates to point to the correct URLs by using a Microsoft PowerShell cmdlet.
+
+ InfoPath is available in SharePoint Server only.
+
+- Perform a full crawl
+
+ For more information, see [Start, pause, resume, or stop a crawl in SharePoint Server](../search/start-pause-resume-or-stop-a-crawl.md).
+
+- Back up your farm
+
+ For more information, see [Back up farms in SharePoint Server](../administration/back-up-a-farm.md).
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
SharePoint Upgrade Databases Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/upgrade-databases-subscription-edition.md
+
+ Title: "Upgrade databases from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition"
++++ Last updated : 7/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: b6580f87-40b4-4768-b589-6ba54013f7e4
+description: "Find resources to help you perform the steps to upgrade databases from SharePoint Server 2019 to SharePoint Server Subscription Edition."
++
+# Upgrade databases from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition
++
+The following articles provide information about upgrading databases to SharePoint Server Subscription Edition.
+
+|**Content**|**Description**|
+|:--|:--|
+|[Create the SharePoint Server Subscription Edition farm for a database attach upgrade](create-the-sharepoint-server-subscription-edition-farm-for-a-database-attach-upgrade.md) <br/> |Create and configure a SharePoint Server Subscription Edition farm so that you can upgrade databases from SharePoint Server 2019 and SharePoint Server 2016. <br/> |
+|[Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md) <br/> |Copy SharePoint Server 2019 or SharePoint Server 2016 content and service databases to a SharePoint Server 2019 or SharePoint Server 2016 farm respectively, so that you can upgrade the data to SharePoint Server Subscription Edition. <br/> |
+|[Upgrade service applications to SharePoint Server Subscription Edition](upgrade-service-applications-to-sharepoint-server-subscription-edition.md) <br/> |Upgrade service applications (Business Connectivity Services, Managed Metadata, Secure Store, User Profiles, Search) to SharePoint Server Subscription Edition. <br/> |
+|[Upgrade content databases to SharePoint Server Subscription Edition](upgrade-content-databases-subscription-edition.md) <br/> |Learn how to upgrade content databases from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition. <br/> |
+|[Verify database upgrades in SharePoint Server Subscription Edition](verify-upgrade-for-databases-subscription-edition.md) <br/> |Verify that the upgrade for your databases has succeeded and that you are ready to begin to upgrade sites. <br/> |
SharePoint Upgrade Service Applications To Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/upgrade-service-applications-to-sharepoint-server-subscription-edition.md
+
+ Title: "Upgrade service applications to SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- SP2019
+ms.assetid: 6de4e8e0-5d27-4b1b-a87f-bebd8b9d6e77
+description: "Upgrade service applications (Business Connectivity Services, Managed Metadata, Secure Store, and Search) to SharePoint Server Subscription Edition."
++
+# Upgrade service applications to SharePoint Server Subscription Edition
+
+
+When you upgrade from SharePoint Server 2019 or SharePoint Server 2016 to SharePoint Server Subscription Edition, you must use a database-attach upgrade, which means that you upgrade only the content for your environment and not the configuration settings. After you have configured the SharePoint Server Subscription Edition environment, and copied the content and service application databases, you can upgrade the service applications to SharePoint Server Subscription Edition. This article contains the steps that you take to upgrade the service applications.
+
+**Phase 3 of the upgrade process: Upgrade service applications**
+
+![Phase 3 of the upgrade process: Upgrade service applications](../media/UpgradeServiceApplicatons_2019.png)
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
+
+## Before you begin
+<a name="begin"> </a>
+
+Before you upgrade the service applications, review the following information and take any recommended actions.
+
+- Ensure that the account that you use to perform the steps in this article is a member of the Farm administrators group in the Central Administration website.
+
+- Decide which service application pool to use for the upgraded service applications. The procedures below use the default application pool for service applications which is "SharePoint Web Services Default". You can view a list of available service application pools by using the **Get-SPServiceApplicationPool** cmdlet in PowerShell. Or you can create a service application pool by using the **New-SPServiceApplicationPool** cmdlet. For more information, see [Get-SPServiceApplicationPool](/powershell/module/sharepoint-server/Get-SPServiceApplicationPool?view=sharepoint-ps) and [New-SPServiceApplicationPool](/powershell/module/sharepoint-server/New-SPServiceApplicationPool?view=sharepoint-ps).
+
+> [!TIP]
+> Throughout this article, variables (such as $applicationPool, $sss, $upa, and so on) are used in the PowerShell cmdlets to save time and effort. You do not have to use these variables if you would prefer not to. However, if you do not use these variables, you must use IDs for the service applications and service application proxies when you specify the **Identity** parameters. Each procedure has information about the variables used, or the alternate cmdlets to use to look up any IDs that are required. > Also, many procedures in this article include a step to set the $applicationPool variable. If you are performing all of these procedures in the same session of PowerShell, and you want to use the same application pool for all service applications, you do not have to repeat this step in each procedure. Instead, you can set this variable once at the beginning and use it throughout the procedures in this article.
+
+
+## About upgrading the service application databases
+<a name="UpgradeServicesDBs"> </a>
+
+To upgrade a service application database, you create a new service application and provide the name of the existing database to use for the new service application. As the service application is created, the database is upgraded. This process has several steps.
+
+> [!NOTE]
+> Word Automation Services and Machine Translation Services can't be upgraded. A new service instance will need to be created.
+
+> [!IMPORTANT]
+> The following steps only apply to the Custom server role type. For more information on server role types, see [Planning for a MinRole server deployment in SharePoint Server 2016 and SharePoint Server 2019](../install/planning-for-a-minrole-server-deployment-in-sharepoint-server.md)
+
+1. Start the service instances.
+
+ The first step is to start service instances for the four service applications that you can upgrade: the Business Data Connectivity service, Managed Metadata Web Service, Secure Store service, and Search service. Most of these service instances can be started from Central Administration. However the SharePoint Server Search service instance must be started by using PowerShell.
+
+2. Create the service applications and upgrade the databases.
+
+ After you have started the service instances, the next step is to create the service applications and upgrade the databases. You must use PowerShell to restore the service application databases.
+
+3. Create proxies for the service applications.
+
+ After you have upgraded the service application databases, you create the proxies for the service applications and add them to the default proxy group. You must create proxies for the following service applications:
+
+ - Managed Metadata service application
+
+ - Search service application
+
+ - Secure Store service application
+
+ The Business Data Connectivity service application automatically creates a proxy and assigns it to the default proxy group when you create the service application.
+
+4. Verify that the proxies are in the default group
+
+The following sections provide procedures to complete these steps.
+
+## Start the service instances
+<a name="StartServiceInstances"> </a>
+
+The following procedures start the service instances.
+
+ **To start service application instances from Central Administration**
+
+1. Start SharePoint 2019 Central Administration.
+
+2. In SharePoint 2019 Central Administration, on the **Application Management** page, in the **Service Applications** section, click **Manage Services on Server**.
+
+3. Next to the **Business Data Connectivity service**, click **Start**.
+
+4. Next to the **Managed Metadata Web Service**, click **Start**.
+
+5. Next to the **Secure Store Service**, click **Start**.
+
+The Search service instance must be started by using PowerShell because you cannot start it from Central Administration unless a Search Service application already exists.
+
+> [!TIP]
+> When using MinRoles, **Start** may not be available as it is managed by the farm. When the associated Service Application has been created, it automatically starts the Service Instance.
+
+ **To start the Search service instance by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server Subscription Edition cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. To start the Search service instance, at the Microsoft PowerShell command prompt, type the following commands and press **ENTER** after each one:
+
+ ```powershell
+ $SearchInst = Get-SPEnterpriseSearchServiceInstance
+ # Stores the identity for the Search service instance on this server as a variable
+ ```
+
+ ```powershell
+ Start-SPServiceInstance $SearchInst
+ # Starts the service instance
+ ```
+
+ For more information, see [Get-SPEnterpriseSearchServiceInstance](/powershell/module/sharepoint-server/get-spenterprisesearchserviceinstance?view=sharepoint-ps) and [Start-SPServiceInstance](/powershell/module/sharepoint-server/start-spserviceinstance?view=sharepoint-ps).
+
+## Upgrade the Secure Store service application
+<a name="UpgradeSecureStore"> </a>
+
+To upgrade the Secure Store service application, you create the new service application and upgrade the database, create a proxy and add it to the default proxy group, and then restore the passphrase from the previous environment.
+
+ **To upgrade the Secure Store service application by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. To store the application pool that you want to use as a variable for this service application, at the Microsoft PowerShell command prompt, type the following command:
+
+ ```powershell
+ $applicationPool = Get-SPServiceApplicationPool -Identity 'SharePoint Web Services default'
+ ```
+
+ Where:
+
+ - _SharePoint Web Services default_ is the name of the service application pool that will contain the new service applications. This is the default service application pool. You can specify a different service application pool.
+
+ This cmdlet sets the service application pool as a variable that you can use again in the cmdlets that follow. If you have multiple application pools and have to use a different application pool for a particular service application, repeat this step in the procedure to create each service application to use the appropriate application pool.
+
+4. To upgrade the Secure Store service application, at the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $sss = New-SPSecureStoreServiceApplication -Name 'Secure Store' -ApplicationPool $applicationPool -DatabaseName 'SecureStore_Upgrade_DB' -AuditingEnabled
+ ```
+
+ Where:
+
+ - _SecureStore_ is the name that you want to give the new Secure Store service application.
+
+ - $applicationpool is the variable that you set earlier to identify the service application pool to use.
+
+ > [!TIP]
+ > If you do not use the variable $applicationPool, then you must specify the name of an existing service application pool in the format ' _Application Pool Name_'. To view a list of service application pools, you can run the **Get-SPServiceApplicationPool** cmdlet.
+
+ - _SecureStore_Upgrade_DB_ is the name of the service application database that you want to upgrade.
+
+ This command sets a variable, $sss, that you use when you create the proxy later.
+
+ For more information, see [New-SPSecureStoreApplication](/powershell/module/sharepoint-server/New-SPSecureStoreApplication?view=sharepoint-ps).
+
+5. Type the following command to create a proxy for the Secure Store service application:
+
+ ```powershell
+ $sssp = New-SPSecureStoreServiceApplicationProxy -Name ProxyName -ServiceApplication $sss -DefaultProxyGroup
+ ```
+
+ Where:
+
+ - _ProxyName_ is the proxy name that you want to use.
+
+ - $sss is the variable that you set earlier to identify the new Secure Store service application.
+
+ > [!TIP]
+ > If you do not use the variable $sss, then you must use an ID to identify the Secure Store service application instead of a name. To find the ID, you can run the **Get-SPServiceApplication** cmdlet to return a list of all service application IDs.
+
+ - _DefaultProxyGroup_ adds the Secure Store service application proxy to the default proxy group for the local farm.
+
+ This command sets a variable, $sssp, for the service application proxy that you use when you restore the passphrase.
+
+ For more information, see [New-SPSecureStoreServiceApplicationProxy](/powershell/module/sharepoint-server/New-SPSecureStoreServiceApplicationProxy?view=sharepoint-ps).
+
+ After you create the Secure Store service application and the proxy, you have to refresh the encryption key. For information about how to refresh the encryption key, see [Refresh the Secure Store encryption key](../administration/configure-the-secure-store-service.md#refresh).
+
+6. Type the following command to restore the passphrase for the Secure Store service application:
+
+ ```powershell
+ Update-SPSecureStoreApplicationServerKey -Passphrase <Passphrase> -ServiceApplicationProxy $sssp
+ ```
+
+ Where:
+
+ - _\<Passphrase\>_ is the Passphrase for the Secure Store service application from your previous environment.
+
+ - $sssp is a variable that you set earlier to identify the new Secure Store service application proxy.
+
+ > [!TIP]
+ > If you do not use the variable $sssp, then you must use an ID to identify the Secure Store service application proxy instead of a name. To find the ID, you can run the **Get-SPServiceApplicationProxy** cmdlet to return a list of all service application proxy IDs.
+
+ For more information, see [Update-SPSecureStoreApplicationServerKey](/powershell/module/sharepoint-server/Update-SPSecureStoreApplicationServerKey?view=sharepoint-ps).
+
+## Upgrade the Business Data Connectivity service application
+<a name="UpgradeBDC"> </a>
+
+To upgrade the Business Data Connectivity service application, you create the new service application and upgrade the database. You do not have to create a proxy for the Business Data Connectivity service application. The Business Data Connectivity service application automatically creates a proxy and assigns it to the default proxy group when you create the service application.
+
+ **To upgrade the Business Data Connectivity service application by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server 2019 or SharePoint Server 2016 cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. To store the application pool that you want to use as a variable for this service application, at the Microsoft PowerShell command prompt, type the following command:
+
+ ```powershell
+ $applicationPool = Get-SPServiceApplicationPool -Identity 'SharePoint Web Services default'
+ ```
+
+ Where:
+
+ - _SharePoint Web Services default_ is the name of the service application pool that will contain the new service applications.
+
+ This cmdlet sets the service application pool as a variable that you can use again in the cmdlets that follow. If you have multiple application pools and have to use a different application pool for a particular service application, repeat this step in the procedure to create each service application to use the appropriate application pool.
+
+4. To upgrade the Business Data Connectivity service application, at the Microsoft PowerShell command prompt, type the following command:
+
+ ```powershell
+ New-SPBusinessDataCatalogServiceApplication -Name 'BDC Service' -ApplicationPool $applicationPool -DatabaseName 'BDC_Service_DB'
+ ```
+
+ Where:
+
+ - _BDC Service_ is the name that you want to give the new Business Data Connectivity service application.
+
+ - $applicationpool is the variable that you set earlier to identify the service application pool to use.
+
+ > [!TIP]
+ > If you do not use the variable $applicationPool, then you must specify the name of an existing service application pool in the format ' _Application Pool Name_'. To view a list of service application pools, you can run the **Get-SPServiceApplicationPool** cmdlet.
+
+ - _BDC_Service_DB_ is name of the service application database that you want to upgrade.
+
+ For more information, see [New-SPBusinessDataCatalogServiceApplication](/powershell/module/sharepoint-server/New-SPBusinessDataCatalogServiceApplication?view=sharepoint-ps).
+
+## Upgrade the Managed Metadata service application
+<a name="UpgradeMetadata"> </a>
+
+To upgrade the Managed Metadata service application, you create the new service application and upgrade the database, and then create a proxy and add it to the default proxy group.
+
+ **To upgrade the Managed Metadata service application by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server 2019 or SharePoint Server 2016 cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. To store the application pool that you want to use as a variable for this service application, at the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $applicationPool = Get-SPServiceApplicationPool -Identity 'SharePoint Web Services default'
+ ```
+
+ Where:
+
+ - _SharePoint Web Services default_ is the name of the service application pool that will contain the new service applications.
+
+ This cmdlet sets the service application pool as a variable that you can use again in the cmdlets that follow. If you have multiple application pools and have to use a different application pool for a particular service application, repeat this step in the procedure to create each service application to use the appropriate application pool.
+
+4. To upgrade the Managed Metadata service application, at the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $mms = New-SPMetadataServiceApplication -Name 'Managed Metadata Service Application' -ApplicationPool $applicationPool -DatabaseName 'Managed Metadata Service_DB'
+ ```
+
+ Where:
+
+ - _Managed Metadata Service Application_ is the name that you want to give the new Managed Metadata service application.
+
+ - $applicationpool is the variable that you set earlier to identify the service application pool to use.
+
+ > [!TIP]
+ > If you do not use the variable $applicationPool, then you must specify the name of an existing service application pool in the format ' _Application Pool Name_'. To view a list of service application pools, you can run the **Get-SPServiceApplicationPool** cmdlet.
+
+ - _Managed Metadata Service_DB_ is name of the service application database that you want to upgrade.
+
+ This command sets a variable, $mms, that you use when you create the proxy later.
+
+ For more information, see [New-SPMetadataServiceApplication](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+5. At the PowerShell command prompt, type the following command to create a proxy for the Managed Metadata service application:
+
+ ```powershell
+ New-SPMetadataServiceApplicationProxy -Name ProxyName -ServiceApplication $mms -DefaultProxyGroup
+ ```
+
+ Where:
+
+ - _ProxyName_ is the proxy name that you want to use.
+
+ - $mms is the variable that you set earlier to identify the new Managed Metadata service application.
+
+ > [!TIP]
+ > If you do not use the variable $mms, then you must use an ID to identify the Managed Metadata service application proxy instead of a name. To find the ID, you can run the **Get-SPServiceApplication** cmdlet to return a list of all service application IDs.
+
+ - _DefaultProxyGroup_ adds the Managed Metadata service application proxy to the default proxy group for the local farm.
+
+ For more information, see [New-SPMetadataServiceApplicationProxy](/powershell/module/sharepoint-server/New-SPMetadataServiceApplicationProxy?view=sharepoint-ps).
+
+## Upgrade the User Profile service application
+<a name="UpgradeUserProfile"> </a>
+
+Upgrade the Managed Metadata service application before you upgrade the User Profile service application.
+
+To upgrade the User Profile service application, you copy the Profile and Social databases in your SharePoint Server 2019 or SharePoint Server 2016 farm to your SharePoint Server Subscription Edition farm and create a new User Profile service application from your SharePoint Server 2019 or SharePoint Server 2016 farm in your SharePoint Server Subscription Edition farm. The restore triggers SharePoint Server Subscription Edition to create a new User Profile service application in the SharePoint Server Subscription Edition farm and point it to the copied User Profile databases. To complete the upgrade of the User Profile service application, you create a proxy and add it to the default proxy group.
+
+ **To upgrade the User Profile service application by using PowerShell**
+
+1. Copy the Profile and Social databases in the SharePoint Server 2019 or SharePoint Server 2016 farm to the SharePoint Server Subscription Edition farm by following these steps:
+
+ > [!IMPORTANT]
+ > Perform these steps in the SharePoint Server 2019 and SharePoint Server 2016 environment.
+
+ - Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server 2019 or SharePoint Server 2016 cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/add-spshelladmin?view=sharepoint-ps).
+
+ - Start the SharePoint Management Shell.
+
+ - Set the User Profile databases to read-only. In the second phase of the process to upgrade SharePoint Server 2019 or SharePoint Server 2016 data and sites to SharePoint Server Subscription Edition, you set all the other databases to read-only.
+
+ - Copy the Profile and Social databases in the SharePoint Server 2019 or SharePoint Server 2016 farm to the SharePoint Server Subscription Edition farm, follow the procedures in [Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md).
+
+ > [!IMPORTANT]
+ > Perform the next steps in the SharePoint Server Subscription Edition environment.
+
+2. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server 2019 or SharePoint Server 2016 cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/add-spshelladmin?view=sharepoint-ps).
+
+3. Start the SharePoint Subscription Edition Management Shell.
+
+4. To store the application pool that you want to use as a variable for this service application, at the Microsoft PowerShell command prompt, type the following command:
+
+ ```powershell
+ $applicationPool = Get-SPServiceApplicationPool -Identity 'SharePoint Web Services default'
+ ```
+
+ Where:
+
+ _SharePoint Web Services default_ is the name of the service application pool that will contain the new service applications.
+
+ This cmdlet sets the service application pool as a variable that you can use again in the cmdlets that follow. If you have multiple application pools and have to use a different application pool for a particular service application, repeat this step in the procedure to create each service application to use the appropriate application pool.
+
+5. To restore the User Profile service application and upgrade the Profile and Social databases, at the Microsoft PowerShell command prompt, type the following command:
+
+ ```powershell
+ New-SPProfileServiceApplication -Name '<UserProfileApplicationName>' -ApplicationPool $applicationPool -ProfileDBName '<ProfileDBName>' -SocialDBName '<SocialDBName>' -ProfileSyncDBName '<SyncDBName>'
+ ```
+
+ Where:
+
+ - _UserProfileApplicationName_ is the name of the User Profile service application.
+
+ - $applicationpool is the variable that you set to identify the service application pool to use.
+
+ > [!NOTE]
+ > If you do not use the variable $applicationPool, then you must specify the name of an existing service application pool in the format '_Application Pool Name_'. To view a list of service application pools, you can run the **Get-SPServiceApplicationPool** cmdlet.
+
+ - _ProfileDBName_ is the name of the Profile database that you want to upgrade.
+
+ - _SocialDBName_ is the name of the Social database that you want to upgrade.
+
+ - _SyncDBName_ is the name of the new Synchronization database.
+
+6. Create the User Profile service application proxy and add it to the default proxy group by completing these actions:
+
+ - Type the following command to get the ID for the User Profile service application and store it as a variable:
+
+ ```powershell
+ $sa = Get-SPServiceApplication | ?{$_.TypeName -eq 'User Profile Service Application'}
+ ```
+
+ For more information, see [Get-SPServiceApplication](/powershell/module/sharepoint-server/get-spserviceapplication?view=sharepoint-ps).
+
+ - Type the following command to create a proxy for the User Profile service application:
+
+ ```powershell
+ New-SPProfileServiceApplicationProxy -Name 'User Profile Service Application Proxy' -ServiceApplication $sa
+ ```
+
+ Where:
+
+ - _ProxyName_ is the proxy name that you want to use.
+
+ - $sa is the variable that you set earlier to identify the new User Profile service application.
+
+ > [!TIP]
+ > If you do not use the variable $sa, then you must use an ID to identify the User Profile service application instead of a name. To find the ID, you can run the **Get-SPServiceApplication** cmdlet to return a list of all service application IDs.
+
+ For more information, see [New-SPProfileServiceApplicationProxy](/powershell/module/sharepoint-server/new-spprofileserviceapplicationproxy?view=sharepoint-ps).
+
+ - Type the following command to get the User Profile service application proxy ID for the proxy you just created and set it as the variable $proxy:
+
+ ```powershell
+ $proxy = Get-SPServiceApplicationProxy | ?{$_.TypeName -eq 'User Profile Service Application Proxy'}
+ ```
+
+ For more information, see [Get-SPServiceApplicationProxy](/powershell/module/sharepoint-server/get-spserviceapplicationproxy?view=sharepoint-ps).
+
+ - Type the following command to add the User Profile service application proxy to the default proxy group:
+
+ ```powershell
+ Add-SPServiceApplicationProxyGroupMember -member $proxy -identity ""
+ ```
+
+ Where:
+
+ - $proxy is the variable that you set earlier to identify the ID for the proxy you just created for the User Profile service application.
+
+ **Tip**: If you do not use the variable $proxy, then you must use an ID to identify the User Profile service application proxy instead of a name. To find the ID, you can run the **Get-SPServiceApplicationProxy** cmdlet to return a list of all service application proxy IDs.
+
+ - You use an empty **Identity** parameter ("") to add it to the default group.
+
+ For more information, see [Add-SPServiceApplicationProxyGroupMember](/powershell/module/sharepoint-server/add-spserviceapplicationproxygroupmember?view=sharepoint-ps).
+
+## Upgrade the Search service application
+<a name="UpgradeSearch"> </a>
+
+Upgrade the User Profile service application and the Managed Metadata service application before you upgrade the Search service application.
+
+To upgrade the Search service application, you copy the search administration database in your SharePoint Server 2019 or SharePoint Server 2016 farm to your SharePoint Server Subscription Edition farm and restore the Search service application from your SharePoint Server 2019 or SharePoint Server 2016 farm in your SharePoint Server Subscription Edition farm. The restore triggers SharePoint Server Subscription Edition to create a new Search service application in the SharePoint Server Subscription Edition farm and point it to the copied search administration database. To complete the upgrade of the Search service application you create a proxy and add it to the default proxy group and you ensure that the new Links Database and the new search topology is configured the same way as in the SharePoint Server 2019 or SharePoint Server 2016 farm.
+
+SharePoint Server Subscription Edition normally creates a new search topology with all the search components and databases when it creates a new Search service application. During a **restore** of a Search service application, SharePoint Server Subscription Edition creates a new search topology, but upgrades the restored Search Administration database instead of creating a new Search Administration database. The upgraded Search Administration database retains any additions or modifications made to the search schema, result sources and query rules from the SharePoint Server 2019 or SharePoint Server 2016 farm.
+
+> [!NOTE]
+> During this upgrade, search doesn't crawl content in your SharePoint Server 2019 or SharePoint Server 2016. If freshness of search results is important, save time by familiarizing yourself with these steps before starting the upgrade.
+
+> [!IMPORTANT]
+> As the search topology in the SharePoint Server Subscription Edition farm is new, the index is empty. You have to perform a full crawl of the entire indexed corpus after you have [upgraded all content sources](upgrade-content-databases-subscription-edition.md) (the fourth phase in the process to upgrade SharePoint Server 2019 and SharePoint Server 2016 data and sites to SharePoint Server Subscription Edition).
+
+ **To upgrade the Search service application by using PowerShell**
+
+1. Copy the search administration database in the SharePoint Server 2019 or SharePoint Server 2016 farm to the SharePoint Server Subscription Edition farm and follow these steps:
+
+ > [!NOTE]
+ > You copied all other content and service databases in your SharePoint Server 2019 or SharePoint Server 2016 environment in an earlier step of the process for upgrading to SharePoint Server Subscription Edition. We recommend copying the Search Administration database at this later stage because you have to pause the Search service application in your SharePoint Server 2019 or SharePoint Server 2016 environment while copying the Search Administration database.
+
+ > [!IMPORTANT]
+ > Perform these steps in the SharePoint Server 2019 or SharePoint Server 2016 environment.
+
+ - Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server Subscription Edition cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+ - Start the SharePoint 2019 or SharePoint 2016 Management Shell.
+
+ - Pause the Search service application. At the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $ssa = Get-SPEnterpriseSearchServiceApplication <SearchServiceApplicationName>
+ Suspend-SPEnterpriseSearchServiceApplication -Identity $ssa
+ ```
+
+ Where:
+
+ _SearchServiceApplicationName_ is the name of the Search service application you want to pause.
+
+ > [!NOTE]
+ > While the Search service application is paused, the index in the SharePoint Server 2019 or SharePoint Server 2016 environment isn't updated. This means that during the upgrade to SharePoint Server Subscription Edition, search results might be less fresh.
+
+
+ - Set the Search Administration database to read-only. In the second phase of the process to upgrade SharePoint Server 2019 or SharePoint Server 2016 data and sites to SharePoint Server Subscription Edition, you set all the other databases to read-only. Follow [the same instructions](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md) now for the Search Administration database.
+
+
+
+ - Copy the search administration database in the SharePoint Server 2019 or SharePoint Server 2016 farm to the SharePoint Server Subscription Edition farm, follow the procedures in [Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md) for the search administration database only.
+
+ > [!IMPORTANT]
+ > Perform the next steps in the SharePoint Server Subscription Edition environment.
+
+2. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server Subscription Edition cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+3. Start the SharePoint Subscription Edition Management Shell.
+
+4. To store the application pool that you want to use as a variable for this service application, at the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $applicationPool = Get-SPServiceApplicationPool -Identity 'SharePoint Web Services default'
+ ```
+
+ Where:
+
+ _SharePoint Web Services default_ is the name of the service application pool that will contain the new service applications.
+
+ This cmdlet sets the service application pool as a variable that you can use again in the cmdlets that follow. If you have multiple application pools and have to use a different application pool for a particular service application, repeat this step in the procedure to create each service application to use the appropriate application pool.
+
+5. To restore the Search service application and upgrade the Search Administration database, at the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $searchInst = Get-SPEnterpriseSearchServiceInstance -local
+ # Gets the Search service instance and sets a variable to use in the next command
+ Restore-SPEnterpriseSearchServiceApplication -Name '<SearchServiceApplicationName>' -applicationpool $applicationPool -databasename '<SearchServiceApplicationDBName>' -databaseserver <ServerName> -AdminSearchServiceInstance $searchInst
+ ```
+
+ Where:
+
+ - _SearchServiceApplicationName_ is the name of the Search service application.
+
+ - $applicationpool is the variable that you set to identify the service application pool to use.
+
+ > [!NOTE]
+ > If you do not use the variable $applicationPool, then you must specify the name of an existing service application pool in the format ' _Application Pool Name_'. To view a list of service application pools, you can run the **Get-SPServiceApplicationPool** cmdlet.
+
+ - _SearchServiceApplicationDBName_ is the name of the search administration database that you want to upgrade, and that this Search service application shall use.
+
+ - $searchInst is the variable that you set to identify the new Search Service application instance.
+
+ > [!NOTE]
+ > A Search service application upgrade might fail, for example due to network or SQL Server latency. If an error message appears during the upgrade, do the following:
+ >
+ > - Delete the Search Administration database that you were trying to upgrade.
+ >
+ > - Using the backup copy that you made of the Search Administration database, repeat the following procedures in this article for the Search service application only:
+ > - [Restore a backup copy of the database](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md#restore)
+ > - [Set the databases to read-write](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md#ReadWrite)
+ > - Type the command to upgrade the Search service application again at the PowerShell command prompt.
+
+ For more information, see [Restore-SPEnterpriseSearchServiceApplication](/powershell/module/sharepoint-server/Restore-SPEnterpriseSearchServiceApplication?view=sharepoint-ps).
+
+6. Create the Search service application proxy and add it to the default proxy group by completing these actions:
+
+ - Type the following command to get the ID for the Search service application and store it as a variable:
+
+ ```powershell
+ $ssa = Get-SPEnterpriseSearchServiceApplication
+ ```
+
+ For more information, see [Get-SPEnterpriseSearchServiceApplication](/powershell/module/sharepoint-server/Get-SPEnterpriseSearchServiceApplication?view=sharepoint-ps).
+
+ - Type the following command to create a proxy for the Search service application:
+
+ ```powershell
+ New-SPEnterpriseSearchServiceApplicationProxy -Name ProxyName -SearchApplication $ssa
+ ```
+
+ Where:
+
+ - _ProxyName_ is the proxy name that you want to use.
+
+ - $ssa is the variable that you set earlier to identify the new Search service application.
+
+ > [!TIP]
+ > If you do not use the variable $ssa, then you must use an ID to identify the Search service application instead of a name. To find the ID, you can run the **Get-SPServiceApplication** cmdlet to return a list of all service application IDs.
+
+ For more information, see [New-SPEnterpriseSearchServiceApplicationProxy](/powershell/module/sharepoint-server/New-SPEnterpriseSearchServiceApplicationProxy?view=sharepoint-ps).
+
+ - Type the following command to get the Search service application proxy ID for the proxy you just created and set it as the variable $ssap:
+
+ ```powershell
+ $ssap = Get-SPEnterpriseSearchServiceApplicationProxy
+ ```
+
+ For more information, see [Get-SPEnterpriseSearchServiceApplicationProxy](/powershell/module/sharepoint-server/Get-SPEnterpriseSearchServiceApplicationProxy?view=sharepoint-ps).
+
+ - Type the following command to add the Search service application proxy to the default proxy group:
+
+ ```powershell
+ Add-SPServiceApplicationProxyGroupMember -member $ssap -identity ""
+ ```
+
+ Where:
+
+ - $ssap is the variable that you set earlier to identify the ID for the proxy you just created for the Search service application.
+
+ > [!TIP]
+ > If you do not use the variable $ssap, then you must use an ID to identify the Search service application proxy instead of a name. To find the ID, you can run the **Get-SPServiceApplicationProxy** cmdlet to return a list of all service application proxy IDs.
+
+ - You use an empty **Identity** parameter ("") to add it to the default group.
+
+ For more information, see [Add-SPServiceApplicationProxyGroupMember](/powershell/module/sharepoint-server/Add-SPServiceApplicationProxyGroupMember?view=sharepoint-ps).
+
+7. If the SharePoint Server 2019 or SharePoint Server 2016 farm uses a Links Database that is partitioned, partition the Links Database in the SharePoint Server Subscription Edition farm the same way. Learn how in [Move-SPEnterpriseSearchLinksDatabases](/powershell/module/sharepoint-server/Move-SPEnterpriseSearchLinksDatabases?view=sharepoint-ps).
+
+8. (Optional) Preserve search relevance settings from the SharePoint Server 2019 or SharePoint Server 2016 farm. As the upgraded Search service application has a new, empty index, search analytics data from the SharePoint Server 2019 or SharePoint Server 2016 farm cannot be fully retained. Copy the Analytics Reporting database from the SharePoint Server 2019 or SharePoint Server 2016 farm and attach it to the new Search service application in the SharePoint Server Subscription Edition farm:
+
+ - In the SharePoint Server 2019 or SharePoint Server 2016 farm, [backup](../administration/move-or-rename-service-application-databases.md#to-back-up-the-search-service-application-databases) the Analytics Reporting database.
+
+ - In the SharePoint Server Subscription Edition farm, [restore the backed up database](../administration/move-or-rename-service-application-databases.md#to-restore-the-search-service-application-databases-to-a-new-database-server-1) to the new database server.
+
+ - In the SharePoint Server Subscription Edition farm, [attach the restored database](../administration/move-or-rename-service-application-databases.md#PS) to the new Search service application.
+
+9. Verify that the search topology on the new SharePoint Server Subscription Edition farm is alike that of the SharePoint Server 2019 or SharePoint Server 2016 farm. If your requirements for search have changed, now is a good time to scale out the search topology of the new SharePoint Server Subscription Edition farm.
+
+10. Resume the Search service application in the SharePoint Server environment.
+
+ At the PowerShell command prompt, type the following command:
+
+ ```powershell
+ $ssa = Get-SPEnterpriseSearchServiceApplication <SearchServiceApplicationName>
+ $ssa.ForceResume(0x02)
+ ```
+
+ Where:
+
+ - _SearchServiceApplicationName_ is the name of the Search service application you want to resume.
+
+## Verify that all of the new proxies are in the default proxy group
+<a name="VerifyProxies"> </a>
+
+Use the following procedure to verify that the steps to create the proxies and add them to the default proxy group worked.
+
+ **To verify that all of the new proxies are in the default proxy group by using PowerShell**
+
+1. Verify that you have the following memberships:
+
+ - **securityadmin** fixed server role on the SQL Server instance.
+
+ - **db_owner** fixed database role on all databases that are to be updated.
+
+ - Administrators group on the server on which you are running the PowerShell cmdlets.
+
+ An administrator can use the **Add-SPShellAdmin** cmdlet to grant permissions to use SharePoint Server 2019 or SharePoint Server 2016 cmdlets.
+
+ > [!NOTE]
+ > If you do not have permissions, contact your Setup administrator or SQL Server administrator to request permissions. For additional information about PowerShell permissions, see [Add-SPShellAdmin](/powershell/module/sharepoint-server/Add-SPShellAdmin?view=sharepoint-ps).
+
+2. Start the SharePoint Subscription Edition Management Shell.
+
+3. At the PowerShell command prompt, type the following commands:
+
+ ```powershell
+ $pg = Get-SPServiceApplicationProxyGroup -Identity ""
+ $pg.Proxies
+ ```
+
+ Where:
+
+ - $pg is a variable you set to represent the default proxy group.
+
+ - You use an empty **Identity** parameter ("") to specify the default proxy group.
+
+ This returns a list of all proxies in the default proxy group, their display names, type names, and IDs.
+
+ For more information, see Get-SPServiceApplicationProxyGroup[Get-SPServiceApplicationProxyGroup](/powershell/module/sharepoint-server/get-spserviceapplicationproxygroup?view=sharepoint-ps).
+
+Now that the service applications are upgraded, you can start the process to upgrade the content databases. The first step in that process is to create the web applications that are needed for each content database.
+
+<a name="VerifyProxies"> </a>
+
+|**Phases**|**Description**|
+|:--|:--|
+|![123 steps](../medi). <br/> |
+
+Next phase: [Upgrade content databases to SharePoint Server Subscription Edition](upgrade-content-databases-subscription-edition.md)
+
+## See also
+<a name="VerifyProxies"> </a>
+
+#### Concepts
+
+[Create the SharePoint Server Subscription Edition farm for a database attach upgrade](create-the-sharepoint-server-subscription-edition-farm-for-a-database-attach-upgrade.md)
+
+[Copy databases to the new farm for upgrade to SharePoint Server Subscription Edition](copy-databases-to-the-new-farm-for-upgrade-to-sharepoint-server-subscription-edition.md)
+
+[Upgrade content databases to SharePoint Server Subscription Edition](upgrade-content-databases-subscription-edition.md)
+
+[Services upgrade overview for SharePoint Server Subscription Edition](overview-of-the-services-upgrade-process-subscription-edition.md)
SharePoint Upgrade To Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/upgrade-to-sharepoint-server-subscription-edition.md
+
+ Title: "Upgrade to SharePoint Server Subscription Edition"
++++
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid: 396c85d9-4b86-484e-9cc5-f6c4d725c578
+
+description: "Learn how to plan, prepare, and perform an upgrade to SharePoint Server Subscription Edition from SharePoint 2019 or SharePoint 2016."
++
+# Upgrade to SharePoint Server Subscription Edition
++
+The following articles provide information about performing an upgrade to SharePoint Server Subscription Edition from SharePoint 2019 or SharePoint 2016.
+
+||**Content**|**Description**|
+|:--|:--|:--|
+|![Building blocks](../medi) <br/> |Find resources about how to start the upgrade process from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition. <br/> |
+|![Building blocks](../medi) <br/> |Find resources to help you perform the steps to upgrade databases from SharePoint Server 2019 and SharePoint Server 2016 to SharePoint Server Subscription Edition. <br/> |
+|![Building blocks](../medi) <br/> |Find out how to upgrade a site collection to SharePoint Server Subscription Edition. <br/> |
SharePoint Verify Upgrade For Databases Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/upgrade-and-update/verify-upgrade-for-databases-subscription-edition.md
+
+ Title: "Verify database upgrades in SharePoint Server Subscription Edition"
++++ Last updated : 07/09/2021
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Normal
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+ms.assetid: f3819495-4b67-4a71-ba46-23e43b175620
+description: "Learn how to verify when a database-attach upgrade to SharePoint Server Subscription Edition has finished, and identify any problems that may have occurred."
++
+# Verify database upgrades in SharePoint Server Subscription Edition
++
+After you upgrade databases to SharePoint Server Subscription Edition, you must verify that the content was successfully upgraded to the new version. You can verify the status of the database-attach upgrade (is it still in progress, or has it been completed successfully or with errors or failures?) to see whether issues remain for you to address. When you follow these steps as part of a trial upgrade, you can use them to identify customizations that have to be reworked before you attempt to upgrade your production environment. When you upgrade your production environment, it is even more important that you know whether the upgrade has completed and what issues remain to be addressed.
+
+## Verify upgrade status for databases
+<a name="Verify"> </a>
+
+You can use the following methods to verify upgrade:
+
+- Use the Upgrade Status page in Central Administration
+
+ This page lists all farm, service, or content database upgrades and their statuses. This includes a count of errors or warnings.
+
+- Review the log files to look for errors or warnings
+
+ If upgrade was not successfully completed, you can view the log files to find the issues, address them, and then restart the upgrade process.
+
+### Review the log files for database attach upgrade
+
+To verify that upgrade has succeeded, you can review the following log and error files:
+
+- The upgrade log file and the upgrade error log file.
+
+ Review the upgrade log file and the upgrade error log file (generated when you run the upgrade). The upgrade log file and the upgrade error log file are located at %COMMONPROGRAMFILES%\Microsoft Shared\Web server extensions\16\LOGS. The logs are named in the following format: Upgrade- _YYYYMMDD-HHMMSS-SSS-\<GUID\>_.log, where _YYYYMMDD_ is the date and _HHMMSS-SSS_ is the time (hours in 24-hour clock format, minutes, seconds, and milliseconds). The upgrade error log file combines all errors and warnings in a shorter file and is named Upgrade- _YYYYMMDD-HHMMSS-SSS-\<GUID\>_-error.log.
+
+ The format of the log files complies with the Unified Logging System (ULS) conventions. To review the log files to find and troubleshoot issues, start at the top of the files. Errors or warnings may be repeated if they occur for several site collections in the environment, or if they block the upgrade process completely. For example, if you cannot connect to the configuration database, the upgrade process will try (and fail) several times and these tries will be listed in the log file.
+
+If you find blocking issues in the log file, you can resolve the issues and then restart upgrade to continue with the process.
+
+### Check the upgrade status for databases
+
+The Upgrade Status page lists the upgrade sessions and gives details about the status of each session ΓÇö whether it succeeded or failed, and how many errors or warnings occurred for each server. The Upgrade Status page also includes information about the log and error files for the upgrade process and suggests remedies for issues that might have occurred.
+
+ **To view upgrade status in SharePoint Central Administration**
+
+1. Verify that you have the following administrative credentials:
+
+ - To use SharePoint Central Administration, you must be a member of the Farm Administrators group.
+
+2. On the Central Administration home page, in the **Upgrade and Migration** section, click **Check upgrade status**.
+
+## Validate the upgraded environment
+<a name="ValidateEnv"> </a>
+
+After you determine whether upgrade was completed successfully, validate your environment. Review the following items:
+
+- Service applications
+
+ - Are they configured correctly?
+
+ - Are the service application proxies configured the way that you want?
+
+ - Do you have to create new connections between farms?
+
+- Site collections
+
+ - Are all features associated with the sites working?
+
+- Search
+
+ - Check that the search configuration settings are alike those in the SharePoint Server Subscription Edition farm.
+
+ - Run search queries, and verify that the queries work as expected and provide appropriate results. Twenty-four hours later, view the query reports and look for issues.
+
+ - Search for people and profiles.
+
+ - Check any Search customizations to make sure that they work as expected.
SharePoint New And Improved Features In Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/what-s-new/new-and-improved-features-in-sharepoint-server-subscription-edition.md
+
+ Title: "New and improved features in SharePoint Server Subscription Edition"
++++
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Priority
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- Strat_SP_server
+
+description: "Learn about the new features and updates to existing features in SharePoint Server Subscription Edition."
++
+# New and improved features in SharePoint Server Subscription Edition
++
+Learn about the new features and updates to existing features in SharePoint Server Subscription Edition.
+
+## List of new features and updates to existing features
+
+The following table provides the list of new features and updates to existing features in SharePoint Server Subscription Edition.
+
+|**Feature Group**|**Features**|**More info**|
+|:--|:--|:--|
+|Authentication and Identity Management <br/> | <ul><li>Adds support for OpenID Connect (OIDC) 1.0</li><li>Enhanced People Picker for modern authentication</li></ul> | <ul><li>For more information, see [OpenID Connect (OIDC) 1.0 authentication](#OIDCa).</li><li>For more information, see [People Picker improvement for modern authentication](#people).</li></ul> |
+|Deployment and Upgrade <br/> | <ul><li>Adds support for Windows Server 2022</li><li>Adds support for Windows Server Core</li><li>Supports "N - 2" upgrading from SharePoint 2016 and SharePoint 2019 (and Project Server 2016 and 2019)</li></ul> | <ul><li>For more information, see [Windows Server 2022](#server).</li><li>For more information, see [Windows Server Core](#core).</li><li>For more information, see [Upgrading directly from SharePoint 2016 and SharePoint 2019 (and Project Server 2016 and 2019)](#upgrade).</li></ul> |
+|Farm Administration <br/> | <ul><li>Federated service applications support "N - 2" content farms (SharePoint 2016, 2019, and Subscription Edition)</li></ul> | <ul><li>For more information, see [Federated service applications support "N - 2" content farms (SharePoint 2016, 2019, and Subscription Edition)](#fedral).</li></ul> |
+|PowerShell <br/> | <ul><li>SharePoint PowerShell cmdlets converted from snap-in to module</li></ul> | <ul><li>For more information, see [SharePoint PowerShell cmdlets converted from snap-in to module](#snap).</li></ul> |
+|Search <br/> | <ul><li>Support for returning list content in modern results page</li></ul> | <ul><li>For more information, see [Support for returning list content in modern results page](#listmrp).</li></ul> |
+|Security <br/> | <ul><li>Adds support for TLS 1.3</li><li>Strong TLS encryption by default</li></ul> | <ul><li>For more information, see [TLS 1.3](#tlss).</li><li>For more information, see [Strong TLS encryption by default](#tlsed).</li></ul> |
+|Sites, Lists, and Libraries <br/> | <ul><li>Accessibility improvements</li><li>Image and document thumbnails in document libraries and picture libraries</li></ul> | <ul><li>For more information, see [Accessibility improvements across modern UX](#aiamu).</li><li>For more information, see [Image and document thumbnails in document libraries and picture libraries](#idt).</li></ul> |
+
+## Detailed description of features
+
+This section provides detailed descriptions of the new and updated features in SharePoint Server Subscription Edition.
+
+## Authentication and Identity Management
+
+<a name="OIDCa"> </a>
+### OpenID Connect (OIDC) 1.0 authentication
+
+SharePoint Server Subscription Edition adds support for the OpenID Connect (OIDC) 1.0 authentication protocol. OIDC is a modern authentication protocol that makes it easy to integrate applications and devices with your organization's identity and authentication management solutions to better meet your evolving security and compliance needs. For example, customers can enforce authentication policies such as multifactor authentication (MFA), conditional access policies based on device compliance, and more.
+
+SharePoint Server Subscription Edition supports OIDC authentication with identity providers such as Azure Active Directory (AAD), Active Directory Federation Services (AD FS) 2016 or higher, and third-party identity providers that implement the OIDC 1.0 protocol.
+
+To set up OIDC authentication in SharePoint Server, see [OpenID Connect 1.0 authentication](../security-for-sharepoint-server/oidc-1-0-authentication.md).
+
+<a name="people"> </a>
+### People Picker improvement for modern authentication
+
+When modern authentication (trusted identity provider) such as SAML 1.1 or OIDC 1.0 is used, the People Picker control canΓÇÖt search, resolve, and validate users and groups without writing a custom claim provider through C#.
+
+In SharePoint Server Subscription Edition, the People Picker has been enhanced to allow resolving users and groups based on their profiles in the User Profile Application (UPA). UPA must be configured to synchronize users and groups from the trusted identity provider membership store. This allows the People Picker to only resolve valid users and groups without requiring a custom claims provider.
+
+To configure People Picker, see [Enhanced People Picker for modern authentication](../administration/enhanced-people-picker-for-trusted-authentication-method.md).
+
+## Deployment and Upgrade
+
+<a name="server"> </a>
+### Windows Server 2022
+
+Windows Server 2022 includes multiple new features and improvements in security, virtualization, networking, and more, such as:
+
+ - **Security**
+
+ Secured-core server provides advanced protection against increasingly sophisticated attacks through hardware root-of-trust, firmware protection, and virtualization-based security. Network security is strengthened through the support of TLS 1.3, DNS-over-HTTPS (DoH), and stronger SMB file share encryption.
+
+ - **Networking**
+
+ Performance improvements in both TCP and UDP networking maximize bandwidth, minimize packet loss, and reduce CPU load. In addition, SMB compression allows files to be compressed as theyΓÇÖre transferred over the network for faster file transfers.
+
+ - **Virtualization**
+
+ Performance improvements in the Hyper-V virtual switch reduces the CPU load of virtual machine network communication. Nested virtualization support has also been added for AMD processors.
+
+For more information about Windows Server 2022, see [WhatΓÇÖs new in Windows Server 2022](/windows-server/windows-server-2022/get-started/whats-new).
+
+SharePoint Server Subscription Edition supports additional security features when deployed with Windows Server 2022 such as support for TLS 1.3 and strong TLS encryption by default.
+
+> [!NOTE]
+> These security features are not available when SharePoint Server Subscription Edition is deployed with earlier versions of Windows Server. Microsoft recommends deploying SharePoint Server Subscription Edition with Windows Server 2022 or higher.
+
+<a name="core"> </a>
+### Windows Server Core
+
+Windows Server Core is a leaner Windows Server deployment type compared to the classic Windows Server with Desktop Experience. Server Core minimizes the number of OS features and services that are installed and running to only those that are truly needed for a server. This reduces the demand on system resources (CPU, RAM, and disk space) and the potential attack surface for security vulnerabilities.
+
+SharePoint Server Subscription Edition adds support for the Windows Server Core deployment type with both Windows Server 2019 and Windows Server 2022. The Windows Server Desktop Experience deployment type remains supported with both Windows Server 2019 and Windows Server 2022.
+
+For more information about Windows Server Core, see [What is the Server Core installation option in Windows Server](/windows-server/administration/server-core/what-is-server-core). For guidance on installing SharePoint Server Subscription Edition on Windows Server Core, see [Installing SharePoint Server Subscription Edition on Windows Server Core](../install/installing-sharepoint-server-subscription-edition-on-windows-server-core.md).
+
+<a name="upgrade"> </a>
+### Upgrading directly from SharePoint 2016 and SharePoint 2019 (and Project Server 2016 and 2019)
+
+SharePoint Server Subscription Edition supports both **N - 1** and **N - 2** version-to-version upgrade. You can upgrade directly from the following SharePoint products using the standard database attach upgrade procedure:
+
+ - SharePoint Server 2019 (including Project Server 2019)
+
+ - SharePoint Server 2016 (including Project Server 2016)
+
+> [!NOTE]
+> Directly upgrading from versions of SharePoint earlier than SharePoint Server 2016 via database attach is not supported. SharePoint 2013, SharePoint 2010, and so on must first be upgraded to either SharePoint Server 2016 or SharePoint Server 2019 via database attach before upgrading to SharePoint Server Subscription Edition.
+
+For more information:
+
+ - To install SharePoint Server Subscription Edition, see [Installation overview for SharePoint Server Subscription Edition](../install/install-overview-spserver-se.md).
+
+ - To upgrade to SharePoint Server Subscription Edition, see [Upgrade to SharePoint Server Subscription Edition](../upgrade-and-update/upgrade-to-sharepoint-server-subscription-edition.md).
+
+## Farm Administration
+
+<a name="fedral"> </a>
+### Federated service applications support "N - 2" content farms (SharePoint 2016, 2019, and Subscription Edition)
+
+In SharePoint Server, some service applications can be shared across server farms. Microsoft supports service applications published by a SharePoint Server Subscription Edition farm being consumed by the following versions of SharePoint Server:
+
+ - SharePoint Server Subscription Edition (N)
+
+ - SharePoint Server 2019 (N - 1)
+
+ - SharePoint Server 2016 (N - 2)
+
+For more information, see [Share service applications across farms in SharePoint Server](/sharepoint/administration/share-service-applications-across-farms).
+
+## PowerShell
+
+<a name="snap"> </a>
+### SharePoint PowerShell cmdlets converted from snap-in to module
+
+SharePoint Server PowerShell cmdlets are now installed via a PowerShell module instead of a PowerShell snap-in. This follows the recommended packaging approach from PowerShell and allows us to better support the PowerShell experience.
+
+It includes the following benefits:
+
+ - SharePoint Server cmdlets are now automatically available in all Windows PowerShell consoles. You don't have to launch the SharePoint Management Shell or use the `Add-PSSnapin` cmdlet to access the SharePoint Server cmdlets.
+
+ - PowerShell will be able to download updated SharePoint Server cmdlet help content over the Internet.
+
+> [!NOTE]
+> The SharePoint Management Shell will continue to be included in the product to provide a familiar PowerShell UI for managing SharePoint Server. The SharePoint Server PowerShell cmdlets will continue to require Windows PowerShell. These cmdlets will not be compatible with PowerShell Core 6.x or PowerShell 7.x.
+
+## Search
+
+<a name="listmrp"> </a>
+### Support for returning list content in modern results page
+
+Lists and list items are now searchable in the modern UX. List item results will be included in the **All** category of the modern search result page.
+
+## Security
+
+<a name="tlss"> </a>
+### TLS 1.3
+
+Transport Layer Security (TLS) is a cryptographic protocol that encrypts communication between two endpoints, such as between a web browser and an HTTPS web site. TLS 1.3 is the latest and most secure version of the TLS protocol.
+
+SharePoint Server Subscription Edition supports TLS 1.3 by default when deployed with Windows Server 2022 or higher.
+
+> [!NOTE]
+> TLS 1.3 is not available and is not supported when SharePoint Server Subscription Edition is deployed with earlier versions of Windows Server. Microsoft recommends deploying SharePoint Server Subscription Edition with Windows Server 2022 or higher.
+
+> [!NOTE]
+> Not all applications in your software ecosystem may support TLS 1.3. Check with your software vendors to determine if your other applications support TLS 1.3. SharePoint Server Subscription Edition can fall back to earlier TLS protocol versions when connecting with systems that don't support TLS 1.3 unless the customer has disabled earlier TLS protocol versions.
+
+For more information, see [TLS 1.3 Support](../security-for-sharepoint-server/tls-support-1.3.md).
+
+<a name="tlsed"> </a>
+### Strong TLS encryption by default
+
+SharePoint Server Subscription Edition will use the advanced security capabilities of Windows Server 2022 to ensure that TLS connections made to SharePoint sites only use the strongest encryption by default. SharePoint Server will configure itself to enforce the minimum TLS version and cipher suite requirements of HTTP/2 on its SSL bindings regardless of whether the connection uses HTTP/2.
+
+Specifically:
+
+ - The SSL/TLS protocol version negotiated must be TLS 1.2 or higher.
+
+ - The TLS cipher suite negotiated must support forward secrecy and AEAD encryption modes such as GCM.
+
+Customers can allow legacy encryption to be used if needed for backward compatibility with older software that doesn't support strong TLS protocol versions and cipher suites.
+
+> [!NOTE]
+> Strong TLS encryption by default is not available when SharePoint Server Subscription Edition is deployed with earlier versions of Windows Server. Microsoft recommends deploying SharePoint Server Subscription Edition with Windows Server 2022 or higher.
+
+For more information, see [Strong TLS Encryption](../security-for-sharepoint-server/strong-tls-encryption.md).
+
+## Sites, Lists, and Libraries
+
+<a name="aiamu"> </a>
+### Accessibility improvements across modern UX
+
+SharePoint Server Subscription Edition includes numerous accessibility improvements across the modern UX to ensure that all users can be productive with SharePoint.
+
+<a name="idt"> </a>
+### Image and document thumbnails in document libraries and picture libraries
+
+SharePoint Server Subscription Edition can render thumbnails of files in the Tiles view of document libraries and picture libraries. SharePoint will render thumbnails of popular image file formats such as PNG, JPEG, GIF, and more. And if you've linked your SharePoint Server farm to an Office Online Server farm, SharePoint will also be able to render thumbnails of popular document formats such as PDFs, Word documents, PowerPoint documents, and Rich Text Files.
+
+## Related articles
+
+[Installation overview for SharePoint Server Subscription Edition](../install/install-overview-spserver-se.md)
+
+[System requirements for SharePoint Server Subscription Edition](../install/system-requirements-for-sharepoint-subscription-edition.md)
+
+[Upgrade to SharePoint Server Subscription Edition](../upgrade-and-update/upgrade-to-sharepoint-server-subscription-edition.md)
+++
SharePoint What S Deprecated Or Removed From Sharepoint Server Subscription Edition https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/what-s-new/what-s-deprecated-or-removed-from-SharePoint-Server-Subscription-Edition.md
+
+ Title: "What's deprecated or removed from SharePoint Server Subscription Edition"
++++
+audience: ITPro
+f1.keywords:
+- NOCSH
+
+localization_priority: Priority
+
+- IT_Sharepoint_Server
+- IT_Sharepoint_Server_Top
+- Strat_SP_server
+
+description: "Learn about the features and functionality that are deprecated or removed in SharePoint Server Subscription Edition."
++
+# What's deprecated or removed from SharePoint Server Subscription Edition
++
+Learn about the features and functionality that are deprecated or removed in SharePoint Server Subscription Edition.
+
+Deprecated features are included in SharePoint Server Subscription Edition for compatibility with previous product versions. For information about new features in SharePoint Server Subscription Edition, see [New and improved features in SharePoint Server Subscription Edition](new-and-improved-features-in-sharepoint-server-subscription-edition.md).
+
+## Definitions
+
+Different customers may have different interpretations of terms such as "deprecated." To ensure that customers fully understand what we mean by the terminology in this document, we're including this brief definition of each term.
+
+- **Deprecated**
+
+A deprecated feature is no longer being invested in by Microsoft and we discourage customers from taking a dependency on it if they haven't used it before. Deprecated features are still supported by Microsoft in SharePoint Server Subscription Edition for customers who are already using this feature in previous releases and need the feature for backward compatibility. Deprecated features may be removed in future major releases of SharePoint Server with no additional notice. Customers should begin to explore their options for migrating away from these features.
+
+- **Removed**
+
+A removed feature is no longer supported by Microsoft in SharePoint Server Subscription Edition. In many cases, the feature is actually removed from the product, but in some cases it may still be present. A feature labeled as "removed" is unsupported even if the feature is still present in the product.
+
+## Deprecated Features
+
+ - SharePoint 2010 workflows
+
+## Removed Features
+
+ - Access Services 2010
+
+ - Access Services 2013
+
+ - Groove sync app support
+
+ - Lists web service APIs for Groove sync app
+
+ - PerformancePoint Services
+
+ - Stsadm.exe command line tool
+
+
+## Detailed description of features deprecated or removed in SharePoint Server Subscription Edition
+
+The following features and functionality have been deprecated or removed in SharePoint Server Subscription Edition.
+
+### SharePoint 2010 workflows
+
+SharePoint 2010 workflows will remain supported, but deprecated, for the SharePoint Server Subscription Edition release. Customers are recommended to explore [SharePoint 2013 workflows](/sharepoint/dev/general-development/creating-a-workflow-by-using-sharepoint-designer-and-the-sharepoint-wo#:~:text=%20Creating%20a%20workflow%20by%20using%20SharePoint%20Designer,for%20many...%204%20See%20also.%20%20More%20) or [Power Automate](https://flow.microsoft.com/) as potential alternatives to SharePoint 2010 workflows.
+
+### Access Services 2010
+
+Access Services 2010 will remain supported, but has been removed from SharePoint Server Subscription Edition. Customers are recommended to explore Microsoft [Power Apps](https://powerapps.microsoft.com/) and [Power Automate](https://flow.microsoft.com/) as potential alternatives to Access Services 2010.
+
+### Access Services 2013
+
+Access Services 2013 will remain supported, but has been removed from SharePoint Server Subscription Edition. Customers are recommended to explore Microsoft [Power Apps](https://powerapps.microsoft.com/) and [Power Automate](https://flow.microsoft.com/) as potential alternatives to Access Services 2013.
+
+### Groove sync app support
+
+Groove sync app support will remain supported, but has been removed from SharePoint Server Subscription Edition. Customers are recommended to explore Microsoft [OneDrive sync app](https://support.microsoft.com/office/sync-files-with-onedrive-in-windows-615391c4-2bd3-4aae-a42a-858262e42a49#bkmk_install) as a potential alternative to Groove sync app support.
+
+### Lists web service APIs for Groove sync app
+
+Lists web service APIs for Groove sync app will remain supported, but has been removed from SharePoint Server Subscription Edition. Customers are recommended to explore Microsoft [OneDrive sync app](https://support.microsoft.com/office/sync-files-with-onedrive-in-windows-615391c4-2bd3-4aae-a42a-858262e42a49#bkmk_install) as a potential alternative to lists web service APIs.
+
+### PerformancePoint Services
+
+PerformancePoint Services had a significant dependency on Microsoft Silverlight, which is a technology that will no longer be supported as of October 12, 2021. PerformancePoint Services has been removed from SharePoint Server Subscription Edition. Customers are recommended to explore Microsoft [PowerBI](https://powerbi.microsoft.com/)as an alternative to PerformancePoint Services as we are making many new business intelligence investments in PowerBI.
+
+### Stsadm.exe command line tool
+
+The stsadm.exe command line administration tool has been removed from SharePoint Server Subscription Edition. SharePoint PowerShell cmdlets must be used to administer SharePoint from the command line or through scripting. TAP customers can open bugs (feedback) in the Microsoft Collaborate portal if any important functionality in stsadm.exe is not available in the SharePoint PowerShell cmdlets.
+
+> [!NOTE]
+> As SharePoint PowerShell cmdlets have been converted from snap-ins to modules in SharePoint Server Subscription Edition, the Update-SPHelp cmdlet is no longer necessary to download the latest cmdlet help content. This cmdlet has been removed.
+
+### Microsoft Information Protection and Control Client 2.1 (MSIPC)
+
+This feature has been replaced by an internal version that will be installed through SharePoint setup and serviced through SharePoint public updates.
+
+### Windows Server AppFabric 1.1
+
+This featuer has been replaced by an internal version that will be installed through SharePoint setup and serviced through SharePoint public updates.
SharePoint What S New https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointServer/what-s-new/what-s-new.md
description: "Use these articles to develop a business case for choosing SharePo
# What's new Articles contain an overview of new and improved product features, updates, deprecated and removed features. |**Content**|**Description**| |:--|:--|
+|[New and improved features in SharePoint Server Subscription edition](new-and-improved-features-in-sharepoint-server-subscription-edition.md) <br/> |Learn about the new features and updates to existing features in SharePoint Server Subscription edition. <br/> |
|[New and improved features in SharePoint Server 2019](new-and-improved-features-in-sharepoint-server-2019.md) <br/> |Learn about the new features and updates to existing features in SharePoint Server 2019. <br/> | |[What's deprecated or removed from SharePoint Server 2019](what-s-deprecated-or-removed-from-sharepoint-server-2019.md) <br/> |Learn about the features and functionality that are deprecated or removed in SharePoint Server 2019. <br/> | |[New and improved features in SharePoint Server 2016](new-and-improved-features-in-sharepoint-server-2016.md) <br/> |Learn about the new features and updates to existing features in SharePoint Server 2016. <br/> |