Adding a SharePoint 2013 Server To A Farm

Adding additional servers to a SharePoint farm provides the flexibility of role assignments per server within the SharePoint farm as well as high availability for servers that are running the same services. For example having two servers running Excel Services increases the availability (and performance) of the farm as both servers would be used by the users and load balanced internally by SharePoint.

Adding The Second Server

First ensure the second server is ready and available up to OS level and Windows Server patching is applied.  Next ensure that it is part of the same domain as the first SharePoint server and that the setup account (SPSETUP in our example) account is a local administrator on this server.

Install the Pre-Requisites and Binaries

Install SharePoint pre requisites and run the SharePoint Setup Program.  The server may require a couple of reboots during the installation.  Once complete install the binaries.

Select Install SharePoint Server


Enter license key and accept license agreement and select “Complete” to install the SharePoint binaries onto the server.


Once this process completes you can run the configuration wizard.


Click Next and accept the warning message by clicking yes.


Leave the default option selected and click next.


Enter the database server name and click Retrieve Database Names.

This should make a connection back to the database server and allow you to select the SharePoint_Config database.  If it cannot access SQL Server then ensure there are no firewalls blocking access.  If the firewall is on you can use this script on the SQL Server host server to ensure connectivity :-

netsh advfirewall firewall add rule name=”Open SQL Server Port 1433″ dir=in action=allow protocol=TCP localport=1433


Enter the passphrase you used when creating the first SharePoint server.


if you have forgotten your pass phrase then it can be reset easily on the main SharePoint server using the SharePoint PowerShell Module as shown here. and the Set-SPPassPhrase shown here.


Check Summary and continue.


The advanced settings here allow you to run the Central Admin site on this new server.  We have selected to NOT host Central Admin on this server also for our exercise.  In order to make the CA site highly available (running on more than one server) then select the option to “use this machine to host the web site.”.  However you would need to configure access mappings or a proper URL for the CA site.  I may cover this in the future.


Await the completion of the configuration



Central Admin will now open.  If not log onto the CA site from the original server and we can now see and configure the farm.

If we look at System Settings, Servers in Farm we can see both servers SharePointDemo and SharePointDemo2.


We can also see that only the basic core services are running on the new server.

Configuring Services on the second SharePoint Server

From Central Admin select, System Settings, Manage Services on server.

Select change Server where the server name is displayed (top right).


Select the server to change to (we will click SharePointDemo2)


Now we can see all services running on this server.  So if we want to run a service on this server we simply click start next to the service that is stopped.  Here we will start the Word Automation Service.


Other services such as Excel Services, Visio Graphics and more can be started up in this way on any additional SharePoint servers.  Services which require an installation process such as PowerPivot, SSRS / Power View will need to be installed first and configured.  We will cover this in the BI services section.

Add Secure Store Service and Configure an Application ID

To add the secure store service start the service.

Also you will note the application event log message on the new SharePoint server.

Event ID “7535, Secure Store Service”…failed to retrieve the master secret key. The error returned was: ‘Unable to obtain master key; “


From Central Admin, go to manage service applications and click manage on the Secure Store application and the “Unable to obtain master key” error is displayed (just like it was when adding the first server).


In order to join the new server and configure the Secure Store service correctly select Refresh Key.

Enter the passphrase which was used when creating the Secure Store service.


Once complete the following screen should appear.


While we are here lets create a secure store application ID which we can use later in Excel Services when we do the BI section.

Click New enter the application ID name and display name.


click Next

Enter the account details of the Domain user account that will be used as the unattended account.


Note: The password will be shown on screen, i have just put in some *’s for the screenshot !

Enter the administrator accounts who can manage the secure store credentials.  I would recommend creating a SharePoint Admins group or groups for different environments to provide this type of access within SharePoint.


We should now see the application ID we created.


The credentials we provided here (unattended account) can be used to provide access to backend data sources for example when users do not have direct access.

Create our Web Application, Site Collection and Web (aka Site).

Each Web Application can host many site collections and site collections can host many Webs.  Note the term Web is used to reference a site or the entity which sits in IIS.  Each Web Application can have multiple databases.

A database can contain many site collections.  A site collection can only exist in one database.

Separate site collections can be create for users and business areas that require security isolation.

Here we will get on with the task of create a web so users have something to work with.  We will use the Enterprise BI template and create web application followed by a Site Collection.  We will also give the site a proper URL AND make it highly available in that it will run on two servers.  The webs would run on servers allocated to the Web Front End role in any production architecture meaning that these servers will not host application roles such as Excel Services etc.

Creating the BI Site

First create a DNS Alias and register the application pool account.

We will use the URL http://BI.demo.local and the demo\SPBISvcApp domain account for the application pool.  We will also use Kerberos authentication as opposed to NTLM in order to allow us to fully utilise the BI features.

In DNS I have created a simple A record.


This would generally be the IP address of a load balancer. The load balancer would be configured to respond to this URL and send it to the Web Front End servers.  Windows Server has it’s own load balancing services which could be used here but generally a hardware load balancer is used as they are more sophisticated in that they can check for certain conditions and strings in a web page for example.  The Windows NLB can only check for pings.  This would not help if the server was well but IIS had hung for example.

Add the managed account if not already done.

From Central Admin, Security, Configure Managed Accounts.  Check to see if your BI service account is included, if not add it now.


Back to Central Admin, Web applications, Manage Web Applications


Create New Web Applications, click new.

Create a new IIS web site, Enter a name for it, and enter the host header which should match the A record in DNS.


Select Kerberos for the authentication method.


Leave sign in page and public  URL as default.


Enter the New App Pool Name, check service account and rename the database to something more sensible than the default WSS_Content.


All other settings can be left as default including the proxy groups.

Wait for the Web App to be created



Now that the site web app is created we can create the site collection which is a container for the individual webs.

Click on the Create Site Collection link or if you have closed it from Central Admin, Create Site Collections.

Enter a name


Use Define Managed Paths to create a subsite link rather than top level.  Ours will be a top level bi.demo.local rather than bi.demo.local/SITENAME.


Enter two administrator accounts and click OK.




Clicking on the link should open up the site. It may take a while..Enter the login details of the setup or farm account.

and Voila



About Mitesh Chauhan
Mitesh Chauhan, Azure Cloud Solutions Architect. This is my blog where I share articles and thoughts on IT Infrastructure and architecture. The topics I am most passionate about are Implementation and architecture of rock solid Cloud Infrastructure based around SQL Server and Windows Server mainly using Microsoft Azure. MCTS - Azure Architecture MCTS - Azure Implementation MCSE Server Infrastructure (Windows Server 2012) , MCITP SQL Server 2008, Togaf Certified, Prince 2 Practitioner.

15 Responses to Adding a SharePoint 2013 Server To A Farm

  1. Daniel says:

    HI Mitesh,
    Thank you posting this article. I am in the process of setting up a Stretched Environment from our existing three tier environment. HA and Always-On are the primary reasons for setting up the stretched environment. Currently, I have two WFE servers which are being load balanced, one SharePoint 2013 App server and one SQL 2012 SP1 server. After I am done, I plan on have two SharePoint 2013 servers and three SQL servers.
    As you stated in your article, “In order to make the CA site highly available (running on more than one server) then select the option to “use this machine to host the web site.”. However you would need to configure access mappings or a proper URL for the CA site. I may cover this in the future” What are the Access Mappings or Proper URLs for the CA site?
    Thanks in advance.

    • Mohd Faisal says:

      Hello Daniel,
      You may configure the Central admin site on 2 servers for redundancy. The CA can be provisioned using the PSConfig wizard or through the Powershell. Once you have the CA setup you would notice in the AAM that the site is accessible through the server name. you can now create a load balenced A record in DNS and configure AAM and IIS host to use that host instead of the server name. You now have a load-balanced URL for CA.

  2. Axl says:

    Hi Mitesh, I enjoyed your SharePoint 2013 articles, guidelines, and explanations. They are loaded with great information and setup tips! Your style combines real world experience and deep understanding with best practices. Will you be updating this blog with the BI services section soon? I hope so, looking forward to it, specifically PowerPivot and SSRS / Power View installation and configuration. Thank you!

    “Services which require an installation process such as PowerPivot, SSRS / Power View will need to be installed first and configured. We will cover this in the BI services section.”

  3. Thanks for this great post

  4. fewlines4biju says:

    Very nice post, well explained… thanks for sharing…

  5. sneha says:

    we have to setup 2 WFE servers, 2 application servers(1- central admin, 1-search services), i would like to know step by step configuration of application server with only search services installed on it and how to install WFEs (what option shud i choose from advance setting to make it as WFE).. thank u

  6. laxmi says:

    Thanks for sahring good post!

    In my scenario one of the search server seems to be in farm but its not showing CA ” Server in farm” and also using PS command ” get-spserver”.How do i confirm the search server is in farm?

    Apperciate your help and quick response.Thank you.

    • Hi thanks for visiting, can you explain your issue ? It says it shows search server shows as in farm then you say it does not. Not clear what the problem is.


  7. Sandip Poley says:


    I am trying to add new server to SP 2010 farm, but i am not able to do so.
    Getting below error in event log.
    Failed to connect to the configuration database.An exception of type System.InvalidOperationException was thrown. Additional exception information: Cannot start service SPAdminV4 on computer ‘.’.
    System.InvalidOperationException: Cannot start service SPAdminV4 on computer ‘.’. —> System.ComponentModel.Win32Exception: The service did not respond to the start or control request in a timely fashion
    — End of inner exception stack trace —
    at System.ServiceProcess.ServiceController.Start(String[] args)
    at Microsoft.SharePoint.Win32.SPAdvApi32.StartService(String strServiceName)
    at Microsoft.SharePoint.Administration.SPWindowsServiceInstance.Start()
    at Microsoft.SharePoint.Administration.SPFarm.Join()
    at Microsoft.SharePoint.PostSetupConfiguration.ConfigurationDatabaseTask.CreateOrConnectConfigDb()
    at Microsoft.SharePoint.PostSetupConfiguration.ConfigurationDatabaseTask.Run()
    at Microsoft.SharePoint.PostSetupConfiguration.TaskThread.ExecuteTask()

    Setup account and farm accont are already in administrator group. Also have dbo and security admin access to config db.

    Could you please help.

    Many thanks in advance.

    Sandip Poley

    • Hi Sorry for the delay,

      Ensure the database is accessible, also check DC replication as it could be an issue with the service account. worst case install SQL Management Studio on the server and check if you can connect and follow usual SQL connectivity troubleshooting steps.


  8. Balaji says:


    I have newly configured 3-tier SharePoint farm (one sql, one app, one web-frontend), Here i have a question..How i can make end user requests routes only through Web-frontend server?
    I mean if i access SharePoint site first it should hit Web-frontend. What i need to do for this?

    • Hi Balaji,

      You will need to have a URL for a site to start with. Once you have this you set your DNS (on prem DNS in AD if internal or internet DNS) to point the web server or web server load balancer.
      Thanks for visiting.

%d bloggers like this: