Here I will guide you through using PowerShell to create a new SharePoint web application, configure standard settings, and then creating a new publishing site collection also using PowerShell.

 

The PowerShell script below will create a new Web Application using claims authentication. It also creates a new IIS application pool to be used for the web application.

# Add Snap-in Microsoft.SharePoint.PowerShell if not already loaded, continue if it already has been loaded
Add-PsSnapin "Microsoft.SharePoint.PowerShell" -EA 0

#Variables
$AppPoolAccount = "DOMAIN\App_Pool_Account" #The Application Pool domain account, must already be created as a SharePoint managed account
$ApplicationPoolName ="Publishing AppPool" #This will create a new Application Pool
$ContentDatabase = "SP_ContentDB_publishing2016" #Content DB
$DatabaseServer = "SP2016-DB" #Alias of your DB Server
$WebApp = "http://publishing2016.contoso.com" #The name of your new Web Application
$HostHeader = "publishing2016.contoso.com" #The IIS host header
$Url = $WebApp
$Description = "SharePoint 2016 Publishing Site"
$IISPath = "D:\inetpub\wwwroot\wss\VirtualDirectories\publishing2016.contoso.com80" #The path to IIS directory
$SiteCollectionTemplate = "BLANKINTERNETCONTAINER#0"  #Publishing Site with Workflow Template

New-SPWebApplication -ApplicationPool $ApplicationPoolName `
                     -ApplicationPoolAccount (Get-SPManagedAccount $AppPoolAccount) `
                     -Name $Description `
                     -AuthenticationProvider (New-SPAuthenticationProvider -UseWindowsIntegratedAuthentication) `
                     -DatabaseName $ContentDatabase `
                     -DatabaseServer $DatabaseServer `
                     -HostHeader $HostHeader `
                     -Path $IISPath `
                     -Port 80 `
                     -URL $Url

 

To be able to access your publishing site anonymously, you have to prepare you web application to allow for this. After you have successfully run the PowerShell script detailed above, navigate to Central Admin and select your newly created web application. Then click the Authentication Providers in the ribbon.

 

The popup shows us that you are indeed using Claims authentication. Click the default zone link.

 

Finally, check the box for “Enable anonymous access”. Remember to save!

 

Another smart configuration setting to take care of while you’re in the Central Admin is to add your superuser and superreader accounts. This will stop the chatter in your application event logs and ULS logs. Click the User Policy in the ribbon and add your superuser account with full control, and your superreader account with full read.

 

Now that you’ve created a new web application, you have to create a new site collection. All your variables from the previous code snippet are valid and can be re-used to create the collection. Notice that you must use the Claims version of your users to script them in correctly. That “i:0#.w|” portion is important to include here. Again, the site collection template I’m using here is for a publishing site with workflow. If you wanted to create a team site, you could simply update the template variable to “STS#0”

#Create Site Collection
New-SPSite -Url $Url `
           -OwnerAlias "i:0#.w|DOMAIN\sp_user_account" `
           -OwnerEmail "user-email@contoso.com" `
           -ContentDatabase $ContentDatabase `
           -Description $Description `
           -Name $Description `
           -Template $SiteCollectionTemplate

 

Once your site collection has been created, you should close the loop on those superuser/superreader accounts and set them via PowerShell.

#set portal super accounts
$w = Get-SPWebApplication $Url
$w.Properties["portalsuperuseraccount"] = "i:0#.w|DOMAIN\sp_superuser"
$w.Properties["portalsuperreaderaccount"] = "i:0#.w|DOMAIN\sp_superreader"
$w.Update()

 

To make your new publishing site anonymously accessible, log into your site and navigate to Site Settings > Site Permissions. Here in the ribbon will be an option for Anonymous Access. Clicking that will allow you to set the permissions for the site. If you don’t see that in the ribbon, you forgot to set it in the web application settings. It will only show up if you have the web app set to allow anonymous access.

 

 

Please leave any comments or suggestions to improve the scripts. Thanks!