Sharepoint Internet Access

One of the most common scenarios for using sharepoint in organizations is accessing sites from internet for remote users.

To do this there are some simple steps which administrators should care about. Most organizations use firewalls to secure LANs. Steps described here are combination of tasks on firewalls and sharepoint central administration.

1- First of all you have to configure firewall to allow incoming traffic on ports 80 for HTTP and 443 for HTTPS on your server.

2- Open Central Administration and click application management section. Then click Create or Extend Web Application.

3- In new opened page click Extend an Existing web application.

4- Select desired web application that you want to extend for access from Internet.

5- Be sure create a new web site has been selected. Type an appropriate description for new IIS web site. It can be something like Internet Access. Type port 80 and enter your domain name or valid IP address in Host Header. Set file path for IIS web site.

After doing these changes URL field value will automatically change to the value you typed in Host Header field.

For final step select Internet from Zone combo box and then click OK.

After passing these steps you decide to use form authentication or remain on windows integrated authentication.

For users outside organization it could be a good idea to use form authentication with ASPNET Membership provider which gives you the ability to seperates Active Directory users from users coming outside organization. (I’ve placed link to form authentication in previous posts.)

You can also enable anonymous access and give users ability to login. Reza Alirezaei has a complete instruction on this.

Form Authentication: Continued…

As I had a short description on missing part of form authentication in my first post , Dan Atiss has published another post: Application Pool Acount Permissions

Don’t miss it

Gear up for Sharepoint

Microsoft has announced availability of Sharepoint Gear Up, the online content tool that insert adoption in the context of phases in Sharepoint deployment.

Gear up contains four phases including:

• Get ready
• Engineer
• Adopt
• Release

Form Authentication: The missing part

Implementing form authentication requires several steps. But there are some special steps which missing them will cause obliquity and makes form authentication to an impossible job. One of the best and complete articles on configuring FBA is from Dan Attis. Dan has mentioned an important point which is a missing part in guides of MSDN.

I put the step from Dan here: “One step that I have not seen mentioned ANYWHERE is to make sure that the account that is running the application pool that will be used by the sites you create below have access to the database we just created. This step is critical as SharePoint will NOT be able to find your users and roles if it does not have the permissions to look for them. This step is what I like to refer to as the MAGIC step that no one tells you about, so I am ruining the surprise and telling you the secret. You will thank me later.”

In this MAGIC step there’s another missing point and that’s this:

If your application pool user is different from server farm user, you have to give permission to that user for asp.net provider database too. If you don’t, sharepoint will not find users.