Sharepoint Web Application Two Zones

Abdel-Rahman Awad
Feb 7 |09:00

Configuring Web application to have Two zones windows and forms Authentication

Create the extranet site.

..Application Management -> Create or Extend Web Application > Extend

i. Set the Description

ii. Set the Port [80]

iii. Set the Host Header to [ISSExtra]

iv. Pick NTLM as the Authentication Provider (we’ll change this later)

v. Specify Anonymous Access to No (and this!)

vi. Set the Load Balanced URL Zone to [ISSExtra]

vii. Set the zone to extranet

b. Go back to Application Management and choose Authentication providers

c. Click on the Windows authentication provider link and

ii. Change the authentication to Forms

iii. Add the following as the membership provider: ISSMembershipProvider

iv. Add the following as the role provider: ISSRoleProvider

v. Save

vi. Note: Disabling client integration will remove features which launch client applications. Some authentication mechanisms (such as Forms) don’t work well with client applications. In this configuration, users will have to work on documents locally and upload their changes.

Add the host headers to DNS / hosts file!

a. For DNS (if you have access) add resolvers for ISSExtra. It should resolve to the IP address of your MOSS 2007 server.

b. If you don’t have access to the DNS server edit your hosts file to resolve the addresses.

i. Open the hosts file in notepad, this exists in the [C:\Windows\System32\drivers\etc] directory, assuming Windows is your OS directory.

ii. Make the changes to reflect the following

[MOSS Server IP Address] ISSExtra

Changes in the web config

For forms Authentication using database

i. Create sql database

ii. Run the following programme and choose the targeted database and run through the wizard. <WindowsDirectory>\Microsoft.NET\Framework\<version>\aspnet_regsql.exe

iii. In the web.config of the central administration

Add the following tags with your configuration

After </SharePoint> tag.

 

<connectionStrings>

    <add name="MembershipDatabaseISS" connectionString="SERVER=localhost;DATABASE=ISSBasic; TRUSTED_CONNECTION=true;"/>

</connectionStrings>

Inside <system.web> tag

<membership>

<providers>

<add name="ISSMembershipProvider " 

type="System.Web.Security.SqlMembershipProvider,System.Web, Version=2.0.0.0, 

Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" 

connectionStringName="MembershipDatabaseISS" enablePasswordRetrieval="false" 

enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" 

requiresUniqueEmail="false" passwordFormat="Hashed" 

maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" 

minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" 

passwordStrengthRegularExpression=""/>

</providers>

</membership>

<roleManager>

<providers>

<add name="ISSRoleProvider " connectionStringName="MembershipDatabaseISS" 

applicationName="/" type="System.Web.Security.SqlRoleProvider, 

System.Web,Version=2.0.0.0, Culture=neutral, 

PublicKeyToken=b03f5f7f11d50a3a"/>

</providers>

</roleManager>

iv. On both the intranet and the extra net application web config add the following

After </SharePoint> tag.

<connectionStrings>

    <add name="MembershipDatabaseISS" connectionString="SERVER=localhost;DATABASE=ISSBasic; TRUSTED_CONNECTION=true;" />

</connectionStrings>

Inside <system.web> tag

 

<membership defaultProvider="ISSMembershipProvider">

<providers>

<add name="ISSMembershipProvider" 

type="System.Web.Security.SqlMembershipProvider,System.Web, Version=2.0.0.0, 

Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" 

connectionStringName="MembershipDatabaseISS" enablePasswordRetrieval="false" 

enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" 

requiresUniqueEmail="false" passwordFormat="Hashed" 

maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" 

minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" 

passwordStrengthRegularExpression="" />

</providers>

</membership>

<roleManager enabled="true" defaultProvider="ISSRoleProvider">

<providers>

<add name="ISSRoleProvider" connectionStringName="MembershipDatabaseISS" 

applicationName="/" type="System.Web.Security.SqlRoleProvider, 

System.Web,Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 

/>

</providers>

</roleManager>

For forms Authentication using AD

Same as forms Authentication using database section but with modifying

The connection string to

<add name="MembershipDatabaseISS" connectionString="LDAP://testdomain1.test.com/CN=Users,DC=testdomain1,DC=test,DC=com" />

2. Add the attribute for both the <add name="ISSMembershipProvider "…

And <add name="ISSRoleProvider "…

connectionUsername="testdomain2\administrator"

connectionPassword="password"

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)
TAGS:  , , ,

This entry was posted on Thursday, February 7th, 2008 at 9:00 am and is filed under Microsoft, SharePoint. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

 

View Abdel-Rahman Awad's profile on LinkedIn

Archives

 

Rss Feed Tweeter button Facebook button Linkedin button Delicious button Digg button