Email
Like
Liked ×
Save
Private Content
Embed
Loading embed code…
We have emailed the verification/download link to "".
Login to your email and click the link to download the file directly.

To request the link at a different email address, update it here. Close
Validation messages. Success message. Fail message.

Check your bulk/spam folders if you can't find our mail.
Loading

+ Follow

Extending SharePoint 2010 to your customers and partners

by Corey Roth

1,016 views

Slides for the talk I gave at SPC11 about Extranets.

Accessibility

View text version

Upload Details

Uploaded via SlideShare as Microsoft PowerPoint

Usage Rights

File a copyright complaint

Statistics

Likes: 0
Downloads: 19
Comments: 0
Embed Views: 0
Views on SlideShare: 1,016
Total Views: 1,016

Demo checklistDeactivate Content OrganizerRemove spcuser, anna.stevensonVisual Studio OpenC:\\inetpub\\wwwroot\\wss\\VirtualDirectories\\8202\\web.configC:\\inetpub\\wwwroot\\wss\\VirtualDirectories\\45610\\web.configC:\\Program Files\\Common Files\\Microsoft Shared\\Web Server Extensions\\14\\WebServices\\SecurityToken\\web.configC:\\inetpub\\wwwroot\\wss\\VirtualDirectories\\8201\\web.configWindows Explorer OpenC:\\Windows\\Microsoft.NET\\Framework64\\v2.0.50727Internet Explorer Openhttp://sp2010:8100/default.aspxhttp://sp2010:8202https://www.nothingbutsharepoint.com/Pages/default.aspxSQL Server OpenRun as administrator accountDelete aspnetdbVerifyVerify 8202 loginVerify 8201 loginVerify CA can find usersInternet ConnectivityBrowsers at 150%
Open talk with how why e-mailing is not the best choice for distributing documents with partners
Open talk with how why e-mailing is not the best choice for distributing documents with partners
Intro slide which will set up the rest of the talk. These questions will get answered with this session.
New slide introducing scenariosOld text from issues slideVersioningE-mail copiesRetention / ExpirationLegalLoss of productivity
New slide introducing scenariosOld text from issues slideVersioningE-mail copiesRetention / ExpirationLegalLoss of productivity
Explain the SharePoint extranet scenario
Explain useful SharePoint Features in an extranet
<Should we show this
Explain different farm configurations for SharePoint extranetsSame farm / same web applicationSame farm / different web applicationDifferent farm
Explain different common Extranet Network topologies Edge FirewallBack-to-back perimeterSplit back-to-backThe goal is to describe network topologies but not focus on them, but focus on SharePoint instead.Content from OIT2010_Model_ExtranetTopologies.xps
Functions as a reverse proxy serverDiagram with advantages / disadvantagesAdvantagesThis is the simplest solution that requires the least amount of hardware and configuration.The entire server farm is located within the corporate network.There is a single point of data: Data is located within the trusted network. Data maintenance occurs in one place. A single farm is used for both internal and external requests; this ensures that all authorized users view the same content. Internal user requests are not passed through a proxy server.UAG pre-authenticates users.DisadvantagesThis configuration results in a single firewall that separates the corporate internal network from the Internet.
Isolates server farm in a separate perimeter network (including SQL / AD)Description, advantages, and disadvantages with Network DiagramAdvantagesContent is isolated to a single farm on the extranet, simplifying sharing and maintenance of content across the intranet and the extranet.External user access is isolated to the perimeter network.If the extranet is compromised, damage is potentially limited to the affected layer or to the perimeter network.DisadvantagesThe back-to-back perimeter topology requires additional network infrastructure and configuration.
Web Servers, AD, and DNS inside the perimeter networkApplication Servers can be in perimeter or corporate networkSQL Server inside corporate networkAdvantagesComputers running SQL Server are not hosted inside the perimeter network.Farm components within both the corporate network and the perimeter network can share the same databases.Content can be isolated to a single farm inside the corporate network, which simplifies sharing and maintaining content across the corporate network and the perimeter network.DisadvantagesThe complexity of the solution is greatly increased.Intruders who compromise perimeter network resources might gain access to farm content stored in the corporate network by using the server farm accounts.Inter-farm communication is split across two domains.
Intro slide which will set up the rest of the talk. These questions will get answered with this session.
Overview of common types of authentication then detailed slides of each
Describe Active Directory Negotiate (Windows Authentication)Advantages and disadvantagesApplication Firewall recommendation
Explain how to set up ASP.NET Membership provider Aspnet_regsql.exeWeb.config settingsClaims Based Authentication / Membership provider in Web ApplicationManaging Users – Open Source Tools (http://sharepoint2010fba.codeplex.com/)http://blogs.technet.com/b/mahesm/archive/2010/04/07/configure-forms-based-authentication-fba-with-sharepoint-2010.aspx
Explain how to set up ASP.NET Membership provider Aspnet_regsql.exeWeb.config settingsClaims Based Authentication / Membership provider in Web ApplicationManaging Users – Open Source Tools (http://sharepoint2010fba.codeplex.com/)http://blogs.technet.com/b/mahesm/archive/2010/04/07/configure-forms-based-authentication-fba-with-sharepoint-2010.aspx
$App = get-spwebapplication “URL”$app.useclaimsauthentication = “True”$app.Update()
C:\\Windows\\Microsoft.NET\\Framework64\\v2.0.50727\\aspnet_regsql.exe
C:\\Windows\\Micrsooft .Net\\Framework64\\v2.0.50727\\aspnet_regsql.exe
Highlight name of Role Manager
Highlight name of membership provider
Demonstrate from start to finish all web.config modifications [5 – 7 minutes]Demonstrate logging in with FBA accountCreate a New Web ApplicationEnable FBASQL-MembershipProviderSQL-RoleManagerShow Existing FBA Application – Authentication ProviderC:\\Windows\\Microsoft.NET\\Framework64\\v2.0.50727\\aspnet_regsql.exeGrant SQL PermissionsWeb.config (8202)Web.config (CA)Web.config (STS)Membership Seeder - C:\\Downloads\\MembershipSeeder\\Bin\\Debug\\MembershipSeeder.exeWeb Applications -> User Policy -> DefaultSearch for user, grant accessDemo loginDemo FBA pack -> FBA User ManagementConsider demonstrating tools to manage FBA users
Configuration Settings for configuring Authentication using FBA with the ActiveDirectoryMembership Provider Web.config settings , , STS Application Web.configSet up claims authenticationMembership Provider namehttp://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspx
Demonstrate logging in with Active Directory using FBAShow Web Application SettingsShow difference between logging in with Windows Authentication and FBAWeb.configC:\\inetpub\\wwwroot\\wss\\VirtualDirectories\\8201\\web.configCentral AdminWeb Application -> Select -> User Policy -> search for chris.white (must be exact)Log in with chris.white
Overview of steps involved in setting up the trusted identity providerRegistered the siteInstalling the certificateConfiguring the Provider in PowerShellhttp://technet.microsoft.com/en-us/library/ff973117.aspxhttp://blog.fpweb.net/claims-authentication-windows-live-id-for-sharepoint-2010/
Overview of steps involved in setting up the trusted identity providerRegistered the siteInstalling the certificateConfiguring the Provider in PowerShellhttp://technet.microsoft.com/en-us/library/ff973117.aspxhttp://blog.fpweb.net/claims-authentication-windows-live-id-for-sharepoint-2010/
Overview of steps involved in setting up the trusted identity providerRegistered the siteInstalling the certificateConfiguring the Provider in PowerShellhttp://technet.microsoft.com/en-us/library/ff973117.aspxhttp://blog.fpweb.net/claims-authentication-windows-live-id-for-sharepoint-2010/
Demonstrate logging in with Windows Live at NothingButSharePoint.com
Intro slide which will set up the rest of the talk. These questions will get answered with this session.
Managing content on the extranet is a concernTalk about considerations such as how to deploy content, document duplicationDiscuss techniques for deploying content to the extranet site, publishing, send to connections, custom workflows.
http://sp2010:8202/Fabrikam/Confirm Content Organizer is on Central AdminGeneral Application Settings -> Send to ConnectionsCreate new connectionhttp://sp2010:8202/Fabrikam/_vti_bin/officialfile.asmxGo to target web application (user / wxx2007;)Content Organizer -> New Rule -> Content Type: DocumentGo to test document library - http://sp2010/procurement/SitePages/Home.aspxUse Send to connectionShow Document

Extending SharePoint 2010 to your customers and partners Presentation Transcript

 What is an extranet?
 How will users get to the extranet?
 How will users authenticate?
http://sharepoint2010fba.codeplex.comhttp://cks.codeplex.com/releases/view/7450
http://sharepoint2010fba.codeplex.comhttp://cks.codeplex.com/releases/view/7450
https://msm.live.com/ http://yourdomain/_trust/default.aspx
 How do I populate content on the extranet?
http://technet.microsoft.com/en-us/library/cc263513.aspxhttp://technet.microsoft.com/en-us/library/ff973117.aspxhttp://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspxsharepoint2010fba.codeplex.comhttp://cks.codeplex.com/releases/view/7450
SPC Session Name Day Time Type Locatio Code nSPC3997 TITUS: Using Claims for Weds 5:00p Partner Authentication in SharePoint 2010 10/5SPC411 Security Design with Claims Based Thurs 12:00 Microsoft Authentication 10/6 p

Extending SharePoint 2010 to your customers and partners

by Corey Roth

Accessibility

Categories

Upload Details

Usage Rights

Statistics

Extending SharePoint 2010 to your customers and partners Presentation Transcript