Successfully reported this slideshow.
Planning and Configuring Extranets in SharePoint 2010<br />Geoff Varosky<br />
About Me<br />Geoff Varosky<br />GraceHunt<br />SharePoint Solutions Group<br />Director, Development & Evangelism<br />Bl...
Agenda<br />Thinking<br />What is an extranet?<br />Requirements<br />SharePoint 2010<br />Doing<br />Configuration<br />S...
What is an extranet?<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyan...
Controlled access from external networks<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web...
Controlled access from external networks<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web...
Simple Extranet<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.c...
Requirements<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com ...
Requirements<br />What do you REALLY need?<br />Who needs access?<br />How sensitive is the data?<br />How sensitive is yo...
Requirements<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com ...
Requirements<br />Who needs access?<br />Internal employees only?<br />Active Directory<br />Internal employees and extern...
Requirements<br />How sensitive is the data & internal network?<br />Network & SharePoint<br />DMZ<br />Separate web appli...
Remember this…<br />You are giving a key to access your company’s data in some form or another.<br />geoffvarosky<br />gva...
The landscaper…<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.c...
Requirements<br />How sensitive is the data & internal network?<br />Network & SharePoint<br />DMZ<br />Separate web appli...
Requirements<br />How sensitive is the data & internal network?<br />Security<br />Secure Certificates (SSL)<br />Encrypti...
SharePoint 2010<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.c...
SharePoint 2010<br />Versions?<br />Foundation up to Enterprise Server 2010<br />Claims Based Authentication<br />Forms Ba...
DEMO!<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<...
Managing Users…<br />IIS<br />Must change default role manager and membership providers each time = DOWNTIME.<br />BCS<br ...
And also, remember this too…<br />Test the configuration<br />Review security regularly<br />geoffvarosky<br />gvarosky@gr...
Resources<br />My blog series<br />Part 1 : http://go.gvaro.net/ExtranetsP1<br />Part 2 : http://go.gvaro.net/ExtranetsP2<...
Resources<br />Extranet tested topologies for SP 2010 Model<br />http://go.gvaro.net/SP2010ExtTopMod<br />ASP.NET 2.0 Memb...
geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro...
Meets 2nd Wednesday/Month<br />6P – 8PM<br />Microsoft N.E.R.D. Center<br />http://www.bostonsharepointug.org<br />Twitter...
Where’s Waldo…<br />SPTechCon Boston<br />http://www.sptechcon.com<br />Boston, MA 6/1-6/3<br />TBD… watch my blog.<br />g...
Q&A<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br...
Upcoming SlideShare
Loading in …5
×

Planning and Configuring Extranets in SharePoint 2010

3,241 views

Published on

Most companies, large or small, require contact and collaboration with external entities, whether they are vendors, clients, or contractors. SharePoint gives us the ability to open up portals for collaboration with these external entities – this session will show you how to accomplish this using SharePoint 2010.

We will review what is required to make SharePoint “open” to the external world, discuss scenarios regarding security and privacy, as well as walk through configuring Forms Based Authentication, Claims Based Authentication, as well as using Business Connectivity Services in SharePoint 2010, to authenticate, and manage our external users.

Once completing this session, you should have a firm grasp on how to configure an extranet environment using SharePoint 2010, as well as what should be considered during the planning of your extranet scenarios.

Published in: Technology, Economy & Finance
  • There is a new approach called BusinessGuest that lets you set up a SharePoint 2010 Extranet (or a SharePoint 2013 Extranet) in just 5 minutes. Also there is no need to create accounts and share passwords with your partners, or to train them to use SharePoint. see http://www.business-guest.com
    The idea is to extend SharePoint through email. Everyone knows how to respond to email Everyone knows how to edit an attachment and reply with comments!
    This is really a must-have SharePoint feature that enables you to collaborate in a known, obvious, way, via email, with anyone, but provide the automatic document and discussion management of SharePoint…
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Planning and Configuring Extranets in SharePoint 2010

  1. 1. Planning and Configuring Extranets in SharePoint 2010<br />Geoff Varosky<br />
  2. 2. About Me<br />Geoff Varosky<br />GraceHunt<br />SharePoint Solutions Group<br />Director, Development & Evangelism<br />Blogger, Author-ish, Speaker<br />BASPUG Co-Founder<br />SPS Boston Co-Organizer<br />Blog : www.sharepointyankee.com<br />Email: gvarosky@gracehunt.com<br />Twitter: @gvaro<br />LinkedIn & Facebook<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  3. 3. Agenda<br />Thinking<br />What is an extranet?<br />Requirements<br />SharePoint 2010<br />Doing<br />Configuration<br />SharePoint<br />Alternate Access Mappings<br />IIS<br />Management<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  4. 4. What is an extranet?<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  5. 5.
  6. 6.
  7. 7. Controlled access from external networks<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  8. 8. Controlled access from external networks<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  9. 9. Simple Extranet<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  10. 10. Requirements<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  11. 11. Requirements<br />What do you REALLY need?<br />Who needs access?<br />How sensitive is the data?<br />How sensitive is your network?<br />Budget?<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  12. 12. Requirements<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  13. 13. Requirements<br />Who needs access?<br />Internal employees only?<br />Active Directory<br />Internal employees and external users?<br />Active Directory<br />Additional domain with restricted access<br />Active Directory & Forms Based Authentication<br />Claims Authentication<br />External<br />Clients, partners, consultants<br />Active Directory<br />Forms Based Authentication<br />Separate or together?<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  14. 14. Requirements<br />How sensitive is the data & internal network?<br />Network & SharePoint<br />DMZ<br />Separate web application<br />Separate farm<br />Security<br />SSL Security<br />Firewall<br />Both hardware and software?<br />Content Filtering<br />Virtual Private Network<br />Anti-Virus and Anti-Malware<br />Client-based certificates<br />One-time passwords (RSA tokens)<br />Biometrics<br />Retina, fingerprint, facial structure, hair and blood samples<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  15. 15. Remember this…<br />You are giving a key to access your company’s data in some form or another.<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  16. 16. The landscaper…<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  17. 17. Requirements<br />How sensitive is the data & internal network?<br />Network & SharePoint<br />DMZ<br />Separate web application<br />Separate farm<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  18. 18. Requirements<br />How sensitive is the data & internal network?<br />Security<br />Secure Certificates (SSL)<br />Encryption<br />Firewall<br />Both hardware and software?<br />Content Filtering<br />ACLs<br />Virtual Private Network<br />Anti-Virus and Anti-Malware<br />Client-based certificates<br />One-time passwords (RSA tokens)<br />Biometrics<br />Retina, fingerprint, facial structure, hair and blood samples<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  19. 19. SharePoint 2010<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  20. 20. SharePoint 2010<br />Versions?<br />Foundation up to Enterprise Server 2010<br />Claims Based Authentication<br />Forms Based Authentication<br />Configuration (and our Demo)<br />Create ASP.NET Membership Database<br />Configure SharePoint<br />Extend Web Application<br />web.config settings<br />Alternate Access Mappings<br />Configure IIS<br />Create and Manage Users<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  21. 21. DEMO!<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  22. 22. Managing Users…<br />IIS<br />Must change default role manager and membership providers each time = DOWNTIME.<br />BCS<br />Great way to manage users (passwords, emails, etc.)<br />No ability to create users without another layer of logic<br />Codeplex Solutions<br />CKS Forms Based Authentication Solution<br />http://go.gvaro.net/CKSFBAS<br />This *may* work, or, it may not. Mixed results.<br />3rd Party…<br />DevIt.EU<br />http://www.devit.eu/products/121-fba-manager-2010-forms-based-authentication.aspx<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  23. 23. And also, remember this too…<br />Test the configuration<br />Review security regularly<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  24. 24. Resources<br />My blog series<br />Part 1 : http://go.gvaro.net/ExtranetsP1<br />Part 2 : http://go.gvaro.net/ExtranetsP2<br />Part 3 : coming soon…<br />Part 4 : coming soon…<br />My Virtual Environment via CloudShare<br />SharePoint 2010 Information Worker image<br />Configured just about the same as we did here<br />On the desktop<br />Links to my information<br />Link to Extranet<br />COMING SOON! LEAVE NOTE ON EVAL AND I WILL SEND IT TO YOU!<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  25. 25. Resources<br />Extranet tested topologies for SP 2010 Model<br />http://go.gvaro.net/SP2010ExtTopMod<br />ASP.NET 2.0 Membership Database Reference<br />Create, Add Users, etc.<br />http://go.gvaro.net/AN2Mbr<br />FBA Configuration in SharePoint 2010<br />LDAP: http://go.gvaro.net/FBALDAP<br />ASP.NET Membership DB: http://go.gvaro.net/FBAANMDB<br />PeoplePicker Wildcard Search<br />http://go.gvaro.net/FBAWildCard<br />Helpful Resources for Troubleshooting Membership Providers<br />http://go.gvaro.net/TSMemProv<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  26. 26. geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  27. 27. Meets 2nd Wednesday/Month<br />6P – 8PM<br />Microsoft N.E.R.D. Center<br />http://www.bostonsharepointug.org<br />Twitter: @BASPUG / #BASPUG<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  28. 28. Where’s Waldo…<br />SPTechCon Boston<br />http://www.sptechcon.com<br />Boston, MA 6/1-6/3<br />TBD… watch my blog.<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  29. 29. Q&A<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />
  30. 30. About Me<br />Geoff Varosky<br />GraceHunt<br />SharePoint Solutions Group<br />Director, Development & Evangelism<br />Blogger, Author-ish, Speaker<br />BASPUG Co-Founder<br />SPS Boston Co-Organizer<br />Blog : www.sharepointyankee.com<br />Email: gvarosky@gracehunt.com<br />Twitter: @gvaro<br />LinkedIn & Facebook<br />geoffvarosky<br />gvarosky@gracehunt.com [email]<br />www.gracehunt.com [web]<br />sharepointyankee.com [blog]<br />@gvaro [twitter]<br />

×