Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Internet naming dilemma for extranet (WSS 3.0 based) sites - both forms & AD authentication pag

  Asked By: Camille    Date: Mar 29    Category: Sharepoint    Views: 1573

hoping someone else may have come across this particular dilemma before ...

Situation is this, we are creating extranet (top level) sites using WSS 3.0 with forms authentication which works well.

We also access the same sites internally using AD authentication which has been set up and is also working well.

Both pages have been created using host headers on port 80 pointing to the different web addresses depending on which authentication is used, e.g.

xxxx.xxxx.info (internal - port 80)

extxxxx.xxxx.info (external - port 80)

However, what we want is to use the same internet address (xxxx.xxxx.info (port 80) for both login pages from the internet and intranet. How can we achieve this without using different port numbers and address translation (there could potentially be 100s of these sites)?

Bit stumped, although the easiest way looks to be to have all these sites as sub-sites of extranet.xxxx.info (port 80 - internal, port 81 - external), but then quotas would be managed at the top-level which may be a problem.



1 Answer Found

Answer #1    Answered By: Ned Storm     Answered On: Mar 29

I ran into the same problem. In simple terms, you can't.

First, you must use a reverse proxy to translate the requests, not just port  numbers (so a firewall redirect is out, it would break links)

To accomplish this with Zones (which I assume you're using) the extxxx.xxx.info would have to re-write its links to xxx.xxx.info (presuming you're using a reverse proxy to translate xxx.xxx.info to extxxx.xxx.info on the inside so that WSS knows which zone the user is in), but that's not an option, even with Alternate Access Mappings. You will get errors 'the public url already exists' or 'cannot remove the default zone primary url'.

It would be a nice hack to just tell Sharepoint to re-write a public url to something arbitrary, regardless of the private url or existance of other private/public urls, but I suspect this would break something else. I was excited about alternatte mappings, till i realized that this is not an option.

Your other option is to become very familiar with a regular-expression filtering reverse proxy like mod_proxy for Apache. This will break some stuff right off the bat (like searching).

Sorry, but that's the best I can do.