Welcome: Guest!

Sharepoint Forum

 
Home » Forum » Sharepoint       Ask a questionRSS Feeds

Site collection to manage external users (creation/unlocking/...)

  Asked By: Conor Booth         Date: May 17, 2009      Category: Sharepoint      Views: 382
 

The question might sound silly, but I haven't found a real answer to it.

Assumptions :
- We have a MOSS farm facing outside our network.
- We have multiple Web Applications, each having multiple Site Collections.
- These site collections have different administrators

Current situation :
- We are using a specific OU in our AD to manage external users.
- This means that one of the MOSS Farm administrator needs to create all the external accounts before a site collection administrator can add it to its site(s).
- We don't allow external users to change their password cause we need to be able to force a complex type of password. It also means that when a user lost it's password, the Farm admin needs to reset the password for the user - lot of time waisted emailing/calling the user.

Ideal situation :
- I would like to find a way to have the site collection administrators handle the creation of the external user accounts.
- This way, they would be able to create/unlock/delete/update accounts when needed.
- Solution "can" allow external users to change their password
- Solution MUST enforce complex password
- Solution "can" enforce password expiration, but this is not 100% necessary

- If an account could be shared with other site collections, it would be a plus.
- If to access another site collection, a user needs to have a second account, so be it.

Questions :
- Can it be done or am I stuck in having to create all the accounts myself and passing the info to the site collection admins?
- Can the External Collaboration Toolkit do the trick?
- Are there other solutions out there that would do exactly this, that would not be too expensive?
- Am I better of going to FBA

Tagged:              

 

1 Answer Found

 
Answer #1       Answered By: Shannon Fleming          Answered On: May 17, 2009       

In regard to your assumptions:
- How are you making your farm  available to the outside network?
- What level of IT are the site  collection administrators? are they department employees or IT? if IT, what level?

More questions... are you using ECTS at the moment?

Answers:
Q: I would like to find  a way to have the site collection  administrators handle  the creation  of the external  user accounts.
A: If the Site collection admin  has delegate rights over the OU, then they can.

Q: - solution  "can" allow external users  to change  their password
- Solution MUST enforce complex  password
- Solution "can" enforce password  expiration, but this is not 100%  necessary
A: This is possible, but depends on your infrastructure etc...

Q: If to access  another site collection, a user  needs to have a second account, so be it.
A: One account  (AD) can be used on any site collection part of that farm for that domain.

Q: Can the External Collaboration Toolkit do the trick?
A: This can do everything you want. but depends on how your making it available to the outside.

Q: Am I better of going to FBA
A: Not good enough for your ideal solution.

Assumptions :
- We have a MOSS farm facing  outside our network.
- We have multiple  Web Applications, each having multiple Site Collections.
- These site collections  have different administrators

Current situation :
- We are using a specific  OU in our AD to manage  external users.
- This means that one of the MOSS Farm administrator  needs to create  all the external accounts  before a site collection administrator can add  it to its site(s).
- We don't allow external users to change their password cause we need to be able to force  a complex type  of password. It also means that when a user lost  it's password, the Farm admin needs to reset  the password for the user - lot  of time  waisted emailing/calling the user.

Ideal situation :
- I would like to find a way to have the site collection administrators  handle the creation of the external user accounts.
- This way, they would be able to create/unlock/delete/update accounts when needed.
- Solution "can" allow external users to change their password
- Solution MUST enforce complex password
- Solution "can" enforce password expiration, but this is not 100% necessary

- If an account could be shared  with other site collections, it would be a plus.
- If to access another site collection, a user needs to have a second account, so be it.

Questions :
- Can it be done or am I stuck  in having to create all the accounts myself and passing  the info  to the site collection admins?
- Can the External Collaboration Toolkit do the trick?
- Are there other solutions  out there that would do exactly this, that would not be too expensive?
- Am I better of going to FBA

 


Your Answer
  • Answer should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
Hall of Fame  |  Facebook  |  Twitter  |  LinkedIn  |  Terms of Use  |  Privacy Policy  |  Contact us
RSS Feeds: Articles |  Forum |  New Users |  Activities |  Interview FAQ |  Poll |  Hotlinks


Go4Sharepoint, is a Microsoft Featured Community. Microsoft, Windows, Sharepoint, Sharepoint logo, Windows logo, etc are trademarks of the Microsoft Corporation. All product names, logos, copyrights, and trademarks mentioned are acknowledged as the registered intellectual property of their respective owners. This site is not in any way affiliated with, nor has it been authorized, sponsored, or otherwise approved by, Microsoft Corporation.

Copyright © 2008-2011