Logo 
Search:

MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Is this a good topology/architecture for our MOSS rollout?

  Asked By: Tameka    Date: Mar 20    Category: MOSS    Views: 773

We've been struggling to come up with a viable architecture for our MOSS
2007 rollout for our organization. We've gone to training, talked to MS,
etc and this is what we've come up with. I'd love to get some feedback
on this. I also have some questions following this:

[] MOSS07 front end server
[] MOSS07 front end server (load balanced with above, both serving over
SSL)

~~ firewall ~~

[] 2 SQL servers (clustered)

What this set-up will be serving:

- intranet (mainly read only for internal domain users
- collaboratin portals (accessable via both internal and DMZ AD domain
users)
- MySites (accessible [probably] only to internal domain users)
- roughtly 3000-4000 users

Questions:

- Can our load balanced front end servers also handle the indexing and
search load? Or should we consider a 3rd front-end server just for that?
- Can a site collection be both Forms authenticated AND AD
authenticated? Or is it an either-or situation?
- I've been told Sharepoint can be set up to add AD accounts via SP
adminstrators. True? If so, is there any documentation on that? One
concern is that our AD admins don't want to have to deal with adding
accounts to the DMZ domains manually.
- any other thoughts/suggetions/comments?

Share: 

 

2 Answers Found

 
Answer #1    Answered By: Chanel Gaines     Answered On: Mar 20

I've only seen Adding AD accounts for distribution groups and document
library email addresses.

You could always use Sharepoint group security, and of course anything
can be done with a custom web part.

 
Answer #2    Answered By: Timmy Whitney     Answered On: Mar 20

I am currently working on a similar project and have a very
similar architecture. The only difference here is that we are using SQL
Authentication instead of Active Directory for all DMZ Users, due to the
cost of buying Active Directory CALS for each external user.



1. Can our load  balanced front  end servers also handle the indexing
and search load? Or should we consider a 3rd front-end server  just for that?

I would definitely consider a separate server for index and search, you may
find you will need to add more later.

2. Can a site collection be both Forms authenticated AND AD
authenticated? Or is it an either-or situation?

Yes it can, you will need to use different zones to do this.
<http://intranet....com>" target="_blank" rel="nofollow">http://intranet....com>http://intranet....com would be windows auth and
then <http://extranet....com>" target="_blank" rel="nofollow">http://extranet....com>http://extranet....com would be forms based.
Both URLs would point to the same site collection but would effectively be
different end  points.

3. I've been told SharePoint can be set up to add AD accounts via SP
administrators. True? If so, is there any documentation on that?

Windows SharePoint Services v3 can ruin in Active Directory Creation mode
and will allow the creation of AD Accounts, MOSS2007 does not however.
Bamboo solutions has a web part you can use to create AD Accounts or you can
use a script. Would need some clarification on this.

4. One concern is that our AD admins don't want to have to deal with
adding accounts to the DMZ domains manually.- any other
thoughts/suggestions/comments?

 
Didn't find what you were looking for? Find more on Is this a good topology/architecture for our MOSS rollout? Or get search suggestion and latest updates.