spsnh geoff varosky - jornata - planning and configuring extranets in share point 2010
DESCRIPTION
TRANSCRIPT
Prepared for
Prepared byJornata61-63 Chatham StreetFourth FloorBoston, MA 02109
Submitted on April 10, 2023
Thinking SharePoint? Think Jornata.
Planning and Configuring Extranets in SharePoint
2010Geoff Varosky
Jornata
2Thinking SharePoint? Think Jornata.
About Me• Geoff Varosky– Jornata• Director, Development & Evangelism• Blogger, Speaker• BASPUG Co-Founder• SPS Boston Co-Organizer
– Blog : www.sharepointyankee.com– Email: [email protected]– Twitter: @gvaro– LinkedIn & Facebook
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
3Thinking SharePoint? Think Jornata.
Agenda• Thinking– What is an extranet?– Requirements– SharePoint 2010
• Doing– Configuration
• SharePoint• Alternate Access Mappings• IIS
– Management
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
4Thinking SharePoint? Think Jornata.
What is an extranet?
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
5Thinking SharePoint? Think Jornata.
What is an extranet?
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
6Thinking SharePoint? Think Jornata.
What is an extranet?
Controlled access from external networks
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
7Thinking SharePoint? Think Jornata.
What is an extranet?
Controlled access from EXTeRnAl NETworks
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
8Thinking SharePoint? Think Jornata.
Simple Extranet Example
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
9Thinking SharePoint? Think Jornata.
Requirements
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
10Thinking SharePoint? Think Jornata.
Requirements• What do you REALLY need?– Who needs access?– How sensitive is the data?– How sensitive is your network?– Budget?
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
11Thinking SharePoint? Think Jornata.
Requirements
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
12Thinking SharePoint? Think Jornata.
Requirements• Who needs access?– Internal employees only?
• Active Directory– Internal employees and external users?
• Active Directory– Additional domain with restricted access
• Active Directory & Forms Based Authentication– Claims Authentication
– External• Clients, partners, consultants
– Active Directory– Forms Based Authentication– Separate or together?
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
13Thinking SharePoint? Think Jornata.
Remember this…
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
You are giving a key to access your
company’s data in some form or
another.
14Thinking SharePoint? Think Jornata.
Requirements
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
15Thinking SharePoint? Think Jornata.
Requirements• How sensitive is the data & internal network?
– Network & SharePoint• DMZ• Separate web application• Separate farm
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
16Thinking SharePoint? Think Jornata.
Requirements• How sensitive is the data & internal network?
– Security• Secure Certificates (SSL)• Encryption• Firewall
– Both hardware and software?– Content Filtering– ACLs
• Virtual Private Network• Anti-Virus and Anti-Malware• Client-based certificates• One-time passwords (RSA tokens)• Biometrics
– Retina, fingerprint, facial structure, hair and blood samples
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
17Thinking SharePoint? Think Jornata.
SharePoint 2010
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
18Thinking SharePoint? Think Jornata.
SharePoint 2010• Versions?– Foundation up to Enterprise Server 2010
• Claims Based Authentication– Forms Based Authentication
– Configuration (and our Demo)• Create ASP.NET Membership Database• Configure SharePoint
– Extend Web Application– web.config settings– Alternate Access Mappings
• Configure IIS• Create and Manage Users
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
19Thinking SharePoint? Think Jornata.
DEMO!
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
20Thinking SharePoint? Think Jornata.
Managing Users• IIS
– Must change default role manager and membership providers each time = DOWNTIME.
– Separate IIS Virtual Web Application
• BCS– Great way to manage users (passwords, emails, etc.)– No ability to create users without another layer of logic
• Codeplex– SharePoint 2010 FBA Pack
• http://sharepoint2010fba.codeplex.com
• 3rd Party…– DevIt.EU
• http://www.devit.eu/email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
21Thinking SharePoint? Think Jornata.
Remember this too…
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
• Test the configuration• Review security regularly
22Thinking SharePoint? Think Jornata.
Resources• My blog series
– Part 1 : http://go.gvaro.net/ExtranetsP1– Part 2 : http://go.gvaro.net/ExtranetsP2– Part 3 : http://go.gvaro.net/ExtranetsP3
• My Virtual Environment via CloudShare– SharePoint 2010 Information Worker image– Configured just about the same as we did here– On the desktop
• Links to my information• Link to Extranet• 14 Day Trial• Use promo code GEOFF to get first month for $29!
– NEW VM AVAILABLE SOON – SEND ME AN EMAIL!email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
23Thinking SharePoint? Think Jornata.
Resources• Visual FBA configuration by Donal Conlon (Jornata)
– http://go.gvaro.net/oPnAYx
• Extranet tested topologies for SP 2010 Model– http://go.gvaro.net/SP2010ExtTopMod
• ASP.NET 2.0 Membership Database Reference– Create, Add Users, etc.– http://go.gvaro.net/AN2Mbr
• FBA Configuration in SharePoint 2010– LDAP: http://go.gvaro.net/FBALDAP– ASP.NET Membership DB: http://go.gvaro.net/FBAANMDB
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
24Thinking SharePoint? Think Jornata.
Resources• PeoplePicker Wildcard Search
– http://go.gvaro.net/FBAWildCard
• Helpful Resources for Troubleshooting Membership Providers– http://go.gvaro.net/TSMemProv
• “Sign me in automatically” in FBA– http://go.gvaro.net/pAkDQP
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
25Thinking SharePoint? Think Jornata.
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
26Thinking SharePoint? Think Jornata.
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
• Meets 2nd Wednesday/Month• 6P – 8PM• Microsoft Waltham & Cambridge• http://www.bostonsharepointug.org• Twitter: @BASPUG / #BASPUG
27Thinking SharePoint? Think Jornata.
Where am I next?• Granite State SharePoint Users Group
– http://www.granitestatesharepoint.org– October 13th – Loved this session? See it again here!
• Baltimore SharePoint Users Group– http://www.baltimoresug.org– October 20th
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
28Thinking SharePoint? Think Jornata.
Q&A
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro
29Thinking SharePoint? Think Jornata.
About Me• Geoff Varosky– Jornata• Director, Development & Evangelism• Blogger, Speaker• BASPUG Co-Founder• SPS Boston Co-Organizer
– Blog : www.sharepointyankee.com– Email: [email protected]– Twitter: @gvaro– LinkedIn & Facebook
email: [email protected] | web: www.jornata.com | blog: www.sharepointyankee.com | twitter: @gvaro