Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 493
  • Last Modified:

External SharePoint Foundation Site needs Public Access

I have a Windows 2008 R2 system with SharePoint Foundation 2010 installed and have created a basic site that I can see internally on my network without getting prompted for credentials.

I want this to be Public Facing and external DNS points to the page but promptes for credentials.  I do not want any credentials needed and no ability to do anything but to see what's published.  Do I need to edit permissions at the IIS site level (port 80) or is this in SharePoint?
0
iNetSystem
Asked:
iNetSystem
  • 6
  • 4
1 Solution
 
BobHavertyComhCommented:
It's in SharePoint. Go to Central Admin -  application management - manage web applications -  then find your application and click on it until it is blue. Then, with that app selected, click on authentication providers in the ribbon above, and then click on the link that says default, and you will see where you can enable anonymous access. This allows it, but they can write as well as read. So to take care of that, with the app still selected and blue, click on anonymous access in the ribbon, and choose "deny write" and that prevents them from writing. If you want to disable anonymous access, all you have to do is to disable it, and all your regular, windows authentication settings will kick back in. Then, when you enable it again, your anonymous access settings should immediately be at "deny write" when it is enabled.

If you want to have both an internal site with credentials AND and external facing site that is anonymous, then you should extend your internal site first, which would create a mirror of your internal site, but with different credential requirements. If you don't care what people see and nobody will be entering passwords, then you don't even need to make this extended external mirror site use ssl.
0
 
iNetSystemAuthor Commented:
Hi - I've enable Anonymous per your steps but in that same area Integrated Windows Auth is still checked.  I have tried accessing the site from an external source and am still prompted for name and password.

Ideally I want people to see this on the internal network as well as a public area.
0
 
BobHavertyComhCommented:
Just as a test, since it seems this site isn't in any critical use for you yet, go back to the same thing i said and uncheck windows authentication and basic authentication. You really want to do this for your extended site after you create it, but this could be a quick test. If it works, enable windows authentication again quickly, and do these steps with your extended site after you create it. If this still doesn't work, then yes, go to the iis manager, find your site and disable windows auth and enable anonymous access.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
iNetSystemAuthor Commented:
when disabling windows auth and trying to browse in externally I get a 401 UNAUTHORIZED
0
 
BobHavertyComhCommented:
Then you will need to check your site settings in the iis manager, and set it to anonymous. But set this all back after you can at least get it to work, and apply these things to the extended site after you create it.
0
 
iNetSystemAuthor Commented:
OK this is driving me nuts.  I can access the site under my credentials without and authentication prompts but under another mock user they get prompted.  I am however a Farm Admin and most likely the Site Admin but I built this weeks ago and can't remember.

What can I try?  I need to publish something ASAP.

Thanks for your help!
0
 
iNetSystemAuthor Commented:
Do I have to create an anonymous user explicitely in Central Admin Security?
0
 
iNetSystemAuthor Commented:
also can you explain why I need an extended site?  I just need to post on the home page some generic information.
0
 
iNetSystemAuthor Commented:
In this link I found
http://www.topsharepoint.com/enable-anonymous-access-in-sharepoint-2010
Under step 8 I do not have the "Anonymous Access" button as shown.
0
 
BobHavertyComhCommented:
Did step 8 work? About why you should extend the site, exposing your SharePoint site over the internet using basic authentication can be somewhat risky, although if you configure everything right and use ssl to encrypt any passwords being sent, usually you are fine. When you open your site up to the public as anonymous access, you are really opening yourself up too much and so many things can now happen. So it's a good idea to never have problems associated with public access bring down your internal site. But i didn't realize that you merely wanted to quickly and temporarily share one page with the public. You can do that.

http://www.apps4rent.com/support/kb/article/how-to-enable-anoynymous-access-page-to-everyone-sharepoint-site

Notice step 5 in particular. I apologize, but I thought you wanted the whole site to be permanently viewable by the public without authentication. So keep anonymous open at every level, confirm anonymous access viewing of the page, and then close one level at a time (IIS, Central Admin) until it fails, to see which levels you need open and which you don't.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now