Solved

Sharepoint 2007 in a newly merged organization

Posted on 2013-10-22
7
404 Views
Last Modified: 2013-10-23
We have just merged with another company. We have a Two-Way Forest trust established successfully between us, Domain A and them, Domain B. We are trying to give users in Domain B access to Sharepoint.  

The issue is that users from Domain B are being challenged for a username and password when connecting to a site on Sharepoint at Domain A.     Once they login, there are little anomalies  that have to do with permission (see description below).   We, Domain A, are a Windows 2003 domain with Sharepoint 2007 running.  Domain B, is a Windows 2008R2 domain running at Windows 2003 functional level.

 In Sharepoint we have gone into Shared Services Administration> User Profiles and Properties>View Import Connections and created a new connection to Domain B's Active Directory.  The Domain B's users now appear in View User Profiles.

Besides being challenged for the un/pw, when they get to the site, the little attachement paperclip icon does not appear, replaced with a generic red X as if the folder permissions in IIS are not correct (the clip is in _images folder).

Any advice on what we have done wrong or left out would be appreciated.  Talk slowly, we aren't Sharepoint people.
0
Comment
Question by:Dgreenbaum
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 44

Expert Comment

by:Rainer Jeschor
ID: 39593391
Hi,
for the username/password prompt. Can you verify if the SharePoint url is added to the "Local Intranet Zone" of the users of domain B?
You could verify this by letting a user of domain B just open the SharePoint site. IE should show in the bottom status bar its zone (for IE>=8 - for IE>8 its under menu "File" -> "Properties").
By default IE sends the current credentials only to sites listed in the local intranet zone - not in the Trusted sites zone. But please remember - depending on the IT configurations it might be that they are using Group Policies to push IE configurations and can even block changes on the client side.

For the image issue - you should never directly change anything in IIS manager because this can cause issues afterwards as SharePoints internal config could now be out of sync.

The question is, why does it show the red X: due to a 404 not found or due to a 401 permission denied. To track that you might use either a proxy tool like Fiddler or use IE built-in dev tools (shortcut is F12). You will find a tab "Network", then "Start capturing" and now open the page. Images are normally stored under "_layouts/images" (but thats my local SP2010 - I would have to verify this afternoon when I have access to a running MOSS 2007 instance).

HTH
Rainer
0
 

Author Comment

by:Dgreenbaum
ID: 39594443
Hi Rainier... I wil pursue your suggestions and report back.   Thanks so much.

David
0
 

Author Comment

by:Dgreenbaum
ID: 39594879
Hi.

I'm excited to say adding the site to the Intranet worked!

regarding the apparent broken link, on the iIE Dev tools page I found no Network tab.  We are still on IE8.  Is that only available in later versions?
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 

Author Comment

by:Dgreenbaum
ID: 39594883
I neglected to say that our domains are connected through a point to point IpSec tunnel.
0
 
LVL 44

Accepted Solution

by:
Rainer Jeschor earned 500 total points
ID: 39595473
Hi,
OK so logon issue solved.
I have no IE8 at hand to verify but it could be that this tab was introduced in a newer version of IE.

When you right click on the image and then properties - what address/url is shown?
What happens if you copy this url and paste it to a new browser tab/window?
Could you perhaps post this url here?

Thanks.
Rainer
0
 

Author Comment

by:Dgreenbaum
ID: 39596420
Hi Rainier.  I got it to work!   Your suggestion to copy the url was exactly the clue I needed.

When I saw it I knew the problem.   In our two way forest trust we have not yet created a forward lookup zone in dns in each other's domains.  The Sharepoint site was being accessed from Domain B with the FQDN:  http://sharepointserver.domainA.local/website/default.aspx.  

That worked for the Sharepoint site but the .gif in question, once they got to the site, was just  http://sharepointserver/website/_layouts/images/attach.gif; no FQDN.

I created a A record in DNS on Domain B to point to Sharepointserver.   The little attachment paper clip .gif could then be found with just the Sharepointserver name.

Thanks for the guidance,
David
0
 

Author Closing Comment

by:Dgreenbaum
ID: 39596421
Once Rainier heard the whole story he knew just where to look for the answer.  With his help it was clear as a bell.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question