We are currently rebuilding and redesigning our intranet, moving from a Joomla based CMS to Sharepoint Foundation 2010. I've been all over Google and read numerous articles on Forms-Based Authentication and such. We have a need to "extend" the web applications of SP to external users in our company, that are not on the main domains. We have our SP set up in the following way:
2 Win 2008R2 servers
Primary server: SP Foundation 2010, MSSQL 2008, main SP database and site collections
Secondary server: SP Foundation 2010 (same farm), content pages. (These are not online yet.)
Sharepoint itself works fine internally. Also, I've been able to successfully set up forms based authentication on a test site collection and it also works fine internally.
Now, at this point, we'd like to extend the main web application (Sharepoint - 8080) to the outside with a custom domain name (http://mysite.mydomain.com, for example).
I have taken the following steps:
1. Converted the original web app from Windows authentication to Claims authentication.
2. Extended the web app through the following process:
a. From Manage Web Applications in Central Admin, I clicked on the main site, and clicked "Extend.
b. I followed the screen, creating a new site, using the my external URL as the name, port 80 for the default port, the external url as the host header, Yes to Allow Anonymous, No to SSL (testing for now), checked both Enable Windows Auth and Enable FBA, filled in my provider name and manager name from the working config, and accepted all other defaults.
3. FBA was previously configured through a test site and is confirmed to be working on that site, but I cannot test on the new site.
I am unable to access the new extended site internally to test FBA, I get a 404 error on that site.
I've been spending a lot of time on this and I'm pretty fried. Hoping someone can help me out here.
Is this environment load balanced?
When you resolve the DNS address, does it resolve to the same IP internally as it does externally?
Does the IIS site (on all of your web front ends) for your newly extended web app contain in the IIS bindings, the host header?
From your web front end, can you directly access your user store? (whether that be the SQL DB, the AD-LDS instance, or otherwise)
What are the zones that you extended your web application to, along with their associated Authentication Provider settings? (I know you mentioned this, this is more to spur you to just make sure that they are associated correctly for your environment)