Solved

Sharepoint 2010 architecture question

Posted on 2014-01-27
8
319 Views
Last Modified: 2014-05-06
I have inherited a network with Sharepoint 2010, two FE's running behind a load balancer with SQL on a seperate server. Internal users access over http and sharepoint is a published application through ISA 2006 for external users who access over HTTPS.
I need to change everyone over to HTTPS but I am unsure what the best plan is and what impact this will have on the user experience. eg will internal users start to get prompted for credentials when opening an office document (persistent cookie issue)... what about cert names and how will I prevent internal users being routed externally as the URL will obviously change to https://sharepoint.mydomain.com so the SSL cert will check out. What about old http links will a simple redirect work.. as you can see I have quite a bit to cover

I have limited knowledge of Sharepoint so I am eager to see how other people are handling internal and external users and HTTPS access.
Thanks
0
Comment
Question by:Sid_F
  • 4
  • 2
8 Comments
 
LVL 44

Expert Comment

by:Rainer Jeschor
ID: 39814237
Hi,
how is the current setup configured? Is the ISA server doing the SSL stuff and talks then internally to SharePoint using HTTP?
Thanks.
Rainer
0
 
LVL 6

Author Comment

by:Sid_F
ID: 39814334
Yes that's correct. Thanks
0
 
LVL 19

Expert Comment

by:compdigit44
ID: 39900962
I ironically I am in the process of cleaning up my sharepoint environment as well.

Which has two FE's 1 app server an a clustered DB. The 2 FE's are behind a hardware load balance.  The external / internal sites are access via https..

Here is what I have do in my environment to help correct things.

1) Create a test sharepoint environment in lab. You and do a sharepoint farm backup then do any alternate retore to you lab and test all settings before doing them live.

2) Do you have alternate Address mappings? Unfortunalty we do not which is not correct. If you could edit the mapping for your internal clients.

I already assume the certificate is on your sharepoint servers and imported into sharepoint under managed trust
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 6

Author Comment

by:Sid_F
ID: 39902729
I only have to understand the process and the elements involved. Implementation is handled by another person although I would like to get more up to speed using my test server. If I go back to basics for a moment and suppose I have a standard http Sharepoint 2010 setup. Should I be using AAM's to change this over to HTTPS for internal users or am I way off!
0
 
LVL 19

Accepted Solution

by:
compdigit44 earned 500 total points
ID: 39903510
I am not an expert in SharePoint by a long shot but I believe this all needs to be done in SharePoint.

See if this link helps: http://www.mssharepointtips.com/tip.asp?id=1102&page=2

Also in my environment our main sharepoint site uses https but redirects to other http sites without issue

THs is a good video on SharePoint 2010 AAM's : http://technet.microsoft.com/en-US/video/dn153778
0
 
LVL 6

Author Comment

by:Sid_F
ID: 39920150
Thanks I will see if the AAM's do the trick
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 40044184
Thanks
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sharepoint data after Hyper-V restore 4 22
WMI - Issue Server 2012 R2 1 18
dnscache is required for Active directory replication? 3 50
Join with a SQL Server STUFF 5 33
OfficeMate Freezes on login or does not load after login credentials are input.
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question