Solved

Sharepoint 2010 architecture question

Posted on 2014-01-27
8
321 Views
Last Modified: 2014-05-06
I have inherited a network with Sharepoint 2010, two FE's running behind a load balancer with SQL on a seperate server. Internal users access over http and sharepoint is a published application through ISA 2006 for external users who access over HTTPS.
I need to change everyone over to HTTPS but I am unsure what the best plan is and what impact this will have on the user experience. eg will internal users start to get prompted for credentials when opening an office document (persistent cookie issue)... what about cert names and how will I prevent internal users being routed externally as the URL will obviously change to https://sharepoint.mydomain.com so the SSL cert will check out. What about old http links will a simple redirect work.. as you can see I have quite a bit to cover

I have limited knowledge of Sharepoint so I am eager to see how other people are handling internal and external users and HTTPS access.
Thanks
0
Comment
Question by:Sid_F
  • 4
  • 2
8 Comments
 
LVL 44

Expert Comment

by:Rainer Jeschor
ID: 39814237
Hi,
how is the current setup configured? Is the ISA server doing the SSL stuff and talks then internally to SharePoint using HTTP?
Thanks.
Rainer
0
 
LVL 6

Author Comment

by:Sid_F
ID: 39814334
Yes that's correct. Thanks
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 39900962
I ironically I am in the process of cleaning up my sharepoint environment as well.

Which has two FE's 1 app server an a clustered DB. The 2 FE's are behind a hardware load balance.  The external / internal sites are access via https..

Here is what I have do in my environment to help correct things.

1) Create a test sharepoint environment in lab. You and do a sharepoint farm backup then do any alternate retore to you lab and test all settings before doing them live.

2) Do you have alternate Address mappings? Unfortunalty we do not which is not correct. If you could edit the mapping for your internal clients.

I already assume the certificate is on your sharepoint servers and imported into sharepoint under managed trust
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Author Comment

by:Sid_F
ID: 39902729
I only have to understand the process and the elements involved. Implementation is handled by another person although I would like to get more up to speed using my test server. If I go back to basics for a moment and suppose I have a standard http Sharepoint 2010 setup. Should I be using AAM's to change this over to HTTPS for internal users or am I way off!
0
 
LVL 20

Accepted Solution

by:
compdigit44 earned 500 total points
ID: 39903510
I am not an expert in SharePoint by a long shot but I believe this all needs to be done in SharePoint.

See if this link helps: http://www.mssharepointtips.com/tip.asp?id=1102&page=2

Also in my environment our main sharepoint site uses https but redirects to other http sites without issue

THs is a good video on SharePoint 2010 AAM's : http://technet.microsoft.com/en-US/video/dn153778
0
 
LVL 6

Author Comment

by:Sid_F
ID: 39920150
Thanks I will see if the AAM's do the trick
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 40044184
Thanks
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question