Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
Sharepoint External Access on SBS 2008 for External User Colaboration

Answered Sharepoint External Access on SBS 2008 for External User Colaboration

  • Wednesday, September 01, 2010 1:51 PM
     
     
    Sign In to Vote
    0

    Hello All,

    I am looking to allow a user into an SBS 2008 site to access SharePoint 2007 and collaborate on projects off of the companyweb and shared calendaring. I have looked at the options available and I am leaning towards AD LDS as the authentication solution. The internal website is accessed off of http://companyweb. I will create another website something like: sharepoint.contoso.com and pointing to the SharePoint site internally.

    I have George Khalil's information on a step by step deployment of AD LDS. http://www.gk.id.au/2009/05/ad-lds-sharepoint-and-forms-based.html As well as the TechNet deployment and testing process. http://technet.microsoft.com/en-us/library/cc754486(WS.10).aspx

    I believe I have everything I need and I am ready to deploy. I started a test on an SBS2008 VM in Hyper-V and just ran through the steps however this is just installed on my laptop and not fully deployed so SBS is incomplete. MY question is this: Is this the preferred or best means of authentication for external users attempting to access SharePoint on SBS2008?

    Thanks for your help...

    Cheers
    Jeremy

     

     

     

All Replies

  • Wednesday, September 01, 2010 11:04 PM
    Moderator
     
     
    Sign In to Vote
    0

    George's detailed post is about as good as it gets. Saying that, I don't know anyone who has tried to implement LDS on an SBS 2008 server. I will check with the SBS Support team.

    If you do proceed, be sure to do a full image backup of your server, and separate SQL backup of your Sharepoiint site, just in case you need to restore things back to the way they were!

    -Kevin Weilbacher (SBS MVP)
    "The days pass by so quickly now, the nights are seldom long"
    KW Support MVP Blog
    MVP's do NOT work for Microsoft. We give our time freely to support the SBS community!
     
  • Wednesday, September 01, 2010 11:20 PM
    Moderator
     
     
    Sign In to Vote
    1

    Jeremy, outside of the specific steps required to install AD LDS, I must point out that per the SBS 2008 Eula anything other than anonymous access requires an SBS CAL, regardless of where the authentication takes place.

    P.S. See Chad's excellent writeup on this subject:
    http://msmvps.com/blogs/cgross/archive/2005/04/02/40723.aspx

    -Kevin Weilbacher (SBS MVP)
    "The days pass by so quickly now, the nights are seldom long"
    KW Support MVP Blog
    MVP's do NOT work for Microsoft. We give our time freely to support the SBS community!

     
  • Friday, September 03, 2010 2:56 PM
     
     
    Sign In to Vote
    0

    Kevin,

    Thanks for that article it was very helpful. One of the items mentioned in the article is using SBS as a sharepoint external connector. There is the 75 cal limit which in this case is not a problem.

    So my question would be if not LDS then what is the way to make Sharepoint available to an external user without giving them an AD account and all that goes along with it?

    Cheers
    Jeremy

     
  • Friday, September 03, 2010 4:44 PM
     
     Answered
    Sign In to Vote
    0

    Found an answer through googling it to death! This is posted on the MPECS Inc website and is authored by Philip Elder. This is going to be my jumping off point and hope this helps someone else looking to do the same. Cheers

    SBS 2008 – Companyweb and SharePoint Internet Collaboration a Big Plus

     

    On SBS 2003, giving external users access to other SharePoint sites within the SBS SharePoint v2 framework was difficult to do. Especially if the external users were not to have access to the root Companyweb SharePoint site.

    In SBS 2008, this is no longer the case. When we go to create a new site collection dedicated to a collaborative task, we can set the permissions on that site respective of any other SharePoint site on the SBS 2008 box.

    For example, we have a new project collaboration need for our upcoming SBS 2008 Advanced Blueprint book. So, we would create a new site collection on one of our SBS 2008 server and give it the following URL:

    Now, we need at least 4 user CALs for this particular project dedicated to this task as we are going to give the collaborators a username and password that have been set up for this collaborative task.

    Those usernames would be set up with permissions on the new site collection along with any of our internal SBS users, such as mine, and we are good to go. None of the default SBS 2008 SharePoint user groups will be given access to the new site collection. The external users would not be in the default SBS 2008 SharePoint groups either, so no access to the root Companyweb.

    Anyone with no need to access the collaborative site will not have access to it. The same is true with the search and any search results for a particular user that does not have permissions to a particular site collection.

    Creating a collaborative environment within SharePoint on SBS 2003 was probably one of the more troubling requests we could receive for a single server client site scenario for those that wanted to keep things in-house.

    UPDATE: As per Nathan’s comment, the :987/ was missed in the original Internet facing URL. Fixed. Thanks!

    Philip Elder
    MPECS Inc.
    Microsoft Small Business Specialists

    • Marked As Answer by VirtexIT Friday, September 03, 2010 4:44 PM
    •