Saturday, November 24, 2012 5:17 PM
I have to design and implement a sharepoint 2010 enterprise intranet, internet and extranet platform where external users authenticate first through UAG and get a single sign on experience.
(So UAG passes credentials to sharepoint)
Does anyone have any links or docs about how to set up something like this?
I can't find any good info anywhere - bit and pieces yes but I'd like some kind of guide really!
- Edited by xyz2012 Saturday, November 24, 2012 5:19 PM
Saturday, November 24, 2012 6:43 PMModeratorHow you do this really depends on your scenario. Are you using AFDS? Claims Web Apps? Classic NTLM or Kerberos? There are a lot of scenarios covered if you search for "SharePoint UAG Single Sign On", and like I said, they vary depending on authentication method.
Saturday, November 24, 2012 7:56 PM
Thanks for your answer.
I want to use whatever is simplest to implement. I do not want ADFS as you need a trust to the domain which the external user is on.
Kerberos is a bit complex.
Will classic NTLM work? If so are there any drawbacks? Do you need AD in the perimeter domain? Can I use ADLS? I read that UAG does not support ADLS...is this true?
Classic NTLM sounds like the simplest way to do this - is it?
Have you ever used classic ntlm in an extranet with uag and sharepoint?
Monday, November 26, 2012 4:27 AMModerator
Kerberos isn't usable over the Internet regardless :) If your web applications are going to be using NTLM, that should be fairly easy. UAG isn't my strong point, but here are a couple of articles:
- Marked As Answer by Qiao WeiMicrosoft Contingent Staff, Moderator Thursday, December 06, 2012 7:10 AM