locked
SCSM Webparts failing to load offsite. RRS feed

  • Question

  • Hello all,

    I'm having some trouble configuring the bindings in IIS/SP to get my WebContent to load properly. Last week I deployed SCSM 2012 into production and it is working swimmingly internally, no complaints yet other than from me about how much of a hog the Data Warehouse role is, I have another thread in a different section about that though. Another issue I have found is that after publishing the site through our firewall, users can access the site externally without the use of a VPN however only the top bar, and left nav bar load. The Silverlight content does not load, and I believe I have tracked this down to being an IIS configuration issue.. When accessing the site for the first time without cached credentials, it prompts to load "help.contoso.local" then loads the page except for the silverlight content and also "prdscsmbhm02.contoso.local" and then it loads the silverlight. How do I make the silverlight URL use the custom DNS and not the FQDN?

    When I installed the SSP, I specified https:443 for the webcontent, and https:444 for the service manager portal. Having users go to :444 is not acceptable though so I added a binding for our custom DNS entry of https help.contoso.local 443 * to the Service Manager Portal site and in SP Central Admin I configured an alternate mapping for the same thing. I found the URI under Application Settings in IIS that tells the SM Portal site how to reach the web content, I figured since both are using 443 on the same box there is a conflict there, so I tried changing the binding of the port on the WebContentServer site to 563 and changing the URI to reflect the change.. then the content would not load internally either.

    I also verified the web.config was being updated when the settings were being changed and it was, which has me stumped to say the least. If IIS is correct and web.config is correct, why does it not display correctly, is there somewhere else I need to change if I wish to change the port of the web content server?


    • Edited by BrianCTS Tuesday, August 7, 2012 1:24 PM
    Tuesday, August 7, 2012 1:21 PM

Answers

  • After fighting with this for several days, I just decided to publish the URL for the webcontent server through our firewall as well and now it loads correctly.

    Case closed.

    • Marked as answer by BrianCTS Wednesday, August 8, 2012 2:23 PM
    Wednesday, August 8, 2012 2:23 PM

All replies

  • After fighting with this for several days, I just decided to publish the URL for the webcontent server through our firewall as well and now it loads correctly.

    Case closed.

    • Marked as answer by BrianCTS Wednesday, August 8, 2012 2:23 PM
    Wednesday, August 8, 2012 2:23 PM
  • Hey Brian,

    I'm having the same issue... I've used 443 for web content and 444 for the portal.

    If I try to access the following URL with IE without connecting through the VPN it fails, but Chrome is actually challenging me for user name and password so it's working there:

    https://help.contoso.local/ContentHost/ClientBin/Settings.xml

    Now, if you connect to the VPN and then disconnect, it will keep working because I think it's using the cache... so it has to be an authentication issue.

    What URL did you configure on the firewall to make it work? Something like this?

    https://help.contoso.local:443/ContentHost

    Thanks!

    German.

    Friday, January 18, 2013 9:46 PM
  • Hi German,

    I essentially created a public DNS A record matching the server name and assigned it one of our public IP addresses. I then created a rule on our firewall to forward traffic from that IP to the web content server. 

    This allowed the content to be loaded without the use of the VPN. Surely there is a better solution to this and someone smarter than myself can propose that, but this is what I had to do and is what worked for me.

    Friday, January 18, 2013 9:57 PM