locked
SP 2016 sites are not loading correctly RRS feed

  • Question

  • Hell All,

    I have web application which hosts multiple applications with different DNS names. We have intranet.xxxxx.com, teamsite.xxxxx.com, mysite.xxxxx.com, etc. as the main user-facing interfaces. For example photos are coming from mysite regardless of which DNS you are visiting and company specific styles and scripts are coming from intranet to ensure that the user only have to download them once. These are running in our data center on our internal network. 

    On top of that we have the Azure App Proxy, where we have set up apps for each of the DNS names belonging to these sites in order to expose them to users that are not on our network so that they can access it without VPN when working from home or from phone for example. In the external zone, each DNS points to their respective Azure App proxy app rather than to F5 like they do internally. The way the app proxy works, an app can only have one DNS so we need to set these up as separate apps. They still share the same SSL certificate and it is the same one used internally as well. Now the issue: when users access any site except the intranet site, contents such as user photos, scripts, styles, etc. are not loading up. If we access the intranet site first and then access the other ones then the issue does not occur. In working fiddler i see multiple 302 redirects happening eventually leading to the file and loading it up. In non working fiddler 302 redirects starts but soon we see a 200 response and the file which was supposed to load never loads. Engineers from Azure support has given stating that they cant do anything about it. SP engineers are of the opinion that should redesign the setup which does not make because the current design is based on the recommendations of the PFE. 


    Tuesday, July 21, 2020 9:31 AM

All replies

  • Are you using pre-auth on your AAD registered apps for your SharePoint web applications?

    Trevor Seward

    Office Apps and Services MVP



    Author, Deploying SharePoint 2019

    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Tuesday, July 21, 2020 3:09 PM
  • I am not sure i follow but we do have ADFS and SSO in place. For on-prem SharePoint we have kerberos authentication. Let me know if you need any more information. 
    Wednesday, July 22, 2020 2:28 PM
  • Hi Charlie1256,

    To look into this issue, we will need to collect large number of ULS /Fiddler logs from your environment, which cannot be done via Forum support. I am regretful that I was not able to help you much on this.

    I sincerely recommend you open a ticket with Microsoft team to have a dedicated Technical Professional to support you from here. The contact number for your region could be easily found from below website, you can simply refer to the Customer Service Representative and he/she will be glad to help you with creating a new ticket:

    Global Customer Service phone numbers: https://support.microsoft.com/en-us/help/4051701/global-customer-service-phone-numbers

    Thank you for your understanding.

    ---

    This “SharePoint Server 2016” Forum will be migrating to a new home on Microsoft Q&A, please refer to this sticky post for more details.

    Best regards,

    Chelsea Wu


    "SharePoint" forums will be migrating to a new home on Microsoft Q&A !
    We invite you to post new questions in the "SharePoint" forums' new home on Microsoft Q&A !

    Friday, July 24, 2020 6:12 AM
  • Hi Chelsea,

    Thats the first thing I did and the suggestions I received from the support were not very encouraging. They simply said they cannot do anything about it hence I posted it here. Never mind thank you for your time.  

    Friday, July 24, 2020 9:27 AM
  • I am not sure i follow but we do have ADFS and SSO in place. For on-prem SharePoint we have kerberos authentication. Let me know if you need any more information. 
    You mentioned Azure AD App Proxy which has it's own authentication method -- are you doing pass-through or pre-auth on the app you set up for SharePoint on-prem within AAD?

    Trevor Seward

    Office Apps and Services MVP



    Author, Deploying SharePoint 2019

    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Friday, July 24, 2020 4:47 PM
  • Hi Trevor,

    Thank you for looking into it. We are using Pre-Auth in AAD. 


    Monday, July 27, 2020 6:04 AM