Web App, Zone, AAM: Get it right the first time

A notice about "unexpected side effects" when changing the address for the
default Zone.


------ Forwarded Message
From: Paul Stork <paul.stork@mindsharp.com>
Reply-To: "sharepointdiscussions@yahoogroups.com"
<sharepointdiscussions@yahoogroups.com>
Date: Sat, 8 Nov 2008 13:41:24 -0600
To: "sharepointdiscussions@yahoogroups.com"
<sharepointdiscussions@yahoogroups.com>
Subject: RE: [sharepointdiscussions] RE: FBA with Client Integration

That's the problem then. Extending a Web Application to Create a ZONE will
create an AAM, but they aren't the same thing. When you swapped the AAM
addresses around that didn't change the address for the Zone in the
Authentication Provider. So switching around client integration didn't
help. In general after an AAM is created by either a Web Application or a
Zone you shouldn't change the address. That's why planning the address for
the default Zone is so critical. Once its created you end up with
unexpected side effects if you try to change it.

Paul Papanek Stork /
paul.stork@mindsharp.com<mailto:paul.stork@mindsharp.com> / 216-272-0573 /
Know More. Do More.
SharePoint Server MVP, MCT, MCSE+I, MCSA, MCSD, MCDBA, MCITP, MCPD
MVP Profile<https://mvp.support.microsoft.com/profile/stork>


Come to the SharePoint Best Practices Conference in San Diego, CA: Feb. 2-4!
Register at
http://www.sharepointbestpractices.com<http://www.sharepointbestpractices.co
m/17>

From: sharepointdiscussions@yahoogroups.com
[mailto:sharepointdiscussions@yahoogroups.com] On Behalf Of Harold W.
Gravatt
Sent: Friday, November 07, 2008 7:17 PM
To: sharepointdiscussions@yahoogroups.com
Subject: RE: [sharepointdiscussions] RE: FBA with Client Integration


One thing I want to point out is that I had moved the external URL with
SSL to the Default Site to get the external URL to appear to External
Users when they have subscribed to alerts. Now when I go to
Authentication Providers the external https://mossteam.realignllc.com is
appearing in the Web Application field when I go to Authentication
Providers. I select the Extranet zone and disable client integration
and it doesn't seem to matter. My question is this. If I moved this
URL to the Default Site in Alternate Access Mappings and the internal
URL to the Intranet zone, why is this not being revealed when I go to
Authentication Providers? I would think that the Alternate Access
Mappings change should be reflected in both locations in Alternate
Access Mappings and in Authentication Providers wouldn't you?

Harold W. Gravatt, MCSE

Principal

269.978.6988 office

877.286.9120 toll free

hgravatt@realignllc.com<mailto:hgravatt%40realignllc.com>

Want to learn more about Realign? Visit our website.
<http://realign.tech.officelive.com/>

From:
sharepointdiscussions@yahoogroups.com<mailto:sharepointdiscussions%40yahoogr
oups.com>
[mailto:sharepointdiscussions@yahoogroups.com<mailto:sharepointdiscussions%4
0yahoogroups.com>] On Behalf Of Paul Stork
Sent: Friday, November 07, 2008 7:04 PM
To:
sharepointdiscussions@yahoogroups.com<mailto:sharepointdiscussions%40yahoogr
oups.com>
Subject: [sharepointdiscussions] RE: FBA with Client Integration

In SharePoint you enable the creation of a persistent cookie by click
the 'remember me' check box on the login page. You also have to enable
client integration when you setup the Authentication provider in the
Application management tab of Central Admin.

Paul Papanek Stork /
paul.stork@mindsharp.com<mailto:paul.stork%40mindsharp.com>
<mailto:paul.stork%40mindsharp.com>
<mailto:paul.stork@mindsharp.com<mailto:paul.stork%40mindsharp.com>
<mailto:paul.stork%40mindsharp.com> > / 216-272-0573 / Know More. Do
More.
SharePoint Server MVP, MCT, MCSE+I, MCSA, MCSD, MCDBA, MCITP, MCPD
MVP Profile<https://mvp.support.microsoft.com/profile/stork>

Come to the SharePoint Best Practices Conference in San Diego, CA: Feb.
2-4!
Register at http://www.sharepointbestpractices.com<
http://www.sharepointbestpractices.com/17>

From:
sharepointdiscussions@yahoogroups.com<mailto:sharepointdiscussions%40yahoogr
oups.com>
<mailto:sharepointdiscussions%40yahoogroups.com> [mailto:
sharepointdiscussions@yahoogroups.com<mailto:sharepointdiscussions%40yahoogr
oups.com>
<mailto:sharepointdiscussions%40yahoogroups.com> ] On Behalf Of Harold
W. Gravatt
Sent: Friday, November 07, 2008 6:45 PM
To:
sharepointdiscussions@yahoogroups.com<mailto:sharepointdiscussions%40yahoogr
oups.com>
<mailto:sharepointdiscussions%40yahoogroups.com>
Subject: [sharepointdiscussions] FBA with Client Integration

All,

The External Collaboration Toolkit for SharePoint allows me to install
ADAM, IIS, WSS, .Net Framework 3.0, ASP.NET onto a W2K3R2SP2 server and
allow external users to use their email address for authentication
against the ADAM store. However, one feature that does not work is
enabling FBA with Client Integration. Therefore, the context menu that
includes Edit in Microsoft Office Word or Excel is not supported and
does not function correctly. I talked to Dave Mowers at Securitay and
he suggested enabling persistent cookies. IE 7 enables persistent
cookies supposedly by adding the URL to the Trusted Sites list.
However, using this advice to enable persistent cookies using IE 7 does
not seem to do the trick.

I am all ears to another workaround or solution would be nice. I
haven't installed DotNetNuke yet, but that supposedly works with FBA and
Client Integration enabled.

Harold W. Gravatt, MCSE

Principal

269.978.6988 office

877.286.9120 toll free

hgravatt@realignllc.com<mailto:hgravatt%40realignllc.com>
------ End of Forwarded Message