Scenario:How to make a SharePoint 2010 site externally available?
Explanation:This is a very
fundamental scenario that many SharePoint developers may encounter in
the SharePoint world. A SharePoint site can be made externally available
by following the steps below:
Point the desired host name (i.e. portal.sitename.com for example) to
the public ip address of the SharePoint server (may it be the ip of the
server in a single server farm or the load balancer in a multi server
farm). Typically the network administrator does this.
Once that has been set, all the requests for
http://portal.sitename.com will be directed to the specified SharePoint
Server. But the SharePoint server needs to know which site to serve for
such requests. Therefore we need to configure host name bindings in IIS.
Open up IIS Manager and select the desired sharepoint site and choose "Edit Bindings"
In the resulting screen, click edit
Next, provide the host name (portal.sitename.com in this case)
Now its time to configure Alternate Access Mappings in SharePoint. Go to
Central Admin > Application Management > Alternate Access
Mappings.
Click on "Edit Public URLs" and then choose the appropriate Alternate Access Mapping Collection.
All looks fine now. At this point, if you create a new site
collection and try to access the host (http://portal.sitename.com) from a
different machine than the server, it works. But if you try to access
the host from within the server, you may get a 404 page not found error.
While we are aware of the problems that SharePoint can encounter
related to the Windows Server loopback check issue and host headers, I
just wanted to reiterate that while it is OK to outright disable the
check in dev/qa environments, we should instead be specifying a list of
acceptable host names in the registry for production environments.
Completely disabling the check is a security hole that would likely
be picked up should one of our production environments be audited.
Both techniques for handling the Loopback check issue are covered in this KB article:
http://support.microsoft.com/kb/896861
Thanks to our Practice Lead David Perkinson for helping me resolve this issue.
Specify host names (Preferred method if NTLM authentication is desired)To
specify the host names that are mapped to the loopback address and can
connect to Web sites on your computer, follow these steps:
- Set the DisableStrictNameChecking registry entry to 1. For more
information about how to do this, click the following article number to
view the article in the Microsoft Knowledge Base: 281308
(http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a
Windows 2000-based computer or a Windows Server 2003-based computer may
not work with an alias name
- Click Start, click Run, type regedit, and then click OK.
- In Registry Editor, locate and then click the following registry
key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
- Right-click MSV1_0, point to New, and then click Multi-String Value.
- Type BackConnectionHostNames, and then press ENTER.
- Right-click BackConnectionHostNames, and then click Modify.
- In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
- Quit Registry Editor, and then restart the IISAdmin service.
Now we should be able to access the site using the host name both internally as well as externally.
Reference:
http://underthehood.ironworks.com/2010/06/making-a-sharepoint-2010-site-externally-available-alternate-access-mappings-host-header-bindings.html
