• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

FBA for external/ non domain only

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> SharePoint Publishing >> FBA for external/ non domain only Page: [1]
Login
Message << Older Topic   Newer Topic >>
FBA for external/ non domain only - 8.Oct.2009 6:12:42 AM   
thewardoz

 

Posts: 2
Joined: 8.Oct.2009
Status: offline
Hi

I am looking for a way to set up a rule which works differently depending on the client circumstances. So:

If the client is on a specific vlan on their laptop (so not logged onto the domain) - then get the FBA page.

If the client is on a specific vlan on their work PC (so logged onto the domain) - then automatically use domain credentials.

If the client is on the external network - then get the FBA page.

The only way I can think of doing this is to have a split domain, which we have, but any clients that are internal that hit the external NIC are dropped.
Another way would be to have separate DNS for the non domain vlan, but I want to avoid having DNS split over three areas.

Any ideas would be greatly appreciated.

Regards
Post #: 1
RE: FBA for external/ non domain only - 8.Oct.2009 11:32:33 AM   
thewardoz

 

Posts: 2
Joined: 8.Oct.2009
Status: offline
Hi

I have added another DNS record for ext.sharepointserver which I have pointed to the ISA server and then extended the default site in sharepoint to uses this new address. All seems to work very well.

Regards

(in reply to thewardoz)
Post #: 2
RE: FBA for external/ non domain only - 8.Oct.2009 12:10:15 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Well the biggest problem here is that you never said where (physically) the site is in relation to the LAN users and the ISA.  I am forced to assume that the Site is physically on the same LAN, on the same side of the ISA that the LAN Users are on.
 
If the client is on a specific vlan on their laptop (so not logged onto the domain) - then get the FBA page.
 
If the client is on the external network - then get the FBA page.

For these you use the same Web Publishing Rule.  The Rule Source is to be Exteranl and ansl an Addrress Set containing the IP Subnet of the VLAN.  The Authentication of the Rule is obviously going to be FBA.

If the client is on a specific vlan on their work PC (so logged onto the domain) - then automatically use domain credentials.

Normal LAN users (Domain member machines with Domain user accounts) are not supposed to go through the ISA to get to the Site to begin with.  They should go to the site directly.  So for them,...the URL should resolve to the specific IP# of the Web Site itself.  This is accomplished with Splt-DNS.

Everyone should use the same URL,...but it has to resolve differently depending on where the users are comming from.





_____________________________

Phillip Windell

(in reply to thewardoz)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> SharePoint Publishing >> FBA for external/ non domain only Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts