MOSS 2007 – Installation Intranet – Extranet – Internet

Banques de données déà installées depuis le setup:
Central Administration:
DB:                         SharePoint_Config
ApplicationPool:         SharePoint Central Administration v3 (Application Pool 01)
DB:                         WSS_Search_LORSRV011
Creation du SSPInternal
 les sites intranet seront sécurisés: LorSrv011 Sharepoint   —   Intranet   —   MySites  —    Projekte    —   Internet
Konfigurieren Sie die TCP/IP Einstellungen auf dem Server, so dass eine IP Adresse für jede Site gibt.
(multiples IP peuvent être assignée sur un seul NIC: IP configuration – advanced Properties – add IP address)
Konfigurieren Sie DNS so, dass die Hostnamen und entsprechenden IP adressen aufgelöst werden können.
Konfiguriren Sie jede Website, so, dass sie eigene IP Adresse verwendet
Fonctionne aussi avec SSL
autre solution Port différents avc la mêmem IP (attention, n’est pas ideal en cas d’utilisation SSL, car il est plus pratique d’avoir toujours le même port 443.
autre solution , même IP, même port mais les hostheaders changent ex http://Corpintranet – et http://SalesIntranet –, konfig DNS und Website – hate Nachteile, funktionniert nicht mit SSL
pour mieux comprendre ces solution, consulter IIS 7.0 Taschenratgeber – p 158
Création SSP Internal
port: 55552
Central Administration > Application Management > Manage this Farm’s Shared Services  
SSPName                          SSP02_55551
SSP Service Credentials :    User Applicationpool    lorsinclair\LorSSP02Services – Pwd:  Jupiter11

                                               Shared Service Provider (SSP#_Service) => LorSSP02ervices
User:                              LorSSP02Services — The account only needs to be a basic Domain Account with no specific permissions set.
Web Application:                              SSP02_55552 
Database Name and Authentication     WSS_Content_SSP02_55552 -NTLM Athentification
ApplicationPool:                               SSP02_55552
User:                                             Lorsinclair\LorSSP02Services (doit être le même que le Shared Service Provider credentials)
My Site Location:
Create new WebApplication en mode SSL (https)
préalablement, TCP/IP config – ajout d’une IP:
puis , creation d’un enregistrement dans DNS:
Host A: mysites
website:                                    mysites_443
Load Balanced URL                       https://mysites:443
Application Pool                          mysites_443

ApplPoolUser                             Lorsinclair\LorMySites  
Database Name                        WSS_Content_MySites
Cration de la banque pour SSP
SSP Database                              SSP02_55552_DB                    
 Search Database                         SSP02_55552_Search_DB
SSL for Web Services (SSP02)                    no

Creation du Certificat pour Sharepoint Server

Using internal CA for Sharepoint p 690 Sharepoint 2007 Unleashed
Open IIS Manager – (start all programms – administrative tools – IIs)
Server Cerificate:
Create Domain Certificate
Distinguished Name properties
Common name: mysites
Legt den allgemeinen Namen Ihrer Website fest. Wenn das Zertifikat in einem Intranet verwendet wird, kann der allgemeine Name
ein Wort sein. Er kann aber auch Netbios sein Name sein des Servers, w B CorpIntranet.
Wenn das Zertifikat im Internet verwendet wird, muss der allgemeine Name ein gültiger DNS-Name sein, w. z.B
Organisation: LorSinclair Corporation
Name der Organisation, w ZB microsoft Corporation
Organisationeinheit: Technology
legt die Abteilung Ihres Unternehmens fest, die für das Zertifikat verantwortlich ist, zB IT Abteilung
City: Neyruz
State: Fribourg
Country : CH
Online Certification authority             LorPKI\
 friendly name: LorPKI
Suite Config MySites en mode SSL (https)
 aller sur le site: IISManager – aller sur website MySites  , cliquer sur le panneau de droite icône SSL settings: check require SSL 128 bits
aller sur Kontext Menu -Edit Bindings: (Rechte Maustaste positionné sur website MySites)
Type                    https
IP Adresse   port: 443
SSL Certificate       LorPKI (d’un champs de selection)
Ajouter un user to SSP admin
  1. Start off by logging into the SSP admin site.
  2. Now you need to add the user just like you would to any other site. Click Site Actions > Site Settings
  3. Under Users and Permissions click Advanced permissions
  4. Click New > Add Users
  5. Enter your user and put them in a group. Normally I just place them in the Viewers group and hit OK

Now your user can log into the SSP and manage search settings, the Excel Service Settings, and can view the various links list. So how do you give them more permissions? Well in order to do that you need to give them some more access.

  1. Under User Profiles and My Sites click Personalization services permissions.
  2. Click Add Users/Groups
  3. Enter your users name select which permissions you would like to bestow upon them and click Save.

What are all of these different permissions? I am glad you asked. J

  • Create personal site gives the user the capability to create and use a My Site. Going deep here will have to be saved for another day but if you want to make that My Site link disappear take away this right from the users. But you didn’t give it to them. Why do they have it? Go back to the manage permission screen. All authenticated users were given this right by default.
  • Use personal features is another topic for another day. Essentially though this provides the My Links functionality and allows users to manage their Colleagues.
  • Manage user profiles this allows your user to do just that. Get in there and modify the profiles for this SSP. Give them this right and now they can access the links: User profiles and properties, Profile services policies, and My Site Settings.
  • Manage audiences you guessed it but now you can click that handy little Audiences link. Once you are there you can set the schedule or define the rules for building those global audiences.
  • Manage permissions this will let that user modify Personalization services permissions (the stuff we are doing right now).
  • Manage usage analytics this gives the user access to make changes to Usage reporting. Small bug here but if the user doesn’t have this right they can still open up the screen. Then if they make a change and hit ok they get a 403 forbidden error. Reminds you of SPS 2003 doesn’t it. J

So now if you have given the user all of those permissions they should be a happy camper? Depends. If you have MOSS Enterprise then probably not because they still can’t manage the BDC. Yikes! More to do.

  1. Click Business Data Catalog permissions from the main screen of the SSP
  2. Click Add Users/Groups
  3. Enter your user, select their permissions and click Save
Creation Internet
 Création SSP Internet 

port: 55553
Central Administration > Application Management > Manage this Farm’s Shared Services  
SSPName                          SSP03_55553
SSP Service Credentials :    User Applicationpool    lorsinclair\LorSSP03Services – Pwd:  Jupiter11

                                               Shared Service Provider (SSP#_Service) => LorSSP03ervices
User:                              LorSSP03Services — The account only needs to be a basic Domain Account with no specific permissions set.
Web Application:                              SSP03_55553 
Database Name and Authentication     WSS_Content_SSP03_55553 -NTLM Athentification
ApplicationPool:                               SSP03_55553
User:                                             Lorsinclair\LorSSP03Services (doit être le même que le Shared Service Provider credentials)

DNS                                      Host A – SSP03 –


IIS – Bindings sur SSP03:         HOST Header: SSP03 – IP Address: all unassigned – Port 55553    

My Site Location: meme WebApplication que pour SSP
Creation de la banque pour SSP
SSP Database                              SSP03_55553_DB                    
 Search Database                         SSP03_55553_Search_DB
SSL for Web Services (SSP03)                    no
Creation de la web applivation par defaut: www port 80 – Internet
Create a new IIS web site           www_80
Port                                        80
Host Header                             www
Path                                       wwwroot\wss\VirtualDirectories\www_80
Load Balanced URL                    http://www:80
Application Pool                        www_80
user                                       LorSinclair\LorWwwAppPool
Database Name                        WSS_Content_www_80
Creation de la zone publique internet
extend web application to another website
Create a new IIs website :
port:                                  80
Host Header :            
Path                                  C:\inetpub\wwwroot\wss\VirtualDirectories\www.lorsinclair.com80
Load Balanced Url :     
Zone                                  internet
voir aussi les résultats des opérations dans
Central Administration > Application Management > Authentication Providers  (mod autehntification se trouve à cet endroit)
Central Administration > Operations > Alternate Access Mappings  

Construction des variations


Creation du site Variation Root
Create site collection
Choisir web application : http://www
Title:                          variation root
language:                    english
template:                     publishing portal
aller sur http://www
DNS préalablement mis a jour pour que site fonctionne
site settings- Modify all site setting
Variation settings:
Variation Home : / 
automatically create site and page variation
recreate new target
update target web pag
send resources
copy ressource
Define Labels
Variation Labels
New Label for F – D – E
type labe : F – D – E
site template language : french -german – english
Hierarchy: Publishi aites and all pages
source variation
set publishing template
puis procéder à la creation de la hierarchie
Content deployment
se fait au niveau de la web application , qui contient les sites collections variation

Content deployment can be configured within a single server farm. In this topology, authors work in one site collection and deploy to a duplicate publishing site collection on the same farm. The site collections are in separate Web applications, and they use separate databases on the same computer running Microsoft® SQL Server™. Security is managed by granting users permissions to the content rather than by using separate Active Directory domains.



 Athentification anonyme:
Application Management – Authentification Providers under Application Security group
(Enable anonymous access)
next step is to enable  a sharepoint site to allw for anonymous access. Browse to the desired Shrepoint site site settings page and select avanced permissions from its parents. Break inheritance by selecting Actions – Edit Permissions
On the change Anonymous Access Settings page, select Entire Web site and click OK (p303, Sharepoint 2007 web content management)

Cet article a été publié dans Microsoft - MOSS 2007. Ajoutez ce permalien à vos favoris.

Laisser un commentaire

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:


Vous commentez à l'aide de votre compte Déconnexion /  Changer )

Photo Google+

Vous commentez à l'aide de votre compte Google+. Déconnexion /  Changer )

Image Twitter

Vous commentez à l'aide de votre compte Twitter. Déconnexion /  Changer )

Photo Facebook

Vous commentez à l'aide de votre compte Facebook. Déconnexion /  Changer )


Connexion à %s