Accessing Sharepoint 2013 externally for domain users and customers
Just an FYI I am not a SP administrator by any means but have be tasked with taking over this project and could use some assistance.
Sharepoint 2013 is working fine internally. Users access the site and login with their domain credentials. Our client is moving one of their departments to another building down the street and we'd like them to be able to access local resources without the
use of another server or site to site vpn or standard vpn.
My question is, how do we make Sharepoint accessible outside of their local network?
If we open up a port on the router and have it forward all request to Sharepoint server will we be able to access it?
Also, how will they authenticating with the Sharepoint Server? Do they use the same user credentials?
I forgot to mention this is Sharepoint 2013 Enterprise Edition. We are also using Project Server 2013 as well.
Thanks in Advance
Hi 3s1k,
According to your description, my understanding is that you want to access the SharePoint site from Internet.
You need to first ensure that you enable Anonymous Access for your web application. You'll then need to set up DNS for the domain you own to point to your web front end server (or virtual IP if it's load balanced). Then set up the appropraite IIS bindings
for the web application, and finally you'll need to extend your web application to an Internet Zone and give it the appropriate domain name.
There are some similar posts for your reference:
https://social.technet.microsoft.com/Forums/en-US/2277d710-ed05-4613-bd66-fd12e4d64b61/sharepoint-intranet-site?forum=sharepointadminprevious
https://social.technet.microsoft.com/Forums/sharepoint/en-US/fd968a08-393b-41c0-a916-c48ce0f83104/configure-sharepoint-2013-for-accessing-over-internet?forum=sharepointadmin
http://sharepoint.stackexchange.com/questions/54315/sharepoint-2013-extranet-acces-outside-the-internal-network
Best Regards,
Wendy
Wendy Li
TechNet Community Support
Similar Messages
-
SharePoint 2013 permissions for each user
I am working on my own SharePoint 2013 test site and I need to grant permission to the test accounts. I want to make certain the 3 test accounts can not see the lists, files, and workflows that the other users created.
Do I need to grant permission at the site level, user level, custom list level, for each workflow, and/or for each custom form? Do I invite each user and/or 'share' with each user? Can you tell me and/or point me to a source that will tell me what level
of permission I need and how to grant this type of permission?Wendy,
In sharepoint, you can grant permission at any level you want. That permission will carry forward by default until someone break them and configure unique permission.
In ideal case, we recommend to use share security group to grant permission and not grant to individual user. Also try to restrict 2 default site group (Owner/member/viewer) as much possible, but in reality ppl break these rule often and eventually end up
with maintenance overhead.
I will recommenced you and everyone to go through this nice ppt which clears sharepoint permission idea in our mind.
Here you go - SharePoint
Permissions Worst Practices
Please 'propose as answer' if it helped you, also 'vote helpful' if you like this reply. -
Hi Experts,
I am facing an issue while accessing SharePoint 2013 news feed REST api URL <SiteCollectionURL>/_api/social.feed/my/news from browser giving error "The server encountered an
error processing the request. See server logs for more details."
This is happening after posting the image to news feed without entering any text or description with that. If i post an image with some text or description, then i can able to get the feeds. Or else if i delete the image post then also i can able to get
the feeds.
I can able to see below logs in log files.
Exception occured in scope Microsoft.Office.Server.Social.SPSocialRestFeed._SerializeToOData. Exception=System.MissingMethodException: No parameterless constructor defined for this object. at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache,
StackCrawlMark& stackMark) at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache, StackCrawlMark& stackMark) at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at System.Activator.CreateInstance(Type type) at Microsoft.SharePoint.C...
...lient.ValueTypeConverter.<GetODataProperties>d__2.MoveNext() at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteProperties(IEdmStructuredType owningType, IEnumerable`1 cachedProperties, Boolean isWritingCollection,
Action beforePropertiesAction, Action afterPropertiesAction, DuplicatePropertyNamesChecker duplicatePropertyNamesChecker, EpmValueCache epmValueCache, EpmSourcePathSegment epmSourcePathSegment, ProjectedPropertiesAnnotation projectedProperties)
at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteComplexValue(ODataComplexValue complexValue, IEdmTypeReference metadataTypeReference, Boolean isOpenPropertyType, Boolean isWritingCollection, Action beforeValueAction, Action afterValueAction,
DuplicatePropertyNamesChecker duplicatePropertyNa...
...mesChecker, CollectionWithoutExpectedTypeValidator collectionValidator, EpmValueCache epmValueCache, EpmSourcePathSegment epmSourcePathSegment, ProjectedPropertiesAnnotation projectedProperties) at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteProperty(ODataProperty
property, IEdmStructuredType owningType, Boolean isTopLevel, Boolean isWritingCollection, Action beforePropertyAction, EpmValueCache epmValueCache, EpmSourcePathSegment epmParentSourcePathSegment, DuplicatePropertyNamesChecker duplicatePropertyNamesChecker,
ProjectedPropertiesAnnotation projectedProperties) at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteProperties(IEdmStructuredType owningType, IEnumerable`1 cachedProperties, Boolean isWritingCollection, Action beforePropertie...
...sAction, Action afterPropertiesAction, DuplicatePropertyNamesChecker duplicatePropertyNamesChecker, EpmValueCache epmValueCache, EpmSourcePathSegment epmSourcePathSegment, ProjectedPropertiesAnnotation projectedProperties) at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteComplexValue(ODataComplexValue
complexValue, IEdmTypeReference metadataTypeReference, Boolean isOpenPropertyType, Boolean isWritingCollection, Action beforeValueAction, Action afterValueAction, DuplicatePropertyNamesChecker duplicatePropertyNamesChecker, CollectionWithoutExpectedTypeValidator
collectionValidator, EpmValueCache epmValueCache, EpmSourcePathSegment epmSourcePathSegment, ProjectedPropertiesAnnotation projectedProperties) at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSeriali...
...zer.WriteCollectionValue(ODataCollectionValue collectionValue, IEdmTypeReference propertyTypeReference, Boolean isOpenPropertyType, Boolean isWritingCollection) at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteProperty(ODataProperty
property, IEdmStructuredType owningType, Boolean isTopLevel, Boolean isWritingCollection, Action beforePropertyAction, EpmValueCache epmValueCache, EpmSourcePathSegment epmParentSourcePathSegment, DuplicatePropertyNamesChecker duplicatePropertyNamesChecker,
ProjectedPropertiesAnnotation projectedProperties) at Microsoft.Data.OData.Atom.ODataAtomPropertyAndValueSerializer.WriteProperties(IEdmStructuredType owningType, IEnumerable`1 cachedProperties, Boolean isWritingCollection, Action beforePropertiesAction,
Action afterPropertiesAct...
Can anyone please help me out.
Thanks!
dineshO365,
Is this still an issue?
Thanks!
Ed Price, Azure & Power BI Customer Program Manager (Blog,
Small Basic,
Wiki Ninjas,
Wiki)
Answer an interesting question?
Create a wiki article about it! -
An user as part of the domain users tries to open an office file from a document library but he got an authentication prompt asking him to authenticate. Domain users has only access to this library and not to the whole site. This uses to work in SharePoint
2007 without any problem but not in SharePoint 2013, we didn't have a workflow on SP2007.
Domain users has read access to only this document library in the site, but he shouldn't get an authentication prompt since he is part of the domain users and he is not trying to modify the document, he can open the document but gets two prompts, he can't
also see the list using explorer view since nothings appears using the explorer view.
Now, when opening the file, we can see..Updating Workflow Status, but we don't have any workflow working on this site or library, event any feature related to workflow.
If we go to the event viewer in the server, we find this information,
I also checked this thread but I couldn't find this scenario.
https://social.technet.microsoft.com/Forums/sharepoint/en-US/91bc770b-bb70-4885-a4ad-a243edb88753/event-id-8026-workflow-soap-getworkflowdataforitem-failed-doc-library-no-workflow?forum=sharepointgeneralprevious
I also created another list with the same permissions and using other office files but got the same behavior.
Now, we have migrated this site from SP2007 to SP2013.
Any ideas?OK, I am going to throw out a lot of ideas here so hopefully they get you closer to a diagnosis. Hang on :)
Does it happen to work for some users but not others? If so, try logging in on the "good" computer with the "bad" username. This will tell you if the problem is related to the end-user's system. Also, once the user downloads a document
successfully can they open and work on it in Word? Also, does the document library have any custom content types associated with it or does it just use 'Document'?
I notice that there are other folks on the web that have run into this same problem and the similarity seems to be that they are either on SharePoint 2007 or have upgraded from 2007. Did this doc library start out as a 2007 library?
What you might want to do is this: Make a site collection from scratch in 2013 (or find one that you know was created in 2013). Choose team site (or whatever you want) for the root web and set up the security the same way you have it on the malfunctioning
library. Now, use windows explorer to copy and paste some of the documents to the new location. Be sure you recreate any needed content types. Now test it from the troubled user's computer.
I'm thinking there may be something that is different about the library since it was migrated through various versions and updates since 2007. I've sometimes found that there can be problems (especially with user profiles but that's a different story) with
things that go through this evolution. -
There seems to be quite a bit of confusion over the actual syntax for the user and group filters on the Forms Based Authentication Ldap Role and membership providers.. MSFT isn't really clear and there is a universal confusion in the blogsphere.
I the filters should the prefix be the ACTUAL Ampersand or the HTML token for an AMPERSAND.. I realize the in many cases the blogger might have inadvertently specified the html token when the bare naked ampersand was intended.. The question
therefore is : can a filter be taken directly from and ADSIEdit query and used as a filter or must the filter be made HTML safe by swapping out the AMERSAND with the HTML Token for AMERSAND before putting it into the configuration
for the LDAPRole/membership provider...
All science is either physics or stamp collectingHi GUYO,
I am not quite sure how we implement this on sharepoint side, as I did research and sharepoint may not have this feature to do this.
most of the LDAP for sharepoint may need to follow these steps in this article:
http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
http://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspxhttp://blogs.msdn.com/b/kaevans/archive/2013/01/31/configuring-ldap-for-fba-in-sharepoint-2010-or-sharepoint-2013-with-powershell.aspx
here is an example :
http://blogs.msdn.com/b/sharepoint__cloud/archive/2011/12/20/achieving-fba-with-adlds-amp-sharepoint-2010.aspx
if should this questions was at the ADSIEdit part, perhaps you can help us by opening a new thread at the AD foum
https://social.technet.microsoft.com/Forums/en-US/home?category=windowsserver
Regards,
Aries
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
Whate would be necessary hardware requirement for installation of SP 2013 Enterprise for 3000+ Users. kindly share MS Article on this.
Hi,
In addition, here is the reference for Sizing and Capacity Planning for SharePoint 2013 :
http://blogs.msdn.com/b/sanjaynarang/archive/2013/04/06/sizing-and-capacity-planning-for-sharepoint-2013-resources.aspx
Regards,
Rebecca Tu
TechNet Community Support -
Hi,
We get plenty of error messages:
SPSecurityContext.WindowsIdentity: Could not retrieve a valid windows identity.
No windows identity for domain\user.
Our SharePoint 2010 environment consists of 2 app and 2 front end servers. We have plenty of SPSecurityContext.WindowsIdentity errors in our SharePoint logs. I found that this is related to C2WTS service. We have this service running under Local System account
and only running on both Front-end servers. We are not using Kerberos in our environment.
My question is should this service be configured with domain account even we are not using Kerberos?
Also should this server be started on App sharepoint servers?
Is any other way to prevent those errors?
Thank you,Since local accounts are unable to query the domain, and I suspect that the Local System account uses a virtual local account (as opposed to the computer's domain account), then the same would apply to your C2WTS.
Yes, configure a domain account (DEDICATED, since C2WTS requires some VERY elevated privileges), and the C2WTS will be able to do all of its domain lookups.
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs -
Dunning form F150- Telefon/fax/mail printing for 1 user and not for other
Hello expert,
This is regarding the printing of the dunning form using F150.
At first, using company code and account clerk (BUSAB), we retrieve the user id. The program uses FM BAPI_USER_GET_DETAIL to get the address details of this user id. The user name, telephone and fax adn email are printed in the dunning form (1st reminder, 2nd reminder and so on). The problem here is , the address details are printed on the form for one user and not for the other user who is processing. Any idea regarding this. Do I need to give any user setting parameter in SU01 or is there any authoriztaion issue which is blocking this. Awaiting reply,
Cheers,
BalaI'm having the same problem with Exchange 2003, I can get it to work with Entourage and on my iPhone, but it keeps rejecting my password on Mail.app. If I keep entering the password it starts to update with server, but it won't save the password. IMAP is on for my account which is how it works on iPhone.
I'm starting to think it has something to do with Keychain Access or Mail.app and not so much Exchange Server. If anyone has found a solution please let me know,
Thanks -
Setting up proxies for all users and clearing it on logoff
Hi,
This is an emergency, So any help would be welcomed.
Scenario - I have a lab which is configured with windows 8.1 enterprise 64bit. I created two local account. I want to connect it to our proxy such that its set up for all users and local users would not be able to change it. this way they have to log in
to use the browsers (IE/Firefox/Chrome). Secondly if they logout and log back in, it should require them to re-login to use the browsers. (It looks like its cached by default.
Any idea how to do these, Any suggestions are welcome.
I would Preferably like to script this so that I can run it on all machines.
Thanks
ManojHi,
Could you please have a share with the network environment?
If we are in a domain environment, we could configure the proxy using group policy, but the configuration won't change unless the policy changes.
For the scripting, if you would like to use, we'd better ask in the scripting guys forum for a better help.
http://social.technet.microsoft.com/Forums/scriptcenter/en-US/home
Best regards
Michael Shao
TechNet Community Support -
Which laptop is good to build sharepoint 2013 environment for personal use ?
Which laptop is good to build sharepoint
2013 environment for personal use ?HI Chaitu,It depends on what function of development that you want to do.I suggest to have
a below configuration to work with sharepoint.
Fast CPU!
32 GB of RAM (24 GB minimum, but 32 highly recommended)
500 GB of space
Please find also in the blog to know more about configurations and the installations.
http://expertsharepoint.blogspot.de/2014/07/hardware-and-software-requirements-for.html
Anil Avula[Microsoft Partner,MCP,MCSE,MCSA,MCTS,MCITP,MCSM] See Me At: http://expertsharepoint.blogspot.de/ -
VBS: Add domain user and group to local administrators
I have a piece of VBS code that I have modified that basically adds a specified domain user and group to the PCs local Administrators group. It works on Windows 7, but not on Windows 8 at all.
Call AddUserToGroup("./Administrators", "myDomain.net/NetworkAdminis")
Call AddUserToGroup("./Administrators", "myDomain.net/Domain Admins")
Call addDomainUser("myDomain", "myUserGroup")
Sub AddUserToGroup(local, domain)
Dim objLocalGroup
Dim objDomainGroup
Dim server
For Each server in servers
Set objLocalGroup = GetObject("WinNT://" & local & ",group")
Set objDomainGroup = GetObject("WinNT://" & domain & ",group")
With objLocalGroup
.Add(objDomainGroup.AdsPath)
.SetInfo
End With
Next
Set objLocalGroup = Nothing
Set objDomainGroup = Nothing
End Sub
Sub addDomainUser(strDomain, strUser)
Dim strComputer
Dim objWshNet
Dim objGroup
Dim objUser
Set objWshNet = CreateObject("WScript.Network")
strComputer = objWshNet.ComputerName
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
Set objUser = GetObject("WinNT://" & strDomain & "/" & strUser & ",user")
If Not objGroup.IsMember(objUser.ADsPath) Then
objGroup.Add (objUser.ADsPath)
End If
Set objWshNet = Nothing
Set objGroup = Nothing
Set objUser = Nothing
End Sub
I have debugged the code line by line using VBA's IDE and there seems to be no error condition firing. It executes all lines, but it is not adding the users and groups as it did with Windows 7 and below. The script is being run as local administrator.Hi,
The first step is to comment out your On Error Resume Next line and try again.
Don't retire TechNet! -
(Don't give up yet - 13,225+ strong and growing) -
WinX missing for domain users (Windows Server 2012/R2, Windows 8/8.1)
Hi,
I recently created a discussion about a Winx (Right Click) issue that I have in my environment. For windows servers 2012/2012 R2 and windows 8/8.1, I don't have the right click menu.
I don't use roaming profiles. The workaround is to manually copy the Winx folder for each user who log on but I would like to understand why it doesn't work.
Here is the previous discussion I created.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/4e80c369-242f-47ba-bd22-aafb9b0a6072/winx-missing-for-domain-users?forum=winserverManagement#ab6deeb2-cbcd-4147-a871-4c76d4cb37af
I really appreciate your help.
ThanksHi,
I could not reproduce the issue.
When i log in the Windows Server 2012 with domain user, the WinX folder already exists ans the Right Click is ok.
So you could create a new domain user to check the result.
Regards.
Vivian Wang -
How-to-tick-automatically-adjust-clock-for-daylight-saving-changes-for-domain-users
hi
please help me
I am using windows 2008 as a domain controller with windows XP & windows 7 as a client.
how-to-tick-automatically-adjust-clock-for-daylight-saving-changes-for-domain-users
Thanks in Advance
my mail: [email protected]Some more information would be nice (how many computers are in the domain?), but I think I have what you're looking for.
What you need to do is change a registry key in the client computers. It's located in the registry at
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation
The string name is DynamicDaylightTimeDisabled and the value for this item is
0 (Kind of weird - by entering 0, you're saying "No, I DON'T want to DISable daylight savings time).
Of course, you'll need to deploy this registry information to the clients from the server. There are several ways to do it, but the first one I'd try is to create a registry preference item on the server and deploy it as a GPP.
This link explains how to do this:
http://technet.microsoft.com/en-us/library/cc753092.aspx -
Can I use one itunes account for multiple users and multiple devices
Can I use one itunes account for multiple users and multiple devices?
The iTunes EULA, as I understand it (I'm not an attorney )for Apps is basically that one person can use an App multiple devices, or multiple people can use an App one device..so one to many or many to one, but not many to many....
-
SAB BO 4.1 SP1
Does it have an RESTful API to schedule a Webi report with the parameter to specify a group of users ("Schedule For" to "Schedule for specified users and user groups" with one or more users/groups)?Hello Ricardo,
have you try a call like this one ?
<schedule>
<name>"test"</name>"
<format type=\"webi\"/>
<destination>
<inbox>
<to>userId1,userId2,userId3,groupId1,groupId12</to>
</inbox>
</destination>
</schedule>
Regards
Stephane
Maybe you are looking for
-
Hi I need to avoid extracting the Ids multiple times. That is display first Id for the receipt_no as Primary Id and display the next ocurring ones as associate Ids in one line. There could be more than one associate Ids with one receipt. Any help app
-
Thunderbolt and Hdmi Dual Screen MACMINI problem
Hi there, I have two screens, one connected via HDMI, and another via Thunderbolt, which goes into thru UA APOLLO audio interface's 2nd thunderbolt output, when my Mac Mini starts up it is fine, for around 5 minutes, but then the thunderbolt display
-
Help for Focus problem (gone)
In a JDialog, there is a JButton. Clicking the button to popup a JPopupmenu with a JTree inside. clicking the tree node, the foucs is gone! Please help! Thank you very much! --tc
-
Hi, I have the following question: I have 5 buttons inside a movie clip and i would like to work with the variable IF. For example, if the button 1 is released it plays the main timeline and after finishing, tru the variable if, the timeline is redir
-
My junk filter has too many holes!
My junk mail preferences are set to only accept mail from addresses in my address book. The junk filter catches about 100 pieces of junk per day, but I still get about 15 junk messages daily in my Inbox. Is this normal? How can I get it to work more