Publishing SharePoint with IAG 2007 – Part 3: SharePoint Topologies
In this post I will review several SharePoint topologies and discuss how they influence IAG and AAM settings. For each topology I’ll explain the considerations and provide sample configurations. For complete step-by-step configuration guide, please use this TechNet article.
These topologies are simplification of much more complexed SharePoint topologies that are detailed in this SharePoint article along with IAG network location related to the SharePoint machines.
Publishing a SharePoint Web application – HTTP internal
This is the baseline topology for SharePoint publishing and it is the most common one. In this topology several SharePoint applications may be published from a single IAG trunk, and each application has a unique server and port. It is assumed that HTTPS is used externally outside the corporate network, and HTTP is used within the corporate network.
In order to publish SharePoint in this topology, the applications should be defined on the IAG trunk with a proper public host name, and a new AAM zone should be defined on the SharePoint server to support the external address.
HRPortal Application Settings
|
Web Server Address: HRPortal Web Server Port: 80 (HTTP) Public Host Name: HRPortal.contoso.com Replace Host Header: Empty |
Example for a configuration of such topology:
Semantics for all the drawings:
Grayed – Default configuration that should not be added or changed by the admin
Bold – Configuration that is unique to this topology or requires special attention
Publishing a SharePoint Web application – HTTPS internal
This topology is almost identical to the baseline. The only difference is that HTTPS is used both in the corporate network as well as over the Internet.
Publishing multiple SharePoint Web applications
This topology is also similar to the baseline. The only difference is that one of the applications is published on a non-default port. In this case the port number should be defined in the IAG application, and embedded in the URLs of the AAM zone.
Publishing multiple SharePoint Web applications on a single port
This topology assumes that there are several SharePoint Web applications published on the same port. In this case, the SharePoint server differentiates between the applications using the host header in the HTTP request.
In this topology, IAG is published in a similar manner to the baseline topology. But, there is one thing that is important to remember - when configuring the Web server address in IAG, it is important to put the SharePoint WebApp address (“HRPortal” and “Teams” in this example) rather than the actual SharePoint machine name or IP address so in every IAG application there is a unique Web server address.
Publishing a SharePoint Web application when using identical internal and public addresses
This topology refers to organizations that use the same URL for internal and external access to SharePoint (and usually with other applications), but use HTTP for internal traffic and HTTPS for external traffic. If HTTPS is used both internally and externally no additional configuration is required. In fact, in this case no AAM configuration should be made.
When publishing SharePoint in this topology, IAG has to “signal” to SharePoint that this request has to be replied to with HTTPS links rather than HTTP links. This “signal” is passed by replacing the host header with a bogus host header that is configured in one of the AAM zones.
Publishing a single SharePoint Web application via multiple IAG trunks
In this topology two IAG trunks are publishing the same SharePoint Web applications. Hence the same SharePoint Web application has two different external addresses.
In order to do this, two different AAM zones should be defined on the SharePoint server with two different external URLs.
Comments
Anonymous
January 01, 2003
Hi, The users will be able to reach the xyz server only if you publish both Sharepoint servers. Thanks.Anonymous
January 01, 2003
196 Microsoft Team blogs searched, 100 blogs have new articles in the past 7 days. 243 new articles foundAnonymous
January 01, 2003
Hi, Very informative article. Thanks for taking the time. I was wondering if you can point me to an article that covers using IAG 2007 to publish anonymous Sharepoint content. I am getting ready to deploy an Internet-facing MOSS web application and I'd like to use the filtering available on IAG to increase security. I do not, however, want to delay incoming requests or prompt for authentication. This is a customer-facing portal. Thanks. Radu Gavrila MCSE, MCT, MCTS: MOSS07Anonymous
September 23, 2009
Hi, In Publishing multiple SharePoint Web applications if the site http://teams:81 has some other sharepoint website as a reference in it. i.e. http://xyz:1000 will it work or do we need to publish this as another application in IAG. Thanks, DineshAnonymous
November 04, 2009
I have the same question as Radu and I'd like to disable the hashing.Anonymous
June 30, 2011
The comment has been removedAnonymous
June 30, 2011
Just to add another comment to my previous post. You also need to add a binding on the SharePint site in IIS to port 80 with FQDN "HRPortal-Extranet"