On SBS 2003, giving external users access to other SharePoint sites within the SBS SharePoint v2 framework was difficult to do. Especially if the external users were not to have access to the root Companyweb SharePoint site.
In SBS 2008, this is no longer the case. When we go to create a new site collection dedicated to a collaborative task, we can set the permissions on that site respective of any other SharePoint site on the SBS 2008 box.
For example, we have a new project collaboration need for our upcoming SBS 2008 Advanced Blueprint book. So, we would create a new site collection on one of our SBS 2008 server and give it the following URL:
- Internet: https://remote.springersltd.com:987/sites/SBS2008AdvancedBlueprint
- Intranet: http://companyweb/sites/SBS2008AdvancedBlueprint
Create Site Collection: SBS 2008 Advanced Blueprint
Now, we need at least 4 user CALs for this particular project dedicated to this task as we are going to give the collaborators a username and password that have been set up for this collaborative task.
Those usernames would be set up with permissions on the new site collection along with any of our internal SBS users, such as mine, and we are good to go. None of the default SBS 2008 SharePoint user groups will be given access to the new site collection. The external users would not be in the default SBS 2008 SharePoint groups either, so no access to the root Companyweb.
Anyone with no need to access the collaborative site will not have access to it. The same is true with the search and any search results for a particular user that does not have permissions to a particular site collection.
Creating a collaborative environment within SharePoint on SBS 2003 was probably one of the more troubling requests we could receive for a single server client site scenario for those that wanted to keep things in-house.
UPDATE: As per Nathan’s comment, the :987/ was missed in the original Internet facing URL. Fixed. Thanks!
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!
2 comments:
Hi Phil,
Thanks for your post. I am looking to do this on my sbs server but by default the companyweb site's interface to the internet is run on port 987. I notice in your blog that you are just running over the standard ports. How do you do this? Is it a case of having a second public IP address on your box and changing the companyweb site to be on that IP? Will this break access from the RWW portal? Obviously if you use this feature for external collaboration, not having to run on port 987 makes things a little easier. Also do you know whether it is possible to turn on some sort of forms authentication on for this so that people go to a nice looking webpage to login rather than just a pop up box?
Nathan,
Good catch ... I missed the :987/sites on the RWW URL!
Philip
Post a Comment