Archive for ‘Authentication’

February 9th, 2010

SharePoint Server 2007 cross-domain farm topologies

by Tristan Watkins

I’ve recently been involved in MOSS 2007 farm topology discussions with a client that was interested in using the Split back-to-back topology. After a lengthy troubleshooting and escalation process we’ve identified some problems with this TechNet extranet farm topology guidance in conjunction with Microsoft Tier 2 support. In short, the TechNet document identifies some supported topologies that span domains, but this incident has raised questions about:

  • The acceptable placement of server roles in those topologies.
  • Supported domain trust directions.
  • Alternate Access Mappings requirements.
  • Picking people from other domains.

This is an account of the relevant issues and the steps that we took to reach our conclusions. read more »

CategoryAuthentication, Consultancy and Design, SharePoint | CommentNo Comments »

Tags: extranet people picker SharePoint 2007 STSADM topology trusts
March 14th, 2009

Windows Time, the PDC Emulator and the VM

by Tristan Watkins

Or… why it’s important to disable Host Time Synchronisation on a domain controller.

A few months ago I reminded myself of a major gotcha when planning a virtual infrastructure. Assume that you run more than one domain in more than one forest and that trusts are in place to authenticate users across those forests. This could be a development/test/staging environment, or as will no doubt be more common in the coming years, it could be a virtualised infrastructure. read more »

CategoryAuthentication, Virtualisation | CommentNo Comments »

Tags: Kerberos PDC Emulator Time Virtual Machine
} catch(err) {}