SharePoint Server 2007 cross-domain farm topologies

I’ve recently been involved in MOSS 2007 farm topology discussions with a client that was interested in using the Split back-to-back topology. After a lengthy troubleshooting and escalation process we’ve identified some problems with this TechNet extranet farm topology guidance in conjunction with Microsoft Tier 2 support. In short, the TechNet document identifies some supported topologies that span domains, but this incident has raised questions about:

  • The acceptable placement of server roles in those topologies.
  • Supported domain trust directions.
  • Alternate Access Mappings requirements.
  • Picking people from other domains.

This is an account of the relevant issues and the steps that we took to reach our conclusions. Continue reading “SharePoint Server 2007 cross-domain farm topologies”

Custom STSADM command for BackConnectionHostNames

Gary Lapointe recently released a custom STSADM command for setting the BackConnectionHostNames registry key. The relevant Microsoft KB article recommends specifying each host header with the  BackConnectionHostNames key rather than disabling the loopback check, as this check is a valuable security fix. As Gary Lapointe mentions, Spencer Harbar put together some thorough background information on the roots of the fix. Without this command, setup and maintenance can be a bit of a hassle if you have lots of SharePoint applications or lots of Alternate Access Mappings (or if any of this information changes with any regularity). These registry changes need to be made on each web server for any sites with host headers. This includes Central Administration if it’s not configured on <servername:port>. So this could get quite laborious if the farm is fairly large. The UpdateFarm parameter may be particularly helpful in this regard.