Configuring a MOSS environment with single SharePoint box in DMZ (without domain i.e. workgroup) and SQL in a domain
Off late we have seen many SharePoint users looking to setup a MOSS/WSS 3.0 environment with single SharePoint server in DMZ (without domain i.e. workgroup) and SQL in their corporate domain.
This kind of setup is not possible through GUI as when we run the PSCONFIG Wizard it expects the username in “domain Nameuser name” format to connect to the database server.
After installing MOSS, when we run the setup wizard and give “machine nameuser name” and it throws error "The user parameter specified with the configdb command is invalid. The username entered must be the same as the database access account for the server farm you wish to join. Either choose database name".
But this can be achieved successfully through command prompt (STSADM)
To create a config database run below command in MOSS box
psconfig -cmd configdb -create -server SQLServerName -database SP_Config -dbuser <dbuser> -dbpassword <dbuser password> -user <local user> -password <local user password>
[Article: https://technet.microsoft.com/en-us/library/cc263093.aspx ]
- Run “SharePoint Products and Technologies Configuration Wizard” and creat the Central admin on a port number.
- We can create web application on a port with following credentials:
o Application Pool: local user
o Database authentication: SQL Authentication (dbuser) - Also we create site collection.
Configuring Search service
· Ensure that the search service “Office SharePoint Server Search” is running in services.msc with “Local User” account.
· Run the below command
> Stsadm -o osearch -action start -role indexquery -farmserviceaccount <local user> -farmservicepassword <local user password> -defaultindexlocation D:Index_Location propagationlocation D:Index_Location farmcontactemail <Email_id>
> It will say “The search service instance on this server is not online” error. So ran the below command
>> Stsadm -o osearch -action start -role indexQuery -farmcontactemail <Email_id> -farmserviceaccount <local user> -farmservicepassword <local user password>
[Article: https://technet.microsoft.com/en-us/library/cc262920.aspx ]
Creating and Configuring ShareService
Create two web applications on any port (in my case its 91 and 92)
> stsadm -o createssp -title SharedServices1 -url https://MossServerName:91/ssp/admin -mysiteurl https://MossServerName:92/mysite -ssplogin <Local user> -ssppassword <local user password> -indexserver MossServerName -indexlocation d:ISPIndex -sspdatabaseserver SQLServerName -sspdatabasename SSP_DB -sspsqlauthlogin <dbuser> -sspsqlauthpassword <dbuser password> -searchdatabaseserver SQLServerName -searchdatabasename Search_DB -searchsqlauthlogin <dbuser> -searchsqlauthpassword <dbuser password>
[Article: https://technet.microsoft.com/en-us/library/cc262773.aspx ]
Do a full crawl on one of the web application, we would be able do search.
The SharePoint environment is ready; 'BUT' in this kind of setup we have some drawbacks:
· We can not create a MOSS Farm (more than one SharePoint box in DMZ) in the environment. Inorder to confirm if I created another MOSS box and tried the below command
psconfig -cmd configdb -connect -server SQLServerName -database SP_Config -dbuser <dbuser> -dbpassword <dbuser password> -user <local user> -password <local user password>
It gave below error:
"The user parameter specified with the configdb command is invalid. The username entered must be the same as the database accesss account for the server farm you wish to join. Either choose MossServer2Name/<local user> as the user name or choose a different database name."
So we can NOT sclae the SharePoint environment.
· Need to use FBA for SharePoint user authentication, since domain users can not access the site.
· In this setup we cannot have People picker working.
There is possibility that in future this setup may encounter some error, since it is always recommended to have domain account to run the SharePoint services.