Esta semana, I’ve struggled a bit with my team to get MOSS installed in a simple two-server farm. Having gone through it, Teño unha maior valoración para os tipos de problemas que as persoas relatan foros MSDN e noutros lugares.
A configuración final granxa:
- SQL / Index / Intranet WFE dentro do firewall.
- WFE na DMZ.
- Algún tipo de devasa entre o servidor interno e DMZ.
Antes de comezar o proxecto, we let the client know which ports needed to be open. During the give and take, adiante e cara atrás ao longo dese, nunca dixo explícitamente dúas cousas importantes:
- SSL significa que precisa dun certificado.
- The DMZ server must be part of a domain.
O primeiro día, we showed up to install MOSS and learned that the domain accounts for database and MOSS hadn’t been created. To move things along, we went ahead and installed everything with a local account on the intranet server.
Neste punto, descubrimos a confusión sobre o certificado e SSL, tristemente, decided to have our infrastructure guy come back later that week to continue installing the DMZ server. Nese medio tempo, nós, arquitectos de solucións avanzou co material de negocios.
Un fin de semana pasa e que o cliente obtén o certificado.
Nosa infraestrutura cara aparece e descobre que o servidor DMZ non está asociado a calquera dominio (ou un dominio de perímetro con confianza limitada ou o dominio intranet). We wasted nearly a 1/2 día en que. If we hadn’t let the missing SSL certificate bog us down, we would have discovered this earlier. Oh well….
Outro día pasa e as distintas comisións de seguridade, partes interesadas e (non tan) inocentes todos coinciden en que non hai problema en unirse ao servidor DMZ co dominio intranet (este é un POC, ao final, non é unha solución de produción).
Infrastructure guy comes in to wrap things up. This time we successfully pass through the the modern-day gauntlet affectionately known as the "SharePoint Configuration Wizard." We have a peek in central administration and … Yee haw! … DMZ server is listed in the farm. We look a little closer and realize we broke open the Champaign a mite bit early. WSS services is stuck in a "starting" Estado.
Longa historia curta, it turns out that we forgot to change the identity of the service account via central administration from the original local account to the new domain account. We did that, re-foi o asistente de configuración e listo! We were in business.
</final>
Rexístrate para o meu blog.