Hoc septimana, I’ve struggled a bit with my team to get MOSS installed in a simple two-server farm. Having gone through it, Habeo enim maius reputabunt problematum genera referre populus forums et alibi in MSDN.
Ultima figuratio firmam:
- SQL / Index / Intranet WFE intra firewall.
- WFE in DMZ.
- Quaedam firewall inter internum et DMZ server.
Ante project started, we let the client know which ports needed to be open. During the give and take, super quod illuc, dixit duo nos nunquam explicite rebus:
- Lorem significet vos postulo testimonium.
- The DMZ server must be part of a domain.
Die una, we showed up to install MOSS and learned that the domain accounts for database and MOSS hadn’t been created. To move things along, we went ahead and installed everything with a local account on the intranet server.
Ad hoc, invenimus confusione super ipsum et Lorem, miserabile, decided to have our infrastructure guy come back later that week to continue installing the DMZ server. Interea, solutione sumus architecti præmitte movetur negotium effercio.
Et it a volutpat vestibulum certifi client obtinet,.
Infrastructure guy ostendit nostrae et invenit quod DMZ cultor est non adiungi alicui dominico (vel perimeter vel area cum limitata confídunt in dominico intranet). We wasted nearly a 1/2 die illa. If we hadn’t let the missing SSL certificate bog us down, we would have discovered this earlier. Oh well….
Alium diem superat, et diversa securitas Suspendisse, quorum interest, et (non ita) Innocens circumstantium conveniunt omnes OK suus ad coniungere cum servo DMZ intranet dominico (hoc est POC, post omnes, non productio solutionem).
Infrastructure guy comes in to wrap things up. This time we successfully pass through the the modern-day gauntlet affectionately known as the "SharePoint Configuration Wizard." We have a peek in central administration and … EM faciatis! … DMZ server is listed in the farm. We look a little closer and realize we broke open the Champaign a mite bit early. WSS services is stuck in a "starting" status.
Longum brevi, it turns out that we forgot to change the identity of the service account via central administration from the original local account to the new domain account. We did that, Re-cucurrit configuration veneficus voila! We were in business.
</finem>
I can almost beat your SSL certificate issue. We had everything created and were ready to extend the web app with SSL (tunc redirect portu 80 in IIS). The administrator had a .cer file ready to go. But NONE of the options or crazy contortions to apply it in IIS will work–Simile collection site pagina exhibet, semper a blank area non esse.
Post multa capita banging, we learned this was caused by the cert request not coming from that server. The administrator simply interrogavit for a cert and was emailed the resulting key. With no private key, the SSL tunnel could not get built between the WFE and the browser. We wasted 1/2 die illa.