The subject of using SharePoint as an Extranet has come up in conversation a few times recently and I was wondering if the community pursue this option in their Farms? We used a very cool Extranet tool called Extradium on SP24, but I know there are other options out there (such as doing your own Forms Based auth). I am really interested to see how you do it? If you do extend SharePoint to your partners do you go for a completely separate Farm running SP Foundation? We also offer a solution to help manage third-party risk so would love to hear your thoughts on that.
Yes, strangely not widely known. That’s such a huge benefit for using SharePoint online now.
Details here on external sharing:
I don’t think you could open it up to thousands(!) but for most companies, it would work out quite well. Though I don’t see any restrictions on it from Microsoft.
Sorin,
If you’re looking for Facebook authentication, take a look at BeezLinx (www.beezlinx.com and www.beezlinx.net ). Although the main site only allow you to sign in with LinkedIn or Yammer, once you have created your site, you can enable Facebook authentication for your users. The platform is currently available as a SaaS application, but will be available soon as an on-premises solution as well.
Contact me directly if you want more information.
Hi Mark,
I’ve used the Extradium, codeplex and few other solutions. I’ve used MS ISA server with the AD logins for a client based on their needs. Below is a version 1.0 of my blog post on this topic that gives a high level overview.
Primer on SharePoint Hosting for External Collaboration
Â
Regards
Faisal Masood
Â
Mark,
I have done it a couple ways. Depending on the requirements and security provided by the environment or policies therein.
One approach was to create another farm on a different domain and allow a one way trust from extranet to intranet. That way the Extranet farm will trust the accounts used from the intranet. All intranet accounts could get you into the extranet but the extranet accounts cannot get you into the intranet. THIS will also require another License for your extranet farm as well as extra Hardware and software requirements
Another approach used were to extend the web application. So in one aspect contoso.com:1111/ and contoso.com:2222/ all point to the same application with different security measures. You will call 1111 intranet and 2222 extranet. This can also be used to get around certain STIG requirements. So one instance you could allow anonymous login for the intranet site and Kerberos for the extranet. This allows users to use the CAC Card if typing the extranet address that can be accessed by outside of your domain users and also allowing access to the intranet only for internal users. There are a lot of configurations used to make this happen that involves how your network is configured as well. With extending the web application you will not need an extra license and also will not need any extra hardware or software than what you have.
Another way is to use an external site such as intelink and other sites that allow you to host SharePoint on their servers. The problem with this is that you have no control of maintenance of the servers and sometime limited to size of what you put out there. If you don’t have a lot of information for your extranet then this will be a great option. Again no license or software/hardware needed.
External users can access to SharePoint through ISA server as Jason said. We have developed an app (m1-Share) which enables users to access SharePoint outside the organization. You can check the app details at m1-share.com. Do let me know your feedback.
