Figure 1: .NET Framework 3.0 installation
Figure 2: Standalone Setup option
After installing Sharepoint services 3.0 it should be possible to open the default Sharepoint Team site. It is now up to you to create custom Sharepoint sites which you want to use internally or with ISA Server publishing over the Internet.
Figure 3: .Default Sharepoint Services website
Specify the Title and the URL location for the Sharepoint Team Blog website.
Figure 5: Creating the Sharepoint Blog site
After successfully creating the Sharepoint Blog site, you can open the website by specifying the correct URL
Figure 6: The new Sharepoint Blog site
Figure 7: Alternate access mapping
Specify the external website URL in the Internet section on the Public Zone URLs.
Figure 8: Edit Public Zone URLs
After that, the Sharepoint part is done and we have to configure ISA Server 2006.
Figure 9: Installing IIS 6 Resource Kit
SELF SSL is a command line tool used to create a certificate.
Figure 10: Using SELFSSL
SELFSSL has several options for creating certificates. Executing SELFSSL with /? will show you the available options.
Pay special attention to the /V: parameter. The /V: parameter specifies the lifetime of the certificate in days!
After creating the certificate, you have two ways to bring the certificate to the other ISA Server node which is already a member in an ISA NLB cluster:
0.Export the certificate with a private key from the first node.
1.Create a new certificate with the same settings on the second node.
Figure 11: Certificate MMC
For the example in this article we export the certificate from the first node, move it to the second node and import it into the local computer certificate store.
Figure 12: Import the PFX file into the local computer certificate store
Because we are using a self signed certificate, we have to import the self signed certificate into the Trusted Root Authority store on both ISA server nodes.
- Open the ISA MMC and create a new Sharepoint publishing rule with the help of the wizard.
- Name the rule.
- Select Publish a single Web site or Load balancer.
Figure 13: Publish a single website or Load Balancer
In this example we are not using SSL from the ISA Server to the Sharpoint services Server.
Figure 14: Use a non secured connection to connect to the SPS Server
Figure 15: Specify the internal site name
In the Public Name Details accept requests only for the domain name sps.it-training-grote.de.
Figure 16: Public Name details
Create a new Weblistener, name the Weblistener and select Require SSL secured connections with clients.
Figure 17: Use SSL for accessing the ISA Server from the client
Figure 18: Specify the External Weblistener
In the Listener SSL Certificates section, select the issued certificate.
Figure 19: Listener SSL certificate
As the Authentication option, select HTML Form Authentication and Windows (Active Directory) as the Authentication provider.
Figure 20: Select the Authentication method
Do not enable SSO. For this article we select NTLM as the Authentication model.
Figure 21: Specify Authentication method
Figure 22: Alternate Access Mapping configuration
ISA Server 2006 can limit who can access the published server. It is possible to limit access to specific users or user groups. For this article we select the predefined All Authenticated Users set.
Figure 23: Specify User Sets
After ISA Server publishing has finished, you can try to access the published website, and if everything is configured correctly, you should see a website like this in the following picture.