Another common scenario!! Today everybody wants to have a internet presence and SharePoint definitely gives a edge when it comes to internet presence.

The common questions that I face day to day is what are the best practice of deploying SharePoint on extranet.

Here are the articles that talks about the same:

The best way to set up this is to have a separate forest deployed in the DMZ. The SQL can be on the internal LAN and the AD in the DMZ will have a one way trust with the internal AD where the DMZ AD will trust the internal AD.

 

Another interesting question that often comes up is how to redirect users based on their login to different sites. Well there is no such feature available in SharePoint out of the box. You can use Target Audience to filter the information on the site, but dynamic redirection is not there.

Well, if you are interested in little bit of programming – it is possible.

Say you have an extranet deployment setup in DMZ. All you need to do is create a form based authentication on the landing page. When user fills up the domain username/ password  in the form, the user is validated from AD via LDAP

(

For validating user using .Net 1.1 please refer to http://support.microsoft.com/default.aspx?scid=kb;en-us;326340

If you are planning to use .Net 2.0 please refer to the MSDN article at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000026.asp) - gives a sample code of how to validate a user from AD.

 

After the user is validated, get the user group membership name from AD and query a SQL table which has the site URL - UserGroup mapping.

When we have this information, it’s easy to redirect the user to the specific URL.

Hope this helps.

 

This posting is provided "AS IS" with no warranties, and confers no rights.