SharePoint 2007: Single Sign-on Anomaly - sharepoint-2007

I have a Virtual Machine running the following:
Windows Server 2008
SharePoint 2007
SP1 Exchange 2007
Dynamics Axapta 2009
I have started the Single Sign On Service and configured it properly. Central Administration is running on HTTPS bound to a specific IP address as a new site in IIS. When I click on the link to manage the server in Central Administration for Single Sign On it keeps redirecting to localhost even when typing the complete Uri in the Address bar. Any idea what is causing this behaviour and how to get around it?
I need to configure this for BDC connections.

After a lot of research it turns out that there is no solution or explanation for this happening. I have since rebuilt the virtual environment and configured SSO before creating the SSL sites and doing the IP binding.

Related

SignalR not Responding when Hosted out side of LAN

I have implemented the Stock Tracker Example and the Chat example in my LAN environment and everything is working fine, within the LAN I hosted it on a Windows Server 2008 within IIS as a MVC 4 app with no problems.
I then moved the App to a replica server inside a DMZ which is accessible globally, I tried running the App within the LAN and the Tracker and the Chat became unresponsive. I Also tried doing this from a Samsung Galaxy S3, this site was responsing but triggering the Stock Tracker nothing happens.
Within our LAN it accesses public sites using a NAT, is it possible to use SignalR in this scenario?
If so is there any firewall exceptions I need to make?
Also, is there any IIS configuration elements I need to consider?
This is the first time looking at SignalR and I can't seem to find examples of such setups.
Thanks in Advance...
Installing the latest MVC Libraries via Nuget fixed this. Previously Installed MVC 3 manually on the server via exe downloaded from MS downloads

ServicePrincipleName setup for Web Service on IIS 7

I'm so confused.
Consider the following:
Active Directory environment with a domain called DOM
An IIS 7 box with a NetBIOS name VS1
A DNS record providing an alias for VS1 as pineapple.london.uk.corp
An Application Pool running as DOM\PineappleService
Windows Authentication enabled.
Clients use HttpWebRequest to call the XML/JSON ASP.NET services on the box.
The service calls out to workstations on the network to gather information. This works in development where I use IIS Express which runs as me, since IISX is just an .exe
In production, services work fine, authentication works, but invoking functions that cause the service (running as PineappleService) to access stuff on the network, fails.
I suspect an SPN registration issue but I don't know what SPNs to setup.
Most recently, I've stumbled across this article which seems to say fly in the face of some other articles:
http://blogs.msdn.com/b/webtopics/archive/2009/01/19/service-principal-name-spn-checklist-for-kerberos-authentication-with-iis-7-0.aspx
Note that it says
The SPN requirements remain the same as above. You don't have to add
SPNs like http/ for the Domain1\Username1
unlike in IIS 6.0 (where we had to add an SPN of the form
http/ for the Application Pool identity).
So I don't know what's right anymore. I don't know if I need to register HTTP SPNs or HOST SPNs or use the DNS alias or the NetBIOS name, and set them on the PineappleService account or on the VS1 computer account.
I can't tell if when I try things that there's a slow AD replication issue that means I must wait an hour between trial and error.
It's all so complicated now. I've worked as a sysop and dev for 15 years and I sense the end of domains and workstations and rights and policies. It's all gotten too much.
Thanks for your help.
Luke
This is a cross-post with ServerFault which is getting no answers:
https://serverfault.com/questions/417483/serviceprinciplename-setup-for-web-service-on-iis-

login prompt when opening office document in office moss 2007 only in prod

We have 2003 windows server with moss 2007. We get the windows login prompt when opening 2010 office doc. I removed the http handler verbs from web config but still the site prompts for the credentials. It is a forms auth site with anonymous acccess enabled. Weird part is removing the verbs worked in development but in production it seems removing the verb has no effect. I checked if client integration was enabled in the auth provider. We have SP service pack installed in development not in production. But I am not sure what is going on. I will appreciate any clues.
One solid recommendation is to use a product like Fiddler on the client to see what kinds of things are being requested on the client side. In many cases, the office clients try to reach back to SharePoint to check things like versions, authors, check in/out status, etc. This kind of thing can cause the client to prompt for authentication.

Remote access to Team Foundation Server 2010

We are four developers in different locations (in a 100 km radius of each other) tryint o collaborate on a software development project.
We would like to install Team Foundation Server 2010 on one of our machines (we are all using Windows 7) and use that as our central source code repository and work items management.
However we cannot seem to be able to configure TFS to accept remove connections (through Visual Studio). Is it possible to use TFS in this manner?
TFS is just a bunch of web services and should be set up for remote access out of the box.
Things you'll probably need to configure.
Make sure that the windows firewall is allowing TFS to accept incoming requests on port 8080 (the TFS install may do this for you)
Configure your router to use "Port Forwarding" so that requests from the internet to port 8080 are routed to the machine with TFS installed.
Your ISP probably allocates IP addresses dynamically so you might need to sign up for a Dynamic DNS service such as NO-IP.com. (check which ones are supported by your router)
Once you've done this then you should be up and running.
I'm sure others will suggest that you ditch TFS and use a DVCS such as GIT or Mercurial, they have a point! You should consider if it's worth the effort of getting TFS to work in this way when another system might be easier to get up and running.
TFS works just fine for this type of scenario and whether you use a DVCS or not you're still going to have to configure access. You don't need to set up proxies. TFS is extremely fast even over a slow connection. The 3 things you need to remember if you're not on the same domain as the TFS are:
Have the TFS administrator set up your TFS rights using a domain account set up for you. If you don't have a domain account set one up and use it. If there's no domain then create a workgroup account or a local TFS server account.
Add your domain (or workgroup or local TFS server) account credentials manually to the Windows credential store or TFS will keep bugging you to login and that's a pain. Make sure you include the domain (or workgroup or local machine name) in the user name in this format: MyDomainOrMachineOrWorkgroup\MyUserName. No backslash at the beginning, no backslash at the end.
You need to either use the IP directly to connect or add an entry to your hosts file (C:\Windows\System32\drivers\etc\hosts). For those that haven't ever gone into this file the "etc" is actually the directory name not just me saying "and so on". The entries there tell you that when you type an address like mytfs.mydomain.com it should go to IP such and such. That's all.
#Nigel We have TFS on a remote server with local proxy at my workplace. Our internet connection is quite slow relative to the number of developers on site. TFS has extremely poor performance in this configuration compared to having the server local. Our solutions can be several hundred MB to download (of which there are a few branches). Checking version history is slow and painful. Retrieving shelvesets is slow and painful. Checking in on VS2010 or VS2008 is slow and painful. Fortunately VS2012 does this asynchronously so checking in is not so bad but you will eventually get a modal dialog when the op is complete.
All in all, I would say a poor experience compared to SVN let alone DVCS.
you can use AnyDesk (version 5.2+) which allow you to set up TCP connection between clients.
I used it for connecting my client PC to a Team Foundation Server (TFS) over the internet. The server and client are behind NAT. I set the local and remote ports to '8080' and I can connect to server from client using this address on client: 'http://localhost:8080/tfs/'
Reference: TCP-Tunneling-AnyDesk

How to connect my local SQL Server to our MOSS 2007 site so I can invoke it in my Sharepoint Designer?

I have asked our IT to do it but couldn't do it right away. Is this a difficult procedure for MOSS 2007 admins? I'm curious about the step by step process to accomplish adding other database connections.
I think I may have found a solution to connect to database using SPD 2007, the secret was to avoid what they call “double hop” between machines on a network. This is resolved by using MOSS 2007 SSO (Single Sign-On) whereby it results to just “one hop” during database calls to web servers.
The SSO needs to be mapped by configuring the Application Definition which only server administrators can create and modify, using the browser-based Central Admin UI.
Can you help set this up using Central Admin UI please? Step by step process is described on this link http://blogs.msdn.com/b/sharepointdesigner/archive/2007/08/27/an-introduction-to-single-sign-on-sso-with-data-views.aspx?PageIndex=2#comments
With Single Sign-On, you can connect to an external database, even if it doesn't reside on the same server as your SharePoint site.
http://office.microsoft.com/en-us/sharepoint-designer-help/add-a-database-as-a-data-source-HA010100908.aspx#BM4

Resources