I have configured load balancing for SharePoint through ISA.
My second thought was "How can I check what's wrong with specific SharePoint IIS site if I can't trace where I have been redirect?"
Solution is to set the specific setting on the web server box itself.
Every time you log into a web server and navigate to central administration or web application using the same url as all users do, you will be redirected to specific local IIS site.
In order to achieve:
1. Change the host file:
C:\Windows\System32\drivers\etc\host
Add the following:
{ip the web server} {host name for CA}
{ip (second) for the web server } {host name for a web app}
2. Required if you setup https with certificates on ISA and want to set HTTPS between ISA and WFE
(Refer to the post Simple concept: How to add SSL certificate)
In case AAM has public url as https, you need to implement https on the local IIS (since you local request will not reach ISA with SSL certificates installed there),
Put the address that you have specified in the host file on the previous step, select the corresponding SSL certificate (the host name for web app should be exact the same as it is in SSL certificate)
ATTENTION: You can skip this step if you configure ISA HTTPS between a user and ISA and HTTP between ISA and WFE (ISA: How to redirect HTTP to HTTPS, How to set SSL Certificate)
3. The last but not least.
When you try to navigate using the hostname that you put in host file you likely to get the error:401 (Logon Failure: Reason: An error occurred during logon)
To overcome this issue:
You need to register your host names for local IIS Site (BackConnectionHostNames):
Restart the IISAdmin service
My second thought was "How can I check what's wrong with specific SharePoint IIS site if I can't trace where I have been redirect?"
Solution is to set the specific setting on the web server box itself.
Every time you log into a web server and navigate to central administration or web application using the same url as all users do, you will be redirected to specific local IIS site.
In order to achieve:
1. Change the host file:
C:\Windows\System32\drivers\etc\host
Add the following:
{ip the web server} {host name for CA}
{ip (second) for the web server } {host name for a web app}
2. Required if you setup https with certificates on ISA and want to set HTTPS between ISA and WFE
(Refer to the post Simple concept: How to add SSL certificate)
In case AAM has public url as https, you need to implement https on the local IIS (since you local request will not reach ISA with SSL certificates installed there),
Put the address that you have specified in the host file on the previous step, select the corresponding SSL certificate (the host name for web app should be exact the same as it is in SSL certificate)
ATTENTION: You can skip this step if you configure ISA HTTPS between a user and ISA and HTTP between ISA and WFE (ISA: How to redirect HTTP to HTTPS, How to set SSL Certificate)
3. The last but not least.
When you try to navigate using the hostname that you put in host file you likely to get the error:401 (Logon Failure: Reason: An error occurred during logon)
To overcome this issue:
You need to register your host names for local IIS Site (BackConnectionHostNames):
KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
Restart the IISAdmin service
No comments:
Post a Comment