.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Kerberos SPNs and using an fqdn different than AD domain for SP2010 URLs

Posted By:      Posted Date: October 18, 2010    Points: 0   Category :SharePoint

Best laid plans go awry... Our AD domain is us.domain.com but management now wants to use domain.com for all URLS (e.g. Intranet, My Site, ReportServer). Internal DNS is all set up for the domain.com zone (which happens also to be our external DNS domain name) because we already use domain.com internally for some other servers.

We will be using Kerberos. My understanding is that Kerberos requires the real fqdn of computer based on domain membership. Should we just set up our host headers and Kerberos SPNs normally using the us.domain.com fqdn and then use AAM for the domain.com URLs?





View Complete Post

More Related Resource Links

AutoGenerateSelectButton="False" ignored when using Domain Service


Crosspost from RIA Services forum: http://forums.silverlight.net/forums/t/196466.aspx

I'm creating a Dynamic Data application in VS2010 and have recently switched to using a Domain Service to give greater control over the data presented to the client. I've noticed that the AutoGenerate<Action>Button attributes on my GridView are being ignored. The presence of the Edit and Delete buttons appear to be contingent on the existence of Update and Delete methods on the partial classes autogenerated in the Domain Service, but i'm not seeing how to control the generation of the Select button. Is there a way to control this from within the Domain Service class?

Dynamic Data, Domain datasource, Poco and lookups


Mr. Edward,

Excuse my question but: it is necessary to involve in our projects something more than just Dynamic Data or should we make use of all other features available in VS2010 (which will make assume taht they had been left out of the Dynamic Data framework) like: wef, poco, azure, wcf, cloud, mvc, silverllight, ajax, odata, agile, workflow, etc.?

Sorry my ignorance, I'm just transcribing names as they come to my mind and of which I don't know anything about


Carlos Porras (El Salvador)

Pass ASP.NET membership identity object across domain?


I am trying to figure a way to SSO with ASP.NET membership and role model.

I can implement custom membership provider which consume web services hosting on a server.

With encryption of data. No problem.

But my question is, If I sign on a website with my provider, got my identity object on that application,

could I pass it to another website on another domain which use the same provider and by doing so, do not need to login again?

If this is possible, I am going to implement this solution. Please tell me what's your take on this.

How do I preserve __viewstate between cross domain posts or how do I get a __viewstate of a Remote S


Here is what I want to do:
I have a local site in which I want to display data from a remote site
Lets say: I want to display data of http://www.abc.com/Default.aspx on my localhost

Now Default.aspx requires some post-data which it sends to itself. Thus the __viewstate and __eventvalidation are posted back to it by itself. I want to directly post the data to Default.aspx from localhost without opening Default.aspx and display the Default.aspx's response on my localhost.

The WebApp on http://www.abc.com is configured for __eventvalidation i.e. I cannot post-data to it from my localhost without getting a __viewstate from it. I also have to post the current __viewstate of http://www.abc.com/Default.aspx to itself

How can I accomplish it?

How to authenticate local user usin ldap or non domain authentication



I created one application, and I need to authenticate local user. This user is the user who is login to his/her Personal Computer.. Main thing his that he/she does not in any DOMAIN... I want NON-DOMAIN authentication.. any how.... please help...

Patterns in Practice: Internal Domain Specific Languages


Jeremy Miller explains how internal Domain Specific Languages can help you craft code that is easier to read and write. His bag of tricks to improve your programming includes extension methods, fluent interfaces, object extensions and use of the semantic model.

Jeremy Miller

MSDN Magazine January 2010

Domain Models: Employing the Domain Model Pattern


In this article, we'll go through the reasons to (and not to) employ the domain model pattern, the benefits it brings, as well as provide some practical tips on keeping the overall solution as simple as possible.

Udi Dahan

MSDN Magazine August 2009

Best Practice: An Introduction To Domain-Driven Design


We give you a gentle introduction to designing and evolving rich domain models as part of integrating Domain-Driven Design (DDD) into your coding efforts.

David Laribee

MSDN Magazine February 2009

Inside MSDN: Designing URLs for MSDN2


This is the first installment of a new column about MSDN® projects: what we're doing, how we're doing it, and what we're learning along the way. It will be written by MSDN staff with the goal of sharing the team's experiences in solving the real-world business problems MSDN faces.

Tim Ewald

MSDN Magazine February 2005

Security Briefs: Exploring S4U Kerberos Extensions in Windows Server 2003


Building Web sites that provide services external to the corporate firewall is tricky. Usually it's not desirable to grant corporate domain accounts to external clients, and from a purely practical standpoint Kerberos does not work well over the Internet due to the typical configuration of client-side firewalls.

Keith Brown

MSDN Magazine April 2003

ASP.NET Proxy Page - Used for Cross Domain Requests from AJAX and JavaScript

The article ASP.NET Proxy Page - Used for Cross Domain Requests from AJAX and JavaScript was added by Aamir Hasan on Thursday, August 19, 2010.

One of the pain points with developing AJAX, JavaScript, JQuery, and other client-side behaviors is that JavaScript doesn't allow for cross domain request for pulling content. For example, JavaScript code on www.johnchapman.name could not pull content

FAST Search for SP2010 scope setting works but not getting results.



I am trying this from last two days , but it does not work. I have created two scopes for FAST Search Query SSA , they appear in search center , but I am not getting any results back. I see them being fired in the FAST query log.

First one is a simple one:

New-SPEnterpriseSearchQueryScope -SearchApplication "FAST Query SSA" -Name DCO -Description "All DCO Documents" -DisplayInAdminUI 1 -ExtendedSearchFilter "ContentSource:DCO"

Content source is a managed property. and i can just query "contentsource:dco" from the text box which gives me results.

When I fire the query i see it in FAST Search query log

"GET /cgi-bin/search?qtf_keyword:context=ssgid%3a%3a4d020606-8532-45d8-b09a-db11283cccb4%7cSPS-Location%3a%3a%7cSPS-Responsibility%3a%2c%3a%7c&rpf_navigation:hits=50&rpf_navigation:enabled=True&spell=suggest&qtf_parsekw:timezone=10&type=kwall&qtf_teaser:dynlength=185&resubmitflags=8192&language=en&query=CASHIERING&sortby=%2bdefault&qtf_lemmatize=True&offset=0&version=

Kerberos between MOSS 2007 and SSAS 2005


I realize this is probably going to be one of those vague questions that I am not going to get much help on here, but I thought I'd give this a shot before we go the MS Incident route on monday.

We have tried to setup Kerberos between MOSS 2007 AND SSAS 2005 to no avail.  We have been through the knowledge base articles outlining the setup multiple times with all the experts on MOSS and Security here where I work.  We've used other materials we have on kerberos here.  But the end result is that the double hop is not happening.  We are trying to connect three ways: excel services, ssrs 2005 in integrated mode, and Sharepoint KPI's (using analysis services).  In every case the connection is not happening.

Other details are that the ssrs integrated mode seems to be setup right because I do get a report (albiet all it has is a connection error message).  Excel services works fine if I use the unattended service account, but when I switch the odc file to windows (should cause kerberos to kick in) it fails.  When I try to add a kpi to the kpi list it can't retrieve a list of kpi's from ssas.

In all cases I am the user trying to perform these operations, and I have total access to the cube -- I'm the developer.  I have no problems connecting to the cube directly through excel, so the security at that end passes t

WSS 3.0 using new domain



I have currently a WSS 3.0 server  (internal DB/Single Farm) running for our intranet and I use http://intranet/ to access it. Everything works fine, authentication, permissions etc.


However, I've forwarded our external domain http://beta.somedomain.com/ to IP address of our Intranet. The intranet loads fine but its just that sometimes the authentication box would pop up asking me to authenticate, sometimes it is successful and sometimes its not, even when using correct credentials.

I am assuming it has something to do with new domain and the way it tries to authenticate with AD as it uses beta.somedomain.com\username instead of ActiveDirectoryName\username


So whats the best way to add an external domain to work without any problems? I have set up "Alternate Access Mapping" and my configuration is such:

Internal URL                                      Zone                               

Moving SharePoint 2007 from Domain to a Workgroup


For development purposes, we have SharePoint 2007 installed on a virtual server (Wind 2003) on a company desktop (Vista Business ed.).  The SharePoint is using Active Directory and company domain. For learning purposes, we want to copy the virtual machine on another Vista machine that is outside the domain and is not using AD:

Question 1 : How can we move the SharePoint from a domain to a Workgroup
Question 2: Is it possible to still be able to use emails (through local installation of Outlook) on the same computer that is not on the domain? If, yes, what are the possibilities (any articles on it? Etc.)?


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend