AnsweredAssumed Answered

Sharepoint 2007 with IIS 6.0 behind an IIS 8.0 Reverse Proxy

Question asked by davidtaieb on Apr 25, 2014
Latest reply on May 2, 2014 by davidtaieb

Hi all,

i have an issue with sharepoint impersonation. The use case is to published sharepoint intranet on Internet.

-> Reverse proxy IIS 8.0 with ARR, protected by webagent 12.52. Rewrite rule is on : rewrite /* from extranet.foo.com to intranet.foo.com (inbound and outbound)

-> Policy server 12.52

-> Sharepoint : IIS 6.0, SHarepoint 2007 on windows 2003 server R2, webagent 12.0 and agent for sharepoint 12.0. Dll SPWindowsImpersonation has been added in web extensions and wilcard mapping (under ISAPI6). ACO for Sahrepoint is configured with SPenableImpersonation=intranet.foo.com:80 and SPImpersonateResponseVarName=UPN (wich refer userprincpalname attribute)

-> user directory : AD for sharepoint and SQL server for the FBA

When a user acces to extranet.foo.com, fba is process. OnAuthAccept rule is configured to put an HTTP Header with UPN to pass in Sharepoint. Authentication is ok (by policy server) but i have a prompt from sharepoint (i guess) because it seems impersonation does'nt work.

Thanks in advance for your help

Outcomes