Tuesday, February 9, 2010

Configuring MOSS farm with cross domain WFE and Application Server

Hello there,

Recently we were trying to create a farm where we have a WFE (Web Front End) Server in a domain called Domain 2 and its MOSS Application Server in Domain 1. WFE is used to handle the Internet users whereas Application server is used to handle intranet users.






Here in this blog i will try to explain step by step process that we took in order to achieve the required topology and also will list all the gotchas that we faced. In our farm we used exclusively Windows Server 2008 R2 operating system for the reason that we believe in working on cutting edge. With this being said lets start with the configuration steps.

  1. Our first assumption is that we have two fully functional domains setup with all the required user accounts functional, viz a domain administrator account is needed for the time being at both the domains :)
  2. To Domain 1 add a Server box and install MOSS and SQL Server to it. If required MOSS and SQL server can be also in two different boxes, but we managed with a single box. Here take care that you install the required Servers with domain admin account or else later we would have to update farm administrator and add permissions to SQL Server. (Installation and configuration steps for MOSS and SQL Server are not covered).
  3. Now, establishing domain trust is required. For this purpose go to any of the DC machine and open Active Directory Domains and Trusts. But wait..... before this step go to you TCP/IPv4 properties in Network and Sharing Centre and add the other DNS server ip address in the alternate DNS field. By other DNS server i mean that the DNS server that the other DC is using. In our case we have configured DNS in the same box. Do this for both the DCs. Now in Active Directory Domains and Trusts right click on the listed domain and go to properties. Go to trust Tab and click New Trust. Select the the option mentioning two way trust. It should be noted that we can also create incoming and outgoing trust between domains can be set-up, but to be on the safer side we decided to create two way trust. In the wizard it will ask for domain administrator credentials, provide it and complete the wizard. Now the domain trust is created, we can cross check it by logging in to the other DC and check out the Active Directory Domains and Trust console.
  4. Now on Domain 2 add another box on which we will install MOSS with WFE role. Again in TCP/IPv4 properties of this box put the IP address of Domain 1 DNS in alternate DNS feild. Do the same for MOSS Server box. You will now notice that you can add users form Domain 1 into Domain 2. Add the domain admin (Domain1Admin-- account with which MOSS Server was configured) account of Domain 1 into Administrators group of WFE box. Log out and log in with the Domain1Admin account and start installing WFE role of MOSS in it. After installation run the SharePoint Product and Technologies Configuration Wizard. Select the option Add to an existing Farm. On next step give the SQL server name and click on Find Database button. Now this wizard will populate two thing for you. Config database and the farm administrator account. Verify that the farm administrator account is the account that you are logged in with. click next and finish the configuration wizard. If the wizard fails at step 2 then the possibility is that the Web application owner credentials does not match with the logged in account. Change those credentials from central admin and restart the configuration wizard at WFE end. After completing the wizard open the CA site at WFE.
  5. If the home page of CA shows that the WFE is not configured, go to Operations and Services on Server, there check that the Web Application Services has started on not... it might happen that its on Starting. To resolve this manually stop and start the service using stsadm command.
If you follow these 5 steps you will have fully functioning farm with required topology. Will evaluate the advantage and other challenges faced in functioning of this topology and soon update the blog. So keep checking.......

You can shoot me a mail if you have any queries regarding the blog or suggest any improvements in the blog.

Till then.... Enjoy SharePointing :)

Regards
Juzar Bharmal
MCP (SharePoint 3.0 Configuration and Development)
juzar30986@gmail.com
when going gets tough.... great ones party ;)



2 comments:

  1. Hi - interesting solution but I'm curious about your two separate WFE work since I assume that they have separate DNS names - how is your Alternate Access Mappings configured in Central Admin?

    ReplyDelete
  2. Hi toynn...thanks for your interest ....you are true that both the WFE have different DNS....me and Juzar have not yet set up AAM in central admin as we are stuck up with some other work...will try and set it up....but i dont think there should be any fight in setting that up..... will do it soon and let you know the results.

    ReplyDelete