setting up windows authentication/active directory with multi tenancy

Having different OUs per tenant for example let’s say I have an OU called Customers, and within that I have an OU for each of my tenants (Microsoft, Oracle and Apple). Each individual customer OU contains a tenant admin user and then some regular users; thus it is isolated and secured. Here is some references.

http://www.harbar.net/articles/sp2010mt4.aspx

http://ajay555.wordpress.com/2010/10/23/sharepoint-2010-for-hosting-service-providers-multi-tenant-configuration-and-management-made-easy/

http://blog.helloitsliam.com/Lists/Posts/Post.aspx?List=e10cb685-6b5c-4b6c-aaf4-e1d122d57174&ID=10&Web=8fe3252e-9495-44f1-b2e4-dbd7b201440b

http://projectserverblogs.com/?p=4418

2

SharePoint 2010 claims based and mixed authentication

The problem:

Some line of business portals has an issue with multiple authentication techniques because part of the authentication is done through LDAP or any other type of authentication techniques and the other part is done against AD.

The solution:

SharePoint 2010 security is the answer for this because SharePoint 2010 changes authentication in the following areas:

– Uses classic mode and claims based authentication

– Classic mode is SharePoint 2007 style legacy mode

– Claims-based authentication is the new security model

What are the benefits?

– Claims decouples SharePoint from the authentication provider

– Allows SharePoint to support multiple authentication providers per URL

– Identities can be passed without Kerberos delegation

– Allows federation between organizations

– ACLs can be configured with DLs, Audiences and OUs

Claims-Based Terminology

• Identity: security principal used to configure the security policy

• Claim (Assertion): attribute of an identity (such as Login Name, AD Group, etc.)

• Issuer: trusted party that creates claims

• Security Token: serialized set of claims (assertions) about an authenticated user.

• Issuing Authority: issues security tokens knowing claims desired by target application (AD, ASP.NET, LiveID, etc.)

• Security Token Service (STS): builds, signs and issues security tokens

• Relying Party: application that makes authorization decisions based on claims

Multi Authentication: When to Use It:

• Same experience for different class of users

• Single URL instead of doing 2 urls like we used to do in MOSS 2007

• Same experience for same users no matter where they access content from

• Outlook Web Access

• Preferred choice for cross company collaboration solutions

Most of the article taken from presentation by: Brian Culver, MCM, MCPD Solutions Architect Expert Point Solutions.

And here some other useful links:

http://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspx

http://sharepointchick.com/archive/2010/05/06/configuring-claims-and-forms-based-authentication-for-use-with-an.aspx

http://blogs.technet.com/b/steve_chen/archive/2010/09/29/configure-forms-based-authentication-fba-with-sharepoint-2010.aspx

http://spautomaticsignin.codeplex.com/

http://blogs.msdn.com/b/brporter/archive/2010/05/10/temp.aspx

http://www.orbitone.com/en/blog/archive/2010/05/04/sharepoint-2010-mixed-authentication.aspx

give anonymous permission for survey in publishing portal

You have a MOSS Publishing Site, and a Survey, Anonymous access is already enables on the site (and working), But if you enables the Anonymous access for the Survey (with the all available options Add,Delete,Edit,Read ...) its still Not working, and When you navigate to the NewForm.aspx it still asks for Username and Password, solved below


http://social.msdn.microsoft.com/Forums/en-US/sharepointecm/thread/b0c812a2-ee45-4cdb-883e-ce7187d393fb

and for more info about the ViewFormPagesLockDown feature find the link below
http://technet.microsoft.com/en-us/library/cc263468.aspx#section6

and this works with the anonymous permission for DispForm.aspx for any list.

Yahoo Pipes

Yahoo Pipes was launched two years ago and it is provide an amazing way to mash up data from around the Internet. Look at Pipes links below which introduces a step-by-step walkthrough of some of its functionality. Really cool, free and out of the box.

http://arstechnica.com/web/guides/2009/03/yahoo-pipes-getting-started-with-custom-rss-feeds.ars
http://www.ghacks.net/2008/08/13/customize-rss-news-feeds-with-yahoo-pipes/
http://www.jumpcut.com/fullscreen?id=F4396574585311DC87A2000423CF0184&type=clip
http://www.jumpcut.com/fullscreen?id=C086AA92568811DCAB02000423CF381C&type=movie

Application Templates for Windows SharePoint Services 3.0

Application templates are out-of-the-box custom scenarios tailored to address the needs and requirements of specific business processes or sets of tasks in organizations of any size. They also provide a starting point for partners and developers looking to build deeper SharePoint-based solutions. The templates make use of Windows SharePoint Services 3.0 capabilities and are compatible with Microsoft Office SharePoint Designer 2007 to help make customization easier.

from technet.microsoft.com

http://technet.microsoft.com/en-us/windowsserver/sharepoint/bb407286.aspx

SharePoint Designer Workflows

from http://www.endusersharepoint.com/

SharePoint URL Quick List

The following is a list of SharePoint URLs to get to commonly used administrative functions on a SharePoint site. The majority of the URLs require administrator permissions on the site and a few require administrator permissions on the SharePoint server. This is a quick list for speedy reference as compared to tracking down links through the admin screens.

http://www.heathersolomon.com/blog/articles/1116.aspx