Configuring Two Virtual Servers to Host the Same Content (Windows SharePoint Services 2.0)

You can install and configure Microsoft Windows SharePoint Services to allow your server farm to provide the same content to two sites. In this scenario, the content is shared by the two sites, not duplicated. For example, this type of configuration would be helpful when setting up an intranet and extranet configuration or setting up two or more front-end Web servers. This topic discusses configuring virtual servers to share content, using an intranet/extranet deployment as an example, where the first Web server faces the intranet and the second Web server faces the extranet.

Important

This example does not contain explicit information about setting up firewalls or other methods of safeguarding data or resources in an extranet. To set up a more secure extranet, follow the guidelines in the Internet Information Services and Microsoft Windows Server 2003 documentation.

Setting up an intranet/extranet deployment will require configuring both the internal Domain Name System (DNS) and the public DNS. For information about configuring DNS, search for "DNS" in Windows Server 2003 help.

Deploying your extranet Windows SharePoint Services server behind a reverse proxy server, such as Microsoft Internet Security and Accelerations Server (ISA) will require additional configuration to ensure proper operation. The What's New in Windows SharePoint Services 2.0 Service Pack 2 contains information about new features included in Windows SharePoint Services Service Pack 2 that support these advanced configurations.

Note

This is only one of several hosting choices for Windows SharePoint Services. For more information about hosting choices, see "Structuring the URL namespace" in Windows SharePoint Services 2.0 Architecture.

Planning for Scale

You can use the same front-end Web server to host both your intranet and extranet virtual servers, or you can split them across two separate servers. If you anticipate a heavy load on either your intranet or extranet, it is recommended that you use separate front-end Web server for each environment, so that heavy use of your extranet server does not affect the availability of your intranet server and vice versa.

This topic describes the steps to use separate front-end Web servers for each environment. You can also use multiple front-end Web server to host both virtual servers, as in a standard server farm, to reduce potential downtime. For more information about server farms, see Server Farm Scalable Hosting Mode Deployment (Windows SharePoint Services 2.0).

Preparing the Servers

Before installing Windows SharePoint Services, you must first install Windows Server 2003 running Microsoft Internet Information Services (IIS) and Microsoft ASP.NET on your front-end Web servers and have also installed Microsoft SQL Server 2000 or SQL Server 2005 on one computer. For detailed information about preparing your Front-end Web servers for Windows SharePoint Services, see Preparing Front-End Web Servers for Windows SharePoint Services 2.0.

After you have completed the Web server preparation you can set up the back-end database server.

Setting Up the Back-End Database Server

To set up your database back-end server, you must perform the following steps on either one of your Web servers or a stand-alone server computer.

  • Install either SQL Server 2000, Service Pack 3 or later, or SQL Server 2005.

    You can use the Standard, Enterprise, or Enterprise (64-bit) edition of SQL Server 2000 or SQL Server 2005 with Windows SharePoint Services. For more information about installing SQL Server, see the SQL Server 2000 or SQL Server 2005 documentation.

  • Set a strong password for your SQL Server administration account.

    You must know both the administrator user account and password to be able to connect between Windows SharePoint Services on the front-end Web server and SQL Server on the back-end server. It is recommended that you set a strong password for the administration account. If you are using Windows Authentication (recommended), you should use a domain account with permissions to create databases in SQL Server. If you are using SQL Server authentication, the "sa" account should have a strong password. For more information about setting the administrator username and password, see the SQL Server 2000 or SQL Server 2005 documentation.

  • Configure the authentication method for connections between the Web servers and SQL Server.

    For better security in your server farm, it is recommended that you use Integrated Windows authentication, rather than SQL Server authentication, for connections between your front-end Web server and the database back-end servers. Integrated Windows authentication uses a domain account to control access to SQL Server, rather than storing credentials in the registry and passing them across the network as in SQL Server authentication.

The steps for configuring SQL Server differ between SQL Server 2000 or SQL Server 2005, as detailed in the following procedures.

Configure SQL Server authentication method

You must configure your SQL Server installation to work with Windows SharePoint Services. For Windows SharePoint Services to be able to connect to your SQL Server database, it is recommended that you configure the SQL Server database to use Windows authentication.

Enable Integrated Windows authentication for SQL Server 2000

  1. On the server computer running SQL Server 2000, click Start, point to All Programs, point to Microsoft SQL Server, and then click Enterprise Manager.

  2. In Enterprise Manager, click the plus sign (+) next to Microsoft SQL Servers.

  3. Click the plus sign (+) next to SQL Server Group.

  4. Right-click the SQL Server name, and then click Properties.

  5. In the Properties dialog, click the Security tab.

  6. Under Authentication, click Windows only, and then click OK.

Proceed to Grant database creation rights in SQL Server 2000.

Enable Integrated Windows authentication for SQL Server 2005

  1. On your server computer, click Start, point to All Programs, point to Microsoft SQL Server 2005, and then click SQL Server Management Studio.

  2. On the Connect to Server screen, select the name of the local server from the Server name drop-down list.

  3. Select Windows Authentication from the Authentication drop-down list and then click Connect.

  4. In Object Explorer, right-click the server name and then click Properties.

  5. On the Server Properties - <Servername> screen, in the Select a page section, click Security.

  6. In the Server authentication section, select Windows Authentication mode, and then click OK.

Proceed to Grant database creation rights in SQL Server 2005.

Grant database creation rights in SQL Server 2000

If you have used a domain account that does not already have database creation rights in SQL Server, you can give the account this access in SQL Server Enterprise Manager. This is a one-time-only change. After you grant database creation permissions to the account used by the Windows SharePoint Services administration virtual server, this account can create databases for any subsequent virtual servers.

  1. On the server computer running SQL Server 2000, click Start, point to All Programs, point to Microsoft SQL Server, and then click Enterprise Manager.

  2. In Enterprise Manager, click the plus sign (+) next to Microsoft SQL Servers.

  3. Click the plus sign (+) next to SQL Server Group and then click the plus sign (+) next to your SQL Server computer.

  4. Click the plus sign (+) next to Security, right-click Logins, and then click New Login.

  5. In the Name box, type the account in the form DOMAIN\account.

  6. Click the Server Roles tab on the SQL Server Login Properties - New Login.

  7. In the Server Role list, select the Security Administrators and Database Creators check boxes, and then click OK.

After you have completed setting up your back-end database server, you are now ready to proceed with configuring the first front-end server.

Proceed to Configuring the First Front-End Server.

Grant database creation rights in SQL Server 2005

If you have used a domain account that does not already have database creation rights in SQL Server, you can give the account this access using SQL Server Management Studio. This is a one-time-only change. After you have granted database creation rights to the account used by the Windows SharePoint Services administration virtual server, this account can create databases for any subsequent virtual servers.

  1. On your server computer, click Start, point to All Programs, point to Microsoft SQL Server 2005, and then click SQL Server Management Studio.

  2. On the Connect to Server screen, select the name of the local server from the Server name drop-down list.

  3. Select Windows Authentication from the Authentication drop-down list and then click Connect.

  4. In Object Explorer, click the plus sign (+) next to Security.

  5. Right-click Logins, and then click New Login.

  6. In the Login – New screen, in the Login name box, type the account in the form of DOMAIN\accountname.

  7. In the Select a page section, click Server Roles.

  8. In the Server roles list, select the securityadmin and dbcreator check boxes, and then click OK.

Configuring the First Front-End Server

To configure your first front-end Web server, you must perform the following steps.

  • Create a virtual server and configure the authentication method.

    If you are not using the default virtual server in IIS, you must create a new virtual server and map it to the host name of the server that will provide the content. The simplest way to set up a new virtual server is to use the default virtual server in IIS. Whichever method you choose, you must specify the authentication method (Integrated Windows authentication in this case) to use for the virtual server.

  • Install Windows SharePoint Services by using the server farm option and create the administration virtual server and configuration database.

    You must install Windows SharePoint Services on each front-end Web server. Using the Server Farm option allows you to install Windows SharePoint Services without also installing Microsoft SQL Server 2000 Desktop Engine (Windows) (WMSDE). You must also create the administration virtual server and configuration database. You only need to create the configuration database when you configure the first front-end Web server; for subsequent front-end servers you simply connect to the configuration and content databases.

  • Extend the new virtual server.

    Before you can create sites, you must extend the new virtual server and create the content database. When you extend the virtual servers on additional front-end Web servers, you connect to the same content database so that they provide the same site content.

Creating a New Virtual Server and Configuring Authentication

When IIS is configured and ready to work with SQL Server, you can use the Default Web site or create a new virtual server to host your sites.

Note

The default Web Site is configured to use port 80. Creating a new virtual server will require either changing the default Web site’s port to another unused port or adding a host header. If you do not change the port or use a host header, the new virtual server will be unable to start. For additional information, see the IIS 6.0 Documentation.

Create a virtual server

  1. Click Start, point to All Programs, point to Administration Tools, and then click Internet Information Services (IIS) Manager.

  2. In the left-hand column, click the plus sign (+) next to the server name you want to add a virtual server to.

  3. Right-click the Web Sites folder, point to New, and then click Web site.

    The Web Site Create Wizard appears.

  4. Click Next.

  5. In the Description box, type the description of your virtual server, and then click Next.

  6. In the Enter the IP address to use for this Web site list, click All Unassigned or bind to a specific IP address in this list.

    Note

    You can create multiple virtual servers by using IIS Host Headers with All Unassigned or, if you are using Windows SharePoint Services SP2, by creating IP-bound virtual servers.

    Windows Server 2003 allows multiple IP addresses to be assigned to a single network adapter, if necessary. Note that IP-bound virtual servers are not supported in pre-SP2 versions of Windows SharePoint Services.

    Note

    You can create multiple virtual servers by using IIS Host Headers with All Unassigned or, if you are using Windows SharePoint Services SP2, by creating IP-bound virtual servers.

  7. In the TCP port this Web site should use (Default: 80) box, type the port number to assign to the virtual server.

  8. Click Next.

  9. In the Path box, type or browse to the path on your hard disk where the site content will go.

  10. If you do not want to allow anonymous access to your virtual server, clear the Allow anonymous access to this Web site check box.

  11. Click Next.

  12. On the Web Site Access Permissions page, select the permissions to use, and then click Next.

    The default permissions, Read and Run Scripts (such as ASP), are recommended. The Execute (such as ISAPI applications or CGI) permission will be added automatically to the appropriate folders by Windows SharePoint Services.

  13. Click Finish.

Now you can configure the authentication method to use for the new virtual server.

Configure the authentication method for the virtual server

  1. On the first front-end Web server, in Internet Information Services, right-click the virtual server that will be used for the SharePoint site, and then click Properties.

  2. On the Directory Security tab, under Authentication and access control, click Edit.

  3. Select the Integrated Windows authentication check box, and clear all other authentication method check boxes.

  4. Click OK to close the Authentication Methods dialog box.

  5. Click OK again to close the Properties dialog box.

Installing and Configuring Windows SharePoint Services on the First Front-End Web server

You must install Windows SharePoint Services by using the Server Farm option. If you are installing Windows SharePoint Services on Windows Server 2003 R2, perform the steps in Install Windows SharePoint Services with the Server Farm option on Windows Server 2003 R2. Otherwise, if you are installing on Windows Server 2003 earlier than Windows Sever 2003 R2, perform the steps in Install Windows SharePoint Services with the Server Farm option.

If you are using more than one front-end Web server for your intranet sites, you must install Windows SharePoint Services with the Server Farm option on each front-end server. You create the configuration database only once because any additional front-end Web server servers you create will connect to the same configuration database.

Install Windows SharePoint Services with the Server Farm option on Windows Server 2003 R2

  1. Click Start, click Control Panel, and then click Add/Remove Programs.

  2. Click Add/Remove Windows Components.

  3. Scroll down and locate Windows SharePoint Services, select the check box, and then click Next to begin installation.

  4. When prompted, either insert Windows Server 2003 R2 CD 2 and browse to the %drive%\cmpnents\r2\setupsts.exe file or browse to the network location where the Setupsts.exe file is located.

  5. Click Open, and then click OK.

  6. When the installation screen opens, click Server Farm, then click Next.

  7. On the summary page, click Install.

    The installation opens your browser to the Configure Administrative Virtual Server page.

  8. Choose to either use an existing application pool or create a new application pool.

  9. Select either a predefined security account or a configurable security account.

  10. Choose either NTLM or Kerberos authentication in the Security configuration section.

    Note

    Choosing Kerberos authentication will require additional steps if you are using a domain account as the application pool identity for the virtual server. The account must be configured as a Service Principal Name (SPN). You must have domain administrator rights to configure a Service Principal Name (SPN). Refer to the Microsoft Knowledge Base article 832769, How to configure a Windows SharePoint Services virtual server to use Kerberos authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409) for additional information. If network services is used as the application pool identity, no additional step is required.

  11. Click OK.

  12. When the Application Pool Changed page appears, click Start, and then click Run.

  13. Type iisreset and then click OK.

  14. When the command completes, click OK.

    The Set Configuration Database Server page appears.

    Note

    If you are configuring Windows SharePoint Services for scalable hosting mode, do not perform the remaining steps. Instead, specify the configuration database by using the command line utility, stsadm.exe, with the -hh parameter, as directed in Server Farm Scalable Hosting Mode Deployment (Windows SharePoint Services 2.0). However, if you want to use traditional IIS hosting mode, complete the remaining steps.

  15. Type the NETBIOS name of the server running SQL Server 2000.

  16. Type the SQL Server database name or click the check box to use an existing configuration data base.

  17. Select the connection type to use either Integrated Windows or SQL authentication.

  18. Choose the Active Directory Account Creation mode you want to use.

    Note

    This mode cannot be changed at a later time without uninstalling and reinstalling Windows SharePoint Services.

  19. Click OK.

    You will be directed to the Windows SharePoint Services Central Administration page where you can begin configuring Windows SharePoint Services. For more information, see Extending the new virtual server.

Install Windows SharePoint Services with the Server Farm Option

  1. Download STSV2.exe to your computer.

    You can download STSV2.exe from the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=75024).

  2. Run STSV2.exe to extract the installation files.

    This will begin the Windows SharePoint Services installation.

  3. On the End-User License Agreement page, review the terms, and then select the I accept the terms in the License Agreement check box, and then click Next.

  4. On the Type of Installation page, click Server Farm, and then click Next.

  5. On the Summary page, verify that only Windows SharePoint Services will be installed, and then click Install.

    Setup runs and installs Windows SharePoint Services. When the installation completes your browser opens to the Configure Administrative Virtual Server page.

  6. Choose to either use an existing application pool or create a new application pool.

  7. Select either a predefined security account or a configurable security account.

    Note

    This should be the domain account, configured in SQL Server earlier.

  8. Choose either NTLM or Kerberos authentication in the Security configuration section.

    Note

    Choosing Kerberos authentication will require additional steps if you are using a domain account as the application pool identity for the virtual server. The account must be configured as a Service Principal Name (SPN). You must have domain administrator rights to configure a Service Principal Name (SPN). Refer to the Knowledge Base article 832769, How to configure a Windows SharePoint Services virtual server to use Kerberos authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409) for additional information.

  9. Click OK.

  10. When the Application Pool Changed page appears, click Start, and then click Run.

  11. Type iisreset, and then click OK.

  12. When the command completes, click OK.

    The Set Configuration Database Server page appears.

  13. If you are configuring Windows SharePoint Services for scalable hosting mode, do not perform the remaining steps. Instead, specify the configuration database by using the command line utility, stsadm.exe, with the -hh parameter, as directed in Server Farm Scalable Hosting Mode Deployment (Windows SharePoint Services 2.0). However, if you want to use traditional IIS hosting mode, complete the remaining steps.

  14. Type the NETBIOS name of the server running SQL Server 2000 or SQL Server 2005.

  15. Type the SQL Server database name or click the check box to use an existing configuration data base.

  16. Select the connection type to use either Integrated Windows or SQL authentication.

  17. Choose the Active Directory Account Creation mode you want to use.

    Note

    This mode cannot be changed at a later time without uninstalling and reinstalling Windows SharePoint Services.

  18. Click OK.

    You will be directed to the Windows SharePoint Services Central Administration page where you can begin configuring Windows SharePoint Services. For more information, see Extending the new virtual server.

Extending the New Virtual Server

With the administration virtual server and configuration database in place, you can extend the virtual server to host the intranet sites. This document uses the HTML Administration pages to extend the virtual server.

Extend the virtual server by using the HTML administration pages

  1. On the SharePoint Central Administration page click Extend or upgrade virtual server.

  2. On the Virtual Server List page, click the name of the virtual server to extend.

  3. On the Extend Virtual Server page, in the Provisioning Options section, select Extend and create a content database.

  4. In the Application Pool section, select Create a new application pool.

  5. In the Application pool name box, type a name for your new application pool.

  6. Under Select a security account for this application pool, select Configurable.

  7. In the User name box, type the domain account to use for the application pool.

    It is recommended that you use a dedicated account for this account, rather than a user's login account. Also, it is recommended that you use the same account for each application pool that hosts the same content.

  8. In the Password box, type the password for the account, and then confirm it.

  9. In the Security Configuration section, choose either NTLM or Kerberos authentication.

    Note

    Choosing Kerberos authentication will require additional steps if you are using a domain account as the application pool identity for the virtual server. The account must be configured as a Service Principal Name (SPN). You must have domain administrator rights to configure a Service Principal Name (SPN). Refer to the Knowledge Base article 832769, How to configure a Windows SharePoint Services virtual server to use Kerberos authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409) for additional information.

    Note

    No manual configuration step is needed for Kerberos authentication if network service is used as the application pool identity.

  10. In the Site Owner section, in the Account name box, type the user name for the site owner (in the format DOMAIN\account if the account is part of a Windows domain group).

  11. In the E-mail address box, type the e-mail address that corresponds to the account.

  12. In the Database Settings section, enter the following database connection information:

    • In the Database server box, type the server name for your SQL Server.

    • In the Database name box, type the name to use for your content database or use the default content database.

  13. If you want to specify a path for the URL, in the Custom URL path box, type the path to use.

  14. If you are using quotas, select a template in the Select a quota template box of the Quota Settings section.

  15. In the Site Language section, select the language to use.

  16. Click OK.

Configuring the Second Front-End Server

To configure your second front-end Web server, you must perform the following steps.

  • Create a virtual server and configure the authentication method.

    Before you can create sites for your extranet, you must create the virtual server to contain them in IIS, and specify the authentication method to use (Basic authentication with Secure Sockets Layer in this case).

  • Install Windows SharePoint Services in the server farm configuration.

    You must install Windows SharePoint Services on each front-end Web server. Using the Server Farm option allows you to install Windows SharePoint Services without also installing Microsoft SQL Server 2000 Desktop Engine (Windows) (WMSDE). You must also create an application pool for the extranet sites and connect to the configuration database after installation.

  • Extend the virtual server.

    Before you can create sites, you must extend the extranet virtual server. The extranet virtual server is connected to the same content databases as the intranet virtual server, so that they provide the same site content.

    Note

    The default Web Site is configured to use port 80. Creating a new virtual server will require either changing the default Web site's port to another unused port or adding a host header. If this is not done, the new virtual server will not start.

Create a new virtual server

  1. Click Start, point to All Programs, point to Administration Tools, and then click Internet Information Services (IIS) Manager.

  2. In the left-hand column, click the plus sign (+) next to the server name you want to add a virtual server to.

  3. Right-click the Web Sites folder, point to New, and then click Web site.

    The Web Site Create Wizard appears.

  4. Click Next.

  5. In the Description box, type the description of your virtual server, and then click Next.

  6. In the Enter the IP address to use for this Web site list, click All Unassigned or bind to a specific IP address in this list.

    Note

    You can create multiple virtual servers by using IIS Host Headers with All Unassigned or, if you are using Windows SharePoint Services SP2, by creating IP-bound virtual servers

    Windows Server 2003 allows multiple IP addresses to be assigned to a single network adapter, if necessary. Note that IP-bound virtual servers are not supported in pre-SP2 versions of Windows SharePoint Services.

    Windows Server 2003 allows multiple IP addresses to be assigned to a single network adapter, if necessary. Note that IP-bound virtual servers are not supported in pre-SP2 versions of Windows SharePoint Services.

  7. In the TCP port this web site should use (Default: 80) box, type the port number to assign to the virtual server.

  8. In the Host Header for this site (Default: None) box, type the header you want to use, and then click Next.

  9. In the Path box, type or browse to the path on your hard disk where the site content will go.

  10. Clear the Allow anonymous access to this Web site check box, and then click Next.

  11. On the Web Site Access Permissions page, select the permissions to use, and then click Next.

    If other users are allowed to contribute to the site, you must select at least the Read, Write, and Browse check boxes. If your virtual server allows scripts to be run, you must also select the Run scripts (such as ASP) check box. If you want to allow Internet Server Application Programming Interface (ISAPI) applications or Common Gateway Interface (CGI) scripts to be used on your virtual server, you must also select the Execute (such as ISAPI applications or CGI) check box.

  12. Click Finish.

Now you can configure the authentication method to use for the extranet virtual server.

Configure the authentication method for the second virtual server

  1. On the second front-end Web server, in Internet Information Services, right-click the virtual server that will be used for the extranet site, and then click Properties.

  2. On the Directory Security tab, under Authentication and access control, click Edit.

  3. Select the Basic authentication check box, and clear all other authentication method check boxes.

  4. Click OK to close the Authentication Methods dialog box.

  5. On the Directory Security tab, under Secure communications, click Edit.

  6. On the Secure Communications dialog box, select the Require secure channel (SSL) check box, and then click OK.

  7. Click OK again to close the Properties dialog box.

    Note

    You must have a certificate before you can enable SSL. For more information about SSL certificates, see the topics About Certificates and Setting Up SSL on Your Server in IIS 6.0 online Help. For more information about IIS authentication methods, see the topic About authentication in IIS 6.0 online Help.

After you have configured the authentication method, you can install Windows SharePoint Services.

Installing and Configuring Windows SharePoint Services on the Second front-end Web server

You must install Windows SharePoint Services by using the Server Farm option. If you are installing Windows SharePoint Services on Windows Server 2003 R2, perform the steps in Install Windows SharePoint Services with the Server Farm option on Windows Server 2003 R2. Otherwise, if you are installing on Windows Server 2003 earlier than Windows Sever 2003 R2, perform the steps in Install Windows SharePoint Services with the Server Farm option.

If you are using more than one front-end Web server for your intranet sites, you must install Windows SharePoint Services with the Server Farm option on each front-end server. You create the configuration database only once because any additional front-end Web server servers you create will connect to the same configuration database.

Install Windows SharePoint Services with the Server Farm option on Windows Server 2003 R2

  1. Click Start, click Control Panel, and then click Add/Remove Programs.

  2. Click Add/Remove Windows Components.

  3. Scroll down and locate Windows SharePoint Services, click the check box, and then click Next to begin installation.

  4. When prompted, either insert Windows Server 2003 R2 CD 2 and browse to the %drive%\cmpnents\r2\setupsts.exe file or browse to the network location where the Setupsts.exe file is located.

  5. Click Open and then click OK.

  6. When the installation screen opens, click the Server Farm then click Next.

  7. On the summary page, click Install.

    The installation will open your browser to the Configure Administrative Virtual Server page.

  8. Choose to either use an existing application pool or create a new application pool.

  9. Select either a predefined security account or a configurable security account.

  10. Choose either NTLM or Kerberos authentication in the Security configuration section.

    Note

    Choosing Kerberos authentication will require additional steps if you are using a domain account as the application pool identity for the virtual server. The account must be configured as a Service Principal Name (SPN). You must have domain administrator rights to configure a Service Principal Name (SPN). Refer to the Knowledge Base article 832769, How to configure a Windows SharePoint Services virtual server to use Kerberos authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409) for additional information.

  11. Click OK.

  12. When the application pool changed page appears, click Start then click Run.

  13. Type iisreset and then click OK.

  14. When the command completes, click OK.

    The Set Configuration Database Server page appears.

    Note

    The following steps will be using the same configuration database, connection type, and account type used when you setup the intranet (first Web server).

  15. Type the NETBIOS name of the server running SQL Server 2000.

  16. Type the SQL Server database name or click the check box to use an existing configuration database.

  17. Select the connection type to use either Integrated Windows or SQL authentication.

  18. Click Connect to existing configuration database.

    Notice that the option to specify the Active Directory Account Creation option is unavailable. Because this setting was already configured when you created the configuration database, it is not necessary to set this again.

  19. Click OK.

    The Windows SharePoint Services Central Administration page opens, where you can begin configuring Windows SharePoint Services. For more information, see Extending the new virtual server.

Install Windows SharePoint Services with the Server Farm Option

  1. Download STSV2.exe to your computer.

    You can download STSV2.exe from the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=75024).

  2. Run STSV2.exe to extract the installation files.

    This will begin the Windows SharePoint Services installation.

  3. On the End-User License Agreement page, review the terms, and then select the I accept the terms in the License Agreement check box, and then click Next.

  4. On the Type of Installation page, click Server Farm, and then click Next.

  5. On the Summary page, verify that only Windows SharePoint Services will be installed, and then click Install.

    Setup runs and installs Windows SharePoint Services. When the installation completes Internet Explorer will open to the Configure Administrative Virtual Server page.

  6. Choose to either use an existing application pool or create a new application pool.

  7. Select either a predefined security account or a configurable security account.

    Note

    This should be the domain account, configured in SQL Server earlier.

  8. Choose either NTLM or Kerberos authentication in the Security configuration section.

    Note

    Choosing Kerberos authentication will require additional steps if you are using a domain account as the application pool identity for the virtual server. The account must be configured as a Service Principal Name (SPN). You must have domain administrator rights to configure a Service Principal Name (SPN). Refer to the Knowledge Base article 832769, How to configure a Windows SharePoint Services virtual server to use Kerberos authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409) for additional information.

  9. Click OK.

  10. When the application pool changed page appears, click Start then click Run.

  11. Type iisreset and then click OK.

  12. When the command completes, click OK.

    The Set Configuration Database Server page appears.

    Note

    In the following steps, you will use the same configuration database, connection type, and account type that you used when you setup the intranet on your first front-end Web server.

  13. Type the NETBIOS name of the server running SQL Server 2000 or SQL Server 2005 that you used when you setup your first front-end Web server.

  14. Type the name of the configuration database that was created when you setup the first front-end Web server.

  15. Select the Database connection type to use either Integrated Windows or SQL authentication.

    Important

    You must use the same authentication type you used on the first front-end Web server.

  16. Click Connect to the existing configuration database.

    Notice that the option to specify the Active Directory Account Creation option is unavailable. Because this setting was already configured when you created the configuration database it is not necessary to set this again.

  17. Click OK.

    The Windows SharePoint Services Central Administration page opens, where you can begin configuring Windows SharePoint Services. Proceed to Extending the new virtual server to extend your virtual server.

Extending the New Virtual Server

With the administration virtual server and configuration database in place, you can extend the virtual server to host sites. You can use either the command line or HTML Administration pages to extend the virtual server. However, this document uses the HTML Administration pages to extend the virtual server.

Extend the virtual server by using the HTML administration pages

  1. Click Start, point to Programs, point to Administration Tools, and then click SharePoint Central Administration.

  2. Click Extend or upgrade virtual server.

  3. On the Virtual Server List page, click the virtual server you want to extend.

  4. On the Extend Virtual Server page, in the Provisioning Options section, click Extend and map to another virtual server.

  5. On the Extend and Map to another virtual server page, in the Server Mapping section, in the Host name or IIS virtual server name box, select the name of the host or virtual server that you want to use.

    Note

    This will be the name of the virtual server on the first front-end Web server.

  6. In the Application Pool section, select Create a new application pool.

  7. In the Application pool name box, type a name for your new application pool.

  8. Under Select a security account for this application pool, select Configurable.

  9. In the User name box, type the domain account to use for the application pool.

    It is recommended that you use a dedicated account for this account, rather than a user's login account. Also, it is recommended that you use the same account for each application pool that hosts the same content.

  10. In the Password box, type the password for the account, and then confirm it.

  11. In the Security Configuration section, choose either NTLM or Kerberos authentication.

    Note

    Choosing Kerberos authentication will require additional steps if you are using a domain account as the application pool identity for the virtual server. The account must be configured as a Service Principal Name (SPN). You must have domain administrator rights to configure a Service Principal Name (SPN). Refer to the Knowledge Base article 832769, How to configure a Windows SharePoint Services virtual server to use Kerberos authentication (https://go.microsoft.com/fwlink/?LinkID=76570&clcid=0x409) for additional information.

  12. Click Submit.

Creating Sites

After following the steps above, you are ready to create sites for your users. This is the last step in the process for setting up your intranet/extranet server farm. After this step, you can start adding users and managing the sites.

Create a site by using the HTML administration pages

  1. Click Start, point to Administrative Tools, and then click SharePoint Central Administration.

  2. On the SharePoint Central Administration page, click Create a top-level Web site.

  3. On the Virtual Server List page, select the virtual server which will host the new site.

  4. On the Create Top-level Web Site page, in the Web Site Address section, specify the URL and URL path for the new top-level site.

  5. In the Site Collection Owner section, type the site owner's name and e-mail address.

  6. In the Secondary Owner section, optionally provide the secondary owner's username and e-mail address.

  7. In the Quota Template section, optionally select a predefined quota template.

  8. In the Site Language section, select the language template this site will use.

  9. Click OK.

Next Steps

Your server farm is now set up for serving the same content on both an intranet and extranet. You can start adding users and managing sites, or you can perform the following optional, but recommended steps:

  • To allow access to both the intranet and extranet site, the internal and external DNS servers must be configured. For more information about designing and configuring DNS, search Windows Server 2003 Help for DNS.

  • Update the servers with the latest service packs and security patches and follow the security best practices recommended by Microsoft.

  • It is recommended that you help protect your administration virtual server by either using a firewall to block access, or by using Secure Sockets Layer (SSL) for the port. For more information, see Configuring Authentication (Windows SharePoint Services 2.0).

  • As your sites increase in number and size, you will want to be able to add content databases or change connections to the content databases. For more information about content databases, see Managing Content Databases (Windows SharePoint Services 2.0).