Monday, October 17, 2011

Alternate accessing mapping issue over internet

SharePoint is quite interesting in terms of its own features, Customization, deployment and disaster recovery. It provides good feature to add different URLs for different zones and allows extending the web application. These feature ultimately reduces the work effort of System/SharePoint Administrators and time as well. At the same time SharePoint needs some basic security configuration to perform all operation successfully. Here I would like to explain the issue and how it was resolved.

I have created a web application and added a custom managed path. The managed path type is explicit(Don’t allow to create more than a instance under this path). Then created a top level site collection under this managed path. The SharePoint portal has been published in the location network and it was working fine. After few day our customer wants to publish the SharePoint portal over internet. For public URL I have taken help from our network/IIS team to create and register the public URL. Finally I got the URL for our SharePoint portal(eg. I have added the public url in the custom zone and done below settings/configuration.
1. Update the host file(:\WINDOWS\system32\drivers\etc) with new host header
2. Updated the virtual directory bindings with new URL and points the default port i.e. 80.
After completing the Alternate access map settings the portal was accessible in the server. Over internet only the portal landing page(Home page) accessible but not any other Site objects (sub sites, document library..) for following reason (1. Custom managed path, 2. Site Redirection). The site objects url not been transferred as expected. Those urls points to the server IP address and port instead public url. Then I realized that the problem in the firewall setting since the Portal is working in the server but not over internet.

Error e.g.
Over internet:

Sub site URL:
Folder URL : http://

In SharePoint server:
Sub site URL:
Folder URL :
Solution :
To rectify this issue I asked ISA expert to verify the ISA setting in the server. Our ISA expert diverted the request from “” to “”. This solved our first issue.
Then we came across another problems
Issue 1:
Some of the url special characters as encoded twice in the URL. So the SharePoint object were not able access over internet.
I have searched for solution over internet then got that “verify normalization” has to be disabled in the server. Our ISA responsible did the changes as requires.
Actually, in this case 'verify normalization' has to be disabling in the server. When the option verifies normalization is enabled, the ISA firewall will escape the URL, then escape it once more. If the second escape attempt results in a string that is different from the first string, the ISA firewall will object and deny the traffic.
Issue 2:
Finally we got another issue that “List operation(Create, Update, delete) not able to perform”. Therefore during the data modulation in the list user gets 500 server internal error and the operation goes incomplete.
Error description:
Page: 500 Server internal error. The space character in the URL has encoded twice. For e.g. (http://sitecoll/lists/test%2520/displayform.aspx?ID=10). The Space(%20) has encoded twice there the url has %2520
Solution2 :
There was some issue with WebResource.axd. It was not allowed from external. Then ISA responsible did the settings to allow WebResource.axd from external.
Now our site works as expected.
Happy working with SharePoint issues.