I recently came across a need to publish a SharePoint site without authentication – effectively using anonymous access to the site. Its surprisingly complex to set up correctly, especially if you are working with a secure ISA front end.
Share Point Configuration
First, you need to enable anonymous access for the entire web application, for every SharePoint zone. Open the Central Administration site, and select “Application Management”. Now select “Authentication Providers”.
When the Authentication Providers page appears, make sure you are looking at the right web application, then click on each zone, enable anonymous authentication, and click OK. Once all the zones have been configured, the web application will allow anonymous access.
Just because anonymous access is available on the web application, it doesn’t mean its available on the sites! You have to then set up permission on the individual sites.
In order to set the permissions on your site, you either need to go straight to the address:
http://yoursite/_layouts/setanon.aspx
Or go to Site Settings on the Site Actions menu, select “Advanced Permissions” from the “Users and Permissions” column, and then select Anonymous Access from the “Settings” option list.
Once there, simple tick to enable anonymous access!
If SharePoint is directly accessible, then you are done! If, however, you are using ISA server to guard SharePoint, there are a couple more things left to do.
ISA Server
If you are using forms based authentication with ISA, then you need to bypass it for anonymous access! Its not particularly surprising, but there are a few quirks when you set up your new rule and web listener.
First, it needs to be on a different IP address or port, otherwise you can’t create a new web listener.
Second, if you are restricting access to a limited IP address range without authentication … DO NOT SET UP AN EXTERNAL NETWORK. Set up an address range, or all the configuration will fail.
Finally, if you set up a web listener, using the No Authentication option, and set the system to pass authentication through to the client,you must ensure that the option “allow client authentication over HTTP” is also ticked in the “Advanced” options within the Authentication tab on the web listener, otherwise all pages will show a 401 UNAUTHORIZED message if you access them without a username and password!
Recent Comments