Home | Forums | Contact | Search | Syndication  
 
 [login] [create account]   Saturday, November 23, 2024 
 
slxdeveloper.com Community Forums  
   
The Forums on slxdeveloper.com are now retired. The forum archive will remain available for the time being. Thank you for your participation on slxdeveloper.com!
 Administration Forums - Installation
Forum to discuss installing SalesLogix and general installation topics. View the code of conduct for posting guidelines.
Forums RSS Feed


 Back to Forum List | Back to Installation | New ThreadView:  Search:  
 Author  Thread: Customer portal deployment
Alex
Posts: 15
 
Customer portal deploymentYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 17 Mar 09 7:19 AM
Hi,

We are very heavy support ticket users, last year we opened almost 20,000 tickets. We would love to start using customer web portal but there is problem, the SLX security model goes against our corporate policy.

According to deployment guide the IIS server hosting customer portal needs access to Host database via ports 138, 139, 1433 and 1706; the host database resides on our LAN. Even though IIS server sits on the DMZ this architecture will not be permitted on our network. Has anyone looked into alternative setup ? Can Remote Office Server sit on the DMZ next to IIS Server?

Thank you,
Alex
[Reply][Quote]
Mike Spragg
Posts: 1226
Top 10 forum poster: 1226 posts
 
Re: Customer portal deploymentYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Mar 09 4:40 AM
If the system is "internal" then you'll be fine - this doc assumes the system sits outside your LAN. You will be fine with just port 80.
[Reply][Quote]
Alex
Posts: 15
 
Re: Customer portal deploymentYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Mar 09 6:57 AM
We were going to make the portal available on the internet. The security gurus are having an issue with IIS server on DMZ being able to connect to the HOST DB which is on the LAN.
[Reply][Quote]
Bob (RJ)Ledger
Posts: 1103
Top 10 forum poster: 1103 posts
 
Re: Customer portal deploymentYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 19 Mar 09 8:28 AM
I suggest you push your BP to push Sage for an acceptable solution.
--
RJLedger - www.rjlSystems.net
[Reply][Quote]
Carla Tillman
Posts: 290
 
Re: Customer portal deploymentYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 19 Mar 09 10:06 AM
Hi Alex,

A few things (system wise) will be required to connect from a DMZ. Ports discussed after this.

1.) Create a local user on the External server that matches name and password (exactly) of your domain\WebDLL user.
2.) Give the local\WebDLL user all of the required security rights that you would for any SLX web piece. (chk implementation guide)
3.) Install the SLXOLEDB (I prefer to install this as the local\WebDLL to avoid any additional permission issues)
4.) Your Web Site and App Pool must be owned by the local\WebDLL user
5.) Verify the local\WebDLL has full access rights to the Documents and Settings folders. It will need to read and write.


In simple terms: When you are outside of the domain (DMZ) you still need a user with the permissions to talk to the SLX Server that resides inside of the domain. Because you can not pull your domain\WebDLL user over you must make an equivalent user in your DMZ. Then when you need to pass or receive requests: the local\WebDLL user asks for permission to get information from your domain. Your domain (Windows) will run a Name and Password challenge (NTLM) to the user. The DMZ user will present the WebDLL name and password as the and should pass the authentication test if everything matches between the two sides.

Ports

Ports will have to be opened.

1.) 1706 so SLX can talk internally.
2.) 1433 this is for the SQLOLE to talk to the DB internally. 1433 is a default SQL port, but your company may use a different one for security purposes. Your Network gurus should be able to set the appropriate port.

Any other ports opened are for external access according to your web site specifics. (i.e. Port 80 is the default external access port )

I hope this helps!

Carla
[Reply][Quote]
Snow Monkey
Posts: 214
 
Re: Customer portal deploymentYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 31 Mar 09 12:57 PM
Do you use attachments? Do you want your users to upload docs to the ticket? Then you should Open 138/139 or some other incoming ports as well which your admin is not going to allow most probably, In that case , do not release that attachment form.

All the rest of these connectivty issues can be resolved by creating the neccessary Firewall rules.

and remote office server sits in a REMOTE office which is not anyways in the Host office network right?
[Reply][Quote]
 Page 1 of 1 
  You can subscribe to receive a daily forum digest in your user profile. View the site code of conduct for posting guidelines.

   Forum RSS Feed - Subscribe to the forum RSS feed to keep on top of the latest forum activity!
 

 
 slxdeveloper.com is brought to you courtesy of Ryan Farley & Customer FX Corporation.
 This site, and all contents herein, are Copyright © 2024 Customer FX Corporation. The information and opinions expressed here are not endorsed by Sage Software.

code of conduct | Subscribe to the slxdeveloper.com Latest Article RSS feed
   
 
page cache (param): 11/23/2024 1:12:37 AM