In Sharepoint 2010 you can share service in different Farm they called it Cross-Farm Service application.
Sharing services is no longer exclusive to SharePoint Server, and services are no longer contained in Shared Services Providers (SSPs). In more details refer to this article http://technet.microsoft.com/en-us/library/cc560988.aspx.
You need to set the trust between farm before cross-farm service is enabled http://technet.microsoft.com/en-us/library/ee704552.aspx.
Exporting and copying certificates
An administrator of the consuming farm must provide two trust certificates to the publishing farm: a root certificate and a security token service (STS) certificate. An administrator of the publishing farm must provide a root certificate to the consuming farm.
You can only export and copy certificates by using Windows PowerShell 2.0.
To export the root certificate from the consuming farm
On the Start menu, click Administrative Tools.
- Click SharePoint 2010 Management Shell.
- At the Windows PowerShell command prompt, type each of the following commands:
- Copy Code
$rootCert = (Get-SPCertificateAuthority).RootCertificate
$rootCert.Export("Cert") | Set-Content <C:\ConsumingFarmRoot.cer> -Encoding byte
Where <C:\ConsumingFarmRoot.cer> is the path of the root certificate.
To export the STS certificate from the consuming farm
At the Windows PowerShell command prompt, type the following commands:
- Copy Code
$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate
$stsCert.Export("Cert") | Set-Content <C:\ConsumingFarmSTS.cer> -Encoding byte
Where <C:\ConsumingFarmSTS.cer> is the path of the STS certificate.
To export the root certificate from the publishing farm
- On the Start menu, click Administrative Tools.
- Click SharePoint 2010 Management Shell.
- At the Windows PowerShell command prompt, type the following commands:
- Copy Code
$rootCert = (Get-SPCertificateAuthority).RootCertificate
$rootCert.Export("Cert") | Set-Content <C:\PublishingFarmRoot.cer> -Encoding byte
Where <C:\PublishingFarmRoot.cer> is the path of the root certificate.
To copy the certificates
- Copy the root certificate and the STS certificate from the server in the consuming farm to the server in the publishing farm.
- Copy the root certificate from the server in the publishing farm to a server in the consuming farm.
Managing trust certificates by using Central Administration
You can manage trusts on a farm only after the relevant certificates have already been exported and copied to the farm.
To establish trust by using Central Administration
- Verify that the user account that is performing this procedure is a member of the Farm Administrators SharePoint group.
- On the SharePoint Central Administration Web site, click Security.
- On the Security page, in the General Security section, click Manage trust.
- On the Trust Relationship page, on the ribbon, click New.
- On the Establish Trust Relationship page:
- Supply a name that describes the purpose of the trust relationship.
- Browse to and select the Root Authority Certificate for the trust relationship. This must be the Root Authority Certificate that was exported from the other farm by using Windows PowerShell, as described in Exporting and copying certificates.
- If you are performing this task on the publishing farm, select the check box for Provide Trust Relationship. Type in a descriptive name for the token issuer and browse to and select the STS certificate that was copied from the consuming farm, as described in Exporting and copying certificates.
- Click OK.
After a trust relationship is established, you can modify the Token Issuer description or the certificates that are used by clicking the trust, and then clicking Edit. You can delete a trust by clicking it, and then clicking Delete.
No comments:
Post a Comment