This was an issue that I came across and took the longest time to figure out. Because of the solution to this I thought that it would be beneficial for others to know, and hopefully would help you folks out there. Let's set the stage...
You've a publishing site and social networking site that you are setting up as your intranet. You set up the web applications for each to be accessed via http when inside the network (Default zone). You then add an Alternate Access Mapping to use the Extranet zone to access this site via https. So the internally accessible (Default Zones) URLs are http://portal-internal/ and http://mysites-internal/, while the externally available (Extranet Zones) are https://portal-external/ and https://mysites-external/.
With the above setup, go into the http://mysites-internal/ and create a My Site for yourself. Add a picture, text, etc. Make it look nice and pretty.
Now, after the information is cycled through the system (via timer jobs), go into the portal site via the Extranet Zone link - https://portal-external/ as a user that has access to setting up security. In my testing I'm actually going in as a Site Collection Administrator. When you go into People and Groups and find your name in the list, this actually pulls additional information from your My Sites profile. Here's where the issue hits: the picture's URL source is actually pointing to the Default Zone address. In our example, that's via http. Since we're on the portal side via https, this causes the Security Information window to pop up (cause you're trying to view a mixed secure and non-secure page). This is totally annoying! Now, for what seems to be the cause...
Head over the the Web Application's Shared Service Provider Web Administration Site. From the displayed Shared Services Administration Home Page click the My Site Settings link under the User Profiles and My Sites section. Note the Preferred Search Center and Personal Site Provider fields. These are valued with the Default Zone URLs. Changing these to anything else, no matter what other Alternate Access Mappings you have, results in these fields still retaining the Default Zone URLs.
So, what does this mean? It means that if you have AAMs, and there's https and http between the Zones, you'll get this pop-up dialog when looking in the People and Groups area. Oddly enough, I didn't get it when doing a People Search.
The resolution for me, at least in this case's implementation, I made the Default Zone https, and removed the http so the sites could only be accessed via the Default Zone URL.
Now, YMMV, but I was able to duplicate this a bit.
If anyone's come across something different that resolves this issue I'd love to hear.
Thanks! - M
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment