Will this deployment scenario work? RRS feed

  • Question

  • I have what may be a unique deployment scenario for SP 2013, and I am hoping this will work.

    Server A -> Externally facing internet web server to host SharePoint 2013.  In front of Firewall so external users can access it, but DOES NOT participate in the company Active Directory.

    Server B -> SQL 2012 server to host the SP configuration database.  Located in a private DMZ behind the firewall, and it DOES participate in the company AD.

    I installed SP2013 on Server A and got to the part of the Product Configuration wizard where it wants the database server and database name, as well as an database access account.

    I tried to give it a DOMAIN\user_name account of a AD user, but it says:

    The username is invalid. The account must be a valid domain account.

    I think this is because Server A does not participate in the domain and is stand-alone because it is internet facing?

    I also tried a local account on Server B and it says the same error. 

    I tried a local account on Server A and it says:

    The specified user xxxxxx is a local account.  Local accounts should only be used in stand alone mode.

    Am I stuck?  Do I have any other options?

    • Edited by ChrisH5491 Tuesday, November 13, 2012 6:37 PM
    Tuesday, November 13, 2012 6:36 PM


All replies

  • Though there are some blog posts which can help you install SharePoint within a workgroup, such as this one:

    Installing SharePoint 2013 preview on a standalone, workgroup server

    I would avoid it due to the following (official) article:

    Certain Microsoft SharePoint Server 2013 installation scenarios are not supported

    This was taken from the latter article.

    The following SharePoint Server 2013 installation scenarios are not supported:
    You install SharePoint Server 2013 in a workgroup.

    Looking through other official documentation, you can also not install AppFabric on your server if it is part of a workgroup

    Install SharePoint 2013 on a single server with a built-in database

    If your computer is in a workgroup, you cannot install AppFabric for Windows Server.

    Hope that helps

    Roger Cormier

    Premier Field Engineer, SharePoint

    Blog: http://blogs.msdn.com/b/rcormier/
    Twitter: LinkedIn:

    Note: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, November 13, 2012 9:18 PM
  • If the server is not part of the domain you can't use Windows (domain) authentication.

    You could put the SharePoint server behind your firewall and connect it to your domain. If you don't want to do this for security reasons, another common approach is to create a resource domain in your DMZ that is used by SharePoint. The DMZ domain trusts users from your internal domain so they can access the farm with their usual credentials, but your internal domain doesn't trust the DMZ domain.

    See the Split Back to Back topology in the Extranet Topologies for SharePoint 2010 Products diagram (the topologies more or less still apply for 2013).

    Jason Warren
    Infrastructure Architect

    Tuesday, November 13, 2012 9:19 PM
  • Sorry for the late reply on this, but you are probably right.

    So my follow up questions is this... If I setup an ADFS proxy in my externally facing DMZ where Server A resides, can I then somehow get Server A to participate in the AD?  I would have to somehow point the server at the ADFS proxy server and join it to the domain?

    Monday, November 26, 2012 12:50 PM