Presentation is loading. Please wait.

Presentation is loading. Please wait.

Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik.

Published byAbel Gray Modified over 8 years ago

Similar presentations

Presentation on theme: "Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik."— Presentation transcript:

1

2 Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik Chermakani (Test) Project Microsoft Corporation

3 Approach Identify key deployment options Identify key project server processes Walkthrough processes for each deployment scenario – with security in mind

4 P11 architecture

5 Key deployment options Single domain One box Multiple boxes Multi domain One way trust No trust Firewalled Multi domain Extranet deployment

6 Key processes Project open and save Publishing a project Share point Assign users to appropriate Sharepoint roles Assign users to appropriate Sharepoint roles Accessing WSS site (issues/risks/docs) Accessing WSS site (issues/risks/docs) Portfolio analyzer Building the cube Building the views Accessing the cube

7 Project Security Authentication Windows Authentication Single logon account Seamless experience across all Project Server components Project User Accounts SharePoint complications OLAP complications Authorization Categories, Global permissions, Roles

8 Project 2003 Highlights Publishing from Non-Trusted Domain user can login with Windows User Account in Project Professional client ?? Sharepoint Sites created, roles populated for Sharepoint site Portfolio Analyzer New extranet address field for accessing Portfolio Analyzer from the internet New version of OWC 11 will prompt for credentials when accessing across domains

9 Single v/s Multi domain

10 Multi domain-extreme case

11 Project open/save architecture Proj Auth Authorization

12 Publish architecture Proj Auth WSS Auth Directory Perm

13 Project Open/Save/Publish Success Project Open/Save/Publish Fail because Project Server does not recognize User 1 No Trust between 2 Domains WSS Subweb created with PSComPlus Account Project Client Domain 5 Project Server Domain 3 WSS Server Domain 1 Sharepoint fails to assign role to User 1 Sharepoint recoginizes User 1 Role assigned correctly Project Open/Save/Publish No Trust Between Domains WSS Server assigns role to User 1

14 Project Publish Publish from Project Professional Log in with Windows Users Accounts (local/User1) We check for user1 account in Project Server machine WSS site creation with PSComPlus credentials, correct windows users roles added if WSS/User1 exist

15 PWA Login Success Browse to WSS Section WSS Section Login Success WSS Server Challenges User 1 PWA Domain 4 Project Server Domain 3 WSS Server Domain 1 No Trust Between Domains Sharepoint Access

16 User log into PWA with windows user account User access sharepoint section iFrame prompts for login information User enters information that matches with sharepoint machine (instead of replicating ALL project users, admin can choose to create only a few sharepoint users)

17 Portfolio Analyzer Architecture – create cubes OLAPAdmin Perm2 ?

18 Portfolio Analyzer Architecture – access/build views OLAPUser Permcheck

19 Administrator browse to Cube creation page to create cube OLAP Cube created with PSComPlus Credentials PWA Domain 4 Project Server Domain 3 SQL Server Domain 2 Portfolio Analyzer – Cube Creation Administrator must add users or generic accounts to SQL Server

20 Portfolio Analyzer – Cube Creation PWA admin login with windows user accounts Project Server uses PSComPlus credentials to create a cube Admin creates a view and roles must be assigned to replicated user accounts in analysis server

21 PWA Login Success Browse to Portfolio Analyzer User granted access to Portfolio Analyzer PWA Domain 4 Project Server Domain 3 SQL Server Domain 2 Portfolio Analyzer OWC connects to SQL Server with account in connection string OWC challenges User 1

22 Portfolio Analyzer - OWC Project User logs into Project Server with Windows user credentials User arrives at page with Office Web Component OWC prompts user for login information User enters local Analysis Server credentials to browse the cube

23 Extranet Application/ Data Services DMZ Extranet Corporate Intranet 3389 80/443 1433 2725

24 Extranet Use SSL for extranet access from PWA SSL not needed for intranet users 2 instances of Project Server and WSS 1 for external access, 1 for internal access Terminal Server in DMZ for Project Professional Client users

25 Extranet – Publishing/File open/Save Extranet user connect to Terminal Server inside DMZ User login with Windows user account

26 Extranet - WSS iFrame will prompt for login info User must enter a windows account that has been granted access to Sharepoint

27 Extranet – Portfolio Analyzer Cube creation PWA Administrator login using windows authentication w/ SSL Project server uses PSComPlus to create cube New Portfolio Analyzer view ?? specifies the http address of Analysis server (requires SQL Enterprise edition) Portfolio Analyzer view access OWC connects to the http address, Analysis Server challenges user User enters Windows User information

28 Summary Sharepoint requires Windows Authentication SQL Analysis Server requires Windows Authentication Sharepoint and Project Server should be placed in the same domain Most problems can be worked around by creating matching user accounts

29 Questions ?

30 © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik."

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
The following 10 questions test your knowledge of Internet-based client management in Configuration Manager 2007. Configuration Manager 2007 Internet-Based.

The following 10 questions test your knowledge of Internet-based client management in Configuration Manager Configuration Manager 2007 Internet-Based.
Service Manager for MSPs

Service Manager for MSPs
Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.

Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.
©2012 Microsoft Corporation. All rights reserved..

©2012 Microsoft Corporation. All rights reserved..
©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.

©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Bill Essary Software Architect Microsoft Corporation.

Bill Essary Software Architect Microsoft Corporation.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
1 of 3 Open Outlook 2007. On the Tools menu, click Account Settings. 1 Enable Outlook Anywhere 2 Click your Microsoft Exchange account, and then click.

1 of 3 Open Outlook On the Tools menu, click Account Settings. 1 Enable Outlook Anywhere 2 Click your Microsoft Exchange account, and then click.
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.

NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.
OFC324 Microsoft Project Server: Putting Enterprise Project Management (EPM) To Work Sam Brooks www.sambrooks.com.

OFC324 Microsoft Project Server: Putting Enterprise Project Management (EPM) To Work Sam Brooks
Understanding Active Directory

Understanding Active Directory
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
Winter 2005-2006 Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
EPM 2007 Implementation and Upgrade Tips Summary June 18th, 2008 Brendan Giles, PMP, MCP.

EPM 2007 Implementation and Upgrade Tips Summary June 18th, 2008 Brendan Giles, PMP, MCP.

Similar presentations

Ads by Google