Why can't I use Alternate Access Mapping (AAM) for Extranet?
https://sharepoint.stackexchange.com/questions/187653
-
10-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Instead of extending web to external why can't I just use AAM? I am going to be honest that it was an interview question and I kinda stumble. my answer was security purpose.
Solution
Security is main reason. There are no difference in the content Even extending web application. Because both internal and extended web apps sharing the same content db.
But with extended web you can pick different auto provider which help you exposing your internal identities externally. I.e you as will be hidden if you use FBA on extended web app
OTHER TIPS
There is no additional security imparted by an AAM alone. Extending the web app puts it on a new IIS site and can allow for a different auth type and/or different set of groups/users.
See Technet: https://technet.microsoft.com/en-GB/library/gg276325.aspx
This provides a backing IIS Web site.
I recommend extending a Web application to a new IIS Web site for each zone I want to use.
I do not recommend reusing the same IIS Web site for multiple zones, as Microsoft say
For more details check this
Alternate Access Mapping is just a different name which points back to the actual site.
If you want to expose the same content in a Web application to different types of users by using additional URLs or authentication methods, you can extend an existing Web application into a new zone. When you extend the Web application into a new zone, you create a separate Internet Information Services (IIS) Web site to serve the same content, but with a unique URL and authentication type.
It sounds like a check on knowledge were they wanted to test your knowledge. I reference this article. Plus, there is a follow-on article for AAMs in the "updates" paragraph.
