hi guys, i have WSS 3.0 setup on my server. I have a task list setup. I would like to have one external user say testexternal@hotmail.com how can i have a this user setup, so when i create a new task list item, it will send him an email and allow him to participate. TIA

I'm assuming here that you don't have your WSS solution internet facing, and your AD admins can't just provide the chap with an account he can login with using that hotmail account as his mail address. Extending web applications in WSS or MOSS is fairly straightforward for the hardy bunch who do this often, but you'll have a plethora of security issues to deal with from firewall rules, decisions on DMZ configuration, forms based authentication options (or not), federation, ISA, etc. etc. Opening up WSS or MOSS to external accounts over the web is fairly advanced territory and mostly the domain of the network admins and security specialists - the WSS admin only has a fairly small part to play. Start by reading this, so you understand about extending web sites, and forms authentication: http://technet.microsoft.com/en-us/library/cc287954.aspx and there is a good guide on getting mixed mode authentication working on codeplex: http://fbasp.codeplex.com/ Regards John Timney

* I'll put questions in the right area next time*thanks for the suggestions john.sinces its only 1 user:how about this i'll just provide him an AD login (per your suggestion). Then grant him access to our internal network via Cisco VPN Client or Cisco SSL VPN Client.Do you see anything wrong with this solution?

As long as you can keep your security chaps happy then it certainly sounds feasible. If you already have VPN in place then its likely the easiest way to go for that volume of users. Regards John Timney

If I were a security guy I wouldn't be happy with it !The whole point of an internal AD system is that it stays internal surely.While *internal users* are also allowed to access the site via VPN it's imo quite another thing to let even only one external user access it by using an internal AD username. For one, all the asummptions that are typically made that all domain users are internal users fly out of the window. FAQ sites: (SP 2010) http://wssv4faq.mindsharp.com; (v3) http://wssv3faq.mindsharp.com and (WSS 2.0) http://wssv2faq.mindsharp.com Complete Book Lists (incl. foreign language) on each site.

Mike,you make some good points. However we are a small shop, just getting into sharepoint. It seems like extendingour sharepoint to the internetseems pretty complicated.my plan : place the external user in a secured OU, lockdown all his access. filter his ip access to only the sharepoint server.any other tips?i'll keep you guys posted witb the results.

John: you talk alot without saying much. Is that why you have the 3 medals?