Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>

SharePoint 2007 Forms Authentication - DOC by chandrapro

VIEWS: 868 PAGES: 29

									SharePoint 2007 Forms Authentication
It’s easy when you know how! I’ve been playing around with Beta 2 of Microsoft Office
SharePoint Server 2007 for a couple of weeks now trying to get Forms Authentication to
work. Together with Dan Winter from Microsoft and Adam Tybor I’ve got an internet
presence site working with Forms Authentication and anonymous access. Perfect for an
public facing internet site run on SharePoint 2007. So here’s the step by step guide on
how to do it (with pictures!)

A quick word of warning – this works for Moss 2007 Beta 2. If the process for any
subsequent releases change I’ll post the changes on the blog as well.

1, Create a new site – go to Office Server Central Administration -> Application
Management -> Create or Extend Web Application -> Create a new Web Application

Enter the settings to create a new SharePoint site. Leave the Authentication Provider as
NTML. Check Allow Anonymous to Yes. Fill in the rest of the settings as you normally
would and create the Web Application.




2, Once the Application has been created choose to ‘Create a new Windows SharePoint
Services site collection’. Give the site a nice name, check the box to ‘Create site at this
url’ and leave (root) selected from the dropdown. For the primary site administrator enter
the username of the main SharePoint administrator. This will change anyway once we’ve
got Forms Authentication up and running. From the Template Selection pick ‘Internet
Presence Web Site’. This is a good one as it will have a login screen created by default
that we can use to let people login under Forms Authentication. Click ok to finish
creating the site, and in the following screen click the link to open the new site in a new
browser.
2a, I missed this step out originally - sorry
Go back to the Application Management page in Central Admin and click on
Authentication Providers. In the following screen select the site you wish to change the
authentication provider to Forms for. Once you've selected it you'll see Windows as the
MemberShipProviderName. Click on this and you'll see the screen below:




Set the authentication type to Forms and enter the Member Ship Provider Name to
AspNetSqlMembershipProvider. If anonymous access isn't ticked, tick that now.

3, Now we need to finish enabling anonymous access. When you visit the site for the first
time by clicking the link in Central Admin it will ask you to login with normal Windows
Login popup (login with the username you added in step 2 for the site administrator).
Assuming you created an Internet Presence site you’ll get a list of tasks to do on the front
page with ‘Enable anonymous access’ being the top one.
Click the link and it’ll take you to the page where you set what access visitors to the site
will have. For this example just choose Entire Website and click ok.




4, The next step is outside of SharePoint. We need to create our aspnetdb to store all our
roles and users in. We could use the database that gets installed by SharePoint if you do
the default installation, but to keep it on a separate db I installed SQL Express and the
Management studio for it. Download them both from here.

Once you’ve got these installed fire up a Visual Studio command prompt (or a cmd
prompt and go to c:\windows\microsoft.net\framework\v2.0.50727) and run
aspnet_regsql. Create your roles and membership data on the sql server you so wish.
5, Now you need to edit web.config for the site you created and web.config for the
SharePoint v3.0 Central administration website. These sites are created by default in
c:\inetpub\wwwroot\wss\virtualdirectories. (To find out which directory is your Central
admin one you’ll need to go into IIS, right click the site->properties->home directory,
same for the other if you didn’t change the name of the folder when creating the site)

So in both web.configs we need to supply the connection string details for our aspnetdb.
Just outside the <System.Web> tag put:

<connectionStrings>
<remove name="LocalSqlServer" />
<add name="LocalSqlServer"
connectionString="Server=yourserver;Database=aspnetdb;uid=sa;pwd=*******;"
providerName="System.Data.SqlClient" />
</connectionStrings>

Once you’ve edited both web.config’s go to a command prompt and do an iisreset.

6, Now we need to add some users to our database. The easiest way to do this is to create
an ASP.NET 2.0 website using Visual Studio 2005 (or Visual Web Dev). Add a
web.config to the project and then add exactly the same connection string as you did
above for your new SharePoint site. Build the project.

Back in Visual Studio, under the website menu, select the option for ASP.NET
Configuration. This opens up the ASP.NET web site administration tool where we can
add the users and roles we want.
Select the Security link, create a role (something like administrators), and then go and
add a user.

7, Now the final step, and this is why we had to add the connection string to the
web.config for the Central Administration site as well. The site administrator that we
added when we created the site (which was an active directory account) has now been
removed. So we need to add the user we created in step 6 as the site collection
administrator.

Goto Central Administration -> Application Management -> site collection
administrators – and enter the username created in step 6 in Primary site collection
administrator.




And that’s it. Logout of Central Administration (make sure you do this as it saves a
cookie whenever you are logged in), and navigate to your new Forms Authentication site.
You should be able to anonymously access it ok. Click the login link at the top right of
the screen and use the username and password you created to login! Woot!!!! :-)

Technorati Tags : SharePoint 2007 Moss 2007

posted on Wednesday, June 14, 2006 11:25 PM
Get email alerts when this blog is updated!

Feedback

# re: SharePoint 2007 Forms Authentication 6/19/2006 6:16 PM Doug Fowler

It may be worth noting that you also have to set the site's Authentication provider to
Forms with AspNetSqlMembershipProvider being the Membership Provider Name.

Thanks for the great post!

# re: SharePoint 2007 Forms Authentication 6/22/2006 6:35 PM Tim Landgrave

When I try to put the <ConnectionStrings> tag inside of the system.web tag in the
Administration site I get an error (tag not allowed). When I put it anywhere else in the
web.config the site settings administrator won't recognize that it exists. Any ideas?

Also, your post says nothing about adding the Membership and Role tags to the
web.config file for the new Web Application. Every other guide says that those have to
be entered. Are they necessary or not?



# re: SharePoint 2007 Forms Authentication 6/22/2006 7:36 PM Ambreen

hi,

great article, got everything working to the point that i can login with the form and
username/password in the aspnetdb.

but i'm not able to set the primary site administrator via central administration, keeps
giving me no exact match found message
any suggestions would be really helpful

thanks ,
ambreen

# re: SharePoint 2007 Forms Authentication 6/23/2006 3:48 PM Gary

Nice articel Nick, tried using AD instead of SQL for user data ?

# re: SharePoint 2007 Forms Authentication 6/23/2006 4:32 PM Shawn Russell

Nice article!

I noticed in my web.config that the ConnectionStrings can not set within the System.Web
tag but as with my other ASP.NET apps has to be placed inside the Configuration tag;
otherwise you get a configuration error.

Am I missing a configuration step to make and I should be placing this within the
System.Web section or does it actually need to be inside the Configuration tag?

Thanks!

# re: SharePoint 2007 Forms Authentication 6/26/2006 5:58 PM Nick Swan

Tim, I've just been back and checked the web.configs of my sites and it seems that the
ConnectionStrings need to go just outside of <system.web>. I can only think it's an error
on my part....let me know how you get on.

Ambreen have you added the connection string to aspnetdb in the web.config for central
administration site as well?

Gary, not sure what you mean to be honest.

Shawn, as with Tim checking back my text above seems wrong. The <ConnectionStrings
/> go just above <System.Web>

Let me know how you get on and I'll make changes to the main article.

# re: SharePoint 2007 Forms Authentication 6/26/2006 6:03 PM Nick Swan

I've changed it now to say put the connection strings just outside System.Web. I think I
put 'inside' by mistake when I meant 'outside'!
:-)

# re: SharePoint 2007 Forms Authentication 6/26/2006 6:20 PM Nick Swan

Hi all.

check out step 2a, sorry I missed this out originally! Thanks Doug it was your feedback
that pointed it out to me.

sorry again!

# re: SharePoint 2007 Forms Authentication 6/28/2006 6:47 PM Ekta

Very good article, i was struggling for forms authentication and it helped me a lot.

Can you help me in getting Internet presence site template also pls?

# re: SharePoint 2007 Forms Authentication 6/29/2006 6:12 AM Shalin
Hi,

I followed all the steps, still not able to search users after configuring through Central
Administration. Please help.



# re: SharePoint 2007 Forms Authentication 7/4/2006 10:08 AM Lars Nielsen

This is a great article. I've been working this around for a day and tried to get there
myself, but couldn't. I got most of it up'n running, but kept bounching into the actual
authentication (in fact, I think i needed the IISReset).

...well:

Now I've run into another problem. I want to customize my site with the Sharepoint
Designer 2007, but runs into an authentication problem.

The reason seems simple, though I cannot figure out an resolution; we are now using
Forms Authentication, and naturally the designer cannot transfer it's user rights.

Is it possible to use several authentication mechanisms in the same solution. Not
Windows authentication with forms, but something similar such as application security?

# re: SharePoint 2007 Forms Authentication 7/6/2006 12:44 PM Duncan

Great article, and a couple of points:

First, I've run into the same problem as Lars, in that I can't figure out how to use
Sharepoint Designer with the forms authentication site.

Second, I can now add users to the site, after I've added them to the database via the
ASP.NET web site administration tool. But is there any way to add groups created this
way? I've not had any luck so far.

# re: SharePoint 2007 Forms Authentication 7/6/2006 1:24 PM Brian

Managed to get forms auth going in under an hour, which having done it, I know would
have taken much, much longer without such good guidence.

However, am I missing something obvious? I can create and authenticate users, but they
don't seem to be automatically added as 1st class sharepoint users (they don't show up in
People And Groups) until they're added manually by an administrator.

Just authenticating users doesn't buy me much - surely authorization for specific sites,
lists, etc. is ultimately what everyone wants to do? Anybody have any thoughts to share?
# re: SharePoint 2007 Forms Authentication 7/7/2006 7:17 AM Brian

Answered my own question:- use the roles provider. Getting it working is actually very
easy, realising that it's working is a bit harder! Set up the role manager for your site in it's
web.config (no need to change central administration), add the role member name in the
site's authentication providers (i.e. AspNetSqlRoleProvider) in central administration, and
that's it.

You then go into people & groups for your site and add any role you've created as a
_user_ - the system should recognise it and add it as a group. That group can then be used
for authorization purposes, and any user belonging to the group will be subject to it's
permissions.

# re: SharePoint 2007 Forms Authentication 7/7/2006 11:45 AM Michael

I'm having the same issue as Ambreen. I've added the <connectionStrings> to both
web.config's but when I go to the Central Administration and try to add the Primary Site
Collection Administrator, it keeps telling me No exact match found. Any ideas?

# re: SharePoint 2007 Forms Authentication 7/9/2006 2:44 PM Steve Sofian

Great article... Thanks

I am trying to use AD or LDAP as an authentication provider and using the ASP.NET
login control and change password control....Just wondering if you have tried anything on
this

# re: SharePoint 2007 Forms Authentication 7/11/2006 11:18 AM Saquib Irfan

Great article.... good one

# re: SharePoint 2007 Forms Authentication 7/12/2006 4:20 PM Ekta

Suppose i want to use my custom database for Users, then how do I do that? In which file
the code is written to access users from aspnetdb database. Can we change this file? How
should i go about this.

# re: SharePoint 2007 Forms Authentication 7/12/2006 4:32 PM Will

In regards to Michael and Ambreen's problem about adding the <connectionStrings> to
both web.configs, but still getting "No exact match found":

I ran into the same problem, and ended up solving it by also adding the membership
provider to the web.config file of the Central Administration. In other words, inside the
system.web tag I added:
<membership>
<providers>
<add name="MembershipADProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString" connectionUsername="domain\user"
connectionPassword="password" />
</providers>
</membership>

Hope this works!

# re: SharePoint 2007 Forms Authentication 7/13/2006 5:57 AM Patrick Imboden

Great!
And thanks to Brian too.


# re: SharePoint 2007 Forms Authentication 7/15/2006 5:35 PM Daniel

Is there any way to add a script or page in Sharepoint that will allow me to create,
modify, delete users right from there. I would also like to be able to let the users change
their own passwords.

Thanks

# re: SharePoint 2007 Forms Authentication 7/17/2006 10:22 AM joy


I have deployed the MOSS 2007 site to FORM authentication.now I want to add user into
it programmatically. but it failed.
however when the site is AD authentication, I can add user successfully.
I can't find what's the problem is and would you please do me a favor?

many many thanks


joy


# re: SharePoint 2007 Forms Authentication 7/19/2006 1:27 AM F.A.

Works great!

Has anyone seen any disadvantages of using Forms-based authentication?
I.E. Do we lose certain functionality or is there certain features of Sharepoint 2007 that,
when using them, cause conflicts?

# re: SharePoint 2007 Forms Authentication 8/4/2006 3:09 PM Pawan

Brian,

Could you explain how to configure role provider. I enable role provider in the WSS
config file and added the name in central administrations. However, it does not bring up
any roles that I have created when I try to add users. I can see all the users that I have
added but the roles don't show up in the search in "add people and groups". Any help
would be appreciated.

Thanks,
Pawan

# re: SharePoint 2007 Forms Authentication 8/11/2006 7:36 AM Lubo

Hi from Bulgaria,

Great post and great comments!
For the guys who have problems with SharePoint Designer and Forms Authentication -
revert to Windows Authentication for a moment while working with SharePoint
Designer. It's just a radio button click in the Central Administration Pages.

For those who want to create SQL users from their SharePoint site - create some web
parts that use the Membership API. It's very simple, just add System.Web.Security
namespace and use methods like Roles.GetAllRoles(), Roles.CreateRole() or add
CreatUserWizard control programatically.

Greetings,
Lubo


# Using SharePoint 2007 Forms Authentication & AD Simultaneously 8/14/2006
4:52 PM Michael

We have a need to need to implement an extranet utilizing both AD and Forms
Authentication - Any issues with using both in the same physical environment?

# re: SharePoint 2007 Forms Authentication 8/16/2006 11:59 AM Bob Mixon

Great post Nick! I have included a traceback to this post from my blog at:

http://www.bobmixon.com/cs/blogs/bobmixon/archive/2006/08/16/108.aspx
Bob Mixon [SPS MVP]
http://www.BobMixon.com

# re: SharePoint 2007 Forms Authentication 8/17/2006 11:05 AM Patrick Imboden

If you want Sharepoint designer and/or infoptah to work... login to your site with the
"forms" admin account, and check the "sign me in automatically" checbox...
Sharepoint and Infopath will use this cookie to authenticate.


# re: SharePoint 2007 Forms Authentication 8/23/2006 11:56 AM Styles

When I access the security tab of ASP.NET configuration this message shows up:

"A connection was successfully established with the server, but then an error occurred
during the login process. (provider: Shared Memory Provider, error: 0 - No process is on
the other end of the pipe.)"

Anyone who can help me with this?
I've got also a stupid little question. In the connection string there is a field "uid=sa" and
"pwd=*******". What do I have to do with these? Leave them like this or fill in
credentials?

# re: SharePoint 2007 Forms Authentication 8/29/2006 3:24 PM Daniel Webster

Can we use user information in an existing SQL database for authentication?

# re: SharePoint 2007 Forms Authentication 8/30/2006 5:14 PM Daniel Webster

We are using an existing database for authentication and that is working well.
We are having problems identifying the database for profile imports.
Specifically the Provider Name and Search Base in the Connection configuration.


# re: SharePoint 2007 Forms Authentication 9/4/2006 5:51 AM joe

thank you

# re: SharePoint 2007 Forms Authentication 9/16/2006 6:18 PM Jeff Merithew

I'm a teacher that is trying to create a SharePoint site for my fellow teachers. I'm using a
stripped down version of windows SBS 2003 (most extra features are uninstalled) and
SharePoint services 3 beta refresh. Your article above intrigued me in that I am trying to
create users for SharePoint (fellow teachers) without making local accounts for them. I
was hoping to just create a simple table in SQL that contains the users (a table I can
continually edit) that SharePoint will pull from to be added to any site. Is this possible?
Also, users need to be able to change their password and personal information through
SharePoint.

# re: SharePoint 2007 Forms Authentication 9/22/2006 12:08 PM Lionel Barre

Thanks, great, We managed to set up forms authentication for LDAP provider and SQL
Provider.

Only problem, we have is, we are completely unable to get it to work in anonymous, we
are always redirected to the forms login page. Any idea?

We also set up the default zone with Windows authentication, this is the only zone
working in anonymous mode.

# re: SharePoint 2007 Forms Authentication 10/5/2006 10:29 PM tad

After I implemented the form based authentication. Most features are gone.
For example, people and group, Lists, Discussion. They all return "File Not Found error".
I created a aspnetdb on Sql Server 2000 to store my login data.

# re: SharePoint 2007 Forms Authentication 10/6/2006 3:22 AM Rajeev Abrol

Very Good Article, made my life easier

# re: SharePoint 2007 Forms Authentication 10/11/2006 11:45 AM Gat

Great article, a good document to fit extranet access without requiring AD support.

@Lionel Barre : I got the same problem than you, have you find a way to fix this issue ?

# re: SharePoint 2007 Forms Authentication 10/11/2006 4:34 PM Vin

Hi, Good One!

I am running into the same problem as ambreen & Michael was...
"no exact match found" while trying to resolve the users created thru asp.net web site
administration tool.

A part of My Central admin web.config looks like this
<B>
</SharePoint>
<connectionStrings>
<add name="AspNetSqlProvider" connectionString="server=DEV1\DEV1;
database=aspnetdb; Trusted_Connection=True" />
</connectionStrings>
<system.web>
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add connectionStringName="AspNetSqlProvider" passwordAttemptWindow="10"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" description="Stores and retrieves membership data from the
Microsoft SQL Server database" name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
<providers>
<remove name="AspNetSqlRoleProvider" />
<add connectionStringName="AspNetSqlProvider" applicationName="/"
description="Stores and retrieves roles data from the local Microsoft SQL Server
database" name="AspNetSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>

</B>

And a part of the web.config of my web app in MOSS looks like the foll:
<B>
</SharePoint>
<connectionStrings>
<add name="AspNetSqlProvider" connectionString="server=DEV1\DEV1;
database=aspnetdb; Trusted_Connection=True" />
</connectionStrings>
<system.web>
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add connectionStringName="AspNetSqlProvider" passwordAttemptWindow="10"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" description="Stores and retrieves membership data from the
Microsoft SQL Server database" name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
<providers>
<remove name="AspNetSqlRoleProvider" />
<add connectionStringName="AspNetSqlProvider" applicationName="/"
description="Stores and retrieves roles data from the local Microsoft SQL Server
database" name="AspNetSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>

</B>

Pls advise!
Thanks in Advance!

# re: SharePoint 2007 Forms Authentication 10/20/2006 2:26 PM Vin

Got it resolved. Once i did a clean B2TR slipstream installation. I could see logged in
using the users in aspnetdb till yesterday and today for some reasons i get this "File Not
found" error when i try to open the site.

Vin

# re: SharePoint 2007 Forms Authentication 10/25/2006 10:46 AM Hans

I have the same question as Pawan.
How to get the role provider working. I cannot see the roles/groups defined in the
database used by the roleprovider.

Any help, links etc are welcome.

Thanks in advance,
Hans

# re: SharePoint 2007 Forms Authentication 10/30/2006 12:21 PM Travis

Vin,

Check your web.config files. I had the same problem, if you edit the files while IIS is
running it will corrupt the files with random ? everywhere. Turn IIS off, then replace the
? with the correct character and then turn IIS back on.

Hope that helps,
-- Travis
# re: SharePoint 2007 Forms Authentication 11/7/2006 10:12 AM Rafael

I've already done all steps and I read the posts as well, but when I go to "Central
Administration -> Application Management -> site collection administrators " and try to
put users from database I get this message: "No exact match was found."

Seems that application isn't reading the connection string I put inside both web.config file
or something like that.

Could anyone help me?

# re: SharePoint 2007 Forms Authentication 11/7/2006 2:13 PM Philip

There appears to be a bug in MOSS 2007 Beta relating to forms authentication. Editing
the config settings with the IIS ASP.Net Configuration Settings Tool will insert an xmlns
attribute into the configuration element of the web application's config file which causes
MOSS to report a "File Not Found" error. Removing the xmlns attribute fixes the error.

Before
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<configuration>
<configSections>
<sectionGroup name="SharePoint">
<section name=".................................

After
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<configSections>
<sectionGroup name="SharePoint">
<section name=".................................


The following link furthur describes this bug.
http://www.infusionblogs.com/blogs/kguenther/archive/2006/06/27/608.aspx


# re: SharePoint 2007 Forms Authentication 11/8/2006 4:05 PM Damon

Everything seems to work, but I keep getting sent to a login page when I try to access the
site. I've made sure I have check the Enable anonymous access checkbox in the Central
Admin for my website and I have also set my website to allow anonymous uses to see the
entire website. What am I missing?

# re: SharePoint 2007 Forms Authentication 11/15/2006 11:24 AM Matt W
In step 2, I do not believe that "Internet Presence Web Site" is an option for a site type in
B2TR.

# re: SharePoint 2007 Forms Authentication 11/15/2006 7:49 PM Vin

Is it possible to have a "People Search" functionality like the normal sharepoint people
search??? This question came up since we have our users seperated from the user profile
database. If that's not possible, is there anyway to import the users in to the appropriate
SSP's user profile database?? I badly need a solution for this since people search is a must
and i have all my users in the aspnetdb.

Any early reply is well appreciated! Thanks!

# re: SharePoint 2007 Forms Authentication 11/16/2006 5:23 AM Thomas Goddard

Did anyone figure out how to resolve the error where "No exact match was found."
occurs within the Site Collection Admins page, after you add the connection string to
both the central admin and extended site's configs?

I have tried various formats for the connection string but the Site Collection Admin page
is always unable to recognize the user.

I tried rebooting the server too.

# re: SharePoint 2007 Forms Authentication 11/16/2006 1:00 PM Vin

Thomas, If you're using MOSS 2007 Beta2, i would suggest you to install B2TR and try
this. It worked for me when i did a slipstream installation. If you're having B2TR already,
am sorry..am not aware of it.

# re: SharePoint 2007 Forms Authentication 11/17/2006 1:38 PM Vin

Lemme explain the scenario in a little detail. I have "n" number of customers & i've
created a web app for each customer. I have also enabled forms authentication for every
web app which has it's own custom aspnetdb (Each customer's user profiles are
maintained in their own custom_aspnetdb - The requirement is to maintain the each
customer's users in a seperate database). So, everything is working well so far.

Now i have a couple of questions :

1. I want to perform a "People search" on each web app and since we have the users in
the aspnetdb i have no idea how to perform a "people search" with aspnetdb database in
place.
2. If we can't simulate "People Search" with users in aspnetdb, is it possible to import
users from aspnetdb to the appropriate SSP's user profile database, so that we can avail
the sharepoint's "People Search" directly.
3. If we can import users from aspnetdb, how to keep the user details in sync between
"aspnetdb" and "User Profile db" in SSP

FYI, I have created a seperate SSP for each web app (unless otherwise if a customer have
a partner and they want to access each other's profiles. In that case, both of the web apps
will be bound to a same SSP).

It would be of great help if you could answer these questions. I am not using AD or
LDAP, it's just a aspnetdb and new users are manually feeded in to the
database using a webpart.

# re: SharePoint 2007 Forms Authentication 11/22/2006 6:46 PM PJ-WSU

I got my central admin site to recognize users from my AspNetSqlMembershipProvider. I
set up one of those users as a site collection owner on my application. However, when I
try to login to the extranet site, it keeps tossing me back to the login form. Any ideas?
Thanks.

# re: SharePoint 2007 Forms Authentication 11/24/2006 2:59 AM Premjeet

Hi all, I could not see the Internet Presence Site template in Sharepoint 2007 template
collection

Under which template it is listed?

Thanks and regards
Premjeet

# re: SharePoint 2007 Forms Authentication 11/29/2006 12:48 PM Jigs

Hi,
I'm seeing "No exact match was found" error described by Thomas. I have MOSS 2007
RTM installed and i'm trying to use OOTB AD Provider. Here's my web.config setting

<connectionStrings>
<add connectionString="LDAP://MyADServer/dc=MyAdServerDomain,dc=net"
name="ADConnString" />
</connectionStrings>

<membership defaultProvider="ADProvider">
<providers>
<clear/>
<add name="ADProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnString"
connectionUsername="tccdev\AdminUser"
connectionPassword="AdminPassword" />
</providers>
</membership>




# re: SharePoint 2007 Forms Authentication 12/1/2006 7:50 AM Meghna

Hi, Good article.

I have same problem as Damon I keep getting login page when I try to access the site
even have checked anonymous access.

Can we integrated AD user within form authetication?

Regards & Thanks
Meghna.


# re: SharePoint 2007 Forms Authentication 12/7/2006 9:03 AM Liz

Hi,

Have anyone tried calling the share point web services for a forms authenticated site?I am
getting redirected to login page even if the credentials are passed.

Thanks,
Liz

# re: SharePoint 2007 Forms Authentication 12/8/2006 2:27 PM Joshua

Thanks for the instructions. I have a couple of quick questions:

1. Is there a permission set that allows select users/groups to APPROVE the modified
content (say in a workflow process) but does not give them
the ability to PUBLISH? So you can establish a workflow that has authors (who create
the content but cannot publish) and editors (who
review the content and publish).
2. Regarding user groups and permissions, is there a build-in
module/feature that allows for self-registration? So say there is a
portion to the site that is available to the general public (anonymous
access) and then if a user signs up and logs in they have access to the
more in depth community aspects (blogs, discussions, and shared
documents)? And this newly self-registered user will automatically get
put into a pre-defined user group.

Also, does anybody have any other locations where these types of topics are discussed?

Thank you,

# re: SharePoint 2007 Forms Authentication 12/19/2006 12:44 PM Bob

you mention "We could use the database that gets installed by SharePoint if you do the
default installation" How would I go about doing this?

# re: SharePoint 2007 Forms Authentication 12/19/2006 5:19 PM Reed

Great article..I noticed a lot of people asking the same question I have now, and that
regards using this forms based authentication with Active Directory. Can you provide me
with any instructions on doing this?..Thanks!

# re: SharePoint 2007 Forms Authentication 12/19/2006 9:03 PM Bob

The Active Directory is not difficult: Add the below to your config and set the
Servername, and give an account with access to create, view.. etc. Next set the Sharepoint
Auth method to Forms and use the Member name specified below (ADProvider). My
problem maybe you can help is how do you associate the Forms login with a Windows
Login as sharepoint se's the Forms user as a completely different user from the Windows
Authenticated user even though they are both Authenticated from Active Directory?

<connectionStrings><add connectionString="LDAP://YourServerName"
name="ADConnString"/></connectionStrings>

<membership defaultProvider="ADProvider">
<providers><add name="ADProvider" enableSearchMethods="true"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnString"
connectionUsername="DOMAIN\Administrator"
connectionPassword="AdminPassword" attributeMapUsername="SAMAccountName"/>
</providers>
</membership>

# re: SharePoint 2007 Forms Authentication 12/20/2006 12:26 PM yxg

Hi all, I could not see the Internet Presence Site template in Sharepoint 2007 template
collection , the same question with Premjeet.

I know it should be listed under the "collaboration" template, but mine only have 5 in it :
Team site, Blank Site, document Workspace,Wiki Site and blog", instead of 8, lack of "
Records Repository,Internet Presence WebSite, My site host".
the picture at the right of the selection area is yellow, instead of blue.

The version I installed is MOSS Trial version 1.0, 264.7 MB.

As far as I remember, when I installed it, the sharePoint Server Standard Trial number
works, instead of that of Enterprise edition.

perhaps it may appear if some of you kindhearted send me a folder in your: program
files\common files\microsoft shared\web server
extensions\12\TEMPLATE\SiteTemplates path, I guess the "BLANKINTERNET" folder
is ok.
my email : yxg7783@sina.com

thanks

Premjeet, have you got it?

your earliest reply will be appreciated!
yxg



# re: SharePoint 2007 Forms Authentication 12/21/2006 4:08 AM yxg

I searched Google and find this , then I got a MVP’s mail which is the same answer.

http://www.msd2d.com/content/tip_viewitem_03.aspx?id=187d7e70-b33e-43bc-8174-
1dab6c92eb69

it’s a good site.


# re: SharePoint 2007 Forms Authentication 12/23/2006 10:37 AM yxg

It's a pity that SQLServer 2005 management studio Express can't be installed with
SQLServer 2005 management studio at the same machine. But my SQLServer 2005 and
VS2005 are not CTP, just curious why they are conflict?

# re: SharePoint 2007 Forms Authentication 12/25/2006 11:59 PM yxg

Hi all,

Suppose such a scenario, there are many child sites under an internet presence web site,
when users of different child sites log on the internet presence web site with their own
passwords, is it possible that they are directed to different child sites respectively?
that is, user1 is directed to child site1, user2 is directed to child site2? and so on.

thanks

# re: SharePoint 2007 Forms Authentication 1/8/2007 5:37 PM JonB

Bob, did you ever get an answer to the problem with AD authentication. I have the same
issue in that I can log in through the form and the user is recognized as being in AD and
properly logged in BUT, no matter what I do, no one has any access to the actual content.

After logging in through the form I get a page that says:

go back to the site
Error: Access Denied
Current user
You are currently logged in as [john.Doe.Valid.AD.User]
Sign in as a different user

I have made the user the Site Collection Administrator as well as added them to a group
having full access to the site and no luck. Note that I have added the ADConenction and
the membership DefaultProvider stuff to the web.config for both the extranet site and the
configuration site. The intranet version of the site uses windows authentication and that
site allows access to properly authenticated domain users.


# re: SharePoint 2007 Forms Authentication 1/9/2007 10:58 PM Marc Dispensa

I have forms authentication working however i get an error when i try to use excel
services. Any ideas on how to make excel services work with forms auth?

# re: SharePoint 2007 Forms Authentication 1/10/2007 2:53 AM AG

Hi JonB/Bob/Thomas,
I am also getting same problem.
I am able to register my custom provider in app web.config as well as in admin
web.config (in bin also).
User is getting authenticated but not able to enter the site.

After logging in through the form I get a page that says:

go back to the site
Error: Access Denied
Current user
You are currently logged in as [john.Doe.Valid.AD.User]
Sign in as a different user
In centralAdmin also, (getUser(...) functin is not getting called so user is not verified
while adding it to site administrator collection.)

Please help me out.


# re: SharePoint 2007 Forms Authentication 1/11/2007 12:30 PM Ryan

Also getting
go back to the site
Error: Access Denied
Current user
You are currently logged in as [john.Doe.Valid.AD.User]
Sign in as a different user
When authenticated as a form based used (underlined in the setting setting / add user).
Weird.
Any one any ideas...

# re: SharePoint 2007 Forms Authentication 1/12/2007 6:51 PM DonB

WSS 3.0 does not have the "Internet Presence Web Site" Template. Neither does the
MOSS2007 Enterprise Trial. How can I obtain this template? I am not a ASP developer
by trade and the code that would already be built in this template would be extremely
helpful.

# re: SharePoint 2007 Forms Authentication 1/14/2007 10:44 AM yxg

DonB,

I searched Google and find this , then I got a MVP’s mail which is the same answer.

http://www.msd2d.com/content/tip_viewitem_03.aspx?id=187d7e70-b33e-43bc-8174-
1dab6c92eb69

it’s a good site.


# re: SharePoint 2007 Forms Authentication 1/15/2007 6:58 AM Jordan Richards

Error: Access Denied
Ok guys if you are getting this.
Site Settings - Modify All Site Settings - (Galleries) Master pages and page layouts
Check in, and then Authorize your master page. I'd bet that you have a modified master
page which is in use and thus your users are authenticating but do not have permission to
see Pending Master Pages.
Hope this helps
Jordan Richards :)




# re: SharePoint 2007 Forms Authentication 1/24/2007 9:30 PM GavinR

I'm having issues with the AD Authentication.. I've completed the above (for the
ADProvider) and I can logon using the NT accounts and can see the first portal page, but
it seems none of my NT groups are being noticed.. I've added say "Sharepoint Portal
Admins" NT Security/global group as Admins on the portal and when I logon with a user
in this group I do not see the "Site Settings" drop down box for editing, When I click on
any links on the front page (from the default page created) I get a 'access denied' page..

anyhelp would be fantastic.

# re: SharePoint 2007 Forms Authentication 1/26/2007 5:26 PM tlk

This posting was HUGELY helpful!! But I, too, am having trouble using Excel Services
now via my external zone. The error I get is "Excel Web Services could not determine the
Windows SharePoint Services site context of the calling process."

# no exact match found message 1/30/2007 5:29 PM Carlos

I still have this problem, I copy the connectionString and the Membership provider from
my App web.config to the one in the central administration site. I have shapepoint 2007
and services version 3. Do I have to apply the patch that someone recomend there for
B2TR ?

Thanks in advance.

# re: SharePoint 2007 Forms Authentication 1/30/2007 8:39 PM FBA

Gavin,
For the groups to work, you need to add the "role provider" as well.

But folks,
Before jumping into forms authentication beware that the audience targeting will not
work with forms authentication.

# re: SharePoint 2007 Forms Authentication 2/6/2007 7:33 PM Bryan

I'm stuck on step #2, I do not have the option to select "From the Template Selection pick
‘Internet Presence Web Site’" from the Template section under Collaboration.
# re: SharePoint 2007 Forms Authentication 2/12/2007 5:06 AM Amina

Bryan

Select "Publishing Portal" under the Publishing tab. Its the same as Internet Presence
Web Site’.



# re: SharePoint 2007 Forms Authentication 2/27/2007 3:39 PM Hina

i am trying to set user logins for sharepoint website. i want to check user authentication
from active directory. how can i do that? any idea? please email me at
hshah@co.kern.ca.us

# re: SharePoint 2007 Forms Authentication 2/28/2007 5:33 AM Shaun

Is the Access denied issue resolved?? If someone has been able to rectify, please post the
solution as i have not been able to figure it out.

Thanks

# re: SharePoint 2007 Forms Authentication 3/1/2007 1:38 AM Shaun

Great article!! Working good..

Is there anything like we cant create a team site inside a publishing home site?

# Help - 'no exact match' 3/10/2007 5:04 PM Mike

I have followed this how to as well as the one by Steve Peschka, yet in step 7 above (add
user as site collection administrator), or in the 'Policy for Web Application' page, I cannot
add the users from my Membership database, and search says 'no exact match found'.

I validated that the application pool user for both Central Administration as well as the
Sharepoint site ('Network Service') has access to the Membserhip database.

Help?

# re: 'no match found' 3/10/2007 6:43 PM Mike

I posted a comment earlier today about getting 'no match found' when trying to add users
from my sql membership database as Administrators - the problem was that I had not
created users in my membership database using the ApplicationName in my membership
configuration:
<membership>
<add name="AspNetSqlMembershipProvider" applicationName="/" ...

I had added users using a custom login form using the sample provided
here:http://msdn2.microsoft.com/en-us/library/ms998317.aspx
The users will not show up unless they are created using the same applicationName used
in the Sharepoint membership provider configuration (all of the samples use "/"). Once I
created a user in the membership database using the applictaionName="/", I was able to
add the user and successfully log in to the site.

It would be nice if there was a set of Sharepoint user management pages to use with the
AspNetSqlMembershipProvider.

-Mike
mhatch@microsoft.com

# re: adding users w/o VS.Net 3/12/2007 3:46 PM Tohams

Is there a way to add users w/o using Visual Studio 2005? I can't connect to the SQL
Server the user store will be on from my dev machine (which is where VS.Net is).

Thanks!

# MCMS 2002 - SharePoint 2007 Forms Authentication 3/14/2007 8:05 PM Ahmad

If I have MCMS 2002 on SP2 (running APT .NET 1.1) framework 1.1 and I have WSS
3.0 on a seperate server on 2.0 framework. Is it possible to forward MCMS 2002 (from
SQL Database) to pass credential to WSS 3.0 to autotmatically authenticate users to WSS
site? and that users will not have to relogin!

Is this possible? is there a way to go around that without having to upgrade current
MCMS site from ASP .NET 1.1 to 2.0? Please Help!!!

# re: SharePoint 2007 Forms Authentication 3/20/2007 5:56 PM MRB

Hi,
Nice article.Thanks

I have configured Sp2007 and at the stage of creating new site collection.its so weird that
I dont see the publishing template in the template selection..I tried to activate Office
SharePoint Server Publishing in the site features.But it says

One or more features must be turned on before this feature can be activated.

Office SharePoint Server Publishing Infrastructure
Provides centralized libraries, content types, master pages and page layouts and enables
page scheduling and other publishing functionality for a site collection.
I am beating the bush since morning.Please shed some light how can I accomplish this
(activate the publishing feature)

Thanks in advance.

-MRB



# re: SharePoint 2007 Forms Authentication 3/24/2007 1:50 PM Arnold J.

I have ADmembership working and had to add the ADMembership:<username> to the
siteusers. SharePoint does not recognize this user as the actual AD user but as the
ADMembership:<username>. This way the extranet users won't have access to their user
related info. Is there a workaround?

# re: SharePoint 2007 Forms Authentication 3/28/2007 12:19 PM Hisham Qaddomi

I did the forms authentication OK but I want to customize the user profiles with my own
fields. If you add them to the SQL data base they will not appear in the SharePoint profile
page. How can I do that?

# re: SharePoint 2007 Forms Authentication 4/1/2007 11:24 AM Michael Bailey

OK; I beleive I have FBA working with the ActiveDirectoryProvider in my MOSS 2007
installation. (I can find users through the "Policy for Web Application" and grant them
rights to the zone for which I have the provider enabled (Extranet).) When connecting to
the web application hosting the specified zone, I am directed to the Sign In page but after
entering my username and password and clicking "sign in", nothing happens. There is a
postback, but then the login page just pops up again. It never authenticates me. Any idea
what's going on?

# re: SharePoint 2007 Forms Authentication 4/8/2007 5:05 AM Vivek

After successfully enabling the forms authentication, when i try to publish the InfoPath
2007 in it it says "the following web server does not appear to be running windows
sharepoint services <my site address>".
Do anyone faced this problem? Any solution?

# re: SharePoint 2007 Forms Authentication 4/16/2007 3:29 PM David Gilbert

So, is there any way to target content to users that are in the Extranet zone? I really don't
want to put these users in my Active Directory. From everything I read, it looks I can't do
this.
Maybe there's a way to have LDAP against the ASP.NET SQL DB?

Thanks
Dave


# re: SharePoint 2007 Forms Authentication 4/17/2007 1:08 PM David Gilbert

How can we target content to the Extranet Zone users from the ASP.NET DB?

I need to user audiences to target content to both the internal and external users. It looks
like I can't add/import profiles unless the Account Name can be validated against
AD/LDAP.

Thanks

Dave

# re: SharePoint 2007 Forms Authentication 4/17/2007 2:17 PM vik

FBA, could you please explain more about why "the audience targeting will not work
with forms authentication"
What we found out that at web application level the audience targeting does works with
Forms authentication. We have Forms auth based on SQL srvr.
As we all know a SSP can be applied to more than one web application,
if one web applc is Forms based and other is Windows auth based,
then yes the AD audience will not work for forms and similarly the Forms based roles
will not be recognized by Windows auth.
But if you create a SSP and just apply to one web applc and then if its having Forms auth
it should work.

# re: SharePoint 2007 Forms Authentication 5/21/2007 4:45 AM Adnan Al-
Ghourabi

Those who are having the "No exact match was found.", here is how to resolve it:

In IIS, go to the properties of SharePoint Central Administration v3, and click on the
ASP.NET tab. In there, under General, you'll notice that the connection parameters is
pointing to:

data source=.\SQLEXPRESS;Integrated
Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true

So just change it to that of the Web application you created.

If you make the change through IIS, make sure to go to the Web.config file and replace
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> with
<configuration>, otherwise you will get a Web.config configuration error (Event ID
1310) Could not load file or assembly 'Microsoft.SharePoint.ApplicationPages,
Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c' or one of its
dependencies. The system cannot find the file specified.

								
To top