Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 450
  • Last Modified:

How to configure Form based Authentication For AD users in a MOSS intranet application?

We have Our DMS applciation configured in MOSS.
The Default and Intranet zone is being used for accessing.We have assigned an AAM also.
Our client now want to make the intranet authentication to be changed to Form Based Authentication(FBA).How can I make existing intranet with AD users autehntictaion done using Form Based mode?
When searching online I cud see links related to FBA for LDAP..But I am not sure if I shud try with LDAP method or AD membership mode?
Is there anything specific to be taken care of in web.config files regarding security?
At AD level do I need to provide any specific rights to MOSS admin account ?
Will the sceurity be compromised?if so is there anything to be entered in conenction string to take care of this?

The client want to keep FBA as primary intranet access mode..

Pls help with your valuable inputs..
  • 5
  • 3
3 Solutions
jlaxmiAuthor Commented:
Thanks Captain for replying .
But my question was specific to intranet and AD users.the link send by you speaks about FBA for extranet and non-AD users..
Inputs regarding Intranet (AD users) would eb really helpful
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

jlaxmiAuthor Commented:
Thanksa gain.
Ok let me try this.
I have a query:When configuring FBA for intranet users in intranet zone do I need to mention ADMembershipprovider or LDAPmembershipprovider?Are these two diff?
or these two have different details entered in conenction string?
You can use either. I personally would use the ADMembershipprovider

Using AD it automatically queries your DC using the application's process identity, or you can provide your own credentials if you want to use another, however its submitted in clear text.

LDAP you have to specify where you want it to query and can be used outside of a domain enviorment.

This site has all the different strings that you would need if you decide to use LDAP or AD authentication it also has a link to how to encrypt the connection string if you decide to provide your own credentials.


I hope this is what you were after.
jlaxmiAuthor Commented:

Thanks a lot for the links..But i am stuill stuck up..
I am trying to change my Default zone application from Windows authenticatuion to Forms.I enable Anonymous access also.Then I submit Membership provider as "ADMembershipProvider" as given in my web.config .
I added connection strings above system.web node in both the Central Admin(CA) web.config and Sharepoint site's default application web.config(configured on port 82).
In Central Admin web.config  Authentication  is"windows"
in Sharepoint site  web.config  Authentication is "Forms"
Then I added the membership provider below system node with details as in attached files..
I am not getting even the forms page open. I get teh page as in the image..
Attaching teh code changes in web.config for your reference..
I am wondering why i don't even get the forms page..
Is there any way to atleast get the forms page first and see if forms authentciation working..
To remind the point-I dont have an extended web applciation..I want to apply forms based authentciation to my Default zone.
Once this works fine I will test for an extended zone  with ADMembership provider..But right now I have to show my manager how will be the forms application opening into Forms Uathentciation...
Pls help....
jlaxmiAuthor Commented:
I Changed Autehntictaion to Windows with anaonymouse access enabled and then gave anonymous accces to Site permissions Home.I then changed to forms authentication and could get the login page for forms.When entered users authentication worked.
jlaxmiAuthor Commented:
Applied resolution on own

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now