?
Solved

configuring sharepoint to use form based authentication

Posted on 2011-02-10
22
Medium Priority
?
1,497 Views
Last Modified: 2012-05-11
Hi there

We are thinking of implementing Sharepoint 3.0 for some testing purposes.

Its all setup on a Windows 2008 R2 64 bit, its also a DC. WSS 3.0 with SP2 installed and it is running fine.

However, we need the authentication to be forms based, just like OWA.

By default the authentication is through a pop up which is Windows based GUI where you type in your username and password.

I have looked up and there are instructions in MS documentation to do that and what I have to do is change the authentication settings under sharepoint settings and change the authentication type to form based authentication.

The guys who knows about this will know what I am talking about.

I have to select forms based authentication but then also provide the name of the authentication provider or something. This is where I am stuck.

http://technet.microsoft.com/en-us/library/cc288043(office.12).aspx

Can someone help me as to what I should be putting in and if I need to configure the web.config file as mentione? If so, where exactly is the file?

Is there anything else I will need to do?
0
Comment
Question by:alex110109
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 9
  • 2
22 Comments
 
LVL 9

Expert Comment

by:skipper68
ID: 34867970
I believe this can be set to anything but will be required to be changed/match when you modify your web.config file.

Make sure to take a backup copy first before editing
By default, Internet Information Services (IIS) stores these files under
C:\inetpub\wwwroot\wss\VirtualDirectories\<Web Site Directory>

The root of this directory will include the web.config file which you will now edit in your editor of choice ( i.e. notepad if nothing else ) and insert the following entry just after your <system.web> node.

<membership defaultProvider="MyMembershipProviderName">
  <providers>
    <add
    name="MyMembershipProviderName"
    type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C"
    server="<servernamehostingMyMembershipProviderName>"
    port="60000"
    useSSL="false"
    userDNAttribute="distinguishedName"
    userNameAttribute="cn"
    userContainer= "CN=Users,CN=xxxxxx,DC=xxxxxx,DC=COM"
    userObjectClass="user"
    userFilter="(ObjectClass=user)"
    scope="Subtree"
    otherRequiredUserAttributes="sn,givenname,cn" />
  </providers>
</membership>
You will also need to add the below code for your People Picker to correctly pick up your AD LDS users.  
<PeoplePickerWildcards>
  <clear />
  <add key="AspNetSqlMembershipProvider" value="%" />
  <add key="MyMembershipProviderName" value="*" />
</PeoplePickerWildcards>

Save your web.config file and then run IISRESET to ensure all new settings have been applied.

If this doesn't work, revert the web.config to the copy you made.

0
 
LVL 7

Accepted Solution

by:
bradgcoza earned 2000 total points
ID: 34868731
I wrote a blog that might be of assitance

http://www.bradg.co.za/?p=18
0
 

Author Comment

by:alex110109
ID: 34870036
Hi Skipper

thanks for the code for web.config file.

But what about the authentication provider name that I need to specify under share point configuration?
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 
LVL 9

Expert Comment

by:skipper68
ID: 34874245
The name I believe can be anything.  As long as it matches what's in the web.config.
0
 

Author Comment

by:alex110109
ID: 34880433
Brad and Skipper

Both your solutions don't work unfortunately, the problem is with the code.

Brad, your code first. Here is the snapshot of the error message.

Also, I am not sure exactly where should I put the code in the web.config file.

I have attached my default web.config file. Let me know what needs to change.

Skipper, I will post the error with your code next.

     brad error msg
0
 

Author Comment

by:alex110109
ID: 34880437
here is the web.config file which is default one
web---Copy.config
0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34894919
Hi,

The error you are receiving because of my code is becuase you added the <ConnectionStrings> after <system.web> and not after </system.web>

Please try again and let me know.
0
 

Author Comment

by:alex110109
ID: 34895368
Hi brad

I am still not sure exactly where you want me to put your code, but this time, I put it between
</system.web> and </location> . The error has still remained the same.


Detailed Error Information section (just the part which is the error)
================================
Config Error:The configuration section 'connectionStrings' cannot be read because it is missing a section declaration  
=================================

==============
Config Source
==============
57:   <system.web>
58:      <connectionStrings>
59:      <add name=”ADConnectionString” connectionString=LDAP://win2k8r2demo.mydomainname.local/, CN=Users, DC=mydomainname, DC=local />

Please note that the the line 58 is marked in red so that's probably the problem or its location within the config file. See the file attached which has the code as I mentioned.

I honestly can't figure this out, I have attached my original web.config file here. Do you mind inserting your code and saving it back here. I will change the values to reflect my domain etc.
web---Copy.config
0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34895479
Simply add the following code to the very end of teh web.config before </configuration>

<connectionStrings>
<add name=”ADConnectionString” connectionString=LDAP://domaincontroller.domain.com/OU=Managed Structure,DC=domain,DC=com />
</connectionStrings>
<system.web>
<membership defaultProvider=”ADAuth”>
<providers>
<add name=”ADAuth” connectionStringName=”ADConnectionString” connectionUsername=”domain\ssoservice” connectionPassword=”P@ssw0rd” attributeMapUsername=”UserPrincipalName” type=”System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a” />
</providers>
</membership>
</system.web>

Open in new window


You need to add this code to the Central Admin site web.config as well in the same way.  I have attached the file.  Dont forget to change connection username and connection password
web.config
0
 

Author Comment

by:alex110109
ID: 34895561
Hi Brad

I think we are making progress. However, now the config error is "configuration file is not well-formed xml" and below is the detailed config source which it points to. THe line 204 is in red.

203:   <connectionStrings>  
204:     <add name=”ADConnectionString” cnnectionString=LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local />  
205:   </connectionStrings>

Obviously, I am not the expert here but is the LDAP path supposed to be in that format?
Let me know if something else is wrong.
0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34895854
add " before and after your connection string

"LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local"

Open in new window

0
 

Author Comment

by:alex110109
ID: 34895889
Sorry mate, now it is coming up with exact same message with the quotes before and after the LDAP string, so basically no difference.

0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34895983
Copy and paste this over what you have, notice how "cnnectionString" is spelt wrong in your example above

<connectionStrings>  
<add name=”ADConnectionString” conectionString="LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local" />  
</connectionStrings> 

Open in new window

0
 

Author Comment

by:alex110109
ID: 34896072
Hi Brad

Sorry mate, it is still the same. See the latest error message with line 204 being red.

  203:   <connectionStrings>  
  204:     <add name=”ADConnectionString” connectionString="LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local" />  
  205:   </connectionStrings>
203:   <connectionStrings>  
  204:     <add name=”ADConnectionString” connectionString="LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local" />  
  205:   </connectionStrings>

Open in new window

0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34896094
Can you please send a screenshot of the error?
0
 

Author Comment

by:alex110109
ID: 34896106
Sure, here it is.
brad-error-msg2.png
0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34896183
Send me your web.config again please.  There is a typo somewhere in that file or you have spaces that shouldnt be there.  
0
 

Author Comment

by:alex110109
ID: 34896254
ok here is the current web.config file with the latest screenshot. Also the webconfig file is in the following path

C:\inetpub\wwwroot\wss\VirtualDirectories\80


brad-error-msg3.png
web.config
0
 
LVL 7

Assisted Solution

by:bradgcoza
bradgcoza earned 2000 total points
ID: 34896359
OK fixed it ... if you notice the " infront of LDAP and the one at the end are different.  I deleted them and added them again.  I also removed the spaces between the ,


web.config
0
 

Author Comment

by:alex110109
ID: 34896551
Bingo....it was the quotes....I had to change a few of them. Great work.
0
 

Author Closing Comment

by:alex110109
ID: 34896609
Great detective type work from brad!!
0
 
LVL 7

Expert Comment

by:bradgcoza
ID: 34896639
Thanks that one was getting to me a little I must admit
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The vision: A MegaMenu for a SharePoint portal home page The mission: Make it easy to maintain. Allow rich content and sub headers as well as standard links. Factor in frequent changes without involving developers or a lengthy Dev/Test/Prod rel…
A while back, I ran into a situation where I was trying to use the calculated columns feature in SharePoint 2013 to do some simple math using values in two lists. Between certain data types not being accessible, and also with trying to make a one to…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question