[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1516
  • Last Modified:

configuring sharepoint to use form based authentication

Hi there

We are thinking of implementing Sharepoint 3.0 for some testing purposes.

Its all setup on a Windows 2008 R2 64 bit, its also a DC. WSS 3.0 with SP2 installed and it is running fine.

However, we need the authentication to be forms based, just like OWA.

By default the authentication is through a pop up which is Windows based GUI where you type in your username and password.

I have looked up and there are instructions in MS documentation to do that and what I have to do is change the authentication settings under sharepoint settings and change the authentication type to form based authentication.

The guys who knows about this will know what I am talking about.

I have to select forms based authentication but then also provide the name of the authentication provider or something. This is where I am stuck.

http://technet.microsoft.com/en-us/library/cc288043(office.12).aspx

Can someone help me as to what I should be putting in and if I need to configure the web.config file as mentione? If so, where exactly is the file?

Is there anything else I will need to do?
0
alex110109
Asked:
alex110109
  • 11
  • 9
  • 2
2 Solutions
 
skipper68Application Development ManagerCommented:
I believe this can be set to anything but will be required to be changed/match when you modify your web.config file.

Make sure to take a backup copy first before editing
By default, Internet Information Services (IIS) stores these files under
C:\inetpub\wwwroot\wss\VirtualDirectories\<Web Site Directory>

The root of this directory will include the web.config file which you will now edit in your editor of choice ( i.e. notepad if nothing else ) and insert the following entry just after your <system.web> node.

<membership defaultProvider="MyMembershipProviderName">
  <providers>
    <add
    name="MyMembershipProviderName"
    type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C"
    server="<servernamehostingMyMembershipProviderName>"
    port="60000"
    useSSL="false"
    userDNAttribute="distinguishedName"
    userNameAttribute="cn"
    userContainer= "CN=Users,CN=xxxxxx,DC=xxxxxx,DC=COM"
    userObjectClass="user"
    userFilter="(ObjectClass=user)"
    scope="Subtree"
    otherRequiredUserAttributes="sn,givenname,cn" />
  </providers>
</membership>
You will also need to add the below code for your People Picker to correctly pick up your AD LDS users.  
<PeoplePickerWildcards>
  <clear />
  <add key="AspNetSqlMembershipProvider" value="%" />
  <add key="MyMembershipProviderName" value="*" />
</PeoplePickerWildcards>

Save your web.config file and then run IISRESET to ensure all new settings have been applied.

If this doesn't work, revert the web.config to the copy you made.

0
 
bradgcozaCommented:
I wrote a blog that might be of assitance

http://www.bradg.co.za/?p=18
0
 
alex110109Author Commented:
Hi Skipper

thanks for the code for web.config file.

But what about the authentication provider name that I need to specify under share point configuration?
0
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

 
skipper68Application Development ManagerCommented:
The name I believe can be anything.  As long as it matches what's in the web.config.
0
 
alex110109Author Commented:
Brad and Skipper

Both your solutions don't work unfortunately, the problem is with the code.

Brad, your code first. Here is the snapshot of the error message.

Also, I am not sure exactly where should I put the code in the web.config file.

I have attached my default web.config file. Let me know what needs to change.

Skipper, I will post the error with your code next.

     brad error msg
0
 
alex110109Author Commented:
here is the web.config file which is default one
web---Copy.config
0
 
bradgcozaCommented:
Hi,

The error you are receiving because of my code is becuase you added the <ConnectionStrings> after <system.web> and not after </system.web>

Please try again and let me know.
0
 
alex110109Author Commented:
Hi brad

I am still not sure exactly where you want me to put your code, but this time, I put it between
</system.web> and </location> . The error has still remained the same.


Detailed Error Information section (just the part which is the error)
================================
Config Error:The configuration section 'connectionStrings' cannot be read because it is missing a section declaration  
=================================

==============
Config Source
==============
57:   <system.web>
58:      <connectionStrings>
59:      <add name=”ADConnectionString” connectionString=LDAP://win2k8r2demo.mydomainname.local/, CN=Users, DC=mydomainname, DC=local />

Please note that the the line 58 is marked in red so that's probably the problem or its location within the config file. See the file attached which has the code as I mentioned.

I honestly can't figure this out, I have attached my original web.config file here. Do you mind inserting your code and saving it back here. I will change the values to reflect my domain etc.
web---Copy.config
0
 
bradgcozaCommented:
Simply add the following code to the very end of teh web.config before </configuration>

<connectionStrings>
<add name=”ADConnectionString” connectionString=LDAP://domaincontroller.domain.com/OU=Managed Structure,DC=domain,DC=com />
</connectionStrings>
<system.web>
<membership defaultProvider=”ADAuth”>
<providers>
<add name=”ADAuth” connectionStringName=”ADConnectionString” connectionUsername=”domain\ssoservice” connectionPassword=”P@ssw0rd” attributeMapUsername=”UserPrincipalName” type=”System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a” />
</providers>
</membership>
</system.web>

Open in new window


You need to add this code to the Central Admin site web.config as well in the same way.  I have attached the file.  Dont forget to change connection username and connection password
web.config
0
 
alex110109Author Commented:
Hi Brad

I think we are making progress. However, now the config error is "configuration file is not well-formed xml" and below is the detailed config source which it points to. THe line 204 is in red.

203:   <connectionStrings>  
204:     <add name=”ADConnectionString” cnnectionString=LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local />  
205:   </connectionStrings>

Obviously, I am not the expert here but is the LDAP path supposed to be in that format?
Let me know if something else is wrong.
0
 
bradgcozaCommented:
add " before and after your connection string

"LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local"

Open in new window

0
 
alex110109Author Commented:
Sorry mate, now it is coming up with exact same message with the quotes before and after the LDAP string, so basically no difference.

0
 
bradgcozaCommented:
Copy and paste this over what you have, notice how "cnnectionString" is spelt wrong in your example above

<connectionStrings>  
<add name=”ADConnectionString” conectionString="LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local" />  
</connectionStrings> 

Open in new window

0
 
alex110109Author Commented:
Hi Brad

Sorry mate, it is still the same. See the latest error message with line 204 being red.

  203:   <connectionStrings>  
  204:     <add name=”ADConnectionString” connectionString="LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local" />  
  205:   </connectionStrings>
203:   <connectionStrings>  
  204:     <add name=”ADConnectionString” connectionString="LDAP://win2k8r2demo.cloudit.local/OU=Users,DC=cloudit,DC=local" />  
  205:   </connectionStrings>

Open in new window

0
 
bradgcozaCommented:
Can you please send a screenshot of the error?
0
 
alex110109Author Commented:
Sure, here it is.
brad-error-msg2.png
0
 
bradgcozaCommented:
Send me your web.config again please.  There is a typo somewhere in that file or you have spaces that shouldnt be there.  
0
 
alex110109Author Commented:
ok here is the current web.config file with the latest screenshot. Also the webconfig file is in the following path

C:\inetpub\wwwroot\wss\VirtualDirectories\80


brad-error-msg3.png
web.config
0
 
bradgcozaCommented:
OK fixed it ... if you notice the " infront of LDAP and the one at the end are different.  I deleted them and added them again.  I also removed the spaces between the ,


web.config
0
 
alex110109Author Commented:
Bingo....it was the quotes....I had to change a few of them. Great work.
0
 
alex110109Author Commented:
Great detective type work from brad!!
0
 
bradgcozaCommented:
Thanks that one was getting to me a little I must admit
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 11
  • 9
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now