Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

KBAlertz.com: How to implement Forms-based authentication for Office SharePoint Server 2007 by using SQL Server

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]

Search KbAlertz

Advanced Search

Webmasters
Put kbAlertz on your website.
[ Click Here for more! ]





ASP.NET 3.5 Web Hosting with Windows 2008 and SQL 2008: Click Here!
Discount ASP.NET Hosting
ASP.NET 2.0 and 3.5
Windows2008 and SQL2008
US and UK Hosting
KBAlertz referrals get
** SIX MONTHS FREE **

Community Site


We Send hundreds of thousands of emails using ASP.NET Email

ASP.NET 3.5 Web Hosting with Windows 2008 and SQL 2008: Click Here!
Discount ASP.NET Hosting
ASP.NET 2.0 and 3.5
Windows2008 and SQL2008
US and UK Hosting
KBAlertz referrals get
** SIX MONTHS FREE **



Mentioned In







Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks



Article ID: 952170 - Last Review: June 25, 2008 - Revision: 2.3

How to implement Forms-based authentication for Office SharePoint Server 2007 and Windows SharePoint Services 3.0 by using SQL Server

View products that this article applies to.

INTRODUCTION

This article describes how to implement Forms-based authentication for Microsoft Office SharePoint Server 2007 and Microsoft Windows SharePoint Services 3.0 by using Microsoft SQL Server when SQL Server is installed on the same computer.
Back to the top

MORE INFORMATION

To implement Forms-based authentication for Office SharePoint Server 2007 and Windows SharePoint Services 3.0 by using an instance of SQL Server that is installed on the same computer, follow these steps:
  1. Create an Aspnetdb database to use for storing membership and role information. To do this, follow these steps:
    1. At a command prompt, change to the .NET Framework directory. Typically, the .NET Framework directory is located at C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727.
    2. Create a database on the local SQL server. To do this, type the following command, and then press ENTER:
      Aspnet_regsql -A all –E
      Note To create a database on a different server computer, use the following command to determine the appropriate switch to use:
      aspnet_regsql /?
      If you are creating the SQL Server provider database for the first time, you must also create one or more users and, optionally, one or more roles. The users and roles are the security principals that you add to the policy settings for the extranet Web programs and for the SharePoint Site Groups. There are multiple ways to create security principals. Typically, a complete install of Microsoft Visual Studio 2005 is used together with the ASP.NET 2.0 Administration tool to create users and roles. If you experience issues with Visual Studio 2005, contact Microsoft Customer Support Services.
  2. Create a Windows SharePoint Web application, and enable Windows authentication for the main Web site for internal users to access the site.
  3. Create another SharePoint Web application, extend the Web application, and then map the new Web application to the main Web site.
  4. You must enable the Forms authentication type for the extended Web application. To enable Forms-based authentication, you must configure the Membership providers and the Role managers in the Web.config file for the SharePoint central administration site and in the Web.config file for the extended Web application. To do this, follow these steps:
    1. In Notepad, open the Web.config file for the SharePoint central administration site.

      Note Typically the Web.config file is located under C:\Inetpub\Wwwroot\Wss\VirtualDirectories.
    2. Paste the following lines of code at the end of the Web.config file under the </SharePoint> tag.

      Note In the following command, replace the Database Server Name placeholder with the database server name, and replace the Database Name placeholder with the name of the database.
      <connectionStrings>
<add name="AspNetSqlProvider" connectionString="Data Source=< Database 
Server Name >;Initial Catalog=< Database Name >;Integrated Security=True" 
providerName="System.Data.SqlClient" />
</connectionStrings>
    3. Copy and paste the following lines of code at the end of the Web.config file under the <System.web> tags: 
      <membership defaultProvider="AspNetSqlMembershipProvider">

<providers>

<remove name="AspNetSqlMembershipProvider" />

<add connectionStringName="AspNetSqlProvider" passwordAttemptWindow="10" 
enablePasswordRetrieval="false" enablePasswordReset="true" 
requiresQuestionAndAnswer="true" applicationName="http://support.microsoft.com" requiresUniqueEmail="false" 
passwordFormat="Hashed" description="Stores and retrieves membership data 
from the Microsoft SQL Server database" name="AspNetSqlMembershipProvider" 
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0, 

Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</membership>



<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">

<providers>

<remove name="AspNetSqlRoleProvider" />

<add connectionStringName="AspNetSqlProvider" applicationName="http://support.microsoft.com" 
description="Stores and retrieves roles data from the local Microsoft SQL Server 

database" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, 
System.Web, Version=2.0.3600.0, Culture=neutral, 
PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</roleManager>
    4. Save the Web.config file.
    5. In Notepad, open the Web.config file for the extended Web application.
    6. Copy and paste the following lines of code at the end of the Web.config file under the <System.web> tags: 
      <membership defaultProvider="AspNetSqlMembershipProvider">

<providers>

<remove name="AspNetSqlMembershipProvider" />

<add connectionStringName="AspNetSqlProvider" passwordAttemptWindow="10" 
enablePasswordRetrieval="false" enablePasswordReset="true" 
requiresQuestionAndAnswer="true" applicationName="http://support.microsoft.com" requiresUniqueEmail="false" 
passwordFormat="Hashed" description="Stores and retrieves membership data 
from the Microsoft SQL Server database" name="AspNetSqlMembershipProvider" 
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0, 

Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</membership>



<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider">

<providers>

<remove name="AspNetSqlRoleProvider" />

<add connectionStringName="AspNetSqlProvider" applicationName="http://support.microsoft.com" 
description="Stores and retrieves roles data from the local Microsoft SQL Server 

database" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, 
System.Web, Version=2.0.3600.0, Culture=neutral, 
PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</roleManager>
      Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure. However, they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.
    7. Save the Web.config file.
  5. Reset Internet Information Services (IIS). To do this, click Start, click Run, type iisreset, and then click OK.
  6. On the SharePoint Central Administration Web page, click Application Management.
  7. Under Application Security, click Authentication providers.
  8. On the Authentication Providers page, click the name of the Web application for which you want to enable Forms-based authentication.
  9. On the Edit Authentication page, click Forms under Authentication Type.
  10. In the Membership provider name box, type AspNetSqlMembershipProvider.
  11. In the Role manager name box, type AspNetSqlRoleProvider, and then click Save.
  12. Restart the computer.
  13. On the SharePoint Central Administration Web page, click Application Management.
  14. Under Application Security, click Policy for Web application.
  15. Click Add users.
  16. On the Add Users page, make sure that the Web application for which you want to enable forms-based authentication is displayed in the Web Application box.
  17. In the Zones list, click Default, and then click Next.
  18. In the Users box, enter the credentials for one user whom you want to make the administrator of this Web application. This user should be present in the database that was created in step 1. For example, type Name of the membership provider\username, or type AspNetSqlMembershipProvider\username.
  19. Under Permissions, select Full control – Has full control, and then click Finish.
Back to the top

REFERENCES

For more information about forms authentication in SharePoint products and technologies, visit the following Microsoft Web sites.

Introduction (Part 1)
http://msdn2.microsoft.com/en-us/library/bb975136.aspx (http://msdn2.microsoft.com/en-us/library/bb975136.aspx)
Membership and Role Provider Samples (Part 2)
http://msdn2.microsoft.com/en-us/library/bb975135.aspx (http://msdn2.microsoft.com/en-us/library/bb975135.aspx)
Forms Authentication vs. Windows Authentication (Part 3)
http://msdn2.microsoft.com/en-us/library/bb977430.aspx (http://msdn2.microsoft.com/en-us/library/bb977430.aspx)
Back to the top
APPLIES TO
  • Microsoft Office SharePoint Server 2007
  • Microsoft Windows SharePoint Services 3.0
Back to the top
Keywords: 
kbinfo kbcode kbexpertiseadvanced kbhowto KB952170
Back to the top
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Be the first to leave feedback, to help others about this knowledge base article.

(Optional) Name
(Optional) Public URL Or Email
Comments
No HTML -- Text Only Please

 



Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting