If you need a super-short reference to get FBA authentication rolling in your SharePoint application, you’ll find it here.

This is a super short guide to a successful experience with Sharepoint 2013 FBA Pack.  For a fully detailed process please refer to Chris Coulson’s life saving article.

Our goal?

Provide FBA authentication in our SahrePoint application

What we need?

The SharePoint2013FBAPack zip file with the Activate.ps1, Deploy.ps1, UnDeploy.ps1and Visigo.Sharepoint.FormsBasedAuthentication.wsp files.

Our three simple steps?

  1. Create users database
  2. Install the Sharepoint 2013 FBA Pack
  3. Configure web application

1. Create users database

  1. Go to c:\windows\Microsoft.NET\Framework64\v4.0.30319\
  2. Run “aspnet_regsql.exe”
    1. Choose “Configure SQL Server for application services” -> click Next
  3. Now that you have created your users database, you must make sure that the the identity running you SharePoint application pool can access it.
    1. Where can you find this identity?  In IIS ->“Application Pools”. Check the value in the Identity column of you SharePoint application pool. Take a note, you’ll need it later.
      1. Open SQL server as an Administrator -> Go to Security/Logins -> Select the user that matches the identity identified earlier -> Right click -> Select Properties -> Check the “Map” box for the database created previously and check the “db_owner” role. -Now the db is ready!

2 . Install the Sharepoint 2013 FBA Pack

  1. If you haven’t download -the pack zip file do it now 🙂 and extract its content
  2. Open a Powershell and navigate to the pack extraction path.
  3. Run “Set-ExecutionPolicy Unrestricted” and “.\deploy [Site Collection URL]

3. Configure Web Application

Now that we have a membership database,  that our SharePoint pool identity can access it and that the FBA pack is installed, we need to configure the membership provider in the config files.

From the approaches described in Chris Coulson’s life saving article. I would recommend to avoid the approach that involves machine.config editing, because unless  you’re doing something very special you don’t really want to disseminate your apps specifics beyond its scope.

With this in mind, also make sure you always backup  your .config files before editing any “tiniest” change to avoid spending hours trying to resolve a character typo our encoding mistakes.

We are going to add the same changes to three different config files. You can find each of these by navigate through IIS -> right click the application -> Explore -> Double click the “web.config” file :

  • SharePoint Central Administration
  • SecurityTokenServiceApplication
  • Your SharePoint application web application
  1. In the <ConnectionString> section add the following line, make sure that [SERVER NAME] matches the fully-qualified name of your db server:
    <add connectionString="Server=[SERVER NAME];Database=aspnetdb;Integrated Security=true" name="[CONNECTION STRING NAME]" />
  2. In the <membership><providers> section add the following and make sure that [CONNECTION STRING NAME]  matches the value of the previous step:
    <add name="[MEMBERSHIP PROVIDER NAME]"
     type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
     connectionStringName="[CONNECTION STRING NAME]"
     enablePasswordRetrieval="false"
     enablePasswordReset="true"
     requiresQuestionAndAnswer="false"
     applicationName="/"
     requiresUniqueEmail="true"
     passwordFormat="Hashed"
     maxInvalidPasswordAttempts="5"
     minRequiredPasswordLength="7"
     minRequiredNonalphanumericCharacters="1"
     passwordAttemptWindow="10"
     passwordStrengthRegularExpression="" />
  3. In the <roleManager><providers> section add and make sure that [MEMBERSHIP PROVIDER NAME] and [CONNECTION STRING PROVIDER NAME] match the values of the previous steps.:
    <add name="[MEMBERSHIP PROVIDER NAME]" connectionStringName="[CONNECTION STRING NAME]" applicationName="/"
     type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

Now  you’ll be able to add the Membership Provider to your web application when enabling the Forms Based Authentication.

Ok, so… this might not be super-short, but it is short enough. Just be extra careful when editing the config files and you won’t have to worry about anything else.

 

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here