Monday, October 8, 2012

Sharepoint 2010 FBA configuration

Dear Friends,

           This blog is regarding configuring Form Based Authentication for Sharepoint Server 2010/Sharepoint foundation 2010. There was requirement to have FBA on another server(remote server) on different server location than Sharepoint Server 2010. We can enable FBA for Sharepoint application having Asp.net Membership database and it is not necessary to have Sql FBA database to be on same server as Sharepoint Server 2010 or Sharepoint Foundation 2010.

            We need to have Application Pool for that application having Identity of Network Service. Let walk through complete process of activating FBA for an application. There are many excellent resources available for the same. This is just an improvement and attempt to minimize the steps for configuring FBA with ease, secure way and easily achievable and more importantly if there is need to have FBA DB that is on cross domain and not on the same server as your Sharepoint Server or Sharepoint foundation 2010.

Highly recommend: Please take one notepad file and note all things which we will define as DB Server, DB User, Connection string name, Membership name, Membership provider

STEP 1: Configure FBA DB in Sql Server for Membership 
  


           Copy and paste below highlighted path on your My Computer:
     
       C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
       
       This will open wizard which allows you to configure your DB settings





                         Press Finish. 

 After finishing setup wizard. Open Sql Server Management Studio 2008 & verify that DB FBASppc DB has been created or not. Once the database is created,   we’re going to create and add a SQL user, rather than use integrated authentication. If your SQL instance is not already running in mixed-mode, you can change it through Server properties in SQL Server Management Studio.

Select Security, Right click Add New >> Login





  Now, map the new Sql User with our DB
 Select Database, Expand FBAsppc database >> Right Click Security >> Add >>
 User Enter same username ("Fbasp") which we entered at Security new login and for Login name enter name which we entered at security new login.

                      
                         

                              
Assign db_owner roles and rights to the user for Sql Login.




We created a SQL user called Fbasp. We added Fbasp to ASPNetFormsAuth database naming FBASppc and gave them the db_owner role. We’re done with SQL part.
  
STEP 2: Configuring Sharepoint Central Admin web site to use  Sql Membership for FBA



          Open IIS>> Start >> Run>> inetmgr >>
          We need to add new connection string and role provider



          Connection String configuration

  1.  Open the Connection Strings Page.  Under Actions menu on the right, select  Add… to create a new connection string.  Provide the details for the membership database for the new connection string. 


    1.  Go back to the Web Application page and open up Providers page.  Here we will  create a provider for Roles and Users.  Set feature to .NET Roles and click Add… in the Actions pane to add a new role provider. Please provide Application name which enables provider to authenticate user of that application.
    2.  Add Membership Provider
      Add .Net Users using Sql Membership Provider. We are naming
      RoleProvider:  FbaspRoleprovider
      Membership Provider: FbaMembershipprovider
      Please note the names of Conneciton string, RoleProvider, Membership Provider
 Please note to give proper connection string, proper types while configuring the settings.
The above configuration will modify the Central Admin web.config. We can confirm by explore Central Admin in IIS.