What is Farm based Authentication (FBA)?Form Based Authentication (FBA) provides your own authentication method using a web form. More and more companies are using FBA as a way of extending a site for non-Active Directory (AD) users.SharePoint standard installation uses as default AD to query the Domain Controller and to check user credentials through Windows Authentication. FBA uses a custom database created separate from AD to store user credentials. Authentication using FBA is executed by a SQL DB query. When FBA is used to extend SharePoint sites, external users (non AD users) have access to SharePoint.

Why would you allow access to external users? A practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors.

How to achieve FBA in SharePoint 2013?There are lot of guide are there in internet to explain farm based authentication in SharePoint 2013. But here I hope simple steps through which we can easily achieve the Farm Based Authentication in SharePoint 2013.

Below are the 13 simple steps to achieve FBA.

Step 1. Create aspnetdb using aspnet_regsql

Step 2. Assign SharePoint administrator as a db_owner in aspnetdb using SQL Management Studio

Step 3. Create connection string in IIS Global

Step 4. Add Providers in .Net Roles and .Net User .

Step 5. Do step 4 in SecurityTokenServiceApplication

Step 6. Create Web Application with claim based authentication

Step 7. Create Site Collection with windows authentication

Step 8. Modification in webConfig file in Web Application & Central Admin

Step 9. Change your web application to FBA

Step 10. Select your web application in IIS and add .net Users, if error change the default provider in .net Roles and .net Users.

Step 11. Add the .net user in IIS.

Step 12. Open the web application with windows authentication and share your site with FBA users.

Step 13. Now login with FBA account.

Step 1. Create aspnetdb using aspnet_regsql in Command Prompt

Open command prompt as run as administrator. Then move the directory to C:Windows\Microsoft.NET\Framework64\v4.0.30319 , Type aspnet_reqsql and click enter.

Then the following window will open. Follow the stpes one by one.

Then Click Finish. Now Database has been created in sql server

Step 2. Assign SharePoint administrator as a db_owner in aspnetdb using SQL Management Studio

Open Sql Server Management Studio and check for aspnetdb is available under database

We need to give access to farmadmin to access this database. Below are the steps to give dbowner rights to farmadmin.

Expand security in left panel, and the exaand Logins, check for farmadmin name in logins. If not add it. Else right click on the user name and open the Properties.

Proerties Pop up will open, in that select User Mapping and select the DB name in right Panel. In database roles membership select the tick mark for db_owner & click ok.

Now step 2 completed. The farm admin has access to aspnetdb.

Step 3. Create connection string in IIS Global

We need to add connection string in our SharePoint application to access the created DB

Open IIS in your server, and click o connection strings in home page.

Click add button at right side.

Below pop up will come for adding new connection string. Give Connections string name, sql server name, database name correctly as like below fig.

Step 4. Add Providers in .Net Roles and .Net User.

Now add roles and membership in providers. Click providers in home page.

Select .Net Roles in Features drop down and click add to add new roles.

Select SqlRoleProvider as the type, and give role name and make a note on that Role Name. because we need that name at a time of changing our web application to FBA.

Select the connection string the we going to use. And type”/” in application control to affect fab in Whole web application and click ok.

As like creating Roles Provider, we need to create the Membership provider. In provider Page Select .Net Users in Features. And click add link to add new membership provider.

Select SQL Membership Provider as the type & Give Membership Name. we need this name at a time of changing our web application to FBA.

Select Connection string & make true on RequiresUniqueEmail , StorepasswordInSercuredManner.

Step 5. Do step 4 in SecurityTokenServiceApplication

Select your SharePoint SecurityTokenServiceApplication under SharePoint Web Services. And create the Roles and Membership providers for this SecurityTokenServiceApplication as like in step 4.

Step 6. Create Web Application with claim based authentication

Create the new application with normal claim Based authentication as like below image. Don’t select Enable FAB .

Step 7. Create Site Collection with windows authentication

Create the site collection for create web application and give farmadmin as site collection administration.

Step 8. Modification in webConfig file in Web Application & Central Admin

Open wenconfig file of Central admin & Web application and Find the name “ PeoplePickerWildCards”. And change the Key name to our Membership Provider name that we created in IIS.

Step 9. Change your web application to FBA

Now Change your Web application in FAB by fllowing steps. Give the Membership provider name & Roles Provider name correctly in this step.

Step 10. Select your web application in IIS and add .net Users, if error change the default provider in .net Roles and .net Users.

Change the default provider as our membership provider and roles providers in .Nets Users & .Net Roles respectively.

Step 11. Add the .net user in IIS.

Now add new users to this member ship by click .Net Users and Click Add Users.

Step 12. Open the web application with windows authentication and share your site with FBA users.

Open web application with windows authentication(farmadmin account) and give site acces to FBA user that we created.

Step 13. Now login with FBA account.

Great, Now we can sign in with different user and we can open our site with Farm Authentication.