what is farm based authentication (fba)? · web viewa practical reason for extending a sharepoint...
TRANSCRIPT
![Page 1: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/1.jpg)
What is Farm based Authentication (FBA)?Form Based Authentication (FBA) provides your own authentication method using a web form. More and more companies are using FBA as a way of extending a site for non-Active Directory (AD) users.SharePoint standard installation uses as default AD to query the Domain Controller and to check user credentials through Windows Authentication. FBA uses a custom database created separate from AD to store user credentials. Authentication using FBA is executed by a SQL DB query. When FBA is used to extend SharePoint sites, external users (non AD users) have access to SharePoint.
Why would you allow access to external users? A practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors.
How to achieve FBA in SharePoint 2013?There are lot of guide are there in internet to explain farm based authentication in SharePoint 2013. But here I hope simple steps through which we can easily achieve the Farm Based Authentication in SharePoint 2013.
Below are the 13 simple steps to achieve FBA.
Step 1. Create aspnetdb using aspnet_regsql
Step 2. Assign SharePoint administrator as a db_owner in aspnetdb using SQL Management Studio
Step 3. Create connection string in IIS Global
Step 4. Add Providers in .Net Roles and .Net User .
Step 5. Do step 4 in SecurityTokenServiceApplication
Step 6. Create Web Application with claim based authentication
Step 7. Create Site Collection with windows authentication
Step 8. Modification in webConfig file in Web Application & Central Admin
Step 9. Change your web application to FBA
Step 10. Select your web application in IIS and add .net Users, if error change the default provider in .net Roles and .net Users.
Step 11. Add the .net user in IIS.
Step 12. Open the web application with windows authentication and share your site with FBA users.
Step 13. Now login with FBA account.
Step 1. Create aspnetdb using aspnet_regsql in Command Prompt
Open command prompt as run as administrator. Then move the directory to C:Windows\Microsoft.NET\Framework64\v4.0.30319 , Type aspnet_reqsql and click enter.
![Page 2: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/2.jpg)
Then the following window will open. Follow the stpes one by one.
![Page 3: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/3.jpg)
![Page 4: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/4.jpg)
Then Click Finish. Now Database has been created in sql server
Step 2. Assign SharePoint administrator as a db_owner in aspnetdb using SQL Management Studio
Open Sql Server Management Studio and check for aspnetdb is available under database
We need to give access to farmadmin to access this database. Below are the steps to give dbowner rights to farmadmin.
Expand security in left panel, and the exaand Logins, check for farmadmin name in logins. If not add it. Else right click on the user name and open the Properties.
![Page 5: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/5.jpg)
Proerties Pop up will open, in that select User Mapping and select the DB name in right Panel. In database roles membership select the tick mark for db_owner & click ok.
![Page 6: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/6.jpg)
Now step 2 completed. The farm admin has access to aspnetdb.
Step 3. Create connection string in IIS Global
We need to add connection string in our SharePoint application to access the created DB
Open IIS in your server, and click o connection strings in home page.
Click add button at right side.
Below pop up will come for adding new connection string. Give Connections string name, sql server name, database name correctly as like below fig.
![Page 7: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/7.jpg)
Step 4. Add Providers in .Net Roles and .Net User.
Now add roles and membership in providers. Click providers in home page.
![Page 8: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/8.jpg)
Select .Net Roles in Features drop down and click add to add new roles.
Select SqlRoleProvider as the type, and give role name and make a note on that Role Name. because we need that name at a time of changing our web application to FBA.
Select the connection string the we going to use. And type”/” in application control to affect fab in Whole web application and click ok.
![Page 9: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/9.jpg)
As like creating Roles Provider, we need to create the Membership provider. In provider Page Select .Net Users in Features. And click add link to add new membership provider.
Select SQL Membership Provider as the type & Give Membership Name. we need this name at a time of changing our web application to FBA.
Select Connection string & make true on RequiresUniqueEmail , StorepasswordInSercuredManner.
![Page 10: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/10.jpg)
Step 5. Do step 4 in SecurityTokenServiceApplication
Select your SharePoint SecurityTokenServiceApplication under SharePoint Web Services. And create the Roles and Membership providers for this SecurityTokenServiceApplication as like in step 4.
![Page 11: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/11.jpg)
![Page 12: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/12.jpg)
Step 6. Create Web Application with claim based authentication
Create the new application with normal claim Based authentication as like below image. Don’t select Enable FAB .
![Page 13: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/13.jpg)
Step 7. Create Site Collection with windows authentication
Create the site collection for create web application and give farmadmin as site collection administration.
![Page 14: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/14.jpg)
Step 8. Modification in webConfig file in Web Application & Central Admin
Open wenconfig file of Central admin & Web application and Find the name “ PeoplePickerWildCards”. And change the Key name to our Membership Provider name that we created in IIS.
Step 9. Change your web application to FBA
Now Change your Web application in FAB by fllowing steps. Give the Membership provider name & Roles Provider name correctly in this step.
![Page 15: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/15.jpg)
![Page 16: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/16.jpg)
Step 10. Select your web application in IIS and add .net Users, if error change the default provider in .net Roles and .net Users.
Change the default provider as our membership provider and roles providers in .Nets Users & .Net Roles respectively.
![Page 17: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/17.jpg)
Step 11. Add the .net user in IIS.
Now add new users to this member ship by click .Net Users and Click Add Users.
![Page 18: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/18.jpg)
![Page 19: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/19.jpg)
Step 12. Open the web application with windows authentication and share your site with FBA users.
Open web application with windows authentication(farmadmin account) and give site acces to FBA user that we created.
![Page 20: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/20.jpg)
Step 13. Now login with FBA account.
Great, Now we can sign in with different user and we can open our site with Farm Authentication.
![Page 21: What is Farm based Authentication (FBA)? · Web viewA practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors. How](https://reader033.vdocuments.us/reader033/viewer/2022043006/5f911daa34ccdc62e64a82c1/html5/thumbnails/21.jpg)