System TipThis article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled.
This article describes how to implement Forms-based
authentication for Microsoft Office SharePoint Server 2007 and Microsoft Windows
SharePoint Services 3.0 by using Microsoft SQL Server when SQL Server is installed on the
same computer.
To implement Forms-based authentication for Office
SharePoint Server 2007 and
Windows SharePoint Services 3.0 by using an instance
of SQL Server that is installed on the same computer, follow these steps:
Create an Aspnetdb database to use for storing membership
and role information. To do this, follow these steps:
At a command prompt, change to the .NET Framework
directory. Typically, the .NET Framework directory is located at
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727.
Create a database on the local SQL server. To do this,
type the following command, and then press ENTER:
Aspnet_regsql -A all –E
Note To create a database on a different server computer, use the
following command to determine the appropriate switch to use:
aspnet_regsql /?
If you are creating the SQL Server provider database for the first
time, you must also create one or more users and, optionally, one or more
roles. The users and roles are the security principals that you add to the
policy settings for the extranet Web programs and for the SharePoint Site Groups. There are
multiple ways to create security principals. Typically, a complete install of
Microsoft Visual Studio 2005 is used together with the ASP.NET 2.0
Administration tool to create users and roles. If you experience issues
with Visual Studio 2005, contact Microsoft Customer Support
Services.
Create a Windows SharePoint Web application, and enable
Windows authentication for the main Web site for internal users to access the
site.
Create another SharePoint Web application, extend the Web
application, and then map the new Web application to the main Web
site.
You must enable the Forms authentication type for the
extended Web application. To enable Forms-based authentication, you must
configure the Membership providers and the Role managers in the Web.config file
for the SharePoint central administration site and in the Web.config file for the
extended Web application. To do this, follow these steps:
In Notepad, open the Web.config file for the SharePoint central
administration site.
Note Typically the Web.config file is located under
C:\Inetpub\Wwwroot\Wss\VirtualDirectories.
Paste the following lines of code at the end of the
Web.config file under the </SharePoint> tag.
Note In the following command, replace the Database
Server Name placeholder with the database server name, and replace
the Database Name placeholder with the name of the
database.
<connectionStrings>
<add name="AspNetSqlProvider" connectionString="Data Source=< Database
Server Name >;Initial Catalog=< Database Name >;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
Copy and paste the following lines of code at the end
of the Web.config file under the <System.web> tags:
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add connectionStringName="AspNetSqlProvider" passwordAttemptWindow="10"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" description="Stores and retrieves membership data
from the Microsoft SQL Server database" name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
<providers>
<remove name="AspNetSqlRoleProvider" />
<add connectionStringName="AspNetSqlProvider" applicationName="/"
description="Stores and retrieves roles data from the local Microsoft SQL Server
database" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider,
System.Web, Version=2.0.3600.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
Save the Web.config file.
In Notepad, open the Web.config file for the extended Web
application.
Copy and paste the following lines of code at the end
of the Web.config file under the <System.web> tags:
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add connectionStringName="AspNetSqlProvider" passwordAttemptWindow="10"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" description="Stores and retrieves membership data
from the Microsoft SQL Server database" name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider">
<providers>
<remove name="AspNetSqlRoleProvider" />
<add connectionStringName="AspNetSqlProvider" applicationName="/"
description="Stores and retrieves roles data from the local Microsoft SQL Server
database" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider,
System.Web, Version=2.0.3600.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
Microsoft
provides programming examples for illustration only, without warranty either
expressed or implied. This includes, but is not limited to, the implied
warranties of merchantability or fitness for a particular purpose. This article
assumes that you are familiar with the programming language that is being
demonstrated and with the tools that are used to create and to debug
procedures. Microsoft support engineers can help explain the functionality of a
particular procedure. However, they will not modify these examples to provide
added functionality or construct procedures to meet your specific requirements.
Save the Web.config file.
Reset Internet Information Services (IIS). To do this,
click Start, click Run, type
iisreset, and then click OK.
On the SharePoint Central Administration Web page, click
Application Management.
Under
Application Security, click Authentication providers.
On the Authentication Providers page,
click the name of the Web application for which you want to enable Forms-based
authentication.
On the Edit Authentication page, click
Forms under Authentication Type.
In the Membership provider name box, type
AspNetSqlMembershipProvider.
In the Role manager name box, type
AspNetSqlRoleProvider, and then click
Save.
Restart the computer.
On the SharePoint Central Administration
Web page, click Application Management.
Under
Application Security, click Policy for Web application.
Click Add users.
On the Add Users page, make sure that the
Web application for which you want to enable forms-based authentication is
displayed in the Web Application box.
In the Zones list, click
Default, and then click Next.
In the Users box, enter the credentials
for one user whom you want to make the administrator of this Web application.
This user should be present in the database that was created in step 1. For
example, type Name of the membership
provider\username, or type
AspNetSqlMembershipProvider\username.
Under Permissions, select Full
control – Has full control, and then click Finish.
Back to the top
