Forms Based Authentication picking up Roles but not Users?
Hi, I have been trying to setup Forms Based Authentication for a SharePoint 2007 Extranet using an SQL database, namely aspnetdb. The extranet site was added by extending an intranet site. After much toiling I have managed to get SharePoint to read information from the database but when I go to Add Users under Policy for Web Application in Central Administration it only allows me to select any of the Roles but is unable to find any Users by name. I have checked, and rechecked, settings in SharePoint as well as the connectionStrings and providers details in the web conig files for both Central Admin and the Extranet site and can find nothing fundamentally wrong. When I navigate to the extranet site in IE the SharePoint Sign In page appears but I cannot sign in using any credentials. If anyone has any comments, suggestions etc they would be gratefully received. Thanks in advance... Mikey
February 19th, 2010 6:23pm

Hi Lambert,Thanks for the reply, unfortunately I am still having trouble... I admit this is the first time I have attempted to implement Forms Based Authentication for an Extranet using an SQL database but it does seem reasonably straight forward once you've been through the material available on-line. I just don't seem to be able to get it to work, as mentioned in my original question I can get it to pick up any one, or any combination, of my Roles but actual User name are just not available.I have a nasty feeling it is going to be one little thing, a permission setting or a really small tweak that is going to be the culprit.So if I may I will try to lay out a more detailed list of the steps I have taken...(These steps have been followed using several sources from the internet.)In SharePoint I created a new application for an Intranet keeping the default Windows Authentication.For IIS this Intranet site was created with the default http://[Server]:[Port].I then extended this application to create my Extranet. As per the guides I set this to allow both Anonymous Access and to use Forms for authentication.The IIS was set up in the same way as the Intranet using just the default http://[Server]:[Port].I created the aspnetdb database using the aspnet_regsql application as suggested.The only issue I came up against with this was that the database was created in an SQL Server 2008 instance whereas all the SharePoint databases were in an SQL Server 2005 instance. I had to take a script of the 2008 database and use this to re-create the database in 2005, but it did work.I downloaded and installed the application for creating roles and users using the MembershipSeeder tool, as described on the MSDN page to which you provided the link.I was able to point this to the 2005 version of aspnetdb and I created 4 users and 3 roles and assigned the users successfully. So there is data in my membership database.I then went through several guides on how to 'tweak' the web config files, changing only those for Central Admin and the Extranet site.As mentioned there were several sites I used to guide me through this, the first of which was the one you have mentioned, I also used: well as several others...So having set the web.config files (I haven't included copies of the coding because at the moment they are the same as your examples) (I did change the roleManager defaultProvider to "AspNetWindowsTokenRoleProvider" for the Central Admin web.config file) I moved back to SharePoint.Just to clarify...I added the connectionStrings element between </SharePoint> and <system.web>.The membership and roleManager elements were added immediately below <system.web> (so the first element after roleManager was <securityPolicy>).I added the Membership and roleManager names to the Authentication Providers in SharePoint Central Admin under the Extranet zone of my Intranet (the Extranet does not appear when you go to select the Web Application).So having set everything up I go the Policy for Web Application in Central Admin in order to add the user who will become the administrator of the Extranet with full admin rights.I make sure I have the right Web App, ensure the zone is Extranet before moving on to Add Users.Here's the crunch...I can add any one, or any combination, of roles (currently "Admin", "Finance", and "IT") but actual users (using the UserPrefix from aspnetdb, but I have also tried using the UserPrefix together with the EmailSuffix; I have also tried [membershipProvider]:[username]) continually returns "No exact match was found."Could you just clarify... where the Version, Culture, and PublicKeyToken appear at the end of the membership and roleManager elements, are they for the SQL Server? I have tried a couple of combinations (I notice that the one you have used for the membership element is different to that used for your roleManager) but it doesn't seem to have any effect.I have even tried using the connectionStrings, membership and roleManager elements used in the config file of the MembershipSeeder app and again get the same results.I just cannot fathom what the problem can be, it's almost as though there's a crossed wire somewhere allowing me to add Roles when it should be allowing me to add Users.Again, any comments, suggestions, ideas would be gratefully received.Mike
Free Windows Admin Tool Kit Click here and download it now
February 22nd, 2010 2:47pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics