Forms Based Authentication in SharePoint site
Written By: Manoj V -- 7/26/2011 --
(1752) comments --
Categories: Configurations, Infrastructure, MOSS 2007, Permission Management, System Administration, WSS3
< Prev -
- Next >
| Become a paid author
There are situations when we need to provide access to a SharePoint site for users
that are external to our domain. They could be clients, partners or vendors.
We do not want to add these users to our Active Directory, so NTLM
authentication is not an option, but still we need to somehow provide them access to certain areas on our SharePoint site.
There are scenarios when
we do not want these users to virtually know the existence of each other and these are mostly extranet scenarios. In such situations, users should ideally get a sign-in page
where they will have to provide their credentials to get access to the SharePoint site.
The solution is to store the users outside our Active Directory (AD) domain.
There are mainly two methods to meet this requirement; store users in Active
Directory Application Mode (ADAM for MOSS 2007) and Active Directory Lightweight
Directory Services (AD LDS for SharePoint 2010) or in a SQL Server
database. Fortunately MOSS 2007 supports authentication providers other than AD. This method of authentication is named Forms Based Authentication or FBA.
FBA can be
configured on a standalone web application or on an extended web application.
The method we choose depends on the scenario. ADAM is a light weight LDAP directory that offers
basic LDAP functions with a subset of Active Directory functionality. ADAM is part of Windows Server 2003 installation and it runs as a non-operating system service.
For the purposes of this tip we will assume that we have a web application and we would extend it using FBA and provide access on certain sites to our partner
by creating user accounts on the ADAM directory.
1. Installing and configuring ADAM
I have provided detailed steps for creating and configuring ADAM instance in my previous tip which is available here.
< Prev -
- Next >