This post is the First part about this subject.
How to create an application to use FBA and Anonymous access:
Step 1) Creating the Web Application
1) From SharePoint 2013 Central Administration access the “Manage web applications” menu, under “Application Management” section;
2) 
3) Create a new web application:
4) 
5) Fill the necessary fields:
6) Create a new site collection:
7) 
8) 
9) 
10) 
11) After created the site collection, access the application. You will receive the screen like below to choose between “Windows Authentication” and “Form Authentication”. For the very first time, choose “Windows Authentication” just to check if everything is working well:
12) 
13) Check if the logged user is the correct one that you have used. In my case was RBTSHPSR01:
14) 
15) Configure the Site Collection to work with Anonymous Access. So, access the “Well Menu” and click on “Site Settings”:
16) 
17) Click on “Site permissions”:
18) 
19) Click on “Anonymous Access”:
20) 
21) Grant the “Entire web site” access type and confirm on the “OK” button:
22) 
23) The result will be like this:
24) 
25) Perform a “Sign Out”on the web site:
26) 
27) Access the application again and validate that the “Sign In” option is available:
28) 
Step 2) Creating the SQL Server Database for FBA users
1) Fire up the application “aspnet_regsql.exe”, through “Start” button, “Run” : C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe
2) On the “ASP.NET SQL Server Setup Wizard” application, click on “Next” button;
3) 
4) On the “ASP.NET SQL Server Setup Wizard” application, choose the first option “Configure SQL Server for application services” and click “Next” button:
5) 
6) Fill the field “Server” with the instance name of your SQL Server. In my scenario “LABSQL2K12”;
7) Fill the field “Database” with the desired name for the database used for authenticate the users of FBA. In my scenario the name chosen was “DBSPS_FBA_AUTH”;
8) Click on “Next” button:
9) 
Note: The user that will run this command must to have “dbcreator” and “securityadmin” SQL Server Role on the SQL Server instance. In our scenario, the user was RBTSHPSR01
10) Confirm Your Settings, and click on “Next” button:
11) 
12) Confirm if the database was created and click on “Finish” button:
13) 
14) Open the IIS Manager and check the user accounts for:
a) “SharePoint – fba.mabota.local” (in our scenario: RBTSHPSR03)
b) “SecurityTokenServiceApplicationPool” (in our scenario: RBTSHPSR02)
15) Go to the SQL Server machine and give the appropriated permissions for these users and click on the “OK” button to confirm for each one;
16) Be sure to select the correct database to set up the permissions on the Server Mappings for the users. In our scenario the database name was “DBSPS_FBA_AUTH”:
17) 
18) 
Step 3) Preparing the web.config files
1) Access the web site http://blogs.technet.com/b/speschka/archive/2012/07/28/fba-configuration-manager-for-sharepoint-2013.aspx and download the “FBAConfigMgr.zip” file;
2) Unzip the file on drive “C:”;
3) Access the unzipped folder for C:\FBAConfigMgr;
4) Add and Install the WSP as described on the .TXT file inside of this folder. for this type the commands below in a SharePoint Powershell prompt as administrator:
add-spsolution -LiteralPath “C:\FBAConfigMgr\FBAConfigFeature.wsp”
install-spsolution -Identity fbaconfigfeature.wsp -GACDeployment
5) Fire up the application: “FBAConfigMgr.exe” as administrator;
6) 
7) Fill the field “Web Application Url”. In our scenario: “http://fba.mabotega.local”
8) Choose the “SQL Connection String” in the “Sample Configuration” combobox;
9) Adjust the “Connection String (only for SQL or a custom provider)”. In our scenario: “FBAConnectionString”, “LABSQL2K12” and “DBSPS_FBA_AUTH” like the sample bellow:
10) 
11) Choose the “People Picker Wildcard” in the “Sample Configuration” combobox;
12) Now, adjust the name for “FBAMemberShip” on the “People Picker Wildcard” field;
Note: Use the same name used to create the Web Application on the step 5, field “ASP.NET MemberShip provider name”;
13) 
14) Choose the “SQL Member” in the “Sample Configuration” combobox;
15) Now, adjust the name for “Membership Provider” on the “Membership Provider” field;
Note: Use the same name used to create the Web Application on the step 5, field “ASP.NET MemberShip provider name” of the section 1;
16) Choose the “SQL Role” in the “Sample Configuration” combobox;
17) Now, adjust the name for the connectionStringName to “FBAConnectionString” as djusted on the step 8 of this section and adjust the name of Role Provider as “FBARoleManager”
Note: Use the same name for the provider used to create the Web Application on the step 5, field “ ASP.NET Role manager name” of the section 1;
18) 
19) Click on the “Apply Config” button. Then SharePoint will create a TimerJob to set up this configuration on the web.config file for this web application;
20) 
21) Wait some minutes to the “Update Complete” screen, and click “OK” button:
22) 
23) Open IIS Manager and Explore to the path of the Web Application fba.mabotega.local, Central Administration and SecurityTokenServices;
24) Open the web.config file and search for the “FBAConnectionString”, “People Picker”, “FBAMemberShip” and “FBARoleManager”. If you got all of them, everything was configured right;
Part 2 – Managing Users
Download link: http://sharepoint2013fba.codeplex.com/releases/view/100792
Download file: 
Reference Link: http://sharepoint2013fba.codeplex.com/documentation
Install (or upgrade) the SharePoint 2013 FBA Pack
- Download and unzip Sharepoint2013FBAPack.X.X.X.zip to the SharePoint server on the link above.
- Open the SharePoint PowerShell as administrator and navigate to the folder the files were unzipped to.
- Run the following command:
-
.\deploy [Site Collection URL]
e.g. .\deploy http://fba.mabotega.local/
- The FBA Pack will be deployed to SharePoint and activated on the specified site collection. If the site collection url is omitted, you will need to manually activate the ‘Forms Based Authentication Management’ feature in each site collection you wish to use it.
Notes:
Ensure that the SharePoint 2013 Administration service is running prior to running the deployment scripts, or the deployment will fail.
Depending on your PowerShell security settings, it may prevent you from running the deployment scripts because they are not signed. To change the setting to allow unsigned scripts to run, run the following command:Set-ExecutionPolicy Unrestricted
Visual Steps:
1)
2)
3)
4)
5)
6)
7)
8)
Configure the FBA Pack
The configuration and management pages can be opened from the Site Settings page:
Select ‘FBA Site Configuration’ to open the configuration page:
Enable Roles: Allows users to be assigned Membership Roles instead of SharePoint Groups on the User Management page.
Review Membership Requests: Specifies whether new users requests should be automatically granted, or reviewed by an administrator.
Membership Review Site URLs: URLs for pages that can be used in the email templates.
Membership Email: The XSLT email templates to use.Note that these items can only been seen and used by the site collection administrators.
Managing Users
Users can be created, deleted and edited and their passwords reset from the FBA User Management page:
Adding the FBA Users inside one SharePoint Group
Users can be added to one SharePoint group from the People and group page:
Next steps, coming soon….
To uninstall run:
.\undeploy [Site Collection URL]
e.g. .\undeploy http://fba.mabotega.local/
No comments:
Post a Comment