locked
External authentication with Sharepoint 2007 RRS feed

  • Question

  • Current challange with our Sharepoint 2007 site which is published via ISA/TMG to the internet is in the form of how the user authentication dialog box comes up. The internet visitors have to use the username in the format of 'DOMAIN\username' which is causing a lot of issues. Is there no way to have it just have 'username'? The Active Directory for he external facing Sharepoint 2007 farm is seperate from the internal Active Directory Infrastructure.

    The authentication method cannot be controled on the client computers as these will be outside the administrative control of our IT Department. The site will be part of a public service through a self sign-up portal. The only concern is that there does not seem to be a way to have the authentication switched to 'username' only instead of 'DOMAIN\username' or 'username@domain'.

    I am close of 'testing' this by change the respective IIS authentication to basic but this will most likly break everything or the site.

    Monday, March 14, 2011 9:39 AM

Answers

  • Yes ,

    You can enable FBA on that site and using FBA users will be able to log in to the site with just UserName.

    These two links help you to configure FBA

    http://www.simple-talk.com/dotnet/windows-forms/configuring-forms-authentication-in-sharepoint-2007/

    http://technet.microsoft.com/en-us/library/cc262201(office.12).aspx

    Warm Regards, Pratik Vyas | SharePoint Consultant | http://sharepointpratik.blogspot.com/
    Monday, March 14, 2011 9:46 AM
  • Hi Naraka,

    In SharePoint side, in order to login into the SharePoint site from external network is using Forms Based Authentication(FBA) as Pratik mentioned. However, as you know, this will have an inline login screen.

    If this is accepted, and to solve your another concern "In our case we have to use AD", we can customize Membership provider instead of AspnetSQLMembershipProivder.

    We can start to custom a provider to use AD as datasource from here:
    http://www.tonytestasworld.com/post/Roll-your-own-custom-MembershipProvider-and-use-it-with-SharePoint-for-Forms-Based-Authentication.aspx

    If you have any more questions, please feel free to ask.

    Thanks,
    Jinchun Chen


    Jin Chen - MSFT
    Tuesday, March 15, 2011 10:41 AM
    Moderator

All replies

  • Yes ,

    You can enable FBA on that site and using FBA users will be able to log in to the site with just UserName.

    These two links help you to configure FBA

    http://www.simple-talk.com/dotnet/windows-forms/configuring-forms-authentication-in-sharepoint-2007/

    http://technet.microsoft.com/en-us/library/cc262201(office.12).aspx

    Warm Regards, Pratik Vyas | SharePoint Consultant | http://sharepointpratik.blogspot.com/
    Monday, March 14, 2011 9:46 AM
  • Yes ,

    You can enable FBA on that site and using FBA users will be able to log in to the site with just UserName.

    These two links help you to configure FBA

    http://www.simple-talk.com/dotnet/windows-forms/configuring-forms-authentication-in-sharepoint-2007/

    http://technet.microsoft.com/en-us/library/cc262201(office.12).aspx

    Warm Regards, Pratik Vyas | SharePoint Consultant | http://sharepointpratik.blogspot.com/

    That first link looks like FBA uses a SQL membership provider. In our case we have to use AD.

    The second link does not specifically state that FBA will accept only 'username' instead of 'DOMAIN\username'. It seems to emphasize more about having a inline logon screen in the browser window instead of a user authentication pop-up box.

    I will try to test it within the next hour ....

    Monday, March 14, 2011 10:44 AM
  • Hi Naraka,

    In SharePoint side, in order to login into the SharePoint site from external network is using Forms Based Authentication(FBA) as Pratik mentioned. However, as you know, this will have an inline login screen.

    If this is accepted, and to solve your another concern "In our case we have to use AD", we can customize Membership provider instead of AspnetSQLMembershipProivder.

    We can start to custom a provider to use AD as datasource from here:
    http://www.tonytestasworld.com/post/Roll-your-own-custom-MembershipProvider-and-use-it-with-SharePoint-for-Forms-Based-Authentication.aspx

    If you have any more questions, please feel free to ask.

    Thanks,
    Jinchun Chen


    Jin Chen - MSFT
    Tuesday, March 15, 2011 10:41 AM
    Moderator