I hope this is the right forum...
I have set up the Azure Access Control Service in conjunction with SharePoint 2010, and am able to successfully log in to my SharePoint box using either google, yahoo, or windows live credentials. I just don't understand how the business process is supposed to work... How does a site admin give the windows live user permissions for an extranet?
For example, if I have a new customer that I would like to give access to my portal, I can ask them if they have a google, yahoo, or windows live id. If they have a google id and they tell me what it is, I can give them permissions. The windows live id does not use the email address, so how can permissions be assigned? (in my lab environment, I got it to work by copying the value that showed up in the access denied screen. But asking the users to send me the access denied message in order to give them permissions is obviously a non-starter.)
- Moved by JOshiro Friday, March 23, 2012 9:00 PM This sounds more like a SharePoint administration question, please move back if it is not (From:Live Connect)
Please follow these visual guides to have more understanding:
Mike here is another link:
Thanks for the links. One showed how to set it for for anonymous. One showed how to all all windows live users to access the site. And one mentioned assigning permissions to a particular ID. A couple notes:
1. the id in the tutorial was a shorter ~10 character id. The ID that works for me is a ~48 character id. And, there's nowhere in the windows live gui where I can find that ~48 character code.
2. Even if that code did work, asking the user to go through that process to send over the code to get access to the site is a non-starter, compared to the process of using yahoo, for example, where all they need to do is send over their yahoo email address.
I hope below links will resolve it:
The tutorial you linked to is indeed excellent. But in part II it states: "Instead of manually adding users you should add all authenticated Live ID users to a Visitors group for instance and have some kind of application form with a workflow or similar which they must fill-in to become "real members". I suppose that might be the correct answer at this time, but that means that for me, windows live authentication seems to be unusable for an extranet. I get do understand the design idea; the windows live id protects the users identity. But, in an extranet environment, the user's identity must be known as to ascertain that permissions have been given to the correct party.
Thanks for the links!