MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Convert authentication

  Date: Oct 13    Category: MOSS    Views: 878

Once upon a time I started a topic similar to this, but it was
more of a brainstorming thread. Now I need a definitive answer:

I have a sharepoint site on our local server (using wss3 2007) which uses the
server's own authentication - in other words, you login to sharepoint using the
same account which you use to log in to the actual server (for file sharing,
etc.). This means that you cannot create user accounts in the portal - you have
to instead, create user accounts in Windows Server.

I want to change this from server-based authentication to the standard web-user
login so I can create my own users.

How can I convert the authentication without losing my site?



6 Answers Found

Answer #1    Answered On: Oct 13    

Sounds like you want Forms-Based Authentication (usually abbreviated as
FBA). The following will probably give you a good start:


Answer #2    Answered On: Oct 13    

Just because you are using the local Security Account Management (SAM)
system of the SharePoint server to create accounts doesn't mean that you
can't use those accounts in SharePoint. You can create additional accounts
by opening Server Manager and then expanding Configuration > Local Users and
Groups > Users. You can now right click on Users and select new user from
the context menu. After you create a new user you can add them into
SharePoint just like any other user. Just preface the user name with the
name of the server instead of the name of the domain.

Please Note: This will only work in a single server installation where
everything, including SQL, is installed on the server where you are creating
the user. But if you are in a single server installation there is no reason
you can't use locally created users just like you would normal domain users.

Answer #3    Answered On: Oct 13    

I can get here:
Central Administration > Application Management > Policy for Web Application >
Add Users

but I don't see anywhere that says "Local Users".

We are using Sharepoint Services, not MOSS, by the way.

Answer #4    Answered On: Oct 13    

But that's in SharePoint. When you add a user there you are adding a user
that exists in some underlying security system. That can be either Active
Directory (Domain) or the local accounts defined on the server (SAM) or
users defined in some Forms based Authentication system. The users have to
exist before you can add them into SharePoint. The account you are using
right now is evidently the Administrator account on the SharePoint Server
itself. If you go to the server console and open the Server Manager
application you will find the Local users where I said it would be.

Answer #5    Answered On: Oct 13    

Okay, but I can already do THAT. What I can't do, and what I want to do, is to
"create" users in sharepoint. Right now I can only add users from the Local
Users of the machine. But say I don't want to add any more users to the
machine, but I want to add my own made up users. Now how do I enable this in my
current configuration?

Answer #6    Answered On: Oct 13    

You can't do it in the setup you have at the moment without changing some
things. SharePoint always depends on some external agency, recognized by
IIS, to do authentication of users. Once the user's identity is
authenticated then SharePoint controls what that user is authorized to do.
Right now user accounts are authenticated by the local windows security
system on the server. If you don't want to add more users to the security
system of the server you need to provide some other alternative. These
would normally be implemented as some kind of Forms based Authentication.
There are several types of Forms Based Authentication systems available to
be implemented in SharePoint. The most common two either store their users
in a sql database or in an Lightweight Directory Access Protocol (LDAP)
compliant system like Active Directory or Lightweight Active Directory
Services. Whatever you use the users need to exist in the external
authentication system before you can add them to SharePoint.

You can't just "create" users in SharePoint.

The following blog post talks about what is involved to configure one of
these FBA providers in SharePoint.


Didn't find what you were looking for? Find more on Convert authentication Or get search suggestion and latest updates.