MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Enabling Multiple Authentication Providers - Can't get external use

  Asked By: Nadia    Date: Aug 11    Category: MOSS    Views: 1821

I am setting up a MOSS 2077 site with two audiences - Internal users
authenticated against Active Directory, and external users
authentication against the ASP.NET db. I have followed the blog entry
at: http://tinyurl.com/yd5fux, posted by the Microsoft SharePoint group.

The two sites work. I am able to add users to the external site from
the ASP.NET database and they show up as valid users in SharePoint for
the external zone on the site.

However, when I try to login to the external site using a valid user,
I can't the "Unknown Error" with no more information as to what the
problem is.




6 Answers Found

Answer #1    Answered By: Trevor Davis     Answered On: Aug 11

Where do you get this "Unknown Error", in the browser?

How do you know that the two sites work if you cannot authenticate to
one of them?

I suspect it has something to do with the way that the provider is
configured in the web.config but...

Are you sure that there is nothing in the SharePoint logs or Event logs?
Have you set CustomError="Off" (or better CustomError="RemoteOnly" if
you are browsing the site from the Web Server) in the web.config?
Do you have any call stack data?
Can you get into a VS.NET debugging session?
Can you trace the page?

Answer #2    Answered By: Vinay Thakur     Answered On: Aug 11

Yes, we get the error in the browser after clicking the 'Submit'
button of the login.aspx page at the external  URL. We don't get a
stack trace.

I can add the external users via Central Administration and it's able
to browse the database and add the users just fine.

There's nothing in the logs about the error. I've tried changing the
web.config for the external site, but nothing helps.

We'll try debugging the login ASP file on the server.

Answer #3    Answered By: Shayla Mcbride     Answered On: Aug 11

Do let us know...........................

Answer #4    Answered By: Jarvis Rowe     Answered On: Aug 11

I "unextended" and reextended the web application and set everything
up for the Extranet zone, including all the changes to the web.config

In Central Admin, I'm able to add the ASP.NET SQL DB roles. I'm also
able to log in as any ASP.NET SQL DB user that belongs to one of those
roles - problem solved!

Now, here's my next challenge. I need to be able to target content to
the roles from the ASP.NET SQL DB. In order to do that, the users need
profiles. They don't have profiles because they aren't in Active
Directory or LDAP. I can't manually add a profile, because the system
things the Account Name is invalid (which is true, the account name
doesn't exist in AD or LDAP). From my research, I can only add/import
profiles from an AD or LDAP source. I can use BDC to add property
values to existing profiles, but not to import in.

So, the new question is: How can I target content to users/roles in
the Extranet zone? I really don't want these users in the Active

Thanks in advance for all of those who helped with this.

Answer #5    Answered By: Selena Glenn     Answered On: Aug 11

When you say you are able to add users to the site from the external
database, where are you adding them? If by that you mean in Central
Admin to add an FBA user as a Site Collection owner or to a web app
policy then that only means that Central Admin can see the
ASPNET.db. If it works in Central Admin and NOT when you try to
login then I suspect the problem is in the Connection String or
Membership provider settings in the external  site web.config. So
here are some potential problems.

1) Is the connection string using hard coded userid and password
or "Integrated Security". If its Integrated Security then the
connection is actually using the app pool Identity account to access
the database. If the Central Admin site is using a different app
pool identity then make sure that the external web application app
pool identity account has R/W access to the SQL database.

2) Make sure that the Membership provider settings in the both
web.configs are identical except for the Default Provider attribute
on the Membership element. This should exist only in the external
web.config and not in Central Admin.

Answer #6    Answered By: Christian Waters     Answered On: Aug 11

How is your installation set up? Single server, seperate web front
end and SQL back end, NLBed front ends, etc... I had the problem
that mine worked until I put in another front end in an NLB. At the
time we had the authentication  DB on just the one front end so every
time the new front end processed the request I got the same message
you received. Once we moved everything to the sql back end and
changed everything to point to the correct area it worked fine.
Other than that check what Paul wrote and let us know. Maybe you can
post your settings and entries if you have no success so that we can
take a look at them....