Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

form based authentication with AD

  Asked By: Antoinette    Date: Jun 03    Category: Sharepoint    Views: 1274

I already set up FBA with AD.
Can I create user in both AD and sharepoint through sharepoint web part?

I tested FBA with Sqlnetmembership provider. It works.
But I want to use FBA with AD.



5 Answers Found

Answer #1    Answered By: Brandan Roach     Answered On: Jun 03

You will either need to go into AD to create  the users and then add them
to groups in SharePoint or implement the ASP.NET user  Registration
Wizard control on the login.aspx form. Using this control and the LDAP
Membership provider  you can have users create active or inactive users
in AD. Then if they are inactive simply activate the users in AD and
add them to the appropriate SharePoint Groups.

Answer #2    Answered By: Kai Carney     Answered On: Jun 03

Do you mean I can't create  users in AD at outside AD ?

Answer #3    Answered By: Gaurav Nemane     Answered On: Jun 03

I'm not sure that I'm following your question this time. What I meant
was that you can't normally create  AD users from inside SharePoint. The
one way that I know it can be done is by adding the standard ASP.net 2.0
user Registration control to the login.aspx page that you are using for
your FBA authentication. I would assume that you could also write a
custom SharePoint webpart that could create AD users from inside
SharePoint, but I don't know of any and there certainly isn't any
included with SharePoint.

Answer #4    Answered By: Marjorie Humphrey     Answered On: Jun 03

I tested with SQL membership provider  using membership.creatuser
It worked fine. I didn't use creatuserwizard control.

MembershipUser user  = Membership.GetUser(txtUsername.Text);
user = Membership.CreateUser(txtUsername.Text, txtPassword.Text,
user.IsApproved = isActive.Checked;

But, I want to use AD provider. So I changed to AD provider and
connect string in web.config.
After changing them, it doesn't work.

Am I wrong?

Answer #5    Answered By: Chelsey Watts     Answered On: Jun 03

Are you using hard coded credentials in the connection string or
connecting as the App Pool Identity Account of the WebApp? And do
either of those users have Read/Write access to AD. All that's needed
for FBA to work is actually Read. To create  users would require Write.

In addition I'm not sure the Membership.CreateUser will work with AD.
If it did I think you would need a different set  of parameters than you
use for the SQL membership provider.

Can you cut and paste the ADmembership provider  (less any connection
string info) that you are using into a message? There are several
optional attributes required if you want to create users using the User
Registration control. I would think it would be the same for AD.

Didn't find what you were looking for? Find more on form based authentication with AD Or get search suggestion and latest updates.