MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Sharepoint 2007 - Forms Authentication - My Sites

  Asked By: Evelyn    Date: Oct 01    Category: MOSS    Views: 1146

I've implemented FBA on my sharepoint set up. My problem is that the
MySite link disappears when I'm logged into the site via my forms
authenticated log in. Logged in locally as domain\admin the MySite
link is there (though clicking it brings up the FBA log in screen and
it doesn't like any of my attempts at logging in.) In addition to not
having the MySite link, under People and Groups, if I try to change
the properties of my users all it lets me do is attach a file or
delete the user. No other properties are shown as editable.



9 Answers Found

Answer #1    Answered By: Sheena Ray     Answered On: Oct 01


also, it could be getting confused between server\administrator and
domain\administrator if the first connection / setup of moss was using
the machine admin account (as they both pass the name administrator thru
but different sids)

try doing this as server\administrator and see what happens.

Answer #2    Answered By: Gopal Jamakhandi     Answered On: Oct 01

There are a ton of folks trying to figure this out... if it is an expected
result, a bug (not likely), or something we haven't correctly configured.
Working my angles and will post back if I find anything.

Answer #3    Answered By: Anibal Baird     Answered On: Oct 01

Make sure to add the forms  based user as a Site Administrator either
through central admin or through the web application that uses windows

As long as you have the connection string and provider information
loaded in the web.config files for the other 2 - you should be able to
do this.

Answer #4    Answered By: Karla Morrison     Answered On: Oct 01

Ok, when you say make them a Site Administrator, are you talking a
Site Collections Admin or someone with admin rights on the site?
This may not work as I have many people logging into the site that I
want to give a mysite to but not admin rights.

I tried changing the Site Collection Admin primary to the
server\admin user, but it couldn't find it (which is probably some
of the problem). It recognized all my forms  users, but not my
internal server logins.

Also, just to clarify, the site is www.suchandsuch.com on port 80
for the forms based log in. Off of this at
www.suchandsuch.com/site/personal is where the mysites should be

If I'm logged in as server\admin, I get the MySite link at the top.
If I click on it, it wants me to log in. Nothing I enter at this
point, authorizes me in.

If I'm logged in as a forms based user with admin rights (or not,
doesn't seem to matter), I have no MySite link at the top. If I
straight type the URL www.suchandsuch.com/sites/personal, it says
I'm not authorized, and would I like to log in as a different user.
I've then tried several other forms based users and system\admin
with no luck.

Any ideas on how this could be incorrectly configured?

Answer #5    Answered By: Patricia Richardson     Answered On: Oct 01

I haven't checked this out, but I would theorize that the problem relates to
not having a Profile. Remember Profiles are normally done by importing
information from Active Directory. Even if you are using Active Directory
to do your FBA you still won't be authenticated as a Windows User. Since
you won't be running as a Logged in Windows User you won't have a connection
to a Profile that is exported from AD. Without a Profile you wouldn't be
able to setup a MySite. Remember, you can also create Profiles by importing
from a data source using the Business Data Catalog. You probably need to do
this if you are going to use FBA.

Another issue with this would be that MySite runs as part of the Shared
Service Provider. If you switch the SharePoint Site to FBA but don't setup
the Shared Services Provider for FBA then you also wouldn't be able to
access MySite.

Answer #6    Answered By: Laura Walker     Answered On: Oct 01

I'm planning on opening a microsoft support ticket with this,
I'll let you know what comes of it.

Answer #7    Answered By: Deven Ghurye     Answered On: Oct 01

I'm pretty sure it has to do with profiles... have you created a
provider to import your profiles into MOSS?

With AD, profiles are automatically created by fetching the information
from AD... but when you switch to Forms Auth, no such process exists...
you have to create it yourself.

Answer #8    Answered By: Kalyan Pujari     Answered On: Oct 01

I'm not sure what you mean. What I have done so far, is create a
simple web app, went into Visual Studio 2005 and selected "ASP.NET
Then went into the security tab and created all my users for FBA.
How would I create a profile importer? Rather, could you post a link
to a site that could get me started?

Answer #9    Answered By: Damon Garner     Answered On: Oct 01

The Presence or absence of the MySite link is dependent on having two
permissions that are set in the Shared Services Provider. The default is that
NTAUTHORITY\Authenticated Users has those rights by default. FBA authenticated
users are not members of the NTAUTHORITY\Authenticated Users group. You need to
give the group of FBA users those permissions. This is a problem because its
tough to get the Shared Services Provider site to recognize FBA users.

Didn't find what you were looking for? Find more on Sharepoint 2007 - Forms Authentication - My Sites Or get search suggestion and latest updates.