Logo 
Search:

Sharepoint 2010 Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint 2010       RSS Feeds

SharePoint Authentication

  Date: Sep 03    Category: Sharepoint 2010    Views: 562

Question #1: SQL/FBA vs. AD DS
I am using FBA to authenticate against a SQL membership database for SharePoint.
On most blog posts and material I've read over the last couple of years this
seems to be the "norm" and the recommended way of authenticating Extranet users
for external users who aren't a part of your company.

However, I've been reading up quite a bit on the new multi tenancy features of
SharePoint 2010 and it seems that more and more people are saying to use AD DS
instead. Here's a great blog post on setting up a multi-tenant SharePoint 2010:
http://www.harbar.net/articles/sp2010mt2.aspx
Quote:
"Where will we store our users?
In Active Directory. This one is easy! Sure you could use something else, but
why why why? :) You must have AD for your farm anyway, and it's the best. Sorry,
it's just the way it is. You also want to ensure that customer1 users are not
visible to customer2 and vice versa right? That's kinda a key requirement for
multi tenancy. And guess what – we more or less require AD for that. So use AD
and put down the "open credential store" pipe."

However, our administrator here said once that he really doesn't want external
users in our companies AD, even if they are separated into an OU somewhere. So
I'm stuck with whether I should go through all of the work to move the server to
a DMZ, create a new AD server, and add a one-way trust back to our domain; or to
just keep it where it is and use FBA/SQL authentication.

Question #2: User Partitioning
We are planning on allowing a "sponsor" from the partner's users to be able to
manage other users of their portal; so even if I use host-named site
collections, that sponsor will be able to "see" users from other partners. In
the blog post above he adds a SPSiteSubscriptionProfileConfig with a
SynchronizationOU parameter but the whole profile concept isn't available in
SharePoint Foundation.

Share: 

 

No Answers Found. Be the First, To Post Answer.

 
Didn't find what you were looking for? Find more on SharePoint Authentication Or get search suggestion and latest updates.