Extranet FBA Issues

Hello all,

Yes, it has been a very long time since I have posted but I have a good reason I swear. Since my last post, I have changed companies and joined ProKarma as their Microsoft Practice Director. My duties are different from being just a consultant so it is possible I will be expanding my blog posts to other things other than just SharePoint. J

However until I get more time and material I figured I would post a couple of issues that I recently ran in to with a client of mine while we were trying to open their SharePoint server up as an extranet.

Issue #1:

The first issue that I ran in to was that the web application that they wanted to open as an extranet with FBA would not resolve any names in the People Picker. As you know when you change the authentication of a Web Application you also need to assign a user as a Site Collection Administrator. The issue I encountered was that no matter what I tried my administrator user that I had created in the database would not resolve.

Solution:

So after some thought and research (since I hadn't actually implemented this instance of SharePoint) I found that the database was rejecting the Network Service user from accessing the database. Come to find out the person who installed SharePoint and created the initial web application that I extended was using the Network Service user as the Application Pool identity. He neglected to create the service users as would be done in best practices and this ultimately caused time to spent diagnosing an issue that should not have popped up normally. Either way the issue was resolved, but it just goes to point that best practices will save you unnecessary cycles in the end.

Issue #2:

After opening up the web application opened as an extranet up popped another issue. While I was VPN'd in to the clients network I was able to log in using FBA. However, when I was not on their network the same user could not log in. Nothing had changed with the user and access just that I was not logged on to the client's network.

Solution:

This time it was my issue. I had forgotten the old rule that when you setup FBA you need to reboot the server. For some reason the system caches and it will not update properly. Therefore, in this instance after the reboot, the issue was resolved and I was able to log in without issue.

Hopefully you will not run in to these issues and if you do this post will help.

Michael

Posted on Wednesday, February 11, 2009 4:37 PM SharePoint , General Ramblings | Back to top

Comments on this post: Extranet FBA Issues

# re: Extranet FBA Issues

I'm having the same issue as you were with the people picker. When in Central admin and creating a policy for web application, i can search and find FBA users and roles. But in site settings > people and groups > new > people picker it does not find any FBA user or role. I'm rebooting to see if this helps. Do you have any other ideas on what could be causing this?? The users can log in to the site but they are read only.

Left by Andy M on Apr 29, 2009 9:43 AM

It sounds like you don't have the web.config for your web application setup to access the database correctly. Be sure that your user that is being used in the App Pool has access to the database for the web application that is trying to access the membership database.

HTH,

Michael

Left by Michael on May 01, 2009 10:10 AM

Michael,

I would be interested in hearing more about why you left prokarma.

Left by miktajh on Mar 11, 2010 11:00 AM