FBA Site Installation for Dummies (like me)

Topics: Internet/Extranet Edition
Sep 9, 2008 at 4:36 PM
Rather than get bogged down in manually config an FBA site. Here's my simple recipe:

1. Download this PowerShell script: http://www.box.net/shared/koox9r8r0p (it names some files that are a little out of date, so just get the latest releases)
2. Install all the stuff from Step 1 and make sure you can access the wizard for FBA
3. Perform Steps [D] and [U], using default options (this makes your SQL database and first user)
3. In Central Administration, create a new web application w/options NTLM, allow anonymous, make a new app-pool, use Network Service
4. After this completes - STOP! Do not make a new site collection.
5. Back in the PowerShell Wizard for FBA: Now do step [P] then [S] using the default options (this enables the web app as FBA and add the user from Step 3), close PowerShell
6. Run a command prompt iisreset /noforce
7. Optionally (recommended): Open the C:\Inetpub\wwwroot\wss\VirtualDirectories\YOURSITE web.config and modify the options for WssAspNetSqlMembershipProvider (example: enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" )

That's it! If you have CKS:FBA, deploy it to your new FBA site and add new users. If not, open SQL Express, and then your ASPNETDB and manually type in users (possible if if passwordFormat="Clear").

Hope this helps.

Cheers,
John (niskypto)
Sep 10, 2008 at 8:03 PM
Hello John,

Great tutorial, i get FBA working finally!...I would like to know if is posible to EXTEND an application with this app because i think that the power shell script  creates a new app and is imposible to extend it (for example 2 apps in port 80).

Another question is: Is posible to get anonymous access for FBA site?, i would like to set the LOGIN WebPart to login in...

Best regards.
Sep 11, 2008 at 4:22 PM
Edited Sep 11, 2008 at 4:30 PM
Just extend it w/in the Central Admin interface. I extended mine to an NTLM (windows) custom zone (port 80, but different url) so I could get the sharepoint search feature working and use sharepoint designer. See my other post in issue tracker for this step. FBA works best if it's the strating (default zone) application in my opinion.

NOTE: If you are starting from a fresh OOTB installation, you can use the Wizard all the way thru - that was the original intention of the script. Note: The script was originally offered by http://sharepointsolutions.com/ . It's still on their site if you login and dig around with the url or Google. The steps above, I have found, always work and gives you more control over the process, while still keeping it simple.

Anonymous access for FBA is enabled the same way for NTLM. You just go into advanced security settings for your FBA site and select to turn-on anonymous access. make sure you have also allowed the web-app anonymous access in Central Admin. By the way, if you want automatic-login for an FBA guest account, edit your Global.asax following my solution here: http://www.codeplex.com/wssguestaccount (relase 1.2 is the easier one to employ). This is not possible for NTLM, and one of the most important but hardly ever discussed point of difference for FBA.

Cheers,
John