Replace the [ServerName] token with the name of your SQL database server or the name of your server and instance (servernameinstance).
A content site web.config file is used to provide configuration information for a SharePoint content site. To enable management of Forms Authenticated accounts and enable many of the advanced Extranet Collaboration Manager features within your SharePoint content site modify your web.config file to include the specified tags.
In this article:
The extranet section handler is used by the .NET framework read the contents of the Extranet Configuration Element. This section should be a child of the <configSections> tag.
|
Extranet Section Handler |
|
<sectionGroup name="extranet"> <section name="membershipSettings" type="SPSolutions.SharePoint.ExCM.Configuration.MembershipSettingsSection, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> <section name="registrationSettings" type="SPSolutions.SharePoint.ExCM.Configuration.ExtranetRegistrationSettingsSection, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> <section name="securitySettings" type="SPSolutions.SharePoint.ExCM.Configuration.ExtranetSecuritySettingsSection, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> <section name="ui" type="SPSolutions.SharePoint.ExCM.Configuration.ExtranetUISection, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> <section name="diagnostics" type="SPSolutions.SharePoint.ExCM.Configuration.ExtranetDiagnosticsSection, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> <section name="trustedIdentityProviders" type="SPSolutions.SharePoint.ExCM.Configuration.TrustedIdentityProvidersSection, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> </sectionGroup> |
The Extranet Configuration Element is defined by the <extranet /> tag and contains configuration settings used by the Extranet Feature. Options include password help information, password change and reset configuration and the ability to require e-mail address as the user name. This section should be a child of the </configuration> tag. An Extranet Section Handler is required by the .NET framework to read this configuration element.
|
Extranet Section |
|
<extranet> <membershipSettings useEmailAsUsername="true" allowPasswordReset="true" allowPasswordChange="true" passwordResetTemplate="SetNewPassword" minPasswordStrengthNumbers="1" minPasswordStrengthLowerCase="1" minPasswordStrengthUpperCase="0" passwordMessage="Password must be six characters long." passwordExample="@pple$, Tampa1" newPasswordProviderName="ExtNewPassword" multiFactorAuthentication="true" multiFactorTimeout="30" multiFactorPhoneNumber="" multiFactorAccountSid="" multiFactorAuthToken="" multiFactorDefaultCountry="United States" multiFactorRequestOptions="email" multiFactorRequestDefault="email"> <passwordQuestions> <add text="What is your mothers maiden name?" /> <add text="What year was your father born?" /> <add text="What was the name of the street you grew up on?" /> </passwordQuestions> </membershipSettings> <registrationSettings> <registrationFields> <add fieldName="FirstName" displayName="First Name" fieldType="Text" isRequired="true" /> <add fieldName="LastName" displayName="Last Name" fieldType="Text" isRequired="true" /> <add fieldName="CompanyName" displayName="Company Name" fieldType="Text" isRequired="true" /> <add fieldName="JobTitle" displayName="Job Title" fieldType="Text" isRequired="true" /> <add fieldName="PhoneNumberUsage" displayName="Phone Number Usage" fieldType="Description" description="Important! The country and phone number below is used for sending a login authorization code to a mobile phone. Please provide a mobile phone number capable of receiving text (SMS) messages. Standard messaging rates will apply." isRequired="false" /> <add fieldName="Country" displayName="Country" fieldType="Country" displayType="DropDown" options="United States" isRequired="true" /> <add fieldName="PhoneNumber" displayName="Phone Number" fieldType="Text" isRequired="true" /> </registrationFields> <registrationReceivers> <add name="SPUser" spUserFieldMap="Title=$registrationItem.FieldAnswers.get_Item('FirstName').Value $registrationItem.FieldAnswers.get_Item('LastName').Value;" type="SPSolutions.SharePoint.ExCM.ExtranetSPUserRegistrationReceiver, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> <add name="MembershipProfile" autoMap="true" type="SPSolutions.SharePoint.ExCM.ExtranetMembershipProfileRegistrationReceiver, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" /> </registrationReceivers> <domainNamePolicies /> </registrationSettings> <ui> <redirectionReceivers> <add name="MembershipChangePassword" type="SPSolutions.SharePoint.ExCM.ExtranetMembershipChangePasswordRedirectionReceiver, SPSolutions.SharePoint.ExCM, Version=3.0.0.0, Culture=neutral, PublicKeyToken=fdcedad4c93ea981" source="SignIn" maxPasswordAge="0" passwordChangeFlagPropertyName="ChangePasswordAtNextLogin" /> </redirectionReceivers> </ui> <trustedIdentityProviders /> </extranet> |
The connection string tag defines how to connect to your Form Authentication repository. It is comprised of a name and connectionString attribute. The name attribute is used as a reference by other configuration sections. The connectionString attribute defines the connection and typically includes a server name and account information. When using Integrated Security the application pool identity of your IIS site will be used to connect to the Forms Authentication repository. This tag is located at configuration/connectionStrings.
|
Connection String |
|
<connectionStrings> <add name="ExtranetDirectory_Connection" connectionString="Data Source=[ServerName];Initial Catalog=ExtranetDirectory;Integrated Security=SSPI" /> </connectionStrings> |
|
|
Replace the [ServerName] token with the name of your SQL database server or the name of your server and instance (servernameinstance). |
The PeoplePickerWildards section is used by SharePoint to perform partial match searches when querying account names. The SQL wildcard character is '%' while the Active Directory wildcard character is '*'. This tag is located at configuration/SharePoint/PeoplePickerWildcards.
|
People Picker Wildcard |
|
<PeoplePickerWildcards> <clear /> <add key="AspNetSqlMembershipProvider" value="%" /> <add key="Ext" value="%" /> </PeoplePickerWildcards> |
|
|
The <PeoplePickerWildcards /> tag should be present in the web.config file immediately after SharePoint provisions the content site. Locate the existing <PeoplePickerWildcards />tag and insert the <add key="Ext" /> tag or replace the entire section with the snippet above. |
The Membership section is used for user authentication and storage. You can find the details of each property from Microsoft's SqlMembershipProvider properties page. This tag is located at configuration/system.web/membership.
The Role Manager section is used to organize users into roles. New roles can be created, users can be added and removed to and from roles. This feature is very much like an Active Directory Security Group. This tag is located at configuration/system.web/roleManager.
|
Membership, Role Manager and Profile Providers |
|
<membership defaultProvider="i"> <providers> <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /> <add name="Ext" connectionStringName="ExtranetDirectory_Connection" applicationName="/" passwordFormat="Hashed" enablePasswordRetrieval="false" enablePasswordReset="true" requiresUniqueEmail="True" requiresQuestionAndAnswer="True" maxInvalidPasswordAttempts="10" passwordAttemptWindow="10" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression="" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> <add name="ExtNewPassword" connectionStringName="ExtranetDirectory_Connection" applicationName="/" passwordFormat="Hashed" enablePasswordRetrieval="false" enablePasswordReset="true" requiresUniqueEmail="True" requiresQuestionAndAnswer="False" maxInvalidPasswordAttempts="10" passwordAttemptWindow="10" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression="" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> <providers> <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /> <add name="ExtRole" connectionStringName="ExtranetDirectory_Connection" applicationName="/" type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <profile defaultProvider="ExtProfile" enabled="true"> <providers> <add name="ExtProfile" connectionStringName="ExtranetDirectory_Connection" applicationName="/" type=" System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> <properties> <add name="FirstName" customProviderData="DisplayName=First Name;Order=1;IsRequired=true;ReadAccess=AccountManager|SiteSponsor;WriteAccess=AccountManager|SiteSponsor" /> <add name="LastName" customProviderData="DisplayName=Last Name;Order=2;IsRequired=true;ReadAccess=AccountManager|SiteSponsor;WriteAccess=AccountManager|SiteSponsor" /> <add name="CompanyName" customProviderData="DisplayName=Company Name;Order=3;IsRequired=false;ReadAccess=AccountManager|SiteSponsor;WriteAccess=AccountManager|SiteSponsor" /> <add name="JobTitle" customProviderData="DisplayName=Job Title;Order=4;IsRequired=false;ReadAccess=AccountManager|SiteSponsor;WriteAccess=AccountManager|SiteSponsor" /> <add name="PhoneNumber" customProviderData="DisplayName=Phone Number;Order=5;IsRequired=false;ReadAccess=AccountManager|SiteSponsor;WriteAccess=AccountManager|SiteSponsor" /> <add name="ChangePasswordAtNextLogin" type="Boolean" customProviderData="DisplayName=Change password at next login;IsRequired=false;" /> <add name="HomeUrl" customProviderData="DisplayName=Home Url;Order=6;IsRequired=false;" /> <add name="Country" customProviderData="DisplayName=Country;Order=7;IsRequired=true;ReadAccess=AccountManager|SiteSponsor;WriteAccess=AccountManager|SiteSponsor" /> </properties> </profile> |
|
|
The 'i' membership provider and 'c' role manager provide claims authentication services to your content site. The <membership /> and <roleManager /> tags should be present in the web.config file immediately after SharePoint provisions the content site. Locate the existing <membership /> and <roleManager /> tags and insert the <add name="Ext" /> and <add name="ExtRole" /> tags or replace the entire section with the snippet above. |
©2019 PremierPoint Solutions. All Rights Reserved.
