How to setup FBA Claims in SharePoint 2010 with A D Membership Provider

In this post I am going to explain how to set up a SharePoint 2010 claims base authentication from Active Directory Membership Provider.

There are several posts which follow certain config changes and some other entries to achieve the same. But, after following atleast 10 of them, I was still stuck. I have finally figured out the sequence of events to be done to achieve the desired output.

Step1: Create web application with Claims Authentication Mode. Go to Central Admin, Create new web application. Choose Claims Based Authentication.
Now, here when you reach the identity providers section, you can also choose windows also as your identity provider along with forms. For testing purposes, I started with taking both windows and forms as my provider.
Enter the name of your membership provider. I am taking the name as 'admember'.

Step2: Next you need to make changes in three web.config entries:
1. Web config of Central Admin.
2. Web config of your newly created web application.
3. Web config of STS (Security Token Service) application.

Open the web config of Central Admin and add the below entries:First the connection string,
'connectionStrings'
'add name="adconn"'
'connectionString="LDAP://logimindz.net/CN=Users,DC=logimindz,DC=net"/
/connectionStrings'

Here, connecton strin represents the below:
LDAP://abc.com/cn=users,dc=abc,dc=com/ This will change according to your organisation.

Then the provider
add name="admembers"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="adconn"
enableSearchMethods="true"
attributeMapUsername="sAMAccountName" /

Make sure the connection string is placed outside the 'System.Web' section and the 'provider' is placed within the System.web section.

Make sure the provider admembers is the default provider against your membership tag.

Open the web config of the web application

First the connection string:
connectionstrings>
add name="adconn" connectionString="LDAP://logimindz.net/CN=Users,DC=logimindz,DC=net"/
/connectionStrings

Next search the word 'membership' in your config file. You will find there is already a membership declared with the name 'i'. Add the below to the membership tag.

add name="admembers"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="adconn"
enableSearchMethods="true"
attributeMapUsername="sAMAccountName" /

Make sure the provider i is the default provider against your membership tag.

Save and close the web.config.

Open the web.config of your STS:

You can do this in two ways - Go to inetmgr - Sites - Sharepoint web services - SecurityTokenServiceApplication. Click on explore and open the web.config.
Or go to c:/program files/common files/ microsoft shared/ web server extensions/web services/security token and open the web.config

First add the connection string:
connectionStrings>
add name="adconn" connectionString="LDAP://logimindz.net/CN=Users,DC=logimindz,DC=net"/
/connectionStrings

Then add the provider entry:
add name="admembers"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="adconn"
enableSearchMethods="true"
attributeMapUsername="sAMAccountName" /

You will probably need to add the 'System.Web' tag also. The below tags will need to be added:

'System.Web'
'Membership'
'Providers'
'Add name='

Next do an iisreset.

Step3: Wire up provider to the web application

1. Go to CA - Web application management page, select your web application and choose 'Authentication Providers' from the ribbon.
2. Choose 'Default' and go the 'Identity Providers' section.
3. Select 'Enable ASP.net membership and role provider' and type the name of your provider in the text box.

Step4: Add users for the web application

1. Select your web application.
2. Hit User policy in the ribbon above.
3. Hit the browse users button in the people picker web part.
4. Notice the dialog box is changed, there are sections like 'Active Directory', 'All Users', 'Form Auth', 'Organization'.
5. Type in an AD user name and search.
6. There should be two results for the same user - one through NTLM and one through form auth. Select the user from form auth result and hit finish.

Step5: Create top level site in the web application

Now you can create the desired top level site in the web application. You will get two options while trying to log in - Windows and Form based authentication.

You can either use both or disable windows auth from the web application settings to get only form based login.

How to create a SharePoint menu from xml

We had a requirement wherein we wanted to create a SharePoint menu with 4 level of menus. We used an xml source for the same for the same.

Step1: Create a document library and add a new xml document from SharePoint designer.

Step 2: Open your master page and add a new datasource. To add a new datasource, click on the above ribbon and select DataSource - select your xml file. It will include the below code in your master page

'SharePoint:SPXmlDataSource runat="server" id="SPXmlDataSource1"' 'DataFileParameters' 'asp:Parameter Name="FileName" DefaultValue="main_menu.xml"/' 'asp:Parameter Name="FilePath" DefaultValue="Menu"/' '/DataFileParameters' '/SharePoint:SPXmlDataSource'

Step 3: Make the below changes in your AspMenu control:

'SharePoint:AspMenu
ID="SPSiteMapProvider1"
Runat="server"
EnableViewState="false"
DataSourceID="SPXmlDataSource1"
UseSimpleRendering="true"
UseSeparateCss="false"
Orientation="Horizontal"
StaticDisplayLevels="2"
MaximumDynamicDisplayLevels="4"
SkipLinkText=""
CssClass="Custom-tn"'
'DataBindings'
'asp:menuitembinding NavigateUrlField="url"
TextField="text" /' '/DataBindings'
'/SharePoint:AspMenu'


Notice two things above - DataSourceID is the same as the XML datasource.
Also, we have included something as DataBindings to get the exact value from the xml. This is going to change depending on the text field in the xml you are using.

In case you need the same setting for your sub sites as well, you will need to create another master page. Simply copy everything in your master page, create a new one and make the below change.

Adding metadata properties in advanced search

While we were working with search, we created hiererchy, we created managed metadata properties and added refinements to our search on basis of those managed metadata properties.
Now, we want the same metadata properties in our advanced search. How to customise the advanced search webpart to view our metadata properties.

1. Go to the advanced search page, click on edit page
2. Click on 'Edit web part' on the Advance search box web part.
3. Expand the properties section.
4. Copy the xml in the properties section, paste to xml editor or visual studio.
5. Collapse all nodes.The last two nodes are the ones which we have to change.
6. First is the propertydefs node.
7. Copy and paste the below line in the property defs tag -
PropertyDef Name="Department" DataType="text" DisplayName="Department"
8. Now go to the 'ResultTypes' node and paste the below line in each section - PropertyRef Name="Department"
9. This line should go in all the sub sections of 'ResultTypes'.
10. Copy this xml and paste in the properties section of the web part.
11. Click on OK and come out of edit.

You will see the property as below in the advanced search section:

Redirect to custom search page instead of OSSSearchResults.aspx

While setting up search, we create a seperate search site. On this site, on the results page, we can set up any customizations we want. We can modify the xslt, set up refinements etc. On our default master page, the search box redirects us by default to the osssearchresults.aspx page. But, we want to be redirected to our custom search page.

A simple way to achieve this is to go to your site Collection, go to site settings - Under Site Collection administration, choose 'Search Settings'. On this page change the 'Site Collection Search Results Page' to 'http://.../search/results.aspx' or whatever is your custom search page.

Add Managed Metadata Property - Sharepoint search

Follow the below steps to add a custom managed metadata property.


1. Go to Central Administration, select Application management and select your shared services website.
2. In the search section, click search settings.
3. In the crawl settings section, click metadata property mappings.
4. Click New managed property.
5. Type the name of the managed property you want to create.
6. Remember to run a full crawl before this step.
7. Click Add Mapping to add a mapping to the list.
8. The crawled property selection dialog box appears, Select 'All categories', type few characters of your property, click on Find. Select the crawled property to be mapped to the managed property.
9. Click OK.
10. Click on 'Use in scopes' if you want this managed property to be used in defining scopes.
11. Click on 'OK'

This metadata property can now be used in the search refinements web part to refine your search.

Add search refiners to your search

First create your custom managed properties from central admin. I created two - Division & Department.


1.Put the page in edit mode.
2.Choose the drop down menu for “Refinement Panel” and choose Edit Web Part.
3.Open the Refinement section and uncheck the “Use Default Configuration” checkbox. Then edit “Filter Category Definition” xml as follows.
4. Collapse inner tags
5. Under filtercategories, below the second section, add the below line
category Title="Division" Description="Refinement of the Division" Type="Microsoft.Office.Server.Search.WebControls.ManagedPropertyFilterGenerator" MetadataThreshold="1" NumberOfFiltersToDisplay="4" MaxNumberOfFilters="20" ShowMoreLink="True" MappedProperty="Division" MoreLinkText="show more" LessLinkText="show fewer"
6. Make sure the metadatathreshold value is not greater than your search result.
7. Similary add tags for all your managed properties.
8. If you want to add count, add ShowCounts="Count" at the end of the tag.