首页 > 代码库 > sharepoint 2010 基于AD的Form验证

sharepoint 2010 基于AD的Form验证

一、新建web应用程序

  1、验证部分选择“基于声明的身份验证”

  2、设置端口

  3、选择“

    “ASP.NET 成员身份提供程序名称”下面填写“LdapMember”

    “ASP.NET 角色管理器名称”下面填写“LdapRole”

  4、其他根据自己情况酌情修改

二、创建网站集

三、修改配置文件

  1、应用程序配置文件    

 1 <roleManager enabled="true" defaultProvider="c" cacheRolesInCookie="false"> 2       <providers> 3         <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /> 4  5         <add name="LdapRole" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 6              server="contoso.com" 7              port="389" 8              useSSL="false" 9              userContainer="CN=Users,DC=contoso,DC=com"10              groupNameAttribute="cn"11              groupNameAlternateSearchAttribute="samAccountName"12              groupMemberAttribute="member"13              userNameAttribute="sAMAccountName"14              dnAttribute="distinguishedName"15              groupFilter="(ObjectClass=group)"16              userFilter="(ObjectClass=person)"17              scope="Subtree"18              connectionUsername="contoso\mossadmin"19         connectionPassword="Pass@word"/>20       </providers>21     </roleManager>22     <membership defaultProvider="i">23       <providers>24         <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />25         <add name="LdapMember"26              type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"27              server="contoso.com"28              port="389"29              useSSL="false"30              userDNAttribute="distinguishedName"31              userNameAttribute="sAMAccountName"32              userContainer="CN=Users,DC=contoso,DC=com"33              userObjectClass="person"34              userFilter="(ObjectClass=person)"35              scope="Subtree"36              otherRequiredUserAttributes="sn,givenname,cn"37              connectionUsername="contoso\mossadmin"38              connectionPassword="Pass@word"/>39       </providers>40     </membership>
View Code

  2、管理中心配置文件

 1     <roleManager  enabled="true"  defaultProvider="AspNetWindowsTokenRoleProvider"> 2       <providers> 3         <add name="LdapRole" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 4            server="contoso.com" 5            port="389" 6            useSSL="false" 7            userContainer="CN=Users,DC=contoso,DC=com" 8            groupNameAttribute="cn" 9            groupNameAlternateSearchAttribute="samAccountName"10            groupMemberAttribute="member"11            userNameAttribute="sAMAccountName"12            dnAttribute="distinguishedName"13            groupFilter="(ObjectClass=group)"14            userFilter="(ObjectClass=person)"15            scope="Subtree"16            connectionUsername="contoso\mossadmin"17            connectionPassword="Pass@word"/>18       </providers>19     </roleManager>20     <membership >21       <providers>22         <add name="LdapMember"23               type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"24               server="contoso.com"25               port="389"26               useSSL="false"27               userDNAttribute="distinguishedName"28               userNameAttribute="sAMAccountName"29               userContainer="CN=Users,DC=contoso,DC=com"30               userObjectClass="person"31               userFilter="(ObjectClass=person)"32               scope="Subtree"33               otherRequiredUserAttributes="sn,givenname,cn"34               connectionUsername="contoso\mossadmin"35               connectionPassword="Pass@word"/>36       </providers>   37     </membership>
View Code

  3、SecurityTokenServiceApplication配置文件

 1     <roleManager  enabled="true" > 2       <providers> 3         <add name="LdapRole" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 4          server="contoso.com" 5          port="389" 6          useSSL="false" 7          userContainer="CN=Users,DC=contoso,DC=com" 8          groupNameAttribute="cn" 9          groupNameAlternateSearchAttribute="samAccountName"10          groupMemberAttribute="member"11          userNameAttribute="sAMAccountName"12          dnAttribute="distinguishedName"13          groupFilter="(ObjectClass=group)"14          userFilter="(ObjectClass=person)"15          scope="Subtree"16          connectionUsername="contoso\mossadmin"17     connectionPassword="Pass@word"/>18       </providers>19     </roleManager>20     <membership >21       <providers>22         <add name="LdapMember"23             type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"24             server="contoso.com"25             port="389"26             useSSL="false"27             userDNAttribute="distinguishedName"28             userNameAttribute="sAMAccountName"29             userContainer="CN=Users,DC=contoso,DC=com"30             userObjectClass="person"31             userFilter="(ObjectClass=person)"32             scope="Subtree"33             otherRequiredUserAttributes="sn,givenname,cn"34             connectionUsername="contoso\mossadmin"35             connectionPassword="Pass@word"/>36       </providers>37     </membership>
View Code

四、添加一个用户策略

  在这添加用户的时候选择搜索用户那个按钮,搜索用户的时候,用户至少出现两次:

    一个是“用户:Activity Directory”

    一个是“用户:表单认证”

  选择用户,设置完全控制权限。

sharepoint 2010 基于AD的Form验证