Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Nov 21, 2012 04:52 AM by Mahesh Dhinge
Oct 21, 2010 07:13 PM|LINK
I'm having a tough time getting LDAP authentication to work on a Claims-based web app in Sharepoint Foundation 2010. I've seen in many msdn blogs and elsewhere that I have to add blocks for membership and rolemanager to the Central Administration web.config
file, and also to the SecurityTokenServiceApplication and Web app web.config files. I've tried a million variations with my server and LDAP info and in all cases, as soon as I add the code block to the Central Admin web.config, the whole Sharepoint Admin
site crashes, giving me a 500 Server error. It seems like the offending fragment is the "type=..." element inside the RoleManager :
<add name="membership" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=188.8.131.52, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="yourserver.com" port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer="OU=UserAccounts,DC=internal,DC=yourcompany,DC= distinguishedName (of your userContainer)" userObjectClass="person" userFilter="(ObjectClass=person)" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" />
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" >
<add name="roleManager" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=184.108.40.206, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="yourserver.com" port="389" useSSL="false" groupContainer="DC=internal,DC=yourcompany,DC= distinguishedName (of your groupContainer)" groupNameAttribute="cn" groupNameAlternateSearchAttribute="samAccountName" groupMemberAttribute="member" userNameAttribute="sAMAccountName" dnAttribute="distinguishedName" groupFilter="((ObjectClass=group)" userFilter="((ObjectClass=person)" scope="Subtree" />
I'm not seeing anything in the Event Viewer on Windows Server that corresponds to the error. Is there any way I can learn more about this problem and what to try?
I can't be sure that's the offending element, but when I removed it, the site didn't crash (although I'm still well short of getting an LDAP connection).
Nov 21, 2012 04:52 AM|LINK
You cannot use the LDAP membership provider with SharePoint Foundation 2010. It needs SharePoint Server 2010 version and also it should be updated with SP1 and June cummulative update.