Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In the console tree of Internet Information Services (IIS) Manager, open the SharePoint Web Services site.
  2. In the console tree, right-click SecurityTokenServiceApplication, and then click Explore.
  3. In the folder window, double-click the Web.Config file.
  4. In the <Configuration> section, create a new <system.web> section and add the following example entry:

 

Code Block
languagexml
titleweb.config
<system.web>
	<membership>
	      <providers>
		<add name="LdapMember" 
		     type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
		     server="dc.yourdomain.com" 
		     port="389" 
		     useSSL="false" 
		     userDNAttribute="distinguishedName" 
		     userNameAttribute="sAMAccountName" 
		     userContainer="DC=yourdomain,DC=com" 
		     userObjectClass="person" 
		     userFilter="(ObjectClass=person)" 
		     scope="Subtree" 
		     otherRequiredUserAttributes="sn,givenname,cn" />
	      </providers>
	</membership>
	<roleManager enabled="true" > 
	      <providers>
		<add name="LdapRole" 
		     type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
		     server="dc.yourdomain.com" 
		     port="389"
		     useSSL="false"
		     groupContainer="DC=yourdomain,DC=com"
		     groupNameAttribute="cn"
		     groupNameAlternateSearchAttribute="samAccountName"
		     groupMemberAttribute="member"
		     userNameAttribute="sAMAccountName"
		     dnAttribute="distinguishedName"
		     groupFilter="(ObjectClass=group)"
		     userFilter="(ObjectClass=person)"
		     scope="Subtree" />
	      </providers>
	</roleManager>
</system.web>

...

  1. In the console tree of Internet Information Services (IIS) Manager, right-click the site that corresponds to the name of the web applications that you just created, and then click Explore.

  2. In the folder window, double-click the Web.Config file.

  3. In the <Configuration> section, find the <system.web> section.

  4. Find the <membership defaultProvider="i"> section and add the following example entry to the <Providers> section:

  5.  

  6. Code Block
    languagexml
    titleweb.config
    <add name="LdapMember" 
       type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
       server="dc.yourdomain.com" 
       port="389" 
       useSSL="false" 
       userDNAttribute="distinguishedName" 
       userNameAttribute="sAMAccountName" 
       userContainer="DC=yourdomain,DC=com" 
       userObjectClass="person" 
       userFilter="(ObjectClass=person)" 
       scope="Subtree" 
       otherRequiredUserAttributes="sn,givenname,cn" /

...

  1. >
  2. Find the <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> section and add the following example entry to the <Providers> section:

     

Code Block
languagexml
titleweb.config
<add name="LdapRole"
   type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
   server="dc.yourdomain.com" 
   port="389"
   useSSL="false"
   groupContainer="DC=yourdomain,DC=com"
   groupNameAttribute="cn"
   groupNameAlternateSearchAttribute="samAccountName"
   groupMemberAttribute="member"
   userNameAttribute="sAMAccountName"
   dnAttribute="distinguishedName"
   groupFilter="(ObjectClass=group)"
   userFilter="(ObjectClass=person)"
   scope="Subtree" />

 

In the preceding entry, substitute the following:

  • The fully qualified domain name (FQDN) of your domain controller (your LDAP server) in server="dc.yourdomain.com".

  • The distinguished name of your user container in userContainer="dc=yourdomain,dc=com".

  • The distinguished name of your group container in groupContainer="dc=yourdomain,dc=com".

Phrase 3: Create a new site collection

...