Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In the console tree of Internet Information Services (IIS) Manager, right-click the site that corresponds to the name of the web applications that you just created, and then click Explore.

  2. In the folder window, double-click the Web.Config file.

  3. In the <Configuration> section, find the <system.web> section.

  4. Find the <membership defaultProvider="i"> section and add the following example entry to the <Providers> section:

    Code Block
    languagexml
    titleweb.config
    <add name="LdapMember" 
       type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
       server="dc.yourdomain.com" 
       port="389" 
       useSSL="false" 
       userDNAttribute="distinguishedName" 
       userNameAttribute="sAMAccountName" 
       userContainer="DC=yourdomain,DC=com" 
       userObjectClass="person" 
       userFilter="(ObjectClass=person)" 
       scope="Subtree" 
       otherRequiredUserAttributes="sn,givenname,cn" />
  5. Find the <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> section and add the following example entry to the <Providers> section:

    Code Block
    languagexml
    titleweb.config
    <add name="LdapRole"
       type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
       server="dc.yourdomain.com" 
       port="389"
       useSSL="false"
       groupContainer="DC=yourdomain,DC=com"
       groupNameAttribute="cn"
       groupNameAlternateSearchAttribute="samAccountName"
       groupMemberAttribute="member"
       userNameAttribute="sAMAccountName"
       dnAttribute="distinguishedName"
       groupFilter="(ObjectClass=group)"
       userFilter="(ObjectClass=person)"
       scope="Subtree" />

    In the preceding entry, substitute the following:

  • The fully qualified domain name (FQDN) of your domain controller (your LDAP server) in server="dc.yourdomain.com".

  • The distinguished name of your user container in userContainer="dc=yourdomain,dc=com".

  • The distinguished name of your group container in groupContainer="dc=yourdomain,dc=com".

...