Forms-Based Authentication (FBA) Configuration in SharePoint

InfoPath alternatives for form designing SharePoint

This article explains how to create Forms-Based Authentication for claims-based web applications using ASP.NET SQL membership and role providers.

Forms-Based Authentication (FBA) Configuration in SharePoint
Forms-Based Authentication (FBA) Configuration in SharePoint
Framework folder on the server
Framework folder on the server
Forms-Based Authentication (FBA) Configuration in SharePoint 2013
Forms-Based Authentication (FBA) Configuration in SharePoint 2013

We need to use the following procedure to configure FBA in SharePoint.

Step 1: Setting up the ASP.NET Membership Provider database.



First create the database to store users and groups. The membership store is created using the ASP.NET SQL Server Setup Wizard.

This is launched from the .NET 2.0 Framework folder on the server at: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

Click “Next” to continue to the Select a Setup Option step.

Select “Configure SQL Server for application services”. This is the default option.

Click “Next” to advance to the Select the Server and Database step.

Forms-Based Authentication (FBA) Configuration in SharePoint 2010
Forms-Based Authentication (FBA) Configuration in SharePoint 2010

Add the SQL Server name and instance where you want to create the FBA database. Also specify the database name.

Click “Next” to advance to the Confirm Your Settings step.




Forms-Based Authentication (FBA) Configuration in SharePoint 2016
Forms-Based Authentication (FBA) Configuration in SharePoint 2016

Click “Next” to create the database.

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

You’ll see the success screen displayed above. Start Microsoft SQL Server Management Studio and connect to the database server instance. You’ll find that your new database has been created. If you’re using Integrated Security then you’ll need to provide access to the database for the following service accounts in SharePoint.

To create a new Login for a user go to “Security” -> “Login”-> “New User”.

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

Add the required details as below:

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

Click the “OK” button to add the user to the database.

Step 2: Configure the Central Admin Web Site to use the SQL Membership Provider.

Select the SharePoint Central Administration v4 site and add the connection string and Provider as below:

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

Add Connection String: To add a Connection String, under the Actions menu on the right, select “Add” to create a new connection string. Provide the details for the membership database for the new connection string as below:

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

Add Role Provider: For adding Role Provider

Go back to the Web application page and open up the Providers page. Here we will create a provider for Roles and Users. Set the feature to .NET Roles and click “Add” in the Actions pane to add a new role provider. I named it SPFBARoleProvider and selected the right type and connection string.

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

Add Membership Provider: To add a Membership Provider set the feature to .NET users and click “Add” from the actions pane to add a membership provider.

Forms-Based Authentication (FBA) Configuration in SharePoint 2016
Forms-Based Authentication (FBA) Configuration in SharePoint 2016

Set the “EnablePasswordReset” to true and add a Data Connection String. I named it “SPMembershipProvider”.

Step 3: Configure the Secure Store Web Service to use the SQL Membership Provider.

We need to repeat the procedure in Step 2 to configure the SecurityTokenServiceAppliaation that is in the SharePoint Web Services application.

Forms-Based Authentication (FBA) Configuration in SharePoint 2016
Forms-Based Authentication (FBA) Configuration in SharePoint 2016

Step 4: Create Extranet Web Application

Finally we create a web application that will use FBA authentication.

In Central Administration, select the “Application Management” page then seelct “Manage Web Applications”. Select “New” from the ribbon to create a new web application.

Select “Claims Based Mode Authentication” as the Authentication Type.

Forms-Based Authentication (FBA) Configuration in SharePoint 2019
Forms-Based Authentication (FBA) Configuration in SharePoint 2019

Add the Membership Provider name and Role Manager name used everywhere in the configuration as below.

Add Membership Provider name and Role manager name
Add Membership Provider name and Role manager name

Step 5: Configure Membership Providers for Web App through IIS

In IIS Manager, browse to the new site. I have created “SharePoint:9000” . For the new FBA site we need to do the following configuration:

  • Add the connection string and add Providers for members and roles as in Step 2
  • Create .NET Roles
  • Create .NET Users
Web App through IIS
Web App through IIS
Configure .NET Roles: For Configuring .NET Roles open the .NET Roles page for our web application. You will receive a warning that the default role provider is not trusted. You need to set the default role provider to “SPFBARoleProvider” or whatever you have named the role provider
Forms-Based Authentication (FBA) Configuration in SharePoint
Forms-Based Authentication (FBA) Configuration in SharePoint

Create the role as per the requirements of the application. I have created the role as User, Admin and so on.

Create the role
Create the role

Configure .NET Users: For configuring .NET users open the .NET Users page. You will get a warning that the default is not trusted. Set the default provider to “SPFBAMembershipProvider” or whatever you have named the Membership Provider.

Add the members with required details as below:

Add the Members in sharepoint
Add the Members in sharepoint

Add the created user to the role as below:

Add the created user in sharepoint
Add the created user in sharepoint

Finally set the .NET users and reset the default provider to “i” and the default Role Provider for the web application to “c”.v

Similar SharePoint 2013 Tutorials


Leave a Reply