Configuring Forms Based Authentication in SharePoint 2016 – Part 1 – Creating the Membership Database

Configuring forms based authentication (FBA) in SharePoint 2016 is exactly the same process as configuring it for SharePoint 2013.  I’ve recreated the SharePoint 2013 FBA tutorial specifically for SharePoint 2016, using screenshots from SharePoint 2016 and Windows Server 2012 R2.  I have changed the tutorial to use the SharePoint FBA Pack to create the FBA users, but otherwise it remains the same and can be used interchangeably between SharePoint 2013 and SharePoint 2016.

I’ll go through all of the steps required to setup FBA for SharePoint 2016, from start to finish.  I’ve broken down the steps into 4 sections, so if you already have an existing membership database setup from a previous version of SharePoint, feel free to skip forward to Part 2.

Part 1 – Creating the Membership Database

Part 2 – Editing the Web.Config Files

Part 3 –  Configuring SharePoint

Part 4 – Adding Users to the Membership Database

You can also watch a video of the whole process on YouTube: Configuring Forms Based Authentication in SharePoint 2016.

Part 1 – Creating the Membership Database

The first thing you need when configuring FBA for SharePoint is a place to keep all of the usernames and passwords. ASP.Net comes with a tool that we’ll use to create a membership database to store the logon information.

  • Navigate to c:\windows\Microsoft.NET\Framework64\v4.0.30319\
  • Run “aspnet_regsql.exe”aspnet_regsql.exe file
  • A welcome screen will appear. Click Next.aspnet_regsql wizard welcome
  • Select “Configure SQL Server for application services” and click Next.aspnet_regsql wizard task
  • Enter the name of your server and your authentication information.  In this case SQL Server is installed on the same server as SharePoint 2013 and I am logged in as an administrator and have full access to SQL Server, so I choose Windows Authentication.For the database name, I just leave it as <default>, which creates a database called “aspnetdb”.aspnet_regsql wizard select db
  • A Confirm Your Settings screen will appear. Click Next.aspnet_regsql wizard confirm
  • A “database has been created or modified” screen will appear. Click finish and the wizard will close.aspnet_regsql wizard finish
  • Now that the database has been created, we’ll have to give SharePoint permissions to read and write to it. We’re going to connect to the database with Windows Authentication, so we’re going to have to give those permissions to the service account that is being used to run SharePoint.First, let’s find out the service account that’s being used to run SharePoint. Open IIS, go to “Application Pools”. Take a look at the “Identity” that is being used to run the SharePoint application pools. On my test server, it happens to be my administrator account that is being used, but it will probably be different on your machine. Make note of the identity used.IIS Application Pool
  • Now that we know what account is being used to run SharePoint, we can assign it the appropriate permissions to the membership database we created.  Open up SQL Server Management Studio and log in as an administrator.SQL Server Management Studio
  • Under Security/Logins find the user that SharePoint runs as.  Assuming this is the same database server that SharePoint was installed on, the user should already exist.Right click on the user and click ‘Properties’.SQL Server Select Login
  • Go to the “User Mapping” Page. Check the “Map” checkbox for the aspnetdb database. With the aspnetdb database selected, check the “db_owner” role membership and click OK. This user should now have full permissions to read and write to the aspnetdb membership database.SQL Server Edit User Mapping

Continue to Part 2 – Editing the Web.Config Files.

6 Responses to “Configuring Forms Based Authentication in SharePoint 2016 – Part 1 – Creating the Membership Database”

  1. Scott says:

    Is there a setting somewhere we can change that will allow the creation of multiple FBA accounts using the same email address? It looks like that worked in SP 2010 but not for SP 2016.

Leave a Response

Trackbacks