SharePoint 2013 FBA Pack Released

SharePoint 2013 FBA Pack Manage Users

The SharePoint 2013 FBA Pack has been released. It was ported from the SharePoint 2010 FBA Pack (which was originally ported from the SharePoint 2007 CKS Forms Based Authentication Solution), and includes all of the features from the SharePoint 2010 FBA Pack:

  • User Management
  • Role Management
  • Membership Request Web Part
  • Password Recovery Web Part
  • Change Password Web Part
  • Change Password Menu Item

Go and grab it!

Comments

50 responses to “SharePoint 2013 FBA Pack Released”

  1. Brian Avatar
    Brian

    Does this work on Windows Server 2008 R2 SP1?

  2. sonali Avatar
    sonali

    Hi
    I tried FBA pack for sharepoint2010
    I got following error
    Password incorrect or New Password invalid. New Password length minimum: 7. Non-alphanumeric FBA pack
    My webaplication having Claim based authintication using active directory membership.
    Please help me what im doing wrong here,

    1. Chris Coulson Avatar

      Unfortunately I haven’t heard of anybody successfully using this with the active directory membership provider. It’s only been tested with the sql membership provider. Theoretically it should work with any provider that fully implements the membership provider interface, but unfortunately the standard active directory/ldap membership providers do not.

      Either the FBA Pack would have to be modified to work specifically with these membership providers, or a custom membership provider would have to be created based on the existing ldap/ad membership providers that fills in the missing functionality.

  3. Paresh Patel Avatar
    Paresh Patel

    Hi,

    I installed it and configure on website. But somehow review user request not working.

    Can I have some more detailed for the same. I am new for Share Point.

    Any help will be greatly appreciatedbgh.

    Thanks….

    1. Chris Coulson Avatar

      On the FBA Site Configuration page, make sure that ‘Review Membership Requests’ is checked.

      Also, make sure that email has been properly configured in SharePoint. The web parts won’t work without it.

      As long as both of those things are done, the user should get a ‘Membership Pending’ email when they sign up using the membership request web part.

      Admins should then be able to see the user in the Membership Review list and approve the user. When that is done, the user will get a ‘Membership Approved’ email.

  4. GC Avatar
    GC

    If you could make this work with AD you would have something alot of people would want 🙂 ADFS lacks in the arena of password reset big time!

    1. Chris Coulson Avatar

      Agreed. An AD enabled change password and reset password are actually on the roadmap – it’s just a matter of getting the time to develop them.

  5. Vishu Avatar
    Vishu

    Hi friends,

    I have installed FBA pack in sharepoint 2013.
    I have develop a custom Login Page and i have a password recovery Link on the Login Pgae.
    How to Add Password Recovery Webpart(given by FBA Pack)to my Password Recovey Link.

  6. Vishal Goyal Avatar
    Vishal Goyal

    Hi,

    I want to add two new fields in NewUser Form while creating the new FBA user(Title and Department).
    My Requirement is to show the department and title in Sharepoint People Picker like When SP Picker picks the AD users and it shows the designation,same I want to show for the FBA users.

    Note:I am using SP Foundation 2013
    Thanks

    1. Chris Coulson Avatar

      You’ll have to modify the FBA Pack to add those two fields to the form, and then update SharePoint’s Title and Department fields. Just copy the code for how it’s done for the user’s name and email address.

      1. Alya Avatar
        Alya

        Hi,
        I’m still beginner.
        How to modify the pack to add extra fields?

        Thank you.

        1. Chris Coulson Avatar

          You can check this post where i’ve detailed the steps for another user:
          https://sharepoint2010fba.codeplex.com/discussions/350006

  7. Alessio Avatar
    Alessio

    Hello
    When a FBA-User logs in for the first time, Sharepoint create a User in the „User Profile Store“. In this scale, the e-mail adress will not transferred.
    During the next synchronization of the profiles with the local user information lists, the e-mail address on the “local users” will be overwritten with the empty value on the profiles.

    Consequently, no more e-mails can be sent to these FBA users on Nintex and SharePoint.

    Is this problem already known?

    – Sharepoint 2013

    Thanks

    1. Chris Coulson Avatar

      I haven’t used Nintex before – but you’re correct – if a user logs in to SharePoint with an account that exists in the membership database but not the site collection, it will create an empty SharePoint user profile for them on the site collection. The new profile will only contain the user name. That profile would then have to be edited to add the user’s full name and email address.

      Couple of workarounds:
      1) make sure that the user is already setup on the site collection before they login
      2) if you have a central location of user profile details, create a powershell script that updates the site collection user profiles with the details, and just set it to run on a schedule (once a day, once an hour – however often it is needed).

      1. Alessio Avatar
        Alessio

        Thank you Chris
        Do you have already a powershell script, that update the site collection users?

        1. Chris Coulson Avatar

          I’m afraid not. The closest I have is a script to enumerate the users in the site collection, in order to delete them:

          http://blogs.visigo.com/chriscoulson/bulk-delete-sharepoint-site-users-with-powershell/

          This might be closer to what you’re looking for though:
          http://social.technet.microsoft.com/wiki/contents/articles/13547.sharepoint-2010-updating-user-profile-properties-with-powershell.aspx

  8. Ted Stresen-Reuter Avatar

    Is there any chance this will work with SharePoint online (Office 365)? Based on the documentation I’ve read, I’m going to guess that no, it won’t but thought I should ask in case I overlooked something.

    Thanks a lot, very cool project (and very useful!).

    Ted Stresen-Reuter

    1. Chris Coulson Avatar

      I haven’t tried it, but as far as I know there is no way to setup FBA using a SQLMembershipProvider on Office 365. I also believe that custom solutions added to Office 365 have to be either sandboxed solutions or apps, and this is neither.

  9. JasonW Avatar
    JasonW

    Chris,
    I am having an issue on the FBA 2013 pack. When I click on FBA User and Role Mgmt under my site settings, getting an authentication provider not configured correctly message. FBA is working, and everything else as far as I can tell, have went through documentation on both FBA config and FBA pack and think I got it as far as I can tell. Have tried undeploy/redeploy and activate but no luck so far. Any ideas?

    1. Chris Coulson Avatar

      If FBA is working and you can login via FBA, but you’re getting that message when accessing the management pages, then likely your SecurityTokenService membership provider settings are ok, but there’s an issue with the membership provider settings for your web application (web.config for web application or machine.config). Other possibility is that the web application and SecurityTokenService app pool’s run under different accounts – and only the SecurityTokenService app pool account has permissions to access the membership database.

  10. JasonW Avatar
    JasonW

    You the man Chris! Same id, just did not have proper permission in the membership db.

  11. Venkat Avatar
    Venkat

    Can this work with my own names for Membership Provider and Role Provider. Not using the names for provider/role as “FBAMembershipProvider” and “FBARoleProvider” ?

    1. Chris Coulson Avatar

      Yes, definitely. You can use whatever names you want.

  12. JeffG Avatar
    JeffG

    Hey Chris – I cannot get new registrations to go into approval queue. If I login with AD user and test email notifications after changing a file, i get an email so I have to assume email routing is configured properly. Any ideas why new registrants aren’t being queued in membership approval section? I think I have confirmed email routing is functional. Any ideas or places to look for further information?

    1. Chris Coulson Avatar

      It could be that email is working for internal addresses only, and people are signing up with external addresses (gmail etc…). If that’s the case, your mail server has to be configured to allow SMTP Relaying from the SharePoint server.

  13. Harsha Avatar
    Harsha

    Hi Chris Coulson,

    Presently I am facing two issues after successfully configuring the FBA pack,

    1. Firstly the Change Password Webapart, I am not able to get the newly generated password, the new generated password must be saved on to a list in Sharepoint in the same site, but i am not able to get.

    2. Next issue, can I change the tag name in Site Settings for FBA Membership Request Management, FBA User Management, FBA Role Management, FBA Site Configuration.

    Thanks in Advance

    Regards,
    Harsha

    1. Chris Coulson Avatar

      1. When the user changes their password with the change password web part, the password is stored in the membership database (default db name is ‘aspnetdb’). Depending on the settings for the membership provider in your config file, the password will be either in plain text, encrypted or hashed (recommended). If it’s hashed you will not be able to read the password.

      2. I’m not exactly sure what you mean by tag name. All of the strings for the FBA Pack that are displayed are stored in the resource files (.resx), if you would like to edit them.

  14. Jon Lavely Avatar
    Jon Lavely

    I have a SharePoint 2010 site collection in a SharePoint 2013 Server environment (2012 R2 OS). I deployed the 2010 FBA pack but got assembly ref (to 14 hive) error when changing password. What should I do in this situation? Could the 2013 FBA pack work for 2010 site collection? Not sure what to do in this situation. thanks Jon

    1. Chris Coulson Avatar

      Yes, you will have to use the 2013 FBA Pack – as the site collection is actually running on SharePoint 2013, just in SharePoint 2010 experience mode.

      1. Jon Lavely Avatar

        I cannot deploy 2013 FBA pack on SharePoint 2010 site collection/content DB running in 2010 experience on 2013 SharePoint Server. I keep getting “The feature is not a farm level feature” error. If there is some documentation that supports this that would be great. Thanks!

        1. Chris Coulson Avatar

          Where are you getting the “The feature is not a farm level feature” error message? Are you trying to deploy it to Central Admin? It needs to be deployed to a site collection. Alternatively, just run .\deploy in powershell, and then activate the Forms Based Authentication Management feature in the site collection feature list.

          1. Jon Lavely Avatar
            Jon Lavely

            I was using SP 2013 Management Shell to .\deploy FBA pack to the web application which contained site collections that required to stay in the 2010 experience and got the error. The 2013 FBA pack will not work for site collections in 2010 experience, only the 2010 FBA pack. I wouldn’t deploy FBA pack to Central Admin that should stay windows based IMO. Once I was able to deploy the 2010 FBA pack, I had to modify the web app’s web.config to bind the 2010 identity model as a dependent assembly. Strange but so far so good.

      2. Jon Lavely Avatar
        Jon Lavely

        Looks like I had to deploy the 2010 FBA pack for the site collection running on the SP 2010 experience. I just had to bind an assembly reference to the elder SharePoint Identity model in web.config so that the password change didn’t throw an error. Still testing it out.

  15. Naveen Kumar Murugesan Avatar
    Naveen Kumar Murugesan

    First of all, this is a great pack..!! Thanks for your effort.

    I have FBA 2010 pack installed in a site (SP2010 mode) running in SP2013 environment. Recently we did visual upgrade on the site. Now FBA 2010 pack is not working, as it is expecting all the FBA Web Pages in “\15” hive. So we are in the plan to upgrade FBA 2010 pack to FBA 2013 in the recently upgraded SP2013 site.

    Do you have a list of steps that we need to follow for replacing (or upgrading) FBA 2010 with FBA 2013 pack? We need all the FBA User accounts and their details (Full Name, IsInSharePoint, Email, etc.) to stay intact as this site is currently being accessed by many external users. Please help.

    1. Chris Coulson Avatar

      I haven’t tested it with SP 2010 compatibility mode on 2013. I would suggest just removing the 2010 FBA Pack and installing the 2013 FBA Pack, which is identical to the 2010 FBA Pack, but made compatible with 2013.

      Also, just a note, the FBA Pack doesn’t actually affect how FBA accounts are setup in SharePoint, it simply provides tools for managing them. When you’re setting up the 2013 server, as long as you use the same membership provider name as was used in 2010, they should transfer over seamlessly. If you end up changing your membership provider name, SharePoint won’t recognize the user as an existing user and you’ll have to migrate the usernames.

  16. Dan Avatar
    Dan

    Can this product support FBA with an LDAP Provider? I already have a working FBA with LDAP, but would like to utilize you templates. Receiving error message that my FBA is not configured.

    1. Chris Coulson Avatar

      In theory it should, as it just operates against the standard Microsoft membership provider interface. Unfortunately in reality it does not, at least not with the built in LDAP/AD membership providers. Unfortunately the built in providers for LDAP don’t fully implement the MS membership provider, so as a result the FBA Pack does not work with it.

  17. abdul ch Avatar
    abdul ch

    Hi Chris,

    I would like to know how to update the FBA pack to the last version using Power Shell Scripts.

    Is Update-solution ……enough to update it or I’ve to use anther scripts

    Thank u so much

    1. Chris Coulson Avatar

      Using the ‘deploy’ scripts that come with it will update it. Documentation about deploy here:

      https://www.visigo.com/products/sharepoint-fba-pack/documentation/

  18. Ovais Avatar
    Ovais

    After deploying the package in SharePoint 2013 environment, every thing is working fine except the Password change action item in welcome dropdown. Admin is able to change password using FBA Management but users are not able to change it by themselves. the error which is coming while clicking on Change Password option for any user is below:

    Application error when access /_layouts/15/FBA/ChangePassword.aspx, Error=The file ‘/_layouts/FBA/WEBPARTS/ChangePasswordWebPart/ChangePasswordTemplate.ascx’ does not exist.
    at System.Web.UI.Util.CheckVirtualFileExists(VirtualPath virtualPath)
    at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
    at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
    at System.Web.Compilation.BuildManager.GetVPathBuildResult(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean ensureIsUpToDate)
    at System.Web.UI.TemplateControl.LoadTemplate(VirtualPath virtualPath)
    at Visigo.Sharepoint.FormsBasedAuthentication.TemplateLoader.System.Web.UI.ITemplate.InstantiateIn(Control container)
    at System.Web.UI.WebControls.ChangePassword.CreateChangePasswordViewControls()
    at System.Web.UI.WebControls.ChangePassword.CreateChildControls()
    at System.Web.UI.Control.EnsureChildControls()
    at System.Web.UI.WebControls.ChangePassword.get_ChangePasswordTemplateContainer()
    at Visigo.Sharepoint.FormsBasedAuthentication.ChangePasswordWebPart.AddChangePasswordControl()
    at Visigo.Sharepoint.FormsBasedAuthentication.ChangePasswordWebPart.CreateChildControls()
    at System.Web.UI.Control.EnsureChildControls()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Control.PreRenderRecursiveInternal()
    at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

    Any helo would be highly appreciated. I already specified the settings in all 3 web.configs as per below:

    enablePasswordReset=”true” enablePasswordRetrieval=”false” passwordFormat=”Clear” requiresQuestionAndAnswer=”false” requiresUniqueEmail=”false”

    1. Chris Coulson Avatar

      From the error it looks like the FBA Pack didn’t complete deploying properly – it can’t find one of the files that is included in the deployment. I’d rerun the ./deploy.ps1 script on the SharePoint machine, which will undeploy and then redeploy the solution.

      1. Ovais Avatar
        Ovais

        Thanks Chris. I have taken latest WSP from download and deployed and it works fine now. Earlier, I downloaded source code and create package and used. Seems like either the source code is not updated or missing reference of file as you mentioned earlier.

  19. Stephen Avatar

    I would like to know if the user database is compatible with a SQL 2014 AlwaysOn cluster configuration?

    1. Chris Coulson Avatar

      I haven’t tested it, but I don’t see why it wouldn’t be.

  20. Loretta English Avatar
    Loretta English

    Hello,
    I already have fba working on a site. I want to add the User Management features. Can I do that with the FBA Pack? Just run the Activate script?

    Thanks.

  21. Janice Dawley Avatar
    Janice Dawley

    Hi Chris —

    Love the FBA Pack — it’s been working great for us!

    One question I have after installing the latest SharePoint 2013 CU… I got an error during upgrade on our central admin server regarding the FBA Pack feature being missing — and the feature is indeed not there in the FEATURES folder on the server. It doesn’t prevent the upgrade from finishing, but it lists it as “failed”. The upgrade works fine on our WFE which is actually using the FBA Pack and does have the feature installed. I’ve tried deploying the feature to the central admin server, but it refuses to install it, I guess because the FBA Pack is scoped as a “front end web server” solution?

    Anyway, it’s not a big deal, but I’m wondering if you have any ideas on how I can keep the upgrade on Central Admin from throwing errors?

    1. Chris Coulson Avatar

      This does sound strange, and I can’t say i’ve heard of this being reported before. It sounds like it’s not installed/deployed properly. Best is probably to remove it and reinstall/redeploy. I’d probably try undeploying + uninstalling it from the Manage Farm Solutions page on Central Admin, and then reinstall/redeploy using the included deploy.ps1 script, which should deploy it everywhere. And then just activate the ‘Forms Based Authentication Management’ Site Collection Feature on any site collection you want to use it on.

Leave a Reply to Chris Coulson Cancel reply

Your email address will not be published. Required fields are marked *