I am having difficulty setting up Sharepoint Foundation 2013 to use forms-based authentication with an external LDAP provider (non-AD).
I have followed the instructions here:
http://technet.microsoft.com/en-us/library/ee806890.aspx
Initially, after editing my 3 web.config files, Central Administration wouldn't load at all and gave a "Common Language Runtime" error in the browser.
I found this post:
http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/6f29568a-5a1b-429c-aba0-484185612eb1
It seems there's an error in the Technet instructions - I removed the "enabled" and "defaultProvider" parts from this line of the Central Admin web.config file (originally pasted directly from the site above):
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" >
Now, central Admin loads fine, but the FBA-based web app still won't load. Attempting to load any page gives (after changing the customError tag to RemoteOnly):
Server Error in '/' Application.
Common Language Runtime detected an invalid program.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.InvalidProgramException: Common Language Runtime detected an invalid program.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[InvalidProgramException: Common Language Runtime detected an invalid program.]
System.Web.Security.Roles.Initialize() +1093
System.Web.Security.RoleManagerModule.OnLeave(Object source, EventArgs eventArgs) +73
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +182
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +183
Here's the relevant section of my webapp web.config:
<membership defaultProvider="i"><providers><add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /><add name="LDAPMember" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="mycompany.com" port="636" useSSL="true" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer="OU=users,DC=mycompany,DC=com" userObjectClass="person" userFilter="(&(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" /></providers></membership><roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"><providers><add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /><add name="LDAPRole" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="mycompany.com" port="636" useSSL="true" groupContainer="DC=mycompany,DC=com" groupNameAttribute="cn" groupNameAlternateSearchAttribute="samAccountName" groupMemberAttribute="member" userNameAttribute="sAMAccountName" dnAttribute="distinguishedName" groupFilter="(&(ObjectClass=group))" userFilter="(&(ObjectClass=person))" scope="Subtree" /></providers></roleManager>
If I use the original, unmodified web.config file for the webapp, it will load the authentication page and give the drop-down box for choosing Windows or FBA (both are enabled for the webapp). Logging in with Windows authentication works fine. As soon as I modify the webapp web.config file, I get the error above. That, and the previously discovered error with the Central Admin web.config file make me think there's another error here somewhere I'm missing.
Any assistance would be greatly appreciated.
thanks,
aaron