This is Part 2 in a 3 Part Series regarding the setup of SharePoint zones:
- Enable Forms Based Authentication for Windows SharePoint Services 3.0 (WSS)
- Enable Dual Zone Authentication (FBA and Windows)
- Enable Anonymous Access for SharePoint 3.0 with FBA
In the previous article, we setup FBA support for the default zone of a SharePoint site which was http://localhost:500. Next, we’ll create an extension of this site to support Windows users.
Setup the Intranet Zone
- In SharePoint Central Admin, select Application Management.
- Click “Create or extend Web Application”
- On the next page, select “Extend an existing web application”
- Ensure the Web Application is your FBA site (http://localhost:500)
- Enter a port number, here we’ve used 501. You can use a proper host header if you want a user friendly machine name on port 80, but that is beyond the scope of this tutorial.
- Select a Zone: Intranet, Extranet, etc. The value is not important, there are no specific rules tied to say, Extranet. It’s simply a placeholder. Select the one that makes sense. For Windows users, I might classify that as “Intranet”.
- Click OK to save the settings.
Behind the scenes, SharePoint is adding an IIS website and configuring it to use Windows Authentication.
Add a Windows User to the Site Admins
- In SharePoint Central Admin, in Application Management, select Site Collection Administrators.
- In the primary administrator field, we should still have fbaadmin.
- In the secondary field, enter a windows account. Below we’ve added the administrator.
Note that now both a windows and fba account resolve.
- Click OK to save.
Test it out
- Open a web browser and point to the Windows site (http://localhost:501). You will be prompted for and expected to provide Windows credentials.
- In another browser, retest the FBA site (http://localhost:500). You will be prompted for and expected to provide FBA credentials.
