This project has moved. For the latest updates, please go here.

Can LDAPCP be used with Sharepoint Forms Based Authentication ?

May 14, 2013 at 11:41 PM
Hi,

We have Sharepoint 2013 set to use Forms Based Authentication (Claims) with LDAP - we would like to change the PeoplePicker to show a meaningful DisplayName instead of username (sAMAcccountName).

According to all online documentation and blog posts, a custom Claims Provider is required for this and it appears that LDAPCP is just that however all of your online doc and examples suggest this can only be used with a TrustedLoginProvider (like ADFS, SAML, ...).

I have installed LDAPCP but I cannot run the final PS commands because I do not have a TrustedTokenIssuer to associate it with and therefore I cannot save any configuration in Central Admin, ...

Is there a way to make this work with FBA or do I need to write some code ?

Thanks In Advance
Dave
Coordinator
May 15, 2013 at 11:15 AM
hello Dave,
Can you send me articles where you read that you can use a custom claims provider with FBA?
Procedure in the project is specific to SAML authentication, you cannot use it with FBA.
cheers,
Yvan
May 15, 2013 at 6:34 PM

Hi Yvand,

I was actually sent this link - http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/5409763a-f05a-4eab-aca1-1dd57ccb030f from Microsoft Premier support – they link to your project and the MS engineer states that it has worked in other situations like this.

They also sent this link – very general information: http://technet.microsoft.com/en-us/library/gg602078.aspx

I’m just trying to figure out if LDAPCP might be configured to work for this – if not, perhaps it’s a good code base to start with for writing a custom claims provider if that is what is required.

No one seems to be able to answer any questions about FBA and what is needed to get the People Picker to work properly

Thanks for your help


Dave


This email (including any attachments) is for its intended-recipient's use only. This email may contain information that is confidential or privileged. If you received this email in error, please immediately advise the sender by replying to this email and then delete this message from your system.
Coordinator
May 21, 2013 at 11:21 AM
hello,
I'm not 100% sure, but I really don't see how to use the claims provider to provide lookup for FBA users, since there is no trust (as you mentioned) to plug claims provider with.
If you want to implement lookup against FBA, you should implement a membership provider, as documented in http://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspx
cheers,
Yvan