| Authentication: Stsadm operation (Office SharePoint Server) | |
|
|
| Stsadm command-line tool (Office SharePoint Server) > Stsadm operations (Office SharePoint Server) > Security: Stsadm operations (Office SharePoint Server) > |
This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.
Operation name: Authentication
Description
Authentication is the process by which Microsoft Office SharePoint Server 2007 verifies who the user is. Authentication provides the user identity input to the authorization process, which determines which actions the current user is allowed to perform on a given object.
The administrator can select any one of the following authentication settings when a Web application is provisioned:
-
Windows authentication- Allows Internet Information Services (IIS) to perform the authentication for Office SharePoint Server 2007, for example, Kerberos, NTLM, or Basic, Certificates.
-
Forms-based authentication- Allows ASP.NET to perform the authentication for, for example, Office SharePoint Server 2007 redirect to a login page.
Syntax
stsadm -o authentication
-url <URL name>
-type <type>
[-usebasic]
[-usewindowsintegrated]
[-exclusivelyusentlm]
[-membershipprovider] <membership provider name>
[-rolemanager] <role manager name>
[-enableclientintegration]
[-allowanonymous]
Parameters
|
Parameter |
Value |
Required? |
Description | ||
|
url |
A valid URL, such as http://server_name |
Yes |
The URL of the Web application to which the authentication settings is being applied to the content database | ||
|
type |
Any of the following values:
|
Yes |
Type of authentication you want to use for a zone. Settings are trimmed depending on what value is selected. By default, Windows authentication is used. | ||
|
usebasic |
<none> |
No |
Basic is the simplest form of authentication. Basic authentication will continue to be supported by using Windows credentials with or without SSL. IIS only supports basic authentication over Windows accounts. Developers can plug in their own authentication.
| ||
|
usewindowsintegrated |
|
No |
This is the IIS default configuration. This setting is used as the default for a basic or "one-click" setup. | ||
|
exclusivelyusentlm |
|
No |
If this parameter is present, Kerberos authentication is removed for this Web application. | ||
|
membershipprovider |
|
No |
This value is used only when a value other than Windows from the type parameter is specified. The membership provider must be correctly configured in the Web.config file for the IIS Web site that hosts Office SharePoint Server 2007 content on each Web server. If you want to be able to manage membership users from Central Administration, it must also be added to the Web.config file for the IIS site that hosts Central Administration. | ||
|
rolemanager |
|
No |
The role provider must be correctly configured in the Web.config file for the IIS Web site that hosts Office SharePoint Server 2007 content on each Web server. If you want to be able to manage membership users from Central Administration, it must also be added to the Web.config file for the IIS site that hosts Central Administration. | ||
|
enableclientintegration |
<none> |
No |
A value of "Yes" enables features that start client applications according to document types. This option might not work correctly with some types of forms-based authentication. A value of "No" disables features that start client applications according to document types. Users must download documents locally, and then upload them after making changes.
| ||
|
allowanonymous |
<none> |
No |
The default state for anonymous access during virtual server provisioning is off regardless of the current IIS setting. The administrator needs to explicitly turn on anonymous access. IIS anonymous access must be on for pluggable authentication. Anonymous requests must make it through IIS to get to the ASP.NET authentication system. There is no anonymous access choice when provisioning with forms-based authentication.
|
Note: