External User Management

This project is further maintained at the Ventigrate Codeplex Repository (http://ventigrate.codeplex.com).
Please go there to get the latest news or for any questions regarding this topic.
Page was cross-posted to this blog on 09/30/2011.

External User Management

The External User Management solution allows for easy management of users and groups for a SharePoint 2010 environment configured for Forms Based Authentication (FBA), handled by Claims Based Authentication (CBA). It contains management pages for Site Collection Administrators to:

User Management tasks

  • Add users
  • Edit a user (edit details, password or role membership)
  • Unlock a user
  • Delete a user

Role Management tasks

  • Add a role
  • Delete a role


Log4Net is a highly flexible and configurable logging mechanism and is used by this solution. It is included in the Deployment Package and can be installed as a SharePoint Solution Package (.wsp) using STSADM or PowerShell:

STSADM -o addsolution -filename Log4Net.v1.2.10.wsp
STSADM -o deploysolution -name Log4Net.v1.2.10.wsp -allowgacdeployment -immediate



Add and deploy the SharePoint Solution Package (.wsp) using STSADM or PowerShell:

STSADM -o addsolution -filename Ventigrate.Shared.ExternalMembership.wsp
STSADM -o deploysolution -name Ventigrate.Shared.ExternalMembership.wsp -allowgacdeployment -immediate

Add an internal Alternate Access Mapping "http://extranet" for the Zone on the WebApplication that has the Membership and Role Provider (Claims) configured in it's web.config. This is the key to getting the administration pages to connect to the correct provider.

Activate the Site Collection Feature to make a link to the management pages appear in Site Collection Administration.


Q. Will this solution work on SharePoint 2007 ?
A. No, there are certain features that make it work only in SharePoint 2010. But there are similar projects for doing FBA User Management in SharePoint 2007 on CodePlex (CKS http://cks.codeplex.com/).

Q. I don't use a Role Provider or my Membership Provider doesn't allow certain tasks such as Password Change. Can I use this ?
A. It will probably throw some issues since this code wasn't really designed to capture any possible Membership or Role Provider configuration. Feel free to provide improvements through the Discussion Boards http://ventigrate.codeplex.com/discussions.

Q. Will the Advanced Computed Field still work if I migrate from SharePoint 2007 to SharePoint 2010 ?
A. Definitely, but you'll need to upgrade the SharePoint 2007 solution package to the SharePoint 2010 version. Either retract and delete the SharePoint 2007 package prior to deploying the SharePoint 2010 package, or do an upgrade to the new solution. Make sure to IISRESET afterwards !

Q. Other questions ?
A. No problem. Ask them in the Discussion Boards http://ventigrate.codeplex.com/discussions.


Links to this post


Thursday, 1 Nov 2012 12:40 by jaafar
It's possible to use FBA with Mysql ?

Monday, 5 Nov 2012 08:12 by Steven Van de Craen
Hi jaafar, The management screens will work with any membership provider, but for a membership provider that understands MySQL you cannot use the SQL Membership Provider. Do a search on "mysql membership provider asp.net" and you'll find how to implement one for MySQL. Cheers!

CAPTCHA Image Validation