Sharepoint is installed and running swimmingly on "the cloud." I was able to have the server join our domain by installing a mobile VPN client and connecting it to our network. I don't want to leave it connected to our network because the mobile VPN client isn't reliable.
What's the best way to allow Sharepoint to authenticate user logons via Active Directory without being connected to our VPN?
As a matter of fact, I'm working on that right now...
In our situation there's an AD server in headquarters and we want members of it to be able to access our local farm. The easy way would be to establish Trust but between the dingbats overworked staff at our end and the mindless bureaucrats directory administrators in HQ, that could be months away.
You can set up an Active Directory Membership provider with forms authentication as per:
However, that LDAP connection string won't work in its own as the HQ server won't bind to any old anonymous query (unlike our LDAP server, but that's getting turned off), so I have to provide a username and password, but I did find:
<providers>
<add name="ADProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnString"
connectionUsername="charrandev.com\Administrator"
connectionPassword="password"
attributeMapUsername="SAMAccountName"/>
</providers>
at http://forums.asp.net/p/1086890/1651644.aspx
I'm about to give this a try.
However there is one huge problem here!
From what I can see, my login credentials are going to be sent in the query in plaintext, which can't be good. I don't know much about LDAP:// style connections but back in my VBScript days the LDAP object was supposed to be able to do encrypted queries, but it wasn't implemented yet. That may be different now. Perhaps a more enlightened .net person can tell us.
