Make FBA user a site collection admin and non site-collection admin should be able to admin FBA

Jan 9, 2013 at 8:49 PM

Can we make an FBA user a site collection administrator and non-site collection administrators administrate FBA users ?

 

Thanks

Coordinator
Jan 9, 2013 at 9:04 PM

You can make an FBA user a site collection administrator.  Just add the user to the list of Site Collection Administrators in Site Settings.

Unfortunately you currently do need to be a site collection administrator to access the FBA Management pages.  If you raise this as an issue, i'll consider this again for a future release.  There's some discussion of the issue here:

http://sharepoint2010fba.codeplex.com/discussions/256548

Jan 9, 2013 at 9:11 PM

Thanks. We actually wanted some specific FBA users to manage the management pages without them being site collection admins.

Also, when try to add fba user to site collection administrators list in site setting and it does not resolve the name.

However we tested this out on one of the 2007 portals.  I can add my test FBA account to the Owners group which has Full Control permissions on the site and after that, I can go to Manage Users under Users and Permissions and add, edit, delete FBA accounts.

is it not the same in 2010?

Coordinator
Jan 9, 2013 at 9:18 PM

If you are using the CKS Forms Based Authentication Solution for SharePoint 2007 (http://cks.codeplex.com/releases/view/17901), which this is based on, it has the same code to only allow site collection administrators. Unless maybe you're using a modified version of it.

If you can't resolve FBA users in the site collection administrator list, you likely have an issue with the membership settings in your web.config.

Jan 9, 2013 at 9:24 PM

Thanks for the quick reply. we will check our web.config. fba user does exist in one of the SharePoint security groups and we are also able to login with that account. you think it's still a web.config issue?

Coordinator
Jan 9, 2013 at 9:35 PM

Yup. It uses the web.config from the Secure Token Service to authenticate the user, so that one's probably ok. It's probably just your web application web.config (but you may want to also check the central admin web.config).