Trying to setup a webapp with mutliple authentication from powershell
https://sharepoint.stackexchange.com//questions/34938
-
08-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian题
I want to set up a web application that can be accessed from three kind of authentication on the default zone:
- anonymous
- Windows
- FBA (over a custom provider)
and two other zones without the windows authentication.
I have this script :
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction 0
$defaultZoneUrl = "http://adm.local.mydomain.int"
$intranetZoneUrl = "https://local.mydomain.int"
$internetZoneUrl = "http://a.local.mydomain.int"
$winAp = new-SPAuthenticationProvider -UseWindowsIntegratedAuthentication -DisableKerberos
$anoAp = new-SPAuthenticationProvider -AllowAnonymous
$fbaAp = new-SPAuthenticationProvider -ASPNETMembershipProvider "CustMembershipProvider" -ASPNETRoleProviderName "CustRoleProvider"
$webApp = new-SPWebApplication -ApplicationPool "SharePoint - 80" `
-AuthenticationProvider $winAp, $anoAp, $fbaAp `
-DatabaseName "Wss_Content_Dev" `
-HostHeader "adm.local.mydomain.int" `
-Name "Dev web application" `
-Port 80 `
-SignInRedirectURL "/_layouts/cust/login.aspx"
$intranetWebApp = new-SPWebApplicationExtension -AuthenticationProvider $anoAp, $fbaAp `
-Identity $webApp `
-Zone "Intranet" `
-HostHeader "local.mydomain.int" `
-Port 443 `
-SecureSocketsLayer `
-SignInRedirectURL "/_layouts/cust/login.aspx"
$anoWebApp = new-SPWebApplicationExtension -AuthenticationProvider $anoAp, $fbaAp `
-Identity $webApp `
-Zone "Intranet" `
-HostHeader "a.local.mydomain.int" `
-Port 80 `
-SecureSocketsLayer `
-SignInRedirectURL "/_layouts/cust/login.aspx"
However, this breaks on the web application creation with the error :
New-SPWebApplication : Exception of type 'System.ArgumentException' was thrown.
Parameter name: provider
At E:\Scripts\SetupEnvironment\CreateWebAppAndZones.ps1:13 char:31
+ $webApp = new-SPWebApplication <<<< -AllowAnonymousAccess `
+ CategoryInfo : InvalidData: (Microsoft.Share...PWebApplication:SPCmdletNewSPWebApplication) [New-SPWebApplication], ArgumentException
+ FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSPWebApplication
I also tried but setting explicitely the flag -AllowAnonymous but the error remains.
When I go to the Central administration, my Web app is created, but is not claims enabled.
How can I correct my script to reach my goal ?
解决方案
Answering myself...
I changed the script to perform these operations :
- Create the webapp with only Windows Auth
- Enable Claims authentication on the web app
- Add the remaining auth providers
- Extend the web app (passing all providers is working)
Here the updated script :
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction 0
$winAp = new-SPAuthenticationProvider -UseWindowsIntegratedAuthentication -DisableKerberos
$anoAp = new-SPAuthenticationProvider -AllowAnonymous
$fbaAp = new-SPAuthenticationProvider -ASPNETMembershipProvider "CustMembershipProvider" -ASPNETRoleProviderName "CustRoleProvider"
$webApp = new-SPWebApplication -ApplicationPool "SharePoint - 80" `
-AuthenticationProvider $winAp `
-DatabaseName "Wss_Content_Dev" `
-HostHeader "adm.local.mydomain.int" `
-Name "Dev web application" `
-Port 80 `
-SignInRedirectURL "/_layouts/cust/login.aspx"
$webApp.UseClaimsAuthentication = $true
$webApp.Update()
$webApp.MigrateUsers($true)
Set-SPWebApplication -AuthenticationProvider $anoAp, $fbaAp -Identity $webApp -Zone "Default"
$intranetWebApp = new-SPWebApplicationExtension -AuthenticationProvider $anoAp, $fbaAp `
-Identity $webApp `
-Zone "Intranet" `
-HostHeader "local.mydomain.int" `
-Port 443 `
-SecureSocketsLayer `
-SignInRedirectURL "/_layouts/cust/login.aspx"
$anoWebApp = new-SPWebApplicationExtension -AuthenticationProvider $anoAp, $fbaAp `
-Identity $webApp `
-Zone "Intranet" `
-HostHeader "a.local.mydomain.int" `
-Port 80 `
-SignInRedirectURL "/_layouts/cust/login.aspx"
