Grant access to Sharepoint site for a non-domain user

Question

We have two ActiveDirectory separate forests (no trust is established between them). And user from another forest/domain wants to use Sharepoint site (resides on our forest) like we do.

I read the article http://mikeoryszak.com/2009/05/supporting-multiple-active-directory-domains/ and it explains that the trust should be present between forests.

So what else can be done? Is it possible to grant access to the site to an external user? If it is then howcome I do this?

Thanks!

Answer 1

Using Claims based athentication you can use other sources of authentication that Active directory see Getting Started with Security and Claims-Based Identity Model

Which Provider you then should use then depends on on who you want to grant access and how they can be authenticated.

The link you pasted was about using LDAP.

If you want to use Google/Windows Live ID then you can follow Wictor Wiléns Visual guide to Azure Access Controls Services authentication with SharePoint 2010.

If you want to use ASP.NET SQL Membership and Role Providers then you can follow Claims Walkthrough: Creating Forms-Based Authentication for Claims-Based SharePoint 2010 Web Applications Using ASP.NET SQL Membership and Role Providers

None of these require any programming it's "only" configuration.

If you wan't to use an internal system, CRM, ... then custom code may be involved unless you can find a MemberShip provider or STS (Security Token Service) which is already written.