Why use forms-based authentication against an LDAP data store in Project Server 2007?

In Microsoft Office Project Server 2003, users connecting to the server can be configured to use either Windows authentication or Project Server authentication. Project Server–authenticated user account information is stored in the Project Server database. Project Server-authenticated users are not able to use Windows SharePoint Services 2.0 without the use of a cumbersome workaround.

In Microsoft Office Project Server 2007, Project Server authentication is no longer supported. Instead, Office Project Server 2007 supports both Windows authentication and ASP.NET 2.0 forms-based authentication. In ASP.NET forms-based authentication, users are authenticated through a supported third-party membership provider, such as a Lightweight Directory Access Protocol data store or Microsoft SQL Server. Unlike Project Server–authenticated accounts, accounts relying on forms-based authentication benefit from full use of Windows SharePoint Services 3.0.

The Lightweight Directory Access Protocol (LDAP) is a directory service protocol designed to allow fast and efficient access to an existing directory. Directory services that support LDAP version 2 or 3 can be used for Office Project Server 2007 forms-based authentication.

The primary advantages of using forms-based authentication against an LDAP data store are:

  • It supports authentication against credentials stored in the Active Directory directory service on a Windows domain controller.
  • It supports authentication against LDAP data stores that do not run on the Windows operating system, such as Novell eDirectory, Novell Directory Services (NDS), or Sun ONE. Because Office Project Server 2007 is built on ASP.NET 2.0, it supports the ASP.NET 2.0 pluggable authentication provider model. This model enables you to store user credentials in a data store other than Active Directory. Novell, Linux, and Sun networks all have LDAP-supported directory services that can be used with Office Project Server 2007.
  • It allows you to manage non-employee accounts (for example, consultants or contractors) apart from Active Directory. This can be done through an external LDAP directory service, such as Active Directory Application Mode (ADAM). For more information about ADAM, see Create your LDAP data store with the Active Directory Application Mode (ADAM) directory service.

Configure forms-based authentication against an LDAP data store in Office Project Server 2007:

http://technet.microsoft.com/en-us/library/cc197721.aspx 

Create your LDAP data store with the Active Directory Application Mode (ADAM) directory service:

http://technet.microsoft.com/en-us/library/cc197506.aspx 

A company previously used Microsoft Office Project Server 2003 in which intranet and extranet users were authenticated through Project Server authentication. Users were authenticated against a directory that was in the Project Server 2003 database. The company has now upgraded to Office Project Server 2007, in which Project Server authentication is not supported. The company uses ADAM to create a new directory and then adds the migrated Project Server 2003 accounts to it. It then creates respective PWA sites for both intranet and extranet users, both accessing the same content. These users can now access Office Project Server 2007 and are authenticated through the directory created by the ADAM instance. 

Download details: ADAM Step-by-Step Guide:

http://www.microsoft.com/downloads/details.aspx?FamilyID=5163b97a-7df3-4b41-954e-0f7c04893e83&DisplayLang=en

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: