We have a situation where we created a couple of SharePoint farms, QA and Production, that had some customized FBA implementations and implemented reversible encryption for the passwords. Since the passwords are coming from a legacy system, we had to come up with a way to encrypt them and make them “decryptable” within SharePoint. We were successful in doing this, but ended up having a couple of issues in production that would not allow users to log in. Basically, their passwords were not being decrypted correctly.
This all begins in the <machineKey> section of the web.config. The decryptionKey is used during the decryption process and, since this had to be supported across multiple machines, we made these sections the same across multiple machines and farms. In fact, we had to use this on our legacy system so we could successfully encrypt and transfer the passwords from the AS400 (yes, mainframe). This is what a <machineKey> section looks like.
<machineKey validationKey="A430378F60DFFDE60F6078B1571BD9CEC411525E4EB001C4444C13A997EA963F" decryptionKey="552D1812FCABB97301F392FE9C9224F422DB7BFCE4D2B8EDB0E152F19C9C6D98" validation="HMACSHA256" />
Step 1
Step by Step:
1. Monitoring ->
2. Review rule definitions ->
3. Page 2 ->
4. Category (Configuration) ->
5. Web.config files are not identical on all machines in the farm. ->
6. click on it ->
7. Edit Item (Top Left) ->
8. Uncheck Enabled & Repair Automatically->
9. Click on Save
This all begins in the <machineKey> section of the web.config. The decryptionKey is used during the decryption process and, since this had to be supported across multiple machines, we made these sections the same across multiple machines and farms. In fact, we had to use this on our legacy system so we could successfully encrypt and transfer the passwords from the AS400 (yes, mainframe). This is what a <machineKey> section looks like.
<machineKey validationKey="A430378F60DFFDE60F6078B1571BD9CEC411525E4EB001C4444C13A997EA963F" decryptionKey="552D1812FCABB97301F392FE9C9224F422DB7BFCE4D2B8EDB0E152F19C9C6D98" validation="HMACSHA256" />
Step 1
Step 2
Step 3
Step 4
1. Monitoring ->
2. Review rule definitions ->
3. Page 2 ->
4. Category (Configuration) ->
5. Web.config files are not identical on all machines in the farm. ->
6. click on it ->
7. Edit Item (Top Left) ->
8. Uncheck Enabled & Repair Automatically->
9. Click on Save
Reference:
No comments:
Post a Comment