SharePoint 2010 Forms Based Authentication Configuration Manager

I found myself getting really tired of constantly modifying configuration files when setting up forms based auth (FBA) in SharePoint 2010.  There's even more work now then there was in the previous release, because now we have an additional web.config file to modify - for the STS.  It was also a constant hassle when you fat finger some random part of a web.config change.  So, rather than continuing to complain about it, I wrote this little tool to help manage it for you.  You should read through the complete HowToUseIt.txt file that's included in the zip attached to this posting, but basically it allows you to create the entries for membership provider, role provider, wildcard search and connection string and push it out to all of the servers in your farm.  You can also read in the configuration settings from a web application and modify them, then push it back out to the same server, or use it as the basis of settings for a brand new server.  To get you started, I also include several sample membership and role provider configuration entries.  Just select the samples drop down and pick the item you want to create an entry for.  Modify the entry to suite your environment, provide the Url to the web application where the configuration changes should be made, and click the Apply Config button.  Under the covers it creates a custom SharePoint timer job that runs on each web front end and modifies the appropriate web.config file with the appropriate entries.  The timer job is part of a solution (wsp) that's included in the attachment - make sure you deploy it to the farm first before doing anything else.

I STRONGLY encourage you to make a backup of your central admin, STS, and web application web.config files before pushing out changes in case something happens you don't like.  I've tested this on quite a few web applications and in single server and multi-server farms so far without problems, but you never know.

It's already saved me a lot of time and hassle, hope it provides some value for you too.


UPDATE 6/15/2012:  I finally reproduced the error about node belonging to a different document context, and have fixed that.  A new build with that fix is attached.  Thanks for those of you that reported it.

Comments (29)

  1. alexandrad9x says:

  2. Release forms says:

    Yes this is the same issue am facing,, if you get any solution please mail me. I am with this problem from 2 days..thanks

  3. cash says:

    It sounds very interesting to me. I agree with you form based authentication was way easier to set up in SharePoint 2007 then it is in 2010.

    I have to try this out and will come back to you with a feedback.

    Appreciate your effort for the community.



  4. Thank you! This is just the sort of tool I've been looking for right now too.

    Best Regards,


  5. I am experiencing the following problem – the web.config files are modified, but only "Connection String" and "People Picker Wildcard" sections are added. The "Membership Provider" and "Role Provider" textboxes are filled, but these values appear in no web.config file.

    Do you have any idea what can cause such a problem?

  6. Philip says:

    Fantastic.  FBA web.config files are burning out the back of my skull


  7. Phillip Marcuson says:

    Outstanding…. This worked perfectly in my environment with custom membership and  role providers.  Thank you so much!

  8. Great Tool says:

    fixed my error, mind I am sitting here thinking its 2010 and we are still manipulating great long strings even if they are xml files

  9. Merill Fernando says:

    Any chance you can release the source code?


  10. Merill Fernando says:

    I've been inspired by this and created a slightly different version which directly updates the config files and is scriptable from Powershell.

    It's available on CodePlex:

  11. james says:

    NewBie Question. Can you pls be more verbose on how to deploy the FBAConfigFeature.wsp application? When I follow the instructions verbatim powershell throws an exception saying ..

    "The term 'add-spsolution' is not recognized as the name of a cmdlet" … Any help??

  12. All Servers In Farm says:

    I second the need for source code!! Merill, yours is great but it doesn't seem to apply the changes on every server in the farm. Looking in Reflector, this tool seems to use an SPJobDefinition to deploy the changes, does that work when you add a new server to the farm or do you have to re-deploy the Job??

  13. xiangwenhu says:

    Could you send me the source code!  Thanks very much.

  14. XiangwenHu says:

    Could you send me the source code!  Thanks very much.

    My Email is :

  15. MaximD. says:


    Nice work

    However there is one problem for the case when a target config file does not have system.web/membership section defined – this will cause an error that will prevent the config file from being updated…

    That's what I have encountered and that's a pity there are no sources provided


  16. MaximD. says:

    Some details on the error I described above.

    The error occurs only for STS web.config (since only in this case system.web,providers etc nodes are pre created) and the message is

    The node to be inserted is from a different document context

    Seems it's quite easy to fix

    Hope it helps someone

  17. aru says:

    <a href="" rel="nofollow">Its really very helpful information Thanks</a></p>

    <br /> <br /><br />

  18. Bijay says:

    I want to configure with Oracle database. Can you provide me some clue to do that.

  19. Urs says:

    Hi Steve,

    great tool!

    One comment, though: I used the provided SQL-Membership Provider example and there is a linebreak in the template. This linebreak is written to the web.config files as '&#xD;&#xA;'. No big deal here, but you could perhaps erase this inside the template.

    Regard, Urs

  20. guy says:

    Fresh out of the box with Pristine web.config files (except that I specified FBA and a name of the FBA Section)… — it pulls pack a null reference — .. Would have been nice… I don't have time to screw around – picking another solution…

  21. Hammad says:

    Can you please share the code of this??

  22. Anonymous says:

    Nothing really earth shattering here – the previous version of FBA Configuration Manager for SharePoint

  23. Anonymous says:

    Nothing really earth shattering here – the previous version of FBA Configuration Manager for SharePoint

  24. Anonymous says:

    Nothing really earth shattering here – the previous version of FBA Configuration Manager for SharePoint

  25. Anonymous says:

    Nothing really earth shattering here – the previous version of FBA Configuration Manager for SharePoint

  26. m88 says:

    Modern Thai restaurant combines outstanding traditional cuisine and a subtle modern decor with a warm welcoming ambience. Thai Restaurants in Brisbane : , traveller reviews of Brisbane Thai restaurants and search by price, location, and more..

    m88 : offer online sports games Asia, Sports Betting Asia, Sports Betting Sites Asia.

    m88asia : m88asia
    Link to M88BET phone: – Register and Open Betting Account and Membership M88BET.

    m88bet :
    MANSION88 the house is one of the largest and most prestigious. Appeared quite early in the Asian market, the so-MANSION88 currently attracts more players.

    link m88 : m88casino
    Home the M88 is the official sponsor of the football club in the Premier League
    Wish you happy with the new M88
    m88 casino online : m88online

  27. Anonymous says:

    Nothing really earth shattering here – the previous version of FBA Configuration Manager for SharePoint

Skip to main content