Table of Contents
Shared membership provides the ability to centralize your user storage in a common database so that other applications can access it. When talking about shared membership in Zimbra Social, we are referring more specifically to a shared ASP.NET membership store. There are other types of central user storage possibilities, but this document is targeting a shared database that uses ASP.NET membership services.
If you are creating a new Zimbra Social site and do not have any other applications at this time, but expect to have more applications that will need access to the users created in Zimbra Socialf, then you should seriously consider centralizing the users storage. Basically, if you expect to need to access common user data or plan to incorporate ASP.NET Forms authentication in future applications, then you should centralize your user storage.
- Only membership data is shared, not role nor profile data.
- You can no longer rename or delete users when using Shared Membership
- Add the user account you're using to connect from Zimbra Social to the Shared Membership database to the aspnet_Membership_FullAccess, aspnet_Profile_FullAccess, db_datareader and db_datawriter roles
- Edit the Zimbra Social connectionStrings.config and add a new entry to connect to your shared membership database. Following is an example of a connection string that connects to a database named SharedMembership:
<add name="SharedMembershipSqlServer" connectionString="server=(local);uid=;pwd=;Trusted_Connection=yes;database=SharedMembership" />
- Edit the Zimbra Social web.config file in the root of the site. Find the <membership> node and change the entry for the Zimbra Social SqlProvider so that the connectionStringName attribute is set to the name of the connection string created in step 10. Also ensure that the applicationName attribute matches the application name you're connecting. (If you have just created an empty look:
<add name="Telligent.EvolutionSqlProvider" type="Telligent.Evolution.AspNetMembership.MembershipProvider, Telligent.Evolution.Core"
enableMultipleEvolutionSites="false" connectionStringName="SharedMembershipSqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" applicationName="dev" description="Stores and retrieves membership data from the local Microsoft SQL Server database" maxInvalidPasswordAttempts="5" passwordAttemptWindow="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" />
At this point, you have a shared membership database created with an application in it; you also have Zimbra Social configured to point to this membership database for user authentication and details. However, you do not have any users created in the shared membership database. You will need to create three users in the shared membership database for the admin, anonymous, and __CommunityServer__Service__ user. Below are SQL queries you can execute to create these users:
DECLARE @return_value int, @UserId uniqueidentifier, @CurrentDate datetime, @ApplicationName nvarchar(256) Set @ApplicationName = 'dev' SET @CurrentDate = GETDATE() EXEC [dbo].[aspnet_Membership_CreateUser] @ApplicationName = @ApplicationName, @UserName = N'admin', @Password = N'pa$word', @PasswordSalt = N'DVZTktxeMzDtXR7eik7Cdw==', @Email = Nemail@example.com', @PasswordQuestion = NULL, @PasswordAnswer = NULL, @IsApproved = 1, @CurrentTimeUtc = @CurrentDate, @CreateDate = @CurrentDate, @UniqueEmail = 1, @PasswordFormat = 0, @UserId = null -- Anonymous user: DECLARE @Password uniqueidentifier SET @CurrentDate = GETDATE() SET @Password = NEWID() EXEC [dbo].[aspnet_Membership_CreateUser] @ApplicationName = @ApplicationName, @UserName = N'anonymous', @Password = @Password, @PasswordSalt = N's66gYgmyP+NTthC+MWJw5Q==', @Email = Nfirstname.lastname@example.org', @PasswordQuestion = NULL, @PasswordAnswer = NULL, @IsApproved = 1, @CurrentTimeUtc = @CurrentDate, @CreateDate = @CurrentDate, @UniqueEmail = 1, @PasswordFormat = 0, @UserId = null UPDATE [aspnet_Users] SET IsAnonymous = 1 WHERE UserName = 'anonymous' -- __CommunityServer__Service__ user: SET @Password = NEWID() EXEC [dbo].[aspnet_Membership_CreateUser] @ApplicationName = @ApplicationName, @UserName = N'__CommunityServer__Service__', @Password = @Password, @PasswordSalt = N' JJ9mf4arlx9XVvoLMJI+bw==', @Email = N'__CommunityServer__Service__@site.com', @PasswordQuestion = NULL, @PasswordAnswer = NULL, @IsApproved = 1, @CurrentTimeUtc = @CurrentDate, @CreateDate = @CurrentDate, @UniqueEmail = 1, @PasswordFormat = 0, @UserId = null
- Execute the ExtendedMembership.sql script that ships in the /sqlscripts/ with Zimbra Social. This script will create additional stored procedures in your shared membership database that Zimbra Social uses.
- At this point, you should now try to authenticate to your Zimbra Social site using the admin user. After you authenticate, you will want to change the password for the admin user since the password format used in step 12 is storing the password in plaintext, but you will want to change the password so that it is stored in a hashed format.
You should change the password for the admin user and other users from the Control Panel > System Administration > Membership Administration > [username] > Edit area. This will update the password to use the PasswordFormat=1.
Follow these steps if you do not yet have a shared membership store.
- Install a new instance of Zimbra Social.
- Create a new database on the server that you want to contain your shared membership data.
- Navigate to C:\Windows\Microsoft.NET\Framework\v4.0.30319, or wherever you have .NET 4.0 installed. and launch aspnet_regsql.exe.
- Click Next and select Configure SQL Server for application services, then click Next.
- Select the server and the database from step 2 that you want to install the shared membership data into, then click Next.
- The next screen presents a summary of the steps that are about to be made. Review this summary and click Next. If everything is successful, then you will have a final screen that looks like the figure below.
When you are done, click Finish.
- Launch Microsoft SQL Server Management Studio and look at the objects in the shared membership database. Verify that you now have ASP.NET membership tables and stored procedures similar to those pictured below.
- Now follow the above instructions for "Using an Existing Membership Store"