here is my situation:
- I have a SharePoint Foundation 2010 web application extended to 2 IIS sites.
- Web application has been set up (on creation) to use claims based authentication (because we needed to use FBA).
- First IIS site is set up to use Windows Integrated Authentication (Kerberos).
- Second IIS site is set up to use Forms Based Authentication (with LDAP connection to AD).
- Both sites can be normally accessed and sucessfully authenticate users.
My problem is that two separate SharePoint logins must be created for each AD user who needs to access the web application using both authentication mechanisms. Those two logins have the following username structure:
The unfortunate consequence is that any items assigned in SharePoint lists and libraries that were <created under/assigned to/modified by/checked out> by user's windows login aren't <visible/available/modifyable> under users FBA login
and vice versa.
I'd like to have a single SharePoint user account regardless of the authentication mechanism used to access the web application.
Is this possible and is there a standard mechanism in SharePoint/IIS
View Complete Post