Reduced functionality using forms authentication (FBA) in SharePoint - sharepoint

I’ve got a moss document centre website with FBA and AD authentication enabled. After creating a picture library I seem to have reduced functionality when accessing the site through the FBA URL.
I’ve compared the web.config files from each IIS website and they are the same (apart from added FBA information that's required).
Here's two pictures to illustrate what I mean.
This picture shows the options available in the picture library when accessing the website through AD authentication:
alt text http://www.abbeylegal.com/Downloads/2006-07-26/Ad%20Authentication.jpg
This picture shows the reduced options available in the picture library when accessing the website through FBA authentication:
alt text http://www.abbeylegal.com/Downloads/2006-07-26/FBA%20Authentication.jpg
Anyone else seen this behaviour? I find it really strange.

This functionality is by design. As per Microsoft:
When you configure a zone to use forms authentication, the Enable Client Integration box is cleared by default. If a zone is configured in this way, the following changes occur in functionality:
Support for remote interfaces is turned off. That includes WebDAV, SOAP, and Microsoft Office FrontPage remote procedure calls (RPC). Some functionality is not available, such as Web folders or the Web services for accessing content in that site.
Some toolbar items no longer appear:
New Document
Open in Outlook
Open In Windows Explorer
Export to Spreadsheet
Open with Database Program
Explorer View option is hidden.
Create an Access View option is hidden.
In picture libraries, the following functionality is removed:
Upload Multiple
Edit Picture
Download
Send To
On the Edit Control Block (ECB) menu, the drop-down menu that appears when you click - items in document libraries, the following items are removed:
Edit in Word
Edit in Excel
Edit in PowerPoint
Discuss
Connect To Outlook
In slide libraries the following functionality is removed:
Publish Slide
Send to PowerPoint
Also, syncing SharePoint data with Microsoft Office Outlook no longer works.

Form Authentication will reduce some functionality such as in document library. We won't see the new document, be able to edit it in the spreadsheet, be able to open it with Windows Explorer etc.
For that, we need to enable the feature called Client Integration in Authentication
Provider. After enabling that, we'll get all menu items.

Related

Possibilities of MS Outlook Web Add-ins on the header/Ribbon in web apps and Independent

I am working with outlook Web-Addins. Addin type is "ItemRead". Now I want some thing unrelated to mails as in i want to have button on header as i see the skype button on the top.
Also we can create Addin on mail compose. I am not sure if this is possible to have separate buttons on header separate from mail section
example in the image of skype button.
I have also tried with Outlook Add-in ModuleExtension but cannot seems to be work as expected in outlook web app.
The command controls for invoking add-on are described in manifest part of the add-in. Those controls will be displayed in predefined place of the UI depend on particular client design (Outlook online, Outlook desktop, etc.). As the developer you are able to set control's setting, such as title, icon and so on, but not the place where control will be displayed. This would be up to Microsoft dev/design team.
Bottom line: You are not able to place your control in the specific place of the client interface.
Module extension add-in currently available for Outlook 2016 desktop. There is request to make it available for Outlook online which you can upvote if you like.
Additional Questions:
So is it is not possible right right now?
Module extension add-in for Outlook online is not currently available. To place your control into the place you want is not available, either and never will be. This is because of obvious reasons ... can you imagine what's happen with user interface if every extension will be able to modify the UI as it needs? Total disaster.
Or can you help me with other option ?
Outlook add-in works with single item, as of the controls will appear when item (e-mail, appointment, etc.) selected or compose window invoked, there is nothing you can do.
Also one more thing that is it possible to store a custom global setting value for the outlook organization using addin or any other way?
To store the settings for particular mailbox, user inside organization, there is Office.context.roamingSettings object. If you need some global settings for your app for entire organization, you would set them inside JS part for this particular organization and make the deployment just withing this organization. In case you want to distribute the app via Office store and customize it per organization you may want to write some service which delivers custom settings for add-on on start-up. For example you have rest service which returns custom configuration depend on domain; in this case when add-on invoked you may request custom configuration by sending rest call with user domain and after cache it in mailbox.

Can't open PDF files in SharePoint 2010 with Internet Explorer

So we couldn't open .pdf in the browser in our SP2010 site. I set the setting to permissive browser file handling in central admin. I then found out that there's a bug that if a site is created from a custom template the pdf files uploaded to that site will still prompt for either Save or Cancel. I ran a hotfix on the server
http://support.microsoft.com/kb/2459108
Consider the following scenario:
You set Browser File Handling to Permissive for a web application in the General settings page in SharePoint 2010 Central Administration.
You create a document library, and then upload an html document.
You open the html document in the browser.
Note You are not prompted to download the html document and it is rendered in the browser.
You select to include the content when you save the SharePoint site as a template.
You use the template to create a new SharePoint site in the same web application.
In this scenario, the Browser File Handling list setting for the document library in the new site is set to Strict. Additionally, when you open the html document, you are prompted to download the file.
Now when I click on a pdf with firefox I can open it directly but with internet explorer (8 and 9, default settings) I still can't do it, what's the solution here?
Edit: Maybe it always worked in firefox, anyway, when I create a new library it works as expected. How can I run this setting on all libraries?
There's a different, more subtle, but simpler root cause of this problem.
After much web searching and many hours with MSFT support, as hard as this may be to believe, it turns out that the root cause of my "SharePoint won't open PDF documents" problem was actually an Adobe extension/add-on. The symptom was an Adobe error msg "failed to open" after clicking the PDF list item in a document library. The culprit, an Adobe extension/add-on: "Adobe Acrobat SharePoint OpenDocuments Component".
I do not know how this got installed. What I do (finally) know is that this component actually does the exact opposite of what its name implies, i.e., it apparently prevents PDF documents from opening up when clicked in a SharePoint 2010 document library.
After various failed attempts to solve this problem (including changing "Browser File Handler" settings on the web app server from "Strict" to "Permissive" and other fixes suggested below and elsewhere on various blogs and web sites), nothing fixed the problem until we disabled this Adobe extension/add-on. Then, problem solved.
Note that you may not see this component in the "Tools > Manage Add-Ons" list until after attempting to open a PDF document from the library: apparently the add-on isn't activated (won't appear in that list) until an 'open' attempt is made. SO - if at first you don't see the component listed, try to open a PDF file and check the list again. If this component appears, disable it, and your problem is likely to go away.
Baffling, at best; or worse, actually nefarious on Adobe's part ...?
I'd still like to know how to get the PDF to open in a separate browser tab in IE vs. displacing the active tab. If anyone can help with that, please let me know! No custom coding solutions, PLEASE!
There is a better way to handle "Browser File Handle" issue. Take a look at my blog here: http://www.pdfsharepoint.com/sharepoint-2010-and-pdf-integration-series-part-1/
Solution #2 addresses Pdf extension without exposing entire Web Application to "Permissive" browsing. Setting "Browsing File Handle" to "permissive" opens too many vulnerabilities with other file extensions.
Thanks,
Dmitry
I have the same problem - originally installed Office Web apps, then turned that off, turned on the open in client application, then changed the setting on each doc library to open in browser .. Still have a problem with PDFs though.
If somebody includes a link to them in an announcement, then that person can open, other not. But only in IE - in FF there is no problme
Just change the Browser File Handling for the Web Application from the central admin as:
Central Administration > Application Management > Manage Web Applications
go to your Web Application example "http://sharepoint:80, just select it
from the top ribbon click "General Settings"
go down to "Browser File Handling" and change it to "Permissive"
If am not clear go to http://www.pdfsharepoint.com/sharepoint-2010-and-pdf-integration-series-part-1/
try this:
Make sure you're the site collection admin. Go into the site (not the central admin) and then go to site settings then go to site collection features. In there you will find the setting for " Open Documents in Client Applications by Default " it will probably be deactivated. Active it and you're good to go. users will then open attachments in their windows assigned applications, not the sharepoint web apps.
Also, try going into adobe reader and in the settings there is an option to open with the browser. check or uncheck it based on what you want it to do.
Encryption and SharePoint don't play well together
Right click My Documents or source folder
Select Properties > Advanced (button)
Uncheck "Encrypt contents to secure data"
This should solve many SharePoint problems you might have, including files not opening properly.
Appreciate this is an old post but still very relevant today. I spent a while trying to get this to work - just thought I'd share my findings.
This is specific to Adobe Acrobat. If you use a different PDF viewer, such as SumatraPDF the issue does not occur.
1. To prevent the 'Open, Save, Save As' dialog box in Internet Explorer:
This is specific to the versions of Acrobat. Set the following key/value:
Key: HKLM\SOFTWARE\Policies\Adobe\Acrobat Reader\*acrobat_version_number*\FeatureLockDown\cSharePoint
Value Name: bDisableSharePointFeatures
Value Type: REG_DWORD
Value: 0x1 (hex)
e.g.
For Acrobat X:
HKLM\SOFTWARE\Policies\Adobe\Acrobat Reader\11.0\FeatureLockDown\cSharePoint
2. To disable PDFs opening in the browser
This is specific to the versions of Acrobat. Set the following key/value:
Key: HKCU\Software\Adobe\Acrobat Reader\acrobat_version_number\Originals
Value Name: bBrowserIntegration
Value Type: REG_DWORD
Value: 0x0 (hex)
e.g.
For Acrobat X:
HKCU\Software\Adobe\Acrobat Reader\11.0\Originals
Thanks,
References:
Adobe Acrobat - Lockable Settings
Adobe Acrobat - General Application Settings

Is it possible to hide the Web File Properties dialog in Office 2003?

We're implementing SharePoint 2007 but have Office 2003 as our client. This causes problems when editing metadata since custom field types like BDC columns aren't represented properly within the Web File Properties dialog in Word. To get around this, we would like to disable the this dialog to force users to edit metadata within SharePoint.
How can we do this? Also, are there other alternatives that we should consider (short of upgrading to Office 2007)?
We use a product called metaEngine to customize the Office properties dialog. (I have no affiliation with the company)
Essentially it uses an httpModule to detect when the Office properties dialog is called and injects / rewrites the html to provide a custom editor for metadata. You could either use this approach, or use a similar httpModule to present a "this functionality is disabled" type screen.
Have a look at the requests going between Office and SharePoint using Fiddler and it'll give you an idea of what you could change.

Force InfoPath form to open in Browser

I created an InfoPath form that uses VB code to push fields into a custom list I created on a SharePoint 2007 site. This part works.
I "published" the form into a form library.
I changed the settings on that form library to open items in the browser and allow editing of content types.
In InfoPath under Form Settings I chose the compatibility setting to allow this form to be opened in a browser, I linked to my Forms service online, and ran the design checker. No errors.
When I try to open it in the browser using the "Edit in Browser" setting I get this error message:
This form template is not currently
browser-enabled. It must either be
republished as a browser-enabled form,
or opened using Microsoft Office
InfoPath 2007.
No matter what I do, the form will not open in the browser. This is all I want. Did I miss something??
You need to upload your form thru Central Administration because you use code in your form. See this MSDN acticle.

Office documents prompt for login in anonymous SharePoint site

I have a MOSS 07 site that is configured for anonymous access. There is a document library within this site that also has anonymous access enabled. When an anonymous user clicks on a PDF file in this library, he or she can read or download it with no problem. When a user clicks on an Office document, he or she is prompted with a login box. The user can cancel out of this box without entering a log in, and will be taken to the document.
This happens in IE but not FireFox.
I see some references to this question on the web but no clear solutions:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.sharepoint.windowsservices.development&tid=5452e093-a0d7-45c5-8ed0-96551e854cec&cat=en_US_CC8402B4-DC5E-652D-7DB2-0119AFB7C906&lang=en&cr=US&sloc=&p=1
http://www.sharepointu.com/forums/t/5779.aspx
http://www.eggheadcafe.com/software/aspnet/30817418/anonymous-users-getting-p.aspx
To disable login prompt opening office documents from SharePoint 2010 do the following settings in web.config
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="true">
<!-- here's where the magic happens -->
<verbs allowUnlisted="true">
<add verb="OPTIONS" allowed="false" />
<add verb="PROPFIND" allowed="false" />
</verbs>
</requestFiltering>
</security>
</system.webServer>
If Sharepoint Shared Workspace is enabled in MS Word this may prompt users with a Windows login if users do not have permissions to access or create a Shared Workspace. Do the followoing to turn this off:
Open MS Word
Go to Tools/Options
Click General Tab
Click Service Options
Click Shared Workspace
Uncheck box that says “The document is part of a Workspace or SharePoint Site.”
Click OK
Click OK
Try to hit a MS Word document from the SharePoint site.
If this resolves issue repeat steps with every MS Office program to eliminate the prompt. (Excel, PowerPoint, Visio, ect)
http://office.microsoft.com/en-us/word/HP010414641033.aspx
Unfortuantly the only work around I've found breaks some functionality for logged in users (can't upload multiple files, connect to outlook ect..)
If that is acceptable, or you want to try it and see:
In central admin > application management > application security > authentication providers select your web app and select your provider (likely "default").
Select No for client integration and save the settings.
Open your web config, find the line <add verb="OPTIONS,PROPFIND,PUT,LOCK,UNLOCK..... and remove the verb OPTIONS.
You should no longer be asked in ie for credentials. To reverse this simply undo both changes.
If you can click cancel and it comes up the problem is...
AuthForwardServerList
http://support.microsoft.com/kb/943280
Office doesn't know the site is trusted/local so it doesn't fwd your credentials and prompts you with an opportunity to provide them. It's a feature....
If you list your site in the proper registry key it will forward your credentials which are not needed but you won't get prompted.
If you have a url rewriting module or urlscan, configure the software to send http 403 to http OPTIONS requests.
In the Sharepoint Server 2010, The solution method is a little bit changing because the new generation Sharepoint can not hold verbs in web.config. Therfore, you must change the method. First of all, you open IIS 7.0 and choose your application site. You can see many items at the middle of the screen. You choose and double click Request Filters. In the request filtres, you can see "Verbs". You can add OPTIONS and PROPFIND verbs to a deny mode. And finally test your site. Sometimes, Sharepoint needs to close Client Integration Mode of your site. If need, you can close Client Integration Mode in Central Administration.
Possible cause and resolution:
http://support.microsoft.com/kb/943280
"You are prompted to enter your credentials when you access an FQDN site from a computer that is running Windows Vista or Windows 7 and has no proxy configured"
"For example, when you open a Microsoft Office file from a Microsoft Office SharePoint site by using 2007 Microsoft Office on a Windows Vista-based client computer that has no proxy configured, you are prompted for authentication."
My guess is that the Office client is loading the underlying document template from another location where anonymous access is enabled. This also explains why you can still open the document as the Office client can also work without loading the template the document was originally created from. To see the template URL in Word 2007, enable the Developer Ribbon from Word options and click the Document Template button on the ribbon.
That doesn't seem to be it. Once of the documents in question is an Excel file, which would not use the .doc template. Also, in the Document Template dialog, it doesn't give me a url to the SharePoint template file if I create a new Word document based on it. It just says the template is "Normal." I also tried disabling the template at the document library level and it doesn't change the password situation.
When opening an Office document in IE, an ActiveX component is used to call the client application, and prompt it to open the document. In other browsers, the download is a standard hyperlink, handled by the browser.
Does this happen in search results and in standard linked columns in document libraries as well?
Using a tool like Fiddler (as referenced/suggested in your first link reference, see http://www.fiddlertool.com/fiddler/ for more info) is the only efficient way of determining the root cause of this type of issue I'm aware of. Whatever is causing this will be happening over HTTP. A debugging proxy like Fiddler will show you exactly which URL/resource is causing the request for authentication.
On a related note, are you running a recent build of the platform? It might be wise to check to make sure this issue hasn't already been addressed by MS e.g. in a hotfix. The best list of updates I'm aware of is here: http://www.harbar.net/articles/postsp1.aspx
Check this : Remove Login box when anonymous users download office document from SharePoint Site
http://www.theblackknightsings.com/RemoveLoginBoxWhenAnonymousUsersDownloadOfficeDocumentFromSharePointSite.aspx
When developing Extranet/Internet site in SharePoint you often want to allow anonymous access and this works fairly well.
But there is one are where the out of the box experience fails regarding anonymous access and that is when you allow the users to download Microsoft Office documents. In that case IE/Office pops up a couple of Login dialogs, if the user cancels out of these the document opens as expected, but you really don't want the user to have to cancel a couple of dialogs to open your documents
The problem is that office tries to be intelligent and issues a Microsoft Office Protocol Discovery request to see how much the user is allowed to do, but SharePoint responds with access denied until the users logs in.
The solution I've found is to implement a HttpModule which rejects the Microsoft Office Protocol Discovery request if the user isn't logged in and this gets rid of the Login boxes
I'm guessing that you use Windows Vista. We had this problem on Vista but not on XP.
From Microsoft: In Windows Vista, Internet Explorer uses the Web Client service when you use Internet Explorer to access a WebDAV resource. The Web Client Service uses Windows HTTP Services (WinHTTP) to perform the network I/O to the remote host. WinHTTP sends user credentials only in response to requests that occur on a local intranet site. However, WinHTTP does not check the security zone settings in Internet Explorer to determine whether a Web site is in a zone that lets credentials be sent automatically.
If no proxy is configured, WinHTTP sends credentials only to local intranet sites.
Note If the URL contains no period in the server’s name, such as in the following example, the server is assumed to be on a local intranet site:
http://sharepoint/davshare
If the URL contains periods, the server is assumed to be on the Internet. The periods indicate that you use an FQDN address. Therefore, no credentials are automatically sent to this server unless a proxy is configured and unless this server is indicated for proxy bypass.
This is a known issue that has not quite been completely fixed yet. There is a MSDN blog about it here: http://blogs.msdn.com/sharepoint/archive/2007/10/19/known-issue-office-2007-on-windows-vista-prompts-for-user-credentials-when-opening-documents-in-a-sharepoint-2007-site.aspx
There is an interesting workaround posted here: http://grounding.co.za/blogs/neil/archive/2008/11/10/workaround-sharepoint-keeps-prompting-for-login-when-creating-office-2007-documents-on-vista.aspx
Ultimately there is a patch that has been included with Vista SP1 but it also requires a registry edit. We just recently got this to work using the following steps on a Windows Vista SP2 client:
Open regedit. Navigate to the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
Create a new Multi-String value called AuthForwardServerList and give it a value of (for example):
https://.Contoso.com
http://.dns.live.com
*.microsoft.com
https://172.169.4.6
Then restart the WebClient service.
We were able to get this working by changing IE settings.
We have the site URL in Trusted Sites.
Under Custom Settings set User Authentication to: Automatic logon with current user name and password
I found a solution. First of all, you open the web application config file under the inetpub. Then you find the add verbs section. In this section, many verbs were added in the installation time. Delete Options and Profind verbs and save config file. Finally test the problem and see it. The problem is finished.
I've found the following workaround:
http://www.objectsharp.com/cs/blogs/max/archive/2008/04/21/sharepoint-public-facing-website-and-microsoft-office-documents.aspx
To keep it simple:
Disable client integration
Remove the OPTIONS verb from the registration line in the web.config file for the site

Resources