Monday, June 12, 2006

MOSS 2007 Enable Anonymous


FAQ - How do I enable anonymous access ?
  1. Enable anonymous access for a web application from the Central Admin.

    Central Admin Home Page > Application Management > Authentication Providers > select the Membership Provider (authentication.aspx) and enable anonymous access from the next page.

    You don't have to do anything on the IIS Manager ... enabling it from the Central Admin page will also enable it on IIS.

  2. Explicitly turn it on for the sites you want to be accessed anonymously.

    Browse to the site, click Site Settings > Advanced Permissions > Settings >Anonymous Access (setanon.aspx) and turn on anonymous access for the site.
Update - check Yuval's SharePoint Server 2007 anonymous access HowTo:




25 Comments:

  • Anonymous Nick Swan said…

      3, You then have to explicitly chose to logout as administrator (or whoever you were logged in as) as it seems to save a local cookie and will keep prompting you for username and password if you don't(well at least on Beta2).

    I could really do with an idiots step by step guide for getting forms authentication working now! :-)

    Nick   

  • Anonymous Ian Morrish said…

      And if you want to have a blog site with anonymous access you have to turn off content approval for the Posts lists otherwise the blog home page requires authentication. The down side of doing this is that you can't post from Word 2007 without content approval enabled.   

  • Anonymous Anonymous said…

      Any idea why I wouldnt have any options on my Central Admin->App Mgt->Authentication Providers page?   

  • Blogger Mark said…

      No sorry ... i have a link that says Windows - if i click that i can then switch to alternative auth mechanisms.   

  • Anonymous Yuval Ararat said…

      Hey Mark.
    i took the liberty to extend the guide and created a HowTo guide for enabling anonymous access at a sharepoint 2007 site.   

  • Blogger Mark said…

      Thats great Yuval - thx for the pointer.   

  • Anonymous Anonymous said…

      I got the error "401 Unauthorized" following the instructions given, any update on how to fix it?   

  • Anonymous Anonymous said…

      I also got the error "401 Unauthorized" following the instructions given, any update on how to fix it?   

  • Anonymous Anonymous said…

      Sharepoint Designer with forms authetication
    Maybe all of you already know this... I just discovered. when you use Sharepoint designer for a Site that uses forms authetication it won't work . To make it work... Logon to your site an det the "remeber .." checkbox... The sahrepoint designer then work with the cookie to authenticate to the Site.
    Have Fun!
    Patrick Imboden   

  • Anonymous Anonymous said…

      I got the error "401 Unauthorized" - i did a iisreset and everything. then logged in anonymously and still?   

  • Anonymous Anonymous said…

      k, i got it. so if you enable anonymous access to ur sharepoint site on http://joebloggs on the domain Microsoft for instance then u must assume then to open the site you would need to go to the url http://joebloggs.microsoft.com (microsoft.com being the domain)   

  • Blogger Robert said…

      Great. Thanks for the tips. It worked. 2 variances for me:

    1) In step 6 of the config wizard it gave an error saying that it couldn't find the web.config file. This was odd because the directory that it was referencing was there, ut the config was not. So I just created a blank web.config file, re-ran the wizard and it made it through.

    2) It made me uninstalled .Net 3 Framework CTP and installing the final version BEFORE installing WSS 3.0

    Anyway, thanks again this was useful.

    Rob Wuhrman, PMP   

  • Blogger Robert said…

      This post has been removed by the author.   

  • Anonymous Anonymous said…

      Thanks a ton for the help!   

  • Blogger nandita said…

      Incase u getting this error while accessing central Administration service 3.0 "401 Unauthorized"
    Have to configure Windows SharePoint Services to use NTLM authentication

    1. Determine the virtual server ID for the SharePoint Central Administration and SharePoint content virtual servers.

    a. On the IIS server, click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
    b. Locate the virtual server you need to find the ID for, right-click it, and then click Properties.
    c. On the Web Site tab, , next to the Active Log Format box, click Properties.
    d. Next to Log file name, you can see a path and file name, such as W3SVCxx\exyymmdd.log. The number replacing the xx after W3SVC is the virtual server ID.

    2. On the IIS server, click Start, and then click Run. In the Open box, type cmd, and then click Open.

    3. Change to the Inetpub\Adminscripts folder, by typing the following line, where Drive is the drive where Windows is installed:
    cd Drive:\inetpub\adminscripts

    4. To see the currently-configured authentication, type the following line, and then press ENTER, where xx is the virtual server ID number:
    cscript adsutil.vbs get w3svc/xx/NTAuthenticationProviders

    Note: The virtual server ID of the Default Web site in IIS is 1.

    If the virtual server is configured for NTLM it will return the following value:
    NTAuthenticationProviders : (STRING) "NTLM"

    If the virtual server is configured for Kerberos it will return one of the following two statements:
    NTAuthenticationProviders : (STRING) " Negotiate,NTLM"
    The parameter "NTAuthenticationProviders" is not set at this node.

    5. To enable NTLM on the virtual server, type the following line, and then press ENTER, where xx is the virtual server ID number:
    cscript adsutil.vbs set w3svc/xx/NTAuthenticationProviders "NTLM"

    Note: The virtual server ID of the Default Web site in IIS is 1.

    6. Restart IIS.
    a. Click Start, and then click Run. In the Open box, type cmd, and then click OK.
    b. At the command prompt, type iisreset, and then press ENTER
    c. Type exit, and then press ENTER to exit Command Prompt.


    For more go to
    read:-http://sps.uniqueworld.net/Sydney/Document%20Library/1/WSS%20SP2%20in%20R2%20Walkthrough.doc   

  • Anonymous Yehiel said…

      If I have Publishing web under Publishing site, anonymous works great for father (site) and still brings auth dialog for son (web). For other templates, like Team, it works without issues   

  • Anonymous Yehiel said…

      Breaking the inheritance and explicit defining of anonymous acces on son site doesn't help.   

  • Anonymous Yehiel said…

      Deactivating the lockdown mode and then create a new subsite also doesn't help   

  • Anonymous Anonymous said…

      Hi Anon access works on my site great, until I replace the Master Page. When I do I am prompted to logon.
    Lets say I`m using default.master I copy this and then rename it to Defaut2.master. I then set the Default2.master as the default. Test access and voila I`m propted to logon to an anonomous enabled site. If I rest the site back to use Default.master I`m no longer propmted and have anonomus access.
    Any ideas and to the cause or resolution ??   

  • Anonymous Anonymous said…

      Check the IIS logs - to see what file it finding secured and needing authentication.   

  • Anonymous Anonymous said…

      do we have soultion of “401 Unauthorized” error ?   

  • Blogger Shijaz said…

      Thank you Mark!   

  • Blogger Ven said…

      I installed SharePoint 2007 with the Local Admin account.That means,all the accounts for sites like Central Admin,SSP are all using the same local admin account. Now I want to change all these to domain accounts.I think I can accomplish this through Service Accounts section,but I don't see the Central Admin application listed here so that I can go ahead and change the account.   

  • Anonymous Yuval Ararat said…

      Mark can you update the url to my site?
    http://www.yuvalararat.com/sharepoint-server-2007-anonymous-access-howto   

  • Anonymous Anonymous said…

      Regarding the 401's, check that the page you are trying to access on the anonymous site has a major version checked in. If there is no major version checked in, you cannot access the draft version as anonymous and it will give you a 401 error.   

Post a comment