Friday, January 4, 2013

SharePoint 2010 FBA and Active Directory: Show Display Name (Friendly Name) for Users

If you have implemented SharePoint 2010 Forms-Based Authentication (FBA) with Active Directory, you will notice the welcome name for each user is their username.



Furthermore, when users create their profile, their Preferred Name is changed to their Claims Identity (sAMAccountName).



Using Trevor Seward's AD LDS/ADAM CodePlex solution and a few configuration changes to the User Profile Service Application, you can get the Display Name (Friendly Name) to show in both cases.

1. Download and deploy Trevor's AD LDS/ADAM CodePlexsolution to your SharePoint farm.

2. In Central Administration, under Application Management, Configure Web Application Settings for the Nauplius AD LDS User Profiles.



3. Select your FBA enabled web application(s) and configure settings as needed. For the Logon attribute, type displayName. IMPORTANT: You must also have an FBA enabled web application with the Logon attribute configured as sAMAccountName. This web application does not need to be actively used, but is critical in showing the correct Display Name for library and list column metadata.

4. Go to your User Profile Service Application and select Manage User Properties. For the Claim User Identifier property, change the import mapping to displayName.



5. Perform a full synchronization of user profiles. Wait until it finishes.

6. Run the Nauplius ADLDS User Profile Import Job under Monitoring, Review Job Definitions. Wait until it finishes. You can view its status under Running Jobs.



When finished, go back to User Profile Service Application. Under Manage User Profiles, you should see both FBA profiles – one for the displayName and one for the sAMAccountName.

7. In the Search Service Application, perform a full crawl of the people content source (sps3) for the Windows Authentication version of each FBA enabled web application.

Display Name should now show correctly for each user.