Click Mice, Unclick Mice

Keith, we're trying to set up your WLID auth provider via your instructions. Downloaded the wla.wsp file and run the first stsadm command you list in the instructions. We get "Object reference not set to an instance of an object." followed by "WLA.wsp: The Solution installation failed." Any ideas? Is there a way to install it without stsadm?

No way to install the solution without stsadm.  Sounds like you are having problems with the stsadm -o addsolution command?  I haven't seen that issue, but a quick Google of the error you describe shows a possible fix.

"I found out that by changing by English (United States) date short format from mm/dd/yyyy to something else causes all stsadm commands and database connections from external sources to fail. I have corrected it and it is working perfectly now."

Any chance you have made a similar change?

Minor issue with the setup instructions.  "execsvcjobs" should be "execadmsvcjobs" I believe.

Keith, I was able to implement the WLID provider per your instructions without problem.  However, when I click "sign in" on my site it redirects me to Authenticate.aspx (expected) and then to Login.aspx (the standard login page for FBA), instead of redirecting through the WLID authentication server. 

I can work around this in web.config by setting the loginUrl for FBA to the SharePoint login site.  However, in this model it doesn't appropriately handle the context (since it's hard-coded into the URL).

Is the provider intended to handle this automatically?  Or is this a missing step in the setup instructions? 

[Disregard last comment.  This is addressed in the Known Issues section and can be worked around by setting the loginUrl to "/_layouts/liveauth-handler.aspx?action=login" as you posted there].

As an aside, any plans to release the source code for this?  If you plan on making this an open source project, my company may be interested in contributing. 

When ever the site is trying to go to login url "/_layouts/liveauth-handler.aspx?action=login".. its throwing
Unknown Error
Troubleshoot issues with Windows SharePoint Services.

any idea??

We are trying to use your WLID provider and are stuck at the point after the user is returned from the WLID sign-in page and he enters his email address on the SP site. When we click Submit we're getting the Error:Access Denied page. We noticed that the WLID user id is not automatically appearing as a user in the All People group, which we specified as the profsiteurl (_layouts/people.aspx?MembershipGroupId=0). We do see the WLID user id in the "LiveID Users" list that your stsadm operation created (i.e,. ProfSiteList). However, if we manually add the WLID user to one of the SP user groups, the email address we entered on sign-in automatically appears. So there is some connection behind the scenes between the LiveID Users lists and the SP users. Anyway, the problem is that we are unable to grant any of these WLID-authenticated SP users access to the site. We added each WLID user to a group that definitely has access rights. We don't see how to use the Authenticated Live Users role that you state in your provider write-up. Can you enlighten us how to get over this last hurdle? Also, any idea why the WLID-authenticated users that appear in the LiveID Users list are not automatically added as SP users? BTW, we're using MOSS, not WSS 3.0.

I installed everything (you misspelled execadmsvcjobs, the third stsadm command) and got it mostly going.  Now I'm seeing occasional event log errors:
Cannot get Membership Provider with name LiveID. The membership provider for this process was not properly configured. You must configure the membership provider in the .config file for every SharePoint process.
When I click sign in on the site where I set up the LiveID provider, I'm not authenticated, and directed back to /default.asmx (regardless of where I was when I clicked on sign in).  I re-ran addsolution and deploysolution, but to no avail.  Any ideas?

The user will not be automatically added with permissions to the profsite URL.  You would need to add the LiveRoles:Authenticated Live Users group in order to get them to have access.  There is a tie from the "LiveID Users" list, however you should think about it from the perspective the tie between Active Directory and SharePoint users.  The LiveID Users" list is the profile storage.  It contains the user information and controls authentication, however it does not manage the access control lists for the sites individually.  That is still managed by SharePoint.

Your problem may be that you aren't listing a default membership and role provider.  Double-check your web.config <membership defaultProvider="LiveID"> should be in your web.config

When you click on Sign in are you redirected to the Live login server, or does it just throw you back to the default.aspx?  If you go out to the live login server and then come back and are still unauthenticated I would take a look at your User profiles list and see if your user is appearing in that list.  If you would like go ahead and submit a Known Issue on the WLID site and attach your web.config and maybe a screen capture of what you are seeing so I can get a better idea.

Keith, thank you for your being so helpful via your blog! You got us past the issue with WLID-authenticated users.

We're now having an issue with sign out. Any idea why when we click Sign Out from the user's dropdown menu that it would momentarily redirect to login.live.com and then back to the page the user was on, without signing him out?

Also, how do recommend customizing the initial registration page for first-time users (liveinfo.aspx)? We need to capture a few more pieces of information, such as Company Name, First Name and Last Name. We also want to skin that page. It would be great if when the user clicks the Submit button during that initial registration that the guid user id goes away from the user's dropdown menu in the upper right, and instead shows the full name he or she entered. Is all of this possible with what you've provided? Or would we also need the source code for the two aspx pages? And if so, are you willing to make that available?

Again, we're using MOSS.

Thanks again for all your help. We are very pleased to have this running. You've done a great service.

I was directed to the live server.  In fact, I could get authenticated to sharepoint, but I had no access (it's like there was a username, but no user account - there was no way to edit user info on the welcome dropdown, for example). 
This happened when I did not have a "LiveRoles:Authenticated Live Users" group.  I re-ran the stsadm -o addwindowsliveauth [...] again, re-added the membership and roles attributes to web.config, and it magically worked. 
I did submit a known issue, might have been after you posted this though.

I hope I don't come off as whiny, your work is pretty much awesome and I'm having a lot of fun with it.  I really appreciate the time you're obviously putting in to it.

Glad to hear that you've been able to get things working.  As for customization for that you would need to probably do some work in the code.  The good news there is that I have been working on some of these things already.  I am releasing the source code in the Community Kit for SharePoint.  You can find it here: http://www.codeplex.com/CKS 

The good news there is that you can help contribute to the project, or at least make your own customizations.  If you are willing to wait until the end of this week though you may just be able to use what I am putting together without needing to worry about it.

Thanks for your response, Keith. Unfortunately, we can't wait until the end of the week. I checked the codeplex site. I didn't see your code there. It wasn't clear from what you wrote whether you intended to post it right away ("you can find it here") or at the end of the week.

Basically the issue we're having is that we needed to roll our own liveinfo.aspx in order to capture additional input from the user during registration. We're able to update the SP user profile with this info (well, all except the Name field--any ideas on that one? It doesn't throw, but it doesn't update), but when we tried to implement code to process the "livelogin" cookie that (we assume) contains the encrypted WLID user id, we're getting decryption errors (viewed using SysInternals DebugView) from the WindowsLiveLogin DLL (compiled from the SDK's WindowsLiveLogin.cs). So at this point we may have to roll our own auth handler unless it would be possible to modify yours fairly easily.

I hope we are on the right track and not misunderstanding something about how all this works.

I see the code now on CodePlex. Thanks! Will take a look at this and try to contribute in any way I can.

If you have any insights about the user profile "Name" field I am still really game to hear them.

What does it mean for licensing?
I'm ready to host many web sites and we are trying to find the best licensing system.

Thanks for any answer.

Jose Antonio
b4contact.com

Just the standard SharePoint licensing.  I released the code up on CodePlex with the standard CKS license (Microsoft Permissive License (Ms-PL) v1.1) you can find it here: http://www.codeplex.com/CKS/Project/License.aspx 

Just wanted to thank Keith for writing this up and sharing it.  It's very handy.  :)

tk

Hi
I have downloaded the versoin from Codeplex and its working great. I have one problem with live ID GUID. So when ever user is logging into the page and add some thing, system is showing their GUID insted of name. is there anyway we can get the User Name insted of GUID for display purpose?
Eg : its showing as "From: b6120643b12e9147ae69336e45a0d0ae"..
Any help is highly appreciated .

When you first use the live ID in your sharepoint, There may be an "Access Denied" error. Rember the id in the error, and then you can find the id appear in the user profile list, and then I changed the site collection admin to the new id. At last I can access it.

I think may be this process should be add into the setup guide. Many people will come accross it.

When i try to change the site collection admin to the 'guid' (long numbers and letters), it cannot be found.  When i change the provider back to windows i can see that and all other providers.  How do i add thie windows live id to the site collection admins?  Any help is appreciated.  Thanx

Yes, how does one go about adding the first LiveID account as an admin?

I followed the installation documentation and everything went fine. On browsing my page, it asked me for the authentication after signing in the page redirects to http://myservername.com/_layouts/liveauth-handler.aspx and it shows error :

Value does not fall within the expected range.
Troubleshoot issues with Windows SharePoint Services.

I followed the installation documentation and everything went fine. On browsing my page, it asked me for the authentication after signing in the page redirects to http://myservername.com/_layouts/liveauth-handler.aspx and it shows error :

Value does not fall within the expected range.
Troubleshoot issues with Windows SharePoint Services.

how to solve this?

Thanks.

Is this windows live authentication work only for Intranet application?

I am using WLID Authentication in MOSS 2007, after giving windows live id and password am getting Error as : Access Denied

Current User
you are currently signed in as: <32 digit number>

sign in as a different user.

I am getting the same exact error message upon sign in. In addition to the steps provided in the readme, I had to change <authentication mode="Forms"> and specify loginUrl.

Any suggestions will be appreciated.

This is probably a very stupid question... But what is the profsite that needs using and the proflist?

Everything should be working but Im not sure how to execute the final STSADM command?

Any help would be appreciated.

Regards,
Dayna Litherland

I am using WLID Authentication in MOSS 2007, after giving windows live id and password am getting Error as : Access Denied

Current User
you are currently signed in as: <32 digit number>

sign in as a different user.