This farm solution adds a page that replaces the standard provider selection page when multiple authentication modes are enabled in a zone of a web application.
SharePoint administrators can configure it to set what authentication mode should be used.
The package to install depends on SharePoint version, but besides the name of the package, the steps are the same for all SharePoint versions:
- Download the latest release
- Install and deploy farm solution:
Add-SPSolution "C:\Data\Dev\SPBypassLoginPage SP2019.wsp"
Install-SPSolution -Identity "SPBypassLoginPage SP2019.wsp" -GACDeployment
- Enable the custom login page, either through central administration or with PowerShell:
Set-SPWebApplication "http://spsites/" -Zone "Default" -SignInRedirectUrl "/_login/Bypass/BypassLogin.aspx"
By default it redirects to the 1st trusted authentication mode it finds in the current zone (most common use-case), but administrators can customize behavior through custom farm property "CustomBypassLogin":
- "prompt": displays the same experience as out of the box: users must choose the authentication mode to use
- "Windows": redirects to windows authentication mode
- "Forms": redirects to FBA authentication mode
- "Trusted:SPTrustedIdentityTokenIssuerName": redirects to the SPTrustedLoginProvider specified by "SPTrustedIdentityTokenIssuerName".
- "Trusted": redirects to any trusted provider enabled on the zone.
This property can be set with PowerShell:
$farm = Get-SPFarm
# To create property:
$farm.Properties.Add("CustomBypassLogin", "Trusted:SPTrustedIdentityTokenIssuerName")
$farm.Update()
# To update it:
$farm.Properties["CustomBypassLogin"] = "prompt"
$farm.Update()
# To remove it:
$farm.Properties.Remove("CustomBypassLogin")
$farm.Update()
You can also force specific clients to use Windows authentication mode based on their IP address, regardless of the value set in property CustomBypassLogin:
$farm = Get-SPFarm
$farm.Properties.Add("CustomBypassLogin_WindowsAuthIPs", "10.0.3.4; 10.0.2.4; 10.0.1.4")
$farm.Update()
Or use a range of IP addresses such as "10.0.3.0/24" and "10.0.3.0/255.255.255.0" and "10.0.3.0-10.0.3.255":
$farm = Get-SPFarm
$farm.Properties.Add("CustomBypassLogin_WindowsAuthIPs", "10.0.3.0/24")
$farm.Update()
Or any combination of range and specific addresses:
$farm = Get-SPFarm
$farm.Properties.Add("CustomBypassLogin_WindowsAuthIPs", "10.0.3.0/24; 10.0.2.4; 10.0.1.4")
$farm.Update()
- Revert to the default provider selection page:
Set-SPWebApplication "http://spsites/" -Zone "Default" -SignInRedirectUrl ""
- Remove
$farm = Get-SPFarm
$farm.Properties.Remove("CustomBypassLogin")
$farm.Properties.Remove("CustomBypassLogin_WindowsAuthIPs")
$farm.Update()
Uninstall-SPSolution -Identity "SPBypassLoginPage SP2019.wsp"
Remove-SPSolution -Identity "SPBypassLoginPage SP2019.wsp"
Run the following cmdlet in the SharePoint management shell:
Update-SPSolution -Identity "SPBypassLoginPage SP2019.wsp" -LiteralPath "C:\Data\Dev\SPBypassLoginPage SP2019.wsp"