Microsoft KB Archive/216362

= Hosting Multiple Communities with a Single Shared Membership Directory =

Article ID: 216362

Article Last Modified on 3/26/1999

-

APPLIES TO


 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q216362



SUMMARY
Service providers have the option of configuring their systems for multiple domains to accommodate multiple customers, each with their own separate community of users. When implementing such a scenario, a single shared Membership Directory may be used. In order to prevent namespace collisions in this configuration, the Membership Directory should be segregated into multiple subcontainers.



MORE INFORMATION
If you want the community container names to be hidden from the user authentication process, the Authentication Service for each customer must be directed toward the container in which appropriate member data is located. In such a case, a separate Authentication Service instance is required for each container on each application server (but not for each application on a single server).

To change the container that the Authentication Service uses as the starting point for finding users for authentication (the base DN), run the PMADMIN script on the Membership Server to which the customer's Web site is mapped.

PMADMIN SET AUTHSVC /ID=[instance#] /BaseDN="ou=[container],ou=members"

where: [instance] is the instance number of the Membership Server to which the customer's Web site is mapped.

NOTE: To determine the instance numbers, use the following command:

PMADMIN LIST INSTANCE

[container]

Distinguished Name of the customer's container under ou=Members specified from lowest first, and not including the o=[root] value

For example, a service provider supports three different customers on a single Website.

Customer1 is assigned a Membership Server instance 1

Customer2 is assigned a Membership Server instance 2

Customer3 is assigned a Membership Server instance 3

All three instances share the same LDAP, which connects to a SQL Server database.

Each customer's Web Server uses a different Membership Server instance. If each customer is segregated in the Membership Directory database, the Authentication Service may be reconfigured to use the correct container. In this case, the following PMADMIN commands would correctly reconfigure the Authentication Service:

PMADMIN AUTHSVC /ID=1 /BaseDN="ou=Customer1,ou=members"

PMADMIN AUTHSVC /ID=2 /BaseDN="ou=Customer2,ou=members"

PMADMIN AUTHSVC /ID=3 /BaseDN="ou=Customer3,ou=members"

For a detailed explanation of strategies and techniques for hosting Internet Service Providers (ISPs) who want to support multiple customers, each with a separate community of users, see the Hosting Multiple User Communities with a Membership Directory white paper in the MCIS Resource Kit.

Keywords: kbhowto KB216362

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.