How to setup extended zones with FBA

I want to create a three zone Sharepoint site.

I thought (based on what I read in this discussion forum) I will configure it as follows:

  • Root zone with anonymous access / FBA 
    - containing a landing page for public as well as the 'Membership Request', 'Change Password' and 'Password Recovery' pages using the web parts from the FBA pack
  • Extranet An extended zone with FBA and Windows auth
    - (accessible by external authenticated users)
  • Intranet An extended zone with Windows Authentication only 
    - (accessible by internal staff / employees) containing the secure content as well as  'Manage users' and 'Manage roles' pages from FBA pack.

Currently I have FBA pack installed on the root web. Do I need to re-install the FBA Pack on each of the extended zones that uses FBA?

Any  feedback on the above set up would be appreciated - is it the best way to secure and separate the two zones?


You do not need to reinstall the FBA Pack for each of the zones.  From your description you probably only need two zones - the extranet and the intranet.  All zones have the same content. They are simply accessed using different urls + credentials. If you make a page available anonymously, it will be available anonymously in all of the zones.

I did write a post on mixed anonymous and secure content in SharePoint, which might give you some ideas on how to structure your content:

What you probably want to do is have multiple sites - the root site in the site collection could have anonymous access and have the membership request and password recovery web part. Sub sites would not be available anonymously and would require the user to be logged in.

Thank you!