Monday, April 8, 2013

Change SharePoint 2010 Authentication from Classic Mode to Claims Based

As SharePoint 2013 requires claims authentication for most of its functionalities like Office web Apps, its mandatory to migrate to claims if your SharePoint 2010 is using classic mode authentication.

Migrate from classic-mode to claims-based authentication in SharePoint Server 2010 with PowerShell
PowerShell can help to convert classic mode authentication to claims based authentication for SharePoint 2010. Here is the script:

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

$WebAppURL = "http://sharepoint2010.crescent.com/"
$accountid = "crescent\SPAdmin"

#Get the web application
$WebApp = Get-SPWebApplication $WebAppURL
#convert classic mode authentication to claims based authentication sharepoint 2010
$WebApp.UseClaimsAuthentication = $true
$WebApp.Update()

$account = (New-SPClaimsPrincipal -identity $accountid -identitytype 1).ToEncodedString()
#Crate FULL Access Web Application User Policy
$ZonePolicies = $WebApp.ZonePolicies("Default")
$Policy = $ZonePolicies.Add($account,"PSPolicy")
$FullControl=$WebApp.PolicyRoles.GetSpecialRole("FullControl")
$Policy.PolicyRoleBindings.Add($FullControl)
$WebApp.Update()

#Migrate users from Classic to Claims
$WebApp.MigrateUsers($true)
$WebApp.ProvisionGlobally()
Best practice: In SharePoint 2010, change classic mode authentication to claims-based authentication first, and then migrate SharePoint 2010 to SharePoint 2013.

Switch from classic to claims-based authentication during backup-restore:
This is also applicable when you export-import or backup-restore sites between different web applications where the source web application uses Classic Authentication but the destination web application is configured to use Windows Claims!
Change SharePoint Authentication from Classic Mode to Claims Based

How to Check the web application's authentication mode:
Go to Central Administration >> Manage web applications and click on the site you’re planning to enable CBA. Under Web Applications tab click on the Authentication Providers icon and a small window will pop-up with "Claims Based Authentication"

You can also Try the PowerShell cmdlet:
(Get-spwebapplication "http://sharepoint2010.crescent.com").UseClaimsAuthentication

If you are migrating from classic-mode to claims-based authentication in SharePoint 2013, use: Convert-SPWebApplication cmdlet as in : http://technet.microsoft.com/en-us/library/gg251985%28v=office.15%29.aspx



You might also like:
SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.
Document SharePoint Farm
Automatically generate SharePoint documentation.
*Sponsored


Check out these SharePoint products:

No comments :

Post a Comment

Please Login and comment to get your questions answered!

You might also like:

Related Posts Plugin for WordPress, Blogger...