As SharePoint 2013 and SharePoint 2016 requires claims authentication for most of its functionalities like Office web Apps, its mandatory to migrate to claims if your SharePoint 2010 is using classic mode authentication. Please note, you’ll have to convert the authentication mode before moving the database from SharePoint 2010 to SharePoint 2013 (or you’ll have to create a SharePoint 2013 web application in classic mode, backup the database from SharePoint 2010 and restore to SharePoint 2013 and then convert the authentication mode). Lets change SharePoint authentication from classic mode claims based.
Migrate from classic-mode to claims-based authentication in SharePoint Server with PowerShell
PowerShell can help to convert classic mode authentication to claims-based authentication for SharePoint 2010. Here is the script:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue $WebAppURL = "https://sharepoint2010.crescent.com/" $accountid = "crescent\SPAdmin" #Get the web application $WebApp = Get-SPWebApplication $WebAppURL #convert classic mode authentication to claims based authentication sharepoint 2010 $WebApp.UseClaimsAuthentication = $true $WebApp.Update() $account = (New-SPClaimsPrincipal -identity $accountid -identitytype 1).ToEncodedString() #Crate FULL Access Web Application User Policy $ZonePolicies = $WebApp.ZonePolicies("Default") $Policy = $ZonePolicies.Add($account,"PSPolicy") $FullControl=$WebApp.PolicyRoles.GetSpecialRole("FullControl") $Policy.PolicyRoleBindings.Add($FullControl) $WebApp.Update() #Migrate users from Classic to Claims $WebApp.MigrateUsers($true) $WebApp.ProvisionGlobally()
Switch from classic to claims-based authentication during backup-restore:
This is also applicable when you export-import or backup-restore sites between different web applications where the source web application uses Classic Authentication, but the destination web application is configured to use Windows Claims!
How to Check the web application’s authentication mode?
Go to Central Administration >> Manage web applications and click on the site you’re planning to enable CBA. Under the Web Applications tab click on the Authentication Providers icon and a small window will pop up with “Claims Based Authentication”
You can also try the PowerShell cmdlet for classic to claims authentication in SharePoint 2013:
If you are migrating from classic-mode to claims-based authentication in SharePoint 2013, You can use: Convert-SPWebApplication cmdlet as well.