After a migration and upgrade of SharePoint from 2010 to 2013, where you had the web applications created in classic authentication, you might want to now convert them to SharePoint 2013's claims authentication. To do so, here is how:
Run the following PowerShell Script:
$WebAppName = "http://Url:PortNo"
$wa = get-SPWebApplication $WebAppName
$wa.UseClaimsAuthentication = $true
$wa.Update()
$account = "domain\farmaccount"
$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
$wa = get-SPWebApplication $WebAppName
$zp = $wa.ZonePolicies("Default")
$p = $zp.Add($account,"PSPolicy")
$fc=$wa.PolicyRoles.GetSpecialRole("FullControl")
$p.PolicyRoleBindings.Add($fc)
$wa.Update()
$wa.MigrateUsers($true)
$wa.ProvisionGlobally()
The above will convert the web application, as well as convert the users accounts to claims.
Run the following PowerShell Script:
$WebAppName = "http://Url:PortNo"
$wa = get-SPWebApplication $WebAppName
$wa.UseClaimsAuthentication = $true
$wa.Update()
$account = "domain\farmaccount"
$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
$wa = get-SPWebApplication $WebAppName
$zp = $wa.ZonePolicies("Default")
$p = $zp.Add($account,"PSPolicy")
$fc=$wa.PolicyRoles.GetSpecialRole("FullControl")
$p.PolicyRoleBindings.Add($fc)
$wa.Update()
$wa.MigrateUsers($true)
$wa.ProvisionGlobally()
The above will convert the web application, as well as convert the users accounts to claims.
Comments