In this post i am going to explain how we can change authentication of web application from classic mode to claims based authentication.
Step 1: Check current authentication of Web application
Open SP 2010 central administration and go to web application management, select web application whose authentication you want to change. Click on authentication providers from bread crumb and check what current authentication type is. In my case it is showing me Windows.
Authentication Provider
Step 2: Open SharePoint 2010 Management Power Shell
From the start menu, go to
All Programs -> SharePoint 2010 products -> Sharepoint 2010 Management Shell
SharPoint 2010 Management Shell
Step 3: Execute the following commands
$WebAppName = “http://vmappserver”
$account = “SPPORTALSP-Admin”
$wa = get-SPWebApplication $WebAppName
Set-SPwebApplication $wa –AuthenticationProvider (New-SPAuthenticationProvider) –Zone Default
When you execute these commands, a confirmation message will appear on the screen as
SharePoint Power Shell Commands
Type Y for confirmation
After command executed successfully, You can check web application provider authentication from SP 2010 central administration. It should be now Claims Based Authentication.
Claims Based Authentication
Step 4: Set the user as an administrator for the site
$wa = get-SPWebApplication $WebAppName
$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
Step 5: Configure the policy to enable the user to have full access
$zp = $wa.ZonePolicies(“Default”)
$p = $zp.Add($account,”PSPolicy”)
$fc=$wa.PolicyRoles.GetSpecialRole(“FullControl”)
$p.PolicyRoleBindings.Add($fc)
$wa.Update()
Step 6: Perform user migration
$wa = get-SPWebApplication $WebAppName
$wa.MigrateUsers($true)
We are done!
Reference: http://technet.microsoft.com/en-us/library/gg251985.aspx
Tags: Authentication Providers, Claims based authentication, Power Shell Commands
