You can update a web application that uses classic authentication to claims-based authentication using a PowerShell script. The following procedure helps you migrate existing web applications configured to use classic authentication, to use claims-based authentication.
Important! You cannot reverse this process. After you convert the web application authentication type to a Claims-based authentication, you cannot reconvert the authentication to the previous type.
Follow these steps:
The command prompt appears.
$WebAppName = "http:// yourWebAppUrl" $account = "yourDomain\yourUser" $wa = get-SPWebApplication $WebAppName Set-SPwebApplication $wa -AuthenticationProvider (New-SPAuthenticationProvider) -Zone Default
The authentication mode is changed to claims-based authentication and the migration prompt is displayed.
Note: The preceding command modifies an existing classic authentication web application to claims-based authentication. Associate this web application with the Trusted Identity Provider in the SharePoint Central Administration user interface.
$wa = get-SPWebApplication $WebAppName $account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
The user is set as the administrator for the site.
$zp = $wa.ZonePolicies("Default")
$p = $zp.Add($account,"PSPolicy")
$fc=$wa.PolicyRoles.GetSpecialRole("FullControl")
$p.PolicyRoleBindings.Add($fc)
$wa.Update()
The user obtains full access.
$wa = get-SPWebApplication $WebAppName $wa.MigrateUsers($true)
The user migration process is completed.
The Central Administration Home page appears.
The Web Applications Management page appears with a list of available web applications.
The Authentication Providers dialog shows that the authentication type has been updated to claims-based authentication.
Note: For information about claims-based authentication and for using the Windows PowerShell, see the SharePoint Server 2010 Deployment Guide from the Microsoft TechNet website.
|
Copyright © 2014 CA.
All rights reserved.
|
|