How to change SharePoint authentication from classic mode to claims based authentication

How to change SharePoint authentication from classic mode to claims based authentication

In this post i am going to explain how we can change authentication of web application from classic mode to claims based authentication.

Step 1: Check current authentication of Web application

Open SP 2010 central administration and go to web application management, select web application whose authentication you want to change. Click on authentication providers from bread crumb and check what current authentication type is. In my case it is showing me Windows.

SharePoint 2010 Authentication Provider

Authentication Provider

Step 2: Open SharePoint 2010 Management Power Shell

From the start menu, go to

All Programs -> SharePoint 2010 products -> Sharepoint 2010 Management Shell

SharePoint 2010 Power Shell

SharPoint 2010 Management Shell

Step 3: Execute the following commands

$WebAppName = “http://vmappserver”

$account = “SPPORTALSP-Admin”

$wa = get-SPWebApplication $WebAppName

Set-SPwebApplication $wa –AuthenticationProvider (New-SPAuthenticationProvider) –Zone Default

When you execute these commands, a confirmation message will appear on the screen as

Administrator SharePoint Power Shell Commands

SharePoint Power Shell Commands

Type Y for confirmation

After command executed successfully, You can check web application provider authentication from SP 2010 central administration. It should be now Claims Based Authentication.

Authentication Providers

Claims Based Authentication

Step 4:  Set the user as an administrator for the site

$wa = get-SPWebApplication $WebAppName

$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()

Step 5: Configure the policy to enable the user to have full access

$zp = $wa.ZonePolicies(“Default”)

$p = $zp.Add($account,”PSPolicy”)

$fc=$wa.PolicyRoles.GetSpecialRole(“FullControl”)

$p.PolicyRoleBindings.Add($fc)

$wa.Update()

Step 6: Perform user migration

$wa = get-SPWebApplication $WebAppName

$wa.MigrateUsers($true)

We are done!

Reference: http://technet.microsoft.com/en-us/library/gg251985.aspx

 

Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *