Saturday, 4 June 2011

SharePoint 2010 - Changing Authentication Method

Recently I was tasked with setting up claims based authentication on a pre existing web application that was created using classic mode authentication. 

When I checked the authentication settings through the UI I discovered that their was no way of changing the authentication method to claims based authentication.


When editing the authentication type the Forms Authentication type was disabled.

On Microsoft's TechNet site I found the following article which outlines instruction on how to change the authentication method through PowerShell.

The PowerShell outlined in the TechNet article is detailed bellow:

$WebAppName = "http://sharepoint"
$account = "<domain>\<username>"
$wa = get-SPWebApplication $WebAppName

Set-SPwebApplication $wa -AuthenticationProvider (New-SPAuthenticationProvider) -Zone Default

$wa = get-SPWebApplication $WebAppName
$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()

$zp = $wa.ZonePolicies("Default")
$p = $zp.Add($account,"PSPolicy")

$wa = get-SPWebApplication $WebAppName


  • I would recommend taking a backup of the site before applying this PowerShell script.

  • It should also be noted that this process is one way and you cannot revert back to using classic authentication

  • Read the TechNet article

No comments:

Post a Comment