Convert Sharepoint users from classic to claims based authentication.

When panning to change your farm authentication method from classic to Claim based, you will need to convert all SharePoint users on the farm to support claim based authentication.

The script below will assign the claims prefix “i:0#.w” for each  SPsite’s user.

$WebApp = Get-SPWebApplication http://WEBAPPURL  

$SpSites = $Webapp.Sites

$Domain = “YOURDOMAINNAME”

$Claim = “i:0#.w”

foreach ($SpSite in $SpSites)

{

    $Spwebs = $spsite.AllWebs

    foreach($spweb in $Spwebs)

    {

    $Users = $spWeb.allusers

    foreach ($user in $users)

        {

        if ($user.userlogin -match $Claim)

            {

}

Else

{

            $oldlogin = $user.Userlogin.ToString()

            $NewLogin = “i:0#.w|” + $domain

            $Newlogin = $oldlogin.replace($domain,$newlogin)

            Move-SPUser -Identity $user -NewAlias $Newlogin -IgnoreSiD -confirm:$false

            write-host $user.DisplayName ” :has been migrated to claims for the site: ” $web.url

            }

         }

     }

}

ref :

https://social.technet.microsoft.com/Forums/ie/en-US/2fbb8ae3-337c-4e0e-92d3-c85a1e4e9eae/adfs-30-sharepoint-2013-claims-mapping-with-current-windows-accounts?forum=sharepointadmin

Leave a Reply

Your email address will not be published. Required fields are marked *