Dear All,
We have recently migrated our SharePoint foundation 2010 from Classic-mode to claims based (mixed mode - windows NTLM and FBA(LDAP provider)) authentication. Also migrated all AD users as FBA users. The sample code we have used to migrate is below. Migration itself is working fine. We can now browse all the FBA user accounts using the people picker.
Now the problem bit, We have hundreds of site collections. Each site collection has many SharePoint user groups and AD users added to them before migration. We want to add AD equivalent FBA(LDAP proivder) user account to each site collection in the SharePoint in the same group as AD account. So that users can choose either windows or FBA authentication before they login. Adding the FBA users manually to the site collection by using people picker take huge amount of time.
Could you please advise whether there is a way to automate this? Any help/samples would be greatly appreciated.
PS O:\> $WebAppName = "https://sharepoint.mywebsite.com"
PS O:\> $account = "domain\username"
PS O:\> $wa = get-SPWebApplication $WebAppName
PS O:\> Set-SPwebApplication $wa -AuthenticationProvider (New-SPAuthenticationProvider) -Zone Default
Confirm
This operation will trigger user migration. It may take several hours for this process to complete
depending on the number of users. During this time the service will not be available. Do you want
to continue?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
PS O:\> $wa = get-SPWebApplication $WebAppName
PS O:\> $account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
PS O:\> $zp = $wa.ZonePolicies("Default")
PS O:\> $p = $zp.Add($account,"PSPolicy")
PS O:\> $fc=$wa.PolicyRoles.GetSpecialRole("FullControl")
PS O:\> $p.PolicyRoleBindings.Add($fc)
PS O:\> $wa.Update()
PS O:\> $wa = get-SPWebApplication $WebAppName
PS O:\> $wa.MigrateUsers($true)
PS O:\>
Kind Regards,
GK