In a demo I was helping to set up last week, I had to configure an RSS Reader web part to read an RSS Feed from MySite (The Activity Feed, to be precise). Back in SharePoint 2007, you could not use the OTB RSS Feed Reader web part without running Kerberos, and the same goes for 2010.
However, as it was demo time I also wanted to give us the flexibility of switching to another authentication provider if we got the chance to demo it (eg Live ID) – to do so once it's initially provisioned requires 4-5 lines of PowerShell script:
If you have not loaded the "SharePoint Powershell Window", you'll need to run
Add-PSSnapin Microsoft.SharePoint.PowerShell
Then to switch to Claims Auth:
$webApp = Get-SPWebApplication http://mywebapp
$webApp.UseClaimsAuthentication = 1;
$webApp.Update()
$webApp.ProvisionGlobally()
$webApp.MigrateUsers($True)
And to revert back to Classic mode authentication just change the 1 to a 0 :
$webApp = Get-SPWebApplication http://mywebapp
$webApp.UseClaimsAuthentication = 0;
$webApp.Update()
$webApp.ProvisionGlobally()
$webApp.MigrateUsers($True)
Too easy!
2 comments:
Reverting from Claims to Classic Mode will not work with this method. MigrateUsers($true) migrates from classic to claims. MigrateUsers($false) says in the documentation that it goes from claims to classic, but in practice, it has not been implemented. You might want to update your blog post.
Thanks!
You're right of course - it's an documented non-feature. In fact, I've started to recommend to clients that Claims only be implemented if there's a business case for it - there are some integration components from other Microsoft products (such as TFS) which do not support Claims Auth.
The only way to go "back" to Classic (at least, pre-SP1) is to create another Authentication entry-point using Classic and blow away the Claims one. Hopefully it's fixed in the Service pack, but I have not got an environment to test it on.
Post a Comment