Posts Tagged cannot access

SharePoint 2013 Migration: User not able to access after migration from SharePoint 2010 to SharePoint 2013

Scenario:

We have migrated our sites from SharePoint 2010 to SharePoint 2013. After migration, users are not able to access newly migrated site. If we delete user and provide access again, user able to access site. (Fortunately, this was happening on test migration)

Resolution:

The missing link was warning that we overlooked. When we ran PowerShell Test-SPContentDatabase cmdlet, we missed following warning:

Category : Configuration

Error : False

UpgradeBlocking : False

Message : The [SharePoint2013] web application is configured with claims authentication mode however the content database you are trying to attach is intended to be used against a windows classic authentication mode.

Remedy : There is an inconsistency between the authentication mode of target web application and the source web application. Ensure that the authentication mode setting in upgraded web application is the same as what you had in previous SharePoint 2010 web application. Refer to the link http://go.microsoft.com/fwlink/?LinkId=236865 for more information.

Locations :

In other words, SharePoint 2013 discourage classic mode authentication. If web application is created via Central Administration, claim based is the default and preferred method of authentication. If want to create web application with classic mode authentication, you need to use PowerShell cmdlets.

It goes like this:

  1. Create classic mode web application using PowerShell cmdlets
  2. Attach all content database with web application
  3. Convert classis mode web application to claim base authentication
  4. Configure Object cache

Create classic mode web application using PowerShell cmdlets

$ap = New-SPAuthenticationProvider -UseWindowsIntegratedAuthentication –DisableKerberos

New-SPWebApplication -Name “SharePoint – 2013” -ApplicationPool “SharePoint 2013 Web Apps” -ApplicationPoolAccount (Get-SPManagedAccount “domain\login”) -Port 80 -Url http://sharepoint2013 -AuthenticationMethod NTLM -AuthenticationProvider $ap -DatabaseName “WSS_Content_01”

Attach all content database with web application

Mount-SPContentDatabase “WSS_Content_2” -DatabaseServer “SQLDB2013” -WebApplication http://sharepoint2013

Convert classis mode web application to claim base authentication

Convert-SPWebApplication –Identity http://sharepoint2013 –To Claims -RetainPermissions –Force

Configure Object cache

$wa = Get-SPWebApplication -Identity http://sharepoint2013

$wa.Properties[“portalsuperuseraccount”] = “domain\login”

$wa.Properties[“portalsuperreaderaccount”] = “domain\login”

$wa.Update()

Make sure you enter user login using SharePoint 2013 claims encoding. It must be in this format “i:0#.w|contoso\chris” [For details, please visit] and don’t forget to restart IIS.


Advertisements

Leave a Comment

After upgrade, Internet Users Cannot Access SharePoint 2003 sites

Scenario:

Our SharePoint 2003 URL is exposed to internet. Let it be http://share.companyname.com .

 Our SharePoint 2003 was running on port 80. When we upgraded using gradual approach, SharePoint 2003 was moved to another port, say, 42154 and new MOSS 2007 started running on port 80.

Now, the functionality is that when we try to access a SharePoint 2003, we are redirected. Like if when we tried to access http://share.compantname/sites/abc , we were redirected to SharePoint 2003 and URL turns out to be http://share:42154/sites/abc. This works find for intranet users but for internet users http://share:42154/sites/abc is not Fully Qualified Domain Name (FQDN), so they get stuck with page not found error.

 

Workaround:                                  

What we did was used SSL for port 42154. One can do this by going to IIS Manager, select Web Site running SharePoint 2003. Right click and click on properties. In front of TCP PORT: 42154, you have SSL Port: test box. Write 443. You will be able to access SharePoint 2003 sites using httpS://share.companyname.com/sites/abc

 

What went wrong?

When started Upgrade by clicking on “Begin Upgrade”, we didn’t put host header name and did not exposed that host header to internet

 

 

For more explanation, kindly visit the heading “Determine and create new domain names (gradual upgrade only)” at the following link:

http://office.microsoft.com/download/afile.aspx?AssetID=AM101638521033

Leave a Comment