Solved

SharePoint migrated user not allowed access

Posted on 2012-04-05
2
1,085 Views
Last Modified: 2012-08-13
I have moved a SharePoint 2007 Site, Content Database, from one domain to another running SharePoint Foundation 2010. I created an account in the new domain for the user and then ran:

stsadm -o migrateuser -oldlogin DOMAINA\user -newlogin DOMAINB\user

After doing so I received the error:

New user account does not have valid SID history.

I then ran

stsadm -o migrateuser -oldlogin DOMAINA\user -newlogin DOMAINB\user -ignoresidhistory

The user information was updated in the Content Database and the user shows up on the site in the correct Group with the new domain account when I view the properties.

The two issues I have are that
1.I can log into the site with the account but get an Access Denied message to content that the olduser had access to
2.The user does not show as valid in the People Picker, red squiggly line, once picked from the group they belong to and show up as a member of

Any thoughts as to how to resolve these issues?

UPDATE - The new site is using Claims Based Authentication which is the preferred authentication method. If I create the site using Classic Mode Authentication then the migration works as expected. So how can I migrate the users to the Claims Based Authentication?
0
Comment
Question by:martinjamesd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 29

Accepted Solution

by:
QPR earned 500 total points
ID: 37814814
0
 

Author Closing Comment

by:martinjamesd
ID: 37814856
I figured out what to do before you posted but you were on the right track. Basically the process is to
1. Create the new site using Classic and not Claims Based Authentication
2. Create the user accounts in the new  Domain
3. Use ststadm -o migrateuser to migrate the old account to the new
4. Convert the new site to claims and then again migrate the users to Claims using the following script

$WebAppName = "https://app"
 
#THIS SHOULD BE THE ACCOUNT THAT IS RUNNING THIS SCRIPT, WHO SHOULD ALSO BE A LOCAL ADMIN
$account = "DOMAIN\User"
 
$wa = get-SPWebApplication $WebAppName
 

Set-SPwebApplication $wa -AuthenticationProvider (New-SPAuthenticationProvider) -Zone Default
# this will prompt about migration, CLICK YES and continue
 
#This step will set the admin for the site
$wa = get-SPWebApplication $WebAppName
$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
 
#Once the user is added as admin, we need to set the policy so it can have the right access
$zp = $wa.ZonePolicies("Default")
$p = $zp.Add($account,"PSPolicy")
$fc=$wa.PolicyRoles.GetSpecialRole("FullControl")
$p.PolicyRoleBindings.Add($fc)
$wa.Update()
 
#Final step is to trigger the user migration process
$wa = get-SPWebApplication $WebAppName
$wa.MigrateUsers($true)
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
Summary In SharePoint 2010 it is easy to create custom color themes to jazz up a site. Theme colors can also be created in PowerPoint 2010 with a few clicks. But how do the chosen colors actually look in the SharePoint site? The attached PowerPoint…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question