Ensure claims-based authentication is used for all web applications and zones of a SharePoint 2019 farm

Claims-based authentication enables systems and applications to authenticate a user
without requiring the user to disclose more personal information than necessary.
SharePoint continues to offer support for both claims and classic authentication modes.
Claims-based identity is an identity model in SharePoint that includes features such as
authentication across users of Windows-based systems and systems that are not Windows-
based, multiple authentication types, stronger real-time authentication, a wider set of
principal types, and delegation of user identity between applications.

When a user signs in to SharePoint, the user’s token is validated and then used to sign in to
SharePoint. The user’s token is a security token issued by a claims provider. When you
build claims-aware applications, the user presents an identity to the application as a set of
claims. One claim could be the user’s name, another might be an email address. The
external identity system is configured to give your application all the information that it
needs about the user with each request, along with cryptographic assurance that the
identity data received by the application comes from a trusted source.

Solution

  1. Navigate to Central Administration website.
  2. Under Application Management go to Manage web applications.
  3. Click on the site you’re planning to verify Claims Based Authentication.
  4. Under Web Applications tab click on the Authentication Providers icon.
  5. Under the small window pop-up verify if the default value is set to Windows.
  6. Create a PowerShell (.ps1) file and paste the following code into it:

$setcba = Get-SPWebApplication ‘http://’
$setcba.UseClaimsAuthentication = 1;
$setcba.Update()

  1. Save the Code as SetClaimsBasedAuthentication.ps1 on the SharePoint server.
  2. Execute the PowerShell script from the SharePoint Management Shell using the
    following command ./SetClaimsBasedAuthentication.ps1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.