Unique Permissions are No longer works after Migrating SharePoint 2010 Web Application to 2013

It is well known that SharePoint 2013 by default uses Claims mode for Authentication and Whenever we create a Web Application it creates with Claims Auth. SharePoint 2010 also had Claims but was optional for us to choose whether we want to have Claims based or Classic. If you had a Classic Mode Web Application in SharePoint 2010 and then it migrated to SharePoint 2013, you also need to Migrate Users specifically from Classic to Claims because you can no longer user Classic mode in 2013.

I had a scenario where an Intranet Site was Hosted in SP2010 and Migrated to 2013 which had hundreds of Libraries and Folders inside them with Unique Permissions. After the Migration from 2010 to 2013 using DB attached method, everything worked well until users start complaining that they are unable to see any records with unique permissions.

Checked the permissions using “Check Permissions” Option and something seemed to be wrong as all the users are not having their relevant set of permissions in the new Destination. It just the Read permissions granted through “All Users” Group which is NT All Authenticated Users.


Migrating Users from Classic to Claims using below PowerShell Script Rectified the issue and everyone was able to access their relevant records as expected. checked the permissions again and it appeared all set of permissions which is looked like everything back to normal. We also need to ask every individual to check their content and functions to verify this.


You can run this in any Server in the Farm and once it’s done, cannot be reverted back so better test it out first in a POC Setup. this will completely switch your all users from Classic mode to Claims.

   1: Add-PSSnapin Microsoft.SharePoint.powershell -EA 0

   2: $webapp = Get-SPWebApplication -identity "http://intranet-poc.abc.local"

   3: $webapp.MigrateUsers($true)

Bottom Line: Claims Based Authentication is an Essential Component in order to enable SharePoint 2013 with Advanced functionalities. If you had a Classic mode Web Application in SharePoint 2010 and you are planning to Migrate it to SharePoint 2013, Migration of Users is a Critical part of the SharePoint Migration. It is important to test the same in a Test Environment prior to the Production.

Notes: There are lot more details and scenarios when it comes to Claims Authentication. will put it over here as an detailed article soon.


SharePoint Granular Backup Failed and Site Went Inaccessible (Locked)

So you was thinking that site backup has no Interruption to the running (live) system ? Yes it is. I ran in to an issue where an Granular backup was executed through SharePoint Management shell while users were accessing the portal in SharePoint 2010 production farm.

Backup was terminated due to lack of space in destination drive and users are prompted with "Error: Access Denied Massage" which was in an extremely critical peak hour.

There were multiple set of backup jobs running parallel in SharePoint Shell and few of them were unable to complete due to lack of space. The person who was handling this closed all the SharePoint Shells and sites suddenly prompted this error to all users. Sites which are successfully backed up had no issues.


Checked the Content DBs of particular Web Applications and they looks green as Database Read-only mode is "No".


When Looking out for a possible reason, the "Lock" word came up to my mind and checked the "Quotas and Locks" in Central Administration (Application Management –> Site Collections –> Configure Quotas and Locks)

And Here we Go !. It was in the Read only Mode. Changing the status to the "Not Locked" Mode bought everything back to normal.


It has put the site in to maintenance mode during the backup and since it was not properly completed, the status yet remains in Read-Only mode. So a good point to think before you execute any backups in SharePoint. Plan for a drive with enough space and off-peak hour.

This is the command line resolution for the same

stsadm -o setsitelock -url http://sitename -lock readonly

stsadm -o setsitelock -url http://sitename -lock none

Here are some good facts in terms of Backup and Restore Planning in SharePoint From Microsoft – https://technet.microsoft.com/en-us/library/gg266384.aspx

SPSite Restore Fails with “InvalidData” Error (Restore-SPSite PowerShell Fails)

One of my friend came up with the Error on PowerShell during a Restoration of SharePoint Granular Backup to another Farm.



Restore-SPSite : <nativehr>0x80070003</nativehr><nativestack></nativestack>

At line:1 char:1

+ Restore-SPSite http://Source-Site -Path C:\bkp\SourceSite.bak

-HostHeade …

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


+ CategoryInfo : InvalidData: (Microsoft.Share…dletRestoreSite: SPCmdletRestoreSite) [Restore-SPSite], DirectoryNotFoundException + FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletRestoreSite


After Checking all the Event Logs and Destination Databases etc.… realized that this cannot be an issue of the Destination Farm. Tried to backup the same Site Collection from source Farm via Central Admin Thrown an Failure at the end of the Backup job.


I Always Prefer PowerShell for SharePoint Administration because that’s the ultimate tool to get almost anything done when we stuck on UI. before finding the root cause for this failure through UI, made it to PowerShell since the Destination restoration was a urgent thing to do. If You face the same, Use Below Shell Line to Execute a Granular Site Collection Backup.

Backup-SPSite http://SourceSiteURL -Path "C:\site.bak"

This Ran very well and realized the size of the .bak file is pretty large than the one came out with errors through UI.

Used the New backup file to Restore and it went like a Charm. Making sure on the success result at the end of a backup job will save your day…

Extract Farm Solutions from SharePoint

Seems you are directed to here from a Search Engine!

Yes you can simply use PowerShell to extract your Farm solutions a bulk. there were some .exe s also does the same but for me it was more easy to use this smart little Shell Script. Every SharePoint Guy one day will face an Migration, this little guy is a very useful and reliable one.

Run PowerShell ISE as Admin and run below Lines. use first three Lines to Extract from the source Farm and last few lines are for Destination Farm use.

   1: #Extract Solutions from Source farm 

   2: Add-PSSnapin Microsoft.SharePoint.PowerShell

   3: $farm = Get-SPFarm

   4: $farm.Solutions | ForEach-Object{$_.SolutionFile.SaveAs("c:\export\" + $_.SolutionFile.name)}</p>


   6: #Add Solution to Another Farm 

   7: <p style="padding-left: 30px;">Add-PSSnapin Microsoft.SharePoint.PowerShell

   8: $files = Get-ChildItem "c:\install\"

   9: ForEach ($file in $files) {Add-SPSolution $file.FullName}

Sample (Change the ‘Save as’ Folder as you wish)


Configuring Outgoing Email for Various SharePoint Environments

Configuring Outgoing email for a SharePoint Farm is one of the core thing to be done after the initial SharePoint Deployment and Configurations. You can use an Internal Mail Server or simply relay to an external Services such as Hotmail or Gmail. We will go through both ways in this Article. No purpose of referring to an External Service if you got a Mail Server in premise (e.g. – Exchange Server). Developers always prefer to use free Services like Gmail or Hotmail since having a Mail Server set up as a virtual is something consumes resources.


  • Using External Services (Mostly Used for Testing Purposes by Developers)
  • Using In Premise Mail Server
  • Standalone and Multi Server Farms

Initial Common Steps (Ignore if you have SMTP and IIS 6.0 Roles and features Installed and go directly to Scenarios below)

To Install SMTP Services in SharePoint Server, Open Server Manager and go to Add Roles and Features. My server in this scenario is 2012, if yours is 2008 or earlier you may do the same from Control Panel –> Programs and Features.

Go to Add Roles and Features.


Click Next until you get the ‘Select Features’ tab. Select the SMTP Server There. Choose Telnet Client too, you will need it to test the connectivity to SMTP Services Later.


Below Tab will be prompted. Simply click ‘Add’ to it. SMTP Server is usually managed from IIS 6 Interface so let it install all the required components there. Click next after the selection and it will be completed in a minutes.


Once Installation is done, Go to Start menu and type IIS, find the old IIS Icon which comes as second item in results. Click and it will launch the IIS 6.0 Manager.


Meanwhile Let’s go to Services of SharePoint Server (Open Run and type ‘services.msc’ and Enter) and find SMTP Service then make the Startup mode to ‘Automatic’ from ‘Manual’.


Above Steps are the common ones for any scenario.

Scenario A – Configuring Outgoing Email for SharePoint with External Service

Once you launched the IIS 6.0 it will load below Snap in.


Right click on the Virtual Server Name [SMTP Virtual Server #1] and get the Properties of it.


General Tab – Nothing to do here

Access Tab. Under Authentication, Enable Anonymous and Click OK.


Connection: Choose All except list below under connection. You can also specify the Server here by choosing the first option so that would be more secure.


Relay: here also the second option for me. You can specify the server too.


Massage Tab – Nothing to do here for now. You can simply customize by defining limits based on the requirements.


Delivery Tab – Set the Outbound Security here. Choose ‘Basic Authentication’ and define the Account details which will be used to connect to particular SMTP Server (External). Enable TLS encryption and click OK to save.


Outbound Connection: I have No changes here. The default Port is 25 and you have to adjust based on the Port Number used by your External SMTP Service (‘I’m Using Gmail for testing)


Advanced: Define the FQDN of your SharePoint Server (Local Server which runs SMTP Service) and check DNS to validate the name. Set the name of your external SMTP Service under the ‘Smart Host’ field. (Gmail – smtp.gmail.com | Hotmail – smtp.live.com etc…)


You can leave rest of the things such as ‘LDAP Routing’, ‘Security’ with Defaults and enable as and when requires.

Let’s Open up IIS Manager which hosts our SharePoint Web Applications (IIS 7/8). Point to Relevant Web application which we will be using Outgoing Email in SharePoint. Click on the ‘SMTP E-Mail’ Feature.


Define it to use ‘Local Host’ and Save.


That’s it from IIS 6.0 Panel. Let’s Open up SharePoint Central Administration to do the last thing. Point to ‘System Settings’ –> Configure Outgoing Email Settings’ under Email and Test Category.


Define the

  • Outbound SMTP Server (Local SharePoint Server which we enabled SMTP Services)
  • From and Reply to Addresses
  • Character Set with Defaults


That’s all on Configurations. Do a IIS Reset before we test the functionality.

Testing of Functionality.

You can either Set an Alert to a Library and if it’s sent we are good.

Login using an Account which has an Valid Email address. Create a test Library and go to Library Settings and ‘Set Alert on This library’.


It will prompt below snap in. it shows the Email address of the particular user. Click OK to save with default settings. Default settings will send an alert immediately based on any change you are doing to this library.


It will create the initial Alert right after the enabling. This Proves that Outgoing Email is now Functioning Well !



Or else the other way is to Create a Simple Workflow to fire a Mail based on a Record (or something). This is a nice way to test it out. Would be robust than the alert.

Open SharePoint Designer and create a Two Step Simple Workflow like below to test.


Upload a sample Item and Start the Workflow.


This will trigger the mail immediately.


Scenario B – Configuring Outgoing Email for SharePoint with In Premise Mail Server.

In This scenario, SharePoint Server will relay all the outbound mail traffic to Organization’s Mail Server which may be Exchange Server.

Nothing much but only below few changes you should do after the common Configurations done.

In SMTP Server ‘Delivery’ Tab. Enable ‘Anonymous Access’ under ‘Outbound Security’


Also the Internal Mail Server Name in the ‘Advanced’ Settings


Scenario C: Deal With Standalone and Server Farms

Standalone: In The Central Administration, You can point to Local SharePoint Server in the Single Server Scenarios. Do not point to the Smart Host from Central Admin.


Server Farm: having SMTP Service installed and configured in one of the Frontend Server would do. Make it available in all WFE Servers if you have multiple with Load balanced so that SMTP Service will still work even if any WFE goes down in case.

Point in to the Smart Host in Server Farm Scenarios. Do not point to the Local Server


Important Troubleshooting Steps

1. If you are not getting any mails yet, Check the Junk Folder too, sometimes it goes there under the untrusted category

2. Keep Monitoring the Queue Folder (C:\inetpub\Mailroot\Queue) if the mails are queuing here, you got a point to check.


3. Sometimes External Service vendors may have changed the port for SMTP for security purposes. Check the connectivity using Telnet. This is why we install Telnet service too when we installed SMTP. Open PowerShell as Admin and run below lines (customize with Name and Port)


If it connects Like below, we are Cool here. Otherwise you got a point to check, may be the port number of Firewalls you have.



  1. All Above Configurations are Identical for both SharePoint 2010 and 2013.
  2. Also There’s No single Edition wise Difference (Foundation, Standard, Enterprise). all the steps are common for all Editions of SharePoint.

Discover and Leverage SharePoint Foundation

Foundation Edition is still the Grand Child of SharePoint Product Family. It is the Super Man of Small Level Organization’s Collaboration Arena !

SharePoint Foundation is the greatest free Platform i have ever experienced. Microsoft has already built it up to a very good level where bunch of out of the box features and functionalities are bundled. when you installed it and open up the Central Administration for First time, You wont see any single difference in UI Level but some of the advance Services and Service Applications aren’t There.

at 2007 when SharePoint was named as Office SharePoint Server 2007, Foundation was there as WSS 3.0 which is Windows SharePoint Services 3.0. Many Small and Medium Size Organizations started playing with WSS 3.0 where they wanted to explore what SharePoint is all about. WSS was a Really good kick-off in the SharePoint product history. it made a big noise in the both Technical and end user arenas. When SharePoint 2010 Introduced, SharePoint Foundation 2010 came to the scene as a improved little hero and now with 2013 i can see that it’s getting armed with more OOTB Features (e.g. Search Services are bundled in !).

So What is SharePoint Foundation  all about ?

SharePoint Foundation is the entry level Platform of SharePoint Product Family. with the growth of product through several version releases, Foundation edition also has improved with same UI and core functionalities such as below.

   – Web Applications
   – Site Collections | sites (with number of OOTB Templates)
   – Lists and Libraries (with number of OOTB Templates)
   – Blogs
   – Wikis and about 50 more core (Major) features

Where it suits and to whom ?

for Small and Mid Size organizations who are interested of starting with Web Based Secure Collaboration. and i believe that any developer who is interested to start with SharePoint, he/she should start with Foundation edition so that he/she can simply understand with edition level variations.

Backend Database Practices

Except the Services and Service Applications, SharePoint Foundation doesn’t have many barriers on features (meaning here for startups) but if you look for totally free solution with SQL Server Express (Free) backend there’s a obvious Barrier on Backend when your solution grows up. For an instance SQL Server Express supports only limited size of Hardware Resources (Processors | Cores | Memory) and Limitation of DB size and Instance Size would be a challenge specially when the solution grows up.

When it comes to Small-Mid Size production environments with SharePoint Foundation, it would be better to have SQL Server Standard or Enterprise (Based on the Requirements)

What You don’t get in Foundation ?

    – Audience Targeting 
    – Document Sets
    – OOTB Workflow Templates (Signature Approval etc..)
    – Ratings
    – and about 40 + More Features than Foundation
    – Access Services
    – Dashboards
    – Excel Services and Power pivot for SharePoint (combined with SQL Server Enterprise)
    – Visio Services
    – InfoPath Forms Services (one of the most useful massive capability)
    – Calculated KPIs

How we can Leverage ?
as i was saying, SharePoint Foundation is the core Platform of the entire product range. it is extremely open for you to extend with your own solutions and customizations and that’s where we got to love it.

These tools and Resources are doing outstanding job to make you armed with custom solutions.

    1. SharePoint Designer (Customizations)
    2. Visual Studio (Developments)
    3. Community (e.g. – Codeplex) – Codeplex community doing an exceptional work that contains bunch of free SharePoint Foundation suitable solutions. 
    4. Search Server Express 2010 for SharePoint 2010 (Enterprise Level Search Solutions can be     implemented with this solid add-on) – See my Article here which explains step by step how  you can leverage your Foundation setup with Search Server Express 2010 which is also free of cost.

    5. Office Web Apps – and Yes ! this is one of the most evolving and interesting this across the collaboration arena. with office web apps you can simply open/edit Microsoft Office documents through the browser which came out with SharePoint 2010. it is also capable to integrate with Foundation (this isn’t free by the way).

Below are some free stuff from Codeplex makes your foundation environment more capable of going beyond the limits. i have tested some of these and i would highly recommend codeplex solutions when it comes to reliability and quality.

* Have a look at this filtered result of Codeplex solutions specifically for SharePoint Foundation – http://www.codeplex.com/site/search?query=SharePoint%20Foundation&ac=4

Below are some of them.

1. SharePoint Foundation 2013 Publishing Infrastructure – They have recently released an awesome add-on     for Foundation 2013 which is an lightweight Publishing Infrastructure for SharePoint Foundation     2013. this is a really good news for techies out there.

2. SharePoint Foundation Synchronization – This Solution enables SharePoint Foundation administrators     to synchronize Active Directory data with the User Information List.

3. ReportViewer for SharePoint Foundation – It’s Allows setting report parameters by SharePoint HTML     Forms (IWebPartParameter), SharePoint Lists (IWebPartRow) and by other linked reports

4. User Profile Synchronization for SharePoint Foundation – This guy is an SharePoint 2010 Foundation     Timer Job to Synchronize AD Properties (something cool as Foundation edition havent got a User     Profile Service Application)

What About Hosting ?

SharePoint Foundation also supports hosting Requirements. it’s fully capable of providing Multi-tenancy requirements for Hoster’s and I have tested the same several times. Microsoft SharePoint Foundation Subscription Settings Service is the ultimate actor which provides hosting capabilities and it is there in foundation edition as well.

Check out the capabilities here in this comparison chart –https://manojviduranga.wordpress.com/?s=editions 

Future Growth and Consider on Expansions

and in the other hand, when it comes to Farm | Server level, you are eligible of scaling out your Farm. SharePoint Foundation also can be implemented in three Tier method which goes as Web Tier, Application Tier and Database. you can have multiple number of Web Servers and Application Servers based on the load and Requirements.

Related References:

See my Article here to understand feature comparison in latest SharePoint – https://manojviduranga.wordpress.com/2013/03/26/sharepoint-2013-editions-and-feature-comparison/

Refer here to integrate Search Server | Express for SharePoint Foundation 2010 – https://manojviduranga.wordpress.com/2013/09/18/integrate-search-server-2010-express-with-sharepoint-foundation-2010-get-the-maximum-out-of-foundation-functionalities/

You can also see the Presentation here i did at SharePoint SriLanka User Group April Session under the topic of Leverage SharePoint Foundation as it’s Max. – http://www.slideshare.net/manojviduranga/utilize-sharepoint-foundation-as-its-max

Integrate Office Web Apps with SharePoint Foundation step by step guidance – https://manojviduranga.wordpress.com/2013/10/26/convert-a-virtual-disk-via-hyper-v-2012/ 

Product Updates and Releases ?

Whenever Microsoft Release a Product Version, Cumulative Updates or Service packs for SharePoint Server, it releases for all three editions together (Foundation, Standard, Enterprise) so whichever the edition you use you are up to date with the technology.

Download Resources:

Download SharePoint Foundation 2013 – http://www.microsoft.com/en-us/download/details.aspx?id=35488 

Download SharePoint Foundation 2010 – http://www.microsoft.com/en-us/download/details.aspx?id=24983 

Download Office Web Apps Server for SharePoint – http://www.microsoft.com/en-us/download/details.aspx?id=35489

Download Search Server Express for SharePoint 2010 – http://www.microsoft.com/en-us/download/details.aspx?id=18914

SharePoint Product Updates – http://technet.microsoft.com/en-US/sharepoint/jj891062 


Cheers With Your SharePoint Journey Folks !!

SharePoint User Group Meet up for April 2014–How to Leverage SharePoint Foundation with Available Free Tools

Another SharePoint User Group Meet up Finished successfully Yesterday At Microsoft Srilanka. my topic was “how to leverage SharePoint Foundation with Available Free tools”. May be you are interested to look at the slide here – http://www.slideshare.net/manojviduranga/utilize-sharepoint-foundation-as-its-max