I'm having a weird situation when upgrading from our classic auth. MySite in Sharepoint 2010 to claims based in Sharepoint 2013.
The problem is after I've converted it to claims based it looses the ability to bind a AD user to the corresponding old MySite site collection and tries to create a new one! If a user visits the My Site page and it makes the binding BEFORE converting to claims it works fine, and it maintains the binding even after claims conversion. But a user who hasn't visited MySite before the claims conversion in 2013 will get a new blank site!!
Here's how I do it.
1. I've set up a blank new Sharepoint 2013 farm installed on one Windows Server 2012 with a dedicated SQL instance in our DEV cluster. The farm is configured with all services - incl user profile service that have fully synced the AD with thousands of users.
2. I create a "MySite"-application with the powershell command:
New-SPWebApplication –name "SHP - MySite" –Port 47 –ApplicationPool "SHP - MySite AppPool" –ApplicationPoolAccount (Get-SPManagedAccount "ne\shpdatabase") -DatabaseName "Content_MySite_tmp"
3. I backup the "My Site" content databases from our live Sharepoint 2010 and restore them in the Sharepoint 2013 SQL instance.
4. I add the old "MySite" content databases with the powershell:
Mount-SPContentDatabase "Content_MySite_01" -WebApplication "SHP - MySite"
5. I to the upgrade to version 15:
Upgrade-SPSite http://xxxxxxxxx:47/ -VersionUpgrade
and repeat for the site collections I want to test
At this point the MySites are fully functional. If I visit mysite it looks good. But it's not claims.
6. I convert it to claims:
Convert-SPWebApplication –Identity "SHP - MySite" –To Claims -RetainPermissions
I get the error that some users cannot be converted but from what I can see it's old inactive AD accounts.
7. If I now try to visit mysite it will work if I visited it before I converted it to claims! If I didn't visit it before the conversion it won't make the connection and try to create a new one (and if I have set the "use domain name to sort out conflicts it will successfully create a blank new mysite for me).
So .. am I missing a step? I've checked some guides for how to setup mysites (incl http://blog.sharedove.com/adisjugo/index.php/2012/07/25/visual-guide-setting-up-my-sites-in-sharepoint-2013/) but most of them is about creating a new mysite, not how to migrate from 2010 to 2013! For us it's vital the MySites are migrated, creating new ones is not an option. If I was forced to migrate today I would leave it in normal classic authentication mode but that doesn't sound right either!
Here's a checklist what I've checked so far:
- Managed path "personal" added to MySite app
- Self site creation On for MySite app
- Creating and applying "create subsite" rights to all users
- "Setup my sites" in user profile sync service, all correct there
So somewhere along the line, after converting to claims based authentication it looses the ability to bind the AD account to the old site collection? But and I don't know what to do? Any suggestions?