Note: This post is based on Beta 2 and is subject to change in future releases.
When upgrading MOSS 2007 FBA sites based on publishing templates, you need to run “MigrateUsers” method against the web application hosting the site to migrate users and permissions in the userinfo table. For publishing sites by default two separate accounts (portalsuperuseraccount and portalsuperreaderaccount) being used for caching, by default super users account is the site’s System Account and the default super reader user is NT Authority\Local Service, while these two accounts work post upgrade for web application in classic mode however they are not correctly resolved in a claims auth application after running the “MigrateUsers” method and as a result browsing to site collections hosted by the web application will result in an “Access Denied” even for the site collection admin.
To resolve this issue you need to:
Do the two domain accounts need to be added to the managed credentials? If not, how does one specify the password for these two accounts?
I am working on SP 2010. We need to migrate all the permissions from MOSS[AD Account] to a Global LDAP Directory in SP 2010. What do you think is the best way to do? Should we need to write PowerShell scripts to actually get all the permissions from MOSS and then map them with the LDAP Directory in SP 2010? Is there a tool or any other way to actualy do this permission[ReACLing] migration to SP 2010? Please guide me through this.
Thanks for your time.