NOTE: UPDATED 1/8/2011
I wanted to follow-up on the previous post about migrating authentiation types in SharePoint 2010 that was done here: http://blogs.technet.com/b/speschka/archive/2010/06/12/migrating-a-web-application-from-windows-classic-to-windows-claims-in-sharepoint-2010.aspx. I still recommend taking a look at that posting if you haven't already because it includes some good background information about the migration process. Recently we've been tweaking with the set ot steps to migrate authentication types and having more success than previously so I wanted to share those steps. These may or may not become the final steps, but it's a pretty good start.
UPDATED INFO: Folks, one of the things we discovered is that at least one of the issues we were seeing post-migration can be solved if the account that is running the PowerShell commands described below is a) a local administrator on the server where the commands are being run and b) is added to a Full Control web app policy on the web application that is being migrated. The script below already created a Full Control web app policy so I've just updated it to indicate that the user running the script should be used.
So here are the steps:
$WebAppName = "http://yourWebAppUrl"
#THIS SHOULD BE THE ACCOUNT THAT IS RUNNING THIS SCRIPT, WHO SHOULD ALSO BE A LOCAL ADMIN$account = "yourDomain\yourUser"
$wa = get-SPWebApplication $WebAppName
Set-SPwebApplication $wa -AuthenticationProvider (New-SPAuthenticationProvider) -Zone Default# this will prompt about migration, CLICK YES and continue
#This step will set the admin for the site $wa = get-SPWebApplication $WebAppName$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
#Once the user is added as admin, we need to set the policy so it can have the right access$zp = $wa.ZonePolicies("Default")$p = $zp.Add($account,"PSPolicy")$fc=$wa.PolicyRoles.GetSpecialRole("FullControl")$p.PolicyRoleBindings.Add($fc)$wa.Update()
#Final step is to trigger the user migration process$wa = get-SPWebApplication $WebAppName$wa.MigrateUsers($true)
There are a couple of things that may still be a problem for you after doing this that you'll want to take care of or be aware of:
If you follow these steps and use these troubleshooting tips you should be good to go in most cases.