Yvand · December 7, 2016 14:56
diff --git a/MigrateWindowsToTrusted.cs b/MigrateWindowsToTrusted.cs
 using Microsoft.IdentityModel.Claims;
 using Microsoft.SharePoint.Administration;
 using Microsoft.SharePoint.Administration.Claims;
 using System;
 using System.Diagnostics;

 namespace ConsoleApplication1
 {
    /// <summary>
    /// Migrate Windows users to be trusted from a specific SPTrustedLoginProvider
    /// The operation applies to whole content database (not only site collection)
    /// If entity is present in several site collections, it will be passed only once to ConvertEntity()
    /// </summary>
    public class MigrateWindowsToTrusted : IMigrateEntityForWebApplicationCallback
    {
        private string TrustedProviderName;
        private string IdentityValueSuffix;
        private string TrustedIdentityClaimType = ClaimTypes.Email;
        private SPTrustedLoginProvider SPTrust;
        public int MigratedEntitiesCount = 0;

        public MigrateWindowsToTrusted(string trustedProviderName, string identityValueSuffix)
        {
            TrustedProviderName = trustedProviderName;
            IdentityValueSuffix = identityValueSuffix;
            SPTrust = SPSecurityTokenServiceManager.Local.TrustedLoginProviders.GetProviderByName(TrustedProviderName);
            TrustedIdentityClaimType = SPTrust.IdentityClaimTypeInformation.MappedClaimType;
        }

        /// <summary>
        /// ConvertEntity is called for each entity to migrate.
        /// </summary>
        /// <param name="context"></param>
        /// <param name="entity">entity to migrate</param>
        /// <returns></returns>
        public SPMigrateEntityCallbackResult ConvertEntity(SPClaimMigrationContext context, SPMigrationEntity entity)
        {
            if (SPTrust == null)
                return SPMigrateEntityCallbackResult.Skipped;
            if (entity.AuthenticationType != SPWebApplication.AuthenticationMethod.Claims)
                return SPMigrateEntityCallbackResult.Skipped;
            // Skip migration of entity if it's not a Windows entity
            if (!String.Equals(entity.KeyClaim.OriginalIssuer, SPOriginalIssuerType.Windows.ToString()))
                return SPMigrateEntityCallbackResult.Skipped;
            // Skip migration of entity if it's not a user claim type
            if (!entity.NameClaim.ClaimType.Equals(SPClaimTypes.UserLogonName))
                return SPMigrateEntityCallbackResult.Skipped;
            // Skip migration of entity if it's administrator
            if (entity.Name.EndsWith("administrator"))
                return SPMigrateEntityCallbackResult.Skipped;

            // Example: old value (entity.NameClaim) = "contoso\user1", newValue = "[email protected]"
            string newValue = entity.NameClaim.Value.Split('\\')[1] + IdentityValueSuffix;
            // Create the identity claim and encode it
            SPClaim newClaim = new SPClaim(TrustedIdentityClaimType, newValue, entity.NameClaim.ValueType, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, TrustedProviderName));
            string newClaimEncoded = SPClaimProviderManager.Local.EncodeClaim(newClaim);
            // Set entity with new value
            entity.MigratedKey = newClaimEncoded;
            entity.MigratedName = newClaimEncoded;
            Console.WriteLine(String.Format("Migrated entity {0} to {1} (found in site {2})", entity.Name, newClaimEncoded, context.Site.Url));
            Debug.WriteLine(String.Format("Migrated entity {0} to {1} (found in site {2})", entity.Name, newClaimEncoded, context.Site.Url));
            MigratedEntitiesCount++;
            //return SPMigrateEntityCallbackResult.Skipped;
            return SPMigrateEntityCallbackResult.Success;
        }

        public bool IntializaForWebApplication(SPWebApplication webApp)
        {
            return true;
        }
    }

 }
diff --git a/Program.cs b/Program.cs
 using Microsoft.SharePoint.Administration;
 using System;

 namespace ConsoleApplication1
 {
    public class Program
    {
        public static void Main(string[] args)
        {
            string url = args[0];
            string trustedProviderName = args[1];
            SPWebApplication webApp = SPWebApplication.Lookup(new Uri(url));
            if (webApp == null || webApp.ContentDatabases.Count == 0) return;

            MigrateWindowsToTrusted migrator = new MigrateWindowsToTrusted(trustedProviderName, "@contoso.com");
            SPMigrateEntitiesOperationParameters settings = new SPMigrateEntitiesOperationParameters();
            foreach (SPContentDatabase db in webApp.ContentDatabases)
            {
                settings.AddDatabaseToMigrate(db);
            }
            webApp.MigrateEntities(migrator, settings);

            Console.WriteLine(String.Format("Finished. Migrated {0} entities.", migrator.MigratedEntitiesCount));
            Console.ReadLine();
        }
    }
 }
	using Microsoft.IdentityModel.Claims;
	using Microsoft.SharePoint.Administration;
	using Microsoft.SharePoint.Administration.Claims;
	using System;
	using System.Diagnostics;

	namespace ConsoleApplication1
	{
	/// <summary>
	/// Migrate Windows users to be trusted from a specific SPTrustedLoginProvider
	/// The operation applies to whole content database (not only site collection)
	/// If entity is present in several site collections, it will be passed only once to ConvertEntity()
	/// </summary>
	public class MigrateWindowsToTrusted : IMigrateEntityForWebApplicationCallback
	{
	private string TrustedProviderName;
	private string IdentityValueSuffix;
	private string TrustedIdentityClaimType = ClaimTypes.Email;
	private SPTrustedLoginProvider SPTrust;
	public int MigratedEntitiesCount = 0;

	public MigrateWindowsToTrusted(string trustedProviderName, string identityValueSuffix)
	{
	TrustedProviderName = trustedProviderName;
	IdentityValueSuffix = identityValueSuffix;
	SPTrust = SPSecurityTokenServiceManager.Local.TrustedLoginProviders.GetProviderByName(TrustedProviderName);
	TrustedIdentityClaimType = SPTrust.IdentityClaimTypeInformation.MappedClaimType;
	}

	/// <summary>
	/// ConvertEntity is called for each entity to migrate.
	/// </summary>
	/// <param name="context"></param>
	/// <param name="entity">entity to migrate</param>
	/// <returns></returns>
	public SPMigrateEntityCallbackResult ConvertEntity(SPClaimMigrationContext context, SPMigrationEntity entity)
	{
	if (SPTrust == null)
	return SPMigrateEntityCallbackResult.Skipped;
	if (entity.AuthenticationType != SPWebApplication.AuthenticationMethod.Claims)
	return SPMigrateEntityCallbackResult.Skipped;
	// Skip migration of entity if it's not a Windows entity
	if (!String.Equals(entity.KeyClaim.OriginalIssuer, SPOriginalIssuerType.Windows.ToString()))
	return SPMigrateEntityCallbackResult.Skipped;
	// Skip migration of entity if it's not a user claim type
	if (!entity.NameClaim.ClaimType.Equals(SPClaimTypes.UserLogonName))
	return SPMigrateEntityCallbackResult.Skipped;
	// Skip migration of entity if it's administrator
	if (entity.Name.EndsWith("administrator"))
	return SPMigrateEntityCallbackResult.Skipped;

	// Example: old value (entity.NameClaim) = "contoso\user1", newValue = "[email protected]"
	string newValue = entity.NameClaim.Value.Split('\\')[1] + IdentityValueSuffix;
	// Create the identity claim and encode it
	SPClaim newClaim = new SPClaim(TrustedIdentityClaimType, newValue, entity.NameClaim.ValueType, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, TrustedProviderName));
	string newClaimEncoded = SPClaimProviderManager.Local.EncodeClaim(newClaim);
	// Set entity with new value
	entity.MigratedKey = newClaimEncoded;
	entity.MigratedName = newClaimEncoded;
	Console.WriteLine(String.Format("Migrated entity {0} to {1} (found in site {2})", entity.Name, newClaimEncoded, context.Site.Url));
	Debug.WriteLine(String.Format("Migrated entity {0} to {1} (found in site {2})", entity.Name, newClaimEncoded, context.Site.Url));
	MigratedEntitiesCount++;
	//return SPMigrateEntityCallbackResult.Skipped;
	return SPMigrateEntityCallbackResult.Success;
	}

	public bool IntializaForWebApplication(SPWebApplication webApp)
	{
	return true;
	}
	}

	}