After performing a database-attach upgrade from SharePoint 2010 to SharePoint 2013, you may discover that your users are getting the Access Denied message.
If so, look no further than the default claims-based authentication functionality in SharePoint 2013. By default, claims-based authentication mode is used for web applications created in SharePoint 2013. In fact, you cannot create a new web application using classic-mode at all from within the SharePoint 2013 Central Administration site.
Microsoft recommends two primary methods of migrating from classic-mode to claims-based authentication in SharePoint 2013. See article below.
2) Migrate SharePoint classic-mode web applications to SharePoint 2013 classic-mode web applications, and then convert the SharePoint 2013 classic-mode web applications to claims-based web applications.
If so, look no further than the default claims-based authentication functionality in SharePoint 2013. By default, claims-based authentication mode is used for web applications created in SharePoint 2013. In fact, you cannot create a new web application using classic-mode at all from within the SharePoint 2013 Central Administration site.
Microsoft recommends two primary methods of migrating from classic-mode to claims-based authentication in SharePoint 2013. See article below.
1) Convert SharePoint 2010 classic-mode web applications to claims-based authentication in SharePoint 2010, and then migrate to SharePoint 2013.
2) Migrate SharePoint classic-mode web applications to SharePoint 2013 classic-mode web applications, and then convert the SharePoint 2013 classic-mode web applications to claims-based web applications.
I chose the second option because the first option just seemed too risky. Once finished, all users were able to successfully logon. Of course, it required me to delete the existing SharePoint 2013 claims-based web application and recreate it in classic-mode. To do this, you must create the web application using PowerShell.