Click here to Skip to main content
11,789,710 members (60,893 online)
Click here to Skip to main content

Tagged as

Search Server 2010 and Claims Based Authentication

, 23 Jul 2010 CPOL 8.5K
Rate this:
Please Sign up or sign in to vote.
How to get around access denied error with Search Server 2010 and claims based authenticated web application


If you install Search Server Express 2010 on a SharePoint farm that has a web application using claims based authentication, you will get access denied in Central Administration when trying to manage the search service application.


To work around this issue, the user logged in to Central Administration must be added with permissions directly on the claims based authenticated web application. This cannot be done in the central administration UI even if ntlm authentication is enabled on the web application. The claims based user is not perceived by SharePoint as the user logged on to the windows authenticated Central Administration, i.e. 'i: 0#.w|domain\user' is not the same as 'domain\user'.

Use the following powershell script to add the windows authenticated user to the web application:
$site = new-Object Microsoft.SharePoint.SPSite("")
$wa = $site.WebApplication
$user = "domain\user"
$policy = $wa.Policies.Add($user, $user)


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Tore Olav Kristiansen
Software Developer (Senior) ByteTec Inc.
Norway Norway
No Biography provided

You may also be interested in...

Comments and Discussions

-- There are no messages in this forum --
| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.1509028.1 | Last Updated 23 Jul 2010
Article Copyright 2010 by Tore Olav Kristiansen
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid