Claims Based authentication and the PublishingCache

By | 2010-07-06

If you are using Claims Based Authentication on your WebApplication then the Publishing Cache doesn’t work properly.

Have a look into your Developer Dashboard to see what is going on:

The warning and critical error are:

  • 7362 – Warning Publishing Cache
  • 7363 – Critical Publishing Cache

Why is this? Because with Claims Based Authentication the Cache account cannot access the Content Databases.

The solution is to provide your SPWebApplication with two settings (Properties):

  • portalsuperuseraccount
  • portalsuperreaderaccount

If you are lazy, like me, you probably want to automate this into a PowerShell script:

Update 6 juli 2010: This script sets the default managed account as the portalsuperuseraccount and portalsuperreaderaccount. In a production scenario this will work, but it is wiser to use a read only account. Give this account Full Read permission through a Web Application Policy, follow this step-by-step-guide.

write-host ""
write-host -f White "Configure the WebApp property: portalsuperreaderaccount"
write-host ""
write-host -f Green "Stef van Hooijdonk - v1.0"
write-host ""

$snapin="Microsoft.SharePoint.PowerShell"
if (get-pssnapin $snapin -ea "silentlycontinue") {
	write-host -f Green "PSsnapin $snapin is loaded"
}
else {
	if (get-pssnapin $snapin -registered -ea "silentlycontinue") {
		write-host -f Green "PSsnapin $snapin is registered"
		Add-PSSnapin $snapin
		write-host -f Green "PSsnapin $snapin is loaded"
	}
	else {
		write-host -f Red "PSSnapin $snapin not found"
	}
}

write-host -f Green "Getting current Farm"
$farm = Get-SPFarm

write-host -f Green "Getting Default ServiceAccount (Managed)"
$cacheAccount= $farm.DefaultServiceAccount.Name

write-host ""
write-host -f Green "Going to loop Claims Based authentication WebApplications"
write-host ""

Get-SPWebApplication | foreach-object {

	if ($_.UseClaimsAuthentication ) {
	write-host -f white $_.Url " is a Claims Based Authentication WebApp"

	write-host -f yellow " - Setting Property: portalsuperuseraccount $cacheAccount for" $_.Url
	$_.Properties["portalsuperuseraccount"] = "$cacheAccount"

	write-host -f yellow " - Setting Property: portalsuperreaderaccount $cacheAccount for" $_.Url
	$_.Properties["portalsuperreaderaccount"] = "$cacheAccount"

	$_.Update()
	write-host "Saved properties"
	}

}
Write-host ""
Write-host -f red "Going to run IISReset"
Write-host ""
IISreset /noforce
Write-host ""

6 thoughts on “Claims Based authentication and the PublishingCache

  1. Pingback: The Publishing Cache of SP2010 WebApplications « SharePoint Stef (@vanHooijdonk)

  2. Pingback: The Publishing Cache of SP2010 WebApplications « SharePoint Stef (@vanHooijdonk)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.