logo banner


I have been trying to create a new Site Collection in SharePoint 2013/SharePoint 2016 through Content Matrix Console - SharePoint Edition but I have been encountering issues. Why is this happening? and what can I do about it?


In SharePoint 2013 and 2016 most web applications use claims authentication, but the Central Administration web application that manages the server level settings uses Classic authentication. When Content Matrix Console connects to a SharePoint server it has to authenticate through a web application. When connected to a SharePoint 2013 or 2016 web application that uses Claims authentication, SharePoint itself can have trouble recognizing that the accessing User account has permissions in the web application areas that are managed by Classic authentication. This is also true if connected to a web application that uses Classic authentication, if trying to access an area managed by Claims authentication.

In SharePoint 2013 and 2016, the permissions to create Site Collections is managed by Classic authentication, so if connected through a Claims authentication web application users will receive a "401 Unauthorized" error message when trying to create a new Site Collection. This happens even if the user account has all of the appropriate permissions. If connecting through a Classic authentication web application, users will receive permission errors when trying to set any settings on a Site Collection that uses a Claims authentication web application, after the Site Collection is created.

From Metalogix testing, we have determined that SharePoint 2013 and 2016 connections that use the Local Object Model connection will not run into this issue. This is because the Local OM connection type does not run authentication through IIS, which appears to be a trigger point for the authentication issues.

From testing we have also determined that you are still able to create SharePoint 2013 and 2016 Site Collections when using the Remote OM connection type, but in order to do this Content Matrix Console must elevate your permissions for the creation step. Before elevating any credentials, Content Matrix Console will run a preliminary check to ensure the migrating user has enough permissions initially to be able to use the elevated Site Collection creation. In order for these elevated permissions to be used, the migrating user account must explicitly (by name) have "Full Control" permissions on the Web Application that the Site Collection is being created on.

In the Remote OM connection case users can also create a Site Collection within any web application if they are a member of the Farm Administrator group in SharePoint and they are connected to Central Administration as a farm connection.

Note: All of the above is also true if you are migrating to a SharePoint 2010 environment that uses Claims authentication.

Possible Errors when Creating Site Collection in SharePoint 2013 or 2016

Below is a list of errors (and their explanations) that you might encounter when trying to create Site Collections in SharePoint 2013 and 2016 through Content Matrix Console.