I have an existing FBA database of ~2000 users for one of my clients in WSS 3.0.
I have successfully upgraded their WSS site collection (in a test environment) to SharePoint 2010.
I have also configured the 2010 installation to use FBA (through Claims Based Authentication) and verified that the users can be seen from the site collection.
The problem arrises in the way that the Security Token Service (STS) hands user info to SharePoint compared to the old way; the user token from STS does not match the format of the users that already exist in the site collection and they get "Access Denied."
For instance, In the Site Collection, the user EtherDragon is referred to as "fbamembership:etherdragon" However, the STS refers to me as "0.f|fbamembership|etherdragon" which has no perms.
Is there an good way to either get STS to use the old format or map current site collection users to their STS equivalent?
What I would like to avoid, if possible, is having to remove and re-add ~2000 users from their groups in SharePoint.
I ended up building a user remove/replace web part, which makes this more of a StackOverflow solution. Check out the Blog at http://sharepoint-foundations.blogspot.com/2010/06/fba-users-in-sharepoint-2010.html