This article describes the steps required to remove EntraCP from your SharePoint farm.


Do not merely retract the solution! The features must be manually deactivated and uninstalled before the solution is retracted.


Do all the operations below on the server running the central administration, and in a new PowerShell process.

Reset property ClaimProviderName in the SPTrustedIdentityTokenIssuer

Unfortunately, the only supported way to clear the property ClaimProviderName is to remove and recreate the SPTrustedIdentityTokenIssuer object.
Alternatively, this property can be reset using .NET reflection, but this is not supported and you do this at your own risks:

# Set private member m_ClaimProviderName to null. Note that using .NET reflection on SharePoint objects is not supported and you do this at your own risks
$trust = Get-SPTrustedIdentityTokenIssuer "<SPTRUST_NAME>"
$trust.GetType().GetField("m_ClaimProviderName", "NonPublic, Instance").SetValue($trust, $null)

Uninstall EntraCP

Remove the assembly bindings


The steps in this section must be completed on all the SharePoint servers, after the solution was uninstalled.

  1. Open the machine.config file (%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Config\Machine.config) in a text editor.
  2. Locate the node <runtime>.
  3. Delete the entire node with its children and replace it with <runtime />.
  4. Save the file.