When you convert a SharePoint 2013 classic-mode web application to claims-based authentication, is important migrate all existing users, otherwise nobody can access to application. For this scope you have to launch this powershell script:
# configure the policy to enable the user to have full access:
$WebAppName = "http://yourWebAppUrl"
$wa = get-SPWebApplication $WebAppName
$account = "yourDomain\yourUser";
$account = (New-SPClaimsPrincipal -identity $account -identitytype 1).ToEncodedString()
$wa = get-SPWebApplication $WebAppName
$zp = $wa.ZonePolicies("Default")
$p = $zp.Add($account,"PSPolicy")
$fc=$wa.PolicyRoles.GetSpecialRole("FullControl")
$p.PolicyRoleBindings.Add($fc)
$wa.Update()
# perform user migration
$wa.MigrateUsers($true)
# perform provisioning
$wa.ProvisionGlobally()
When it has finished if before your account was in this format domain\AccountName after executed this script your account will be i:0#.w|domain\AccountName, I suggest to check UserInfo table, field tp_Login, that all users have this new format.
Other thing that you must to do is update object cache user account: superuseraccount and superreaderaccount otherwise you could have an access denied when you try access on the application.
$wa.Properties["portalsuperuseraccount"] = "i:0#.w|domain\sp-superuser"
$wa.Properties["portalsuperreaderaccount"] = "i:0#.w|domain\sp-superread"
$wa.Update()
Simone F.