SharePoint: Troubleshooting Check Permissions

Why should you care? Having “Check Permissions” fail to give you an accurate representation of user permissions can be annoying, but it doesn’t actually effect the users ability to log in and utilize those permissions, so that part is relatively minor.  However, “Check Permissions” is not the only function that utilizes the External Token to…

4

SharePoint: All about one-time timer jobs

One-time timer jobs are created ad-hoc, should run immediately, and then disappear when they are done doing whatever they were supposed to do.  If you have one-time timer jobs hanging around, you have a timer service (owstimer.exe) problem. You can easily find any one-time timer jobs by doing this: Go to Central Administration | Monitoring…

0

SharePoint: Considerations when switching from FIM Sync to AD Import

Many times we end up battling “SharePoint Profile Synchronization” (aka: “FIM Sync”) for a while before we realize that “SharePoint Active Directory Import” (aka: “AD Import”, aka: “ADI”) was a better fit all along. Why switch?  Or for new farms, why go with AD Import? “SharePoint Active Directory Import” (“AD Import” from here on) is…

1

SharePoint 2016: Import profile pictures with MIM 2016 – walkthrough

In this post, I’ll walk through importing user profile pictures to SharePoint 2016 using Microsoft Identity Manager (MIM) 2016 using a ton of screenshots.  The idea is to show how the process works so you know how to configure it and where to go looking when something goes wrong. After completing the basic SharePoint 2016/…

0

SharePoint: Issues with profile pictures when MySite uses SAML auth

There are a couple known issues with user profile pictures when your Mysite web application uses Trusted Provider (ADFS / SAML) authentication. Symptoms There are two different known symptoms with the same cause and solution: #1 When running User Profile Synchronization, nothing is imported or exported. In the Forefront Identity Manager (FIM) client, we see…

0

SharePoint: Certain users not resolved in People Picker

Here I cover how to use Fiddler and IE Developer Tools (F12) to troubleshoot People Picker problems in SharePoint 2013 and 2016 within the context of a problem I recently came across. Problem: Certain users are not resolved in People Picker.  The client-side people picker control shows no results, but doesn’t throw an error either. …

0

SharePoint 2013 & 2016 – Manager and Assistant values swapped in User Profiles

Here’s one that was a problem in SharePoint 2013, was fixed, but never ported to SharePoint 2016, so we had to fix it again. Consider the following scenario: You are importing user profiles from Active Directory (AD).  This can happen using any of the profile import methods for either SharePoint 2013 or 2016. 2013: SharePoint…

1

SharePoint: Users randomly lose permission – are deleted from site

This is a good one, it appears to be random, and intermittent, and is extremely hard to track down. Consider the following scenario: Intermittently, when a user browses to a resource (site, list, etc) that they are supposed to have access to, they receive “Access Denied”, or our more friendly version: “Sorry, this site hasn’t…

1

SharePoint: Facts and Troubleshooting the Claims To Windows Token Service (C2WTS)

Facts: 1. The Claims to Windows Token Service (from here on denoted as “C2WTS”) is only used when SharePoint needs to get data from an external system that does not understand claims.  Examples include (but are not limited to): SQL Server Reporting Services (SSRS) Excel Web Services (EWS) PowerPivot / Power View Business Data Connectivity…

2

SharePoint 2013: User Profile Incremental Synchronization timer job fails with Access Denied

Problem: Consider the following scenario: The User Profile Service (the web service, NOT the Sync service) is running on two servers in the farm: App1, App2. In that case, the <UPA name>- User Profile Incremental Synchronization timer job (internal name: ProfileImportJob) can run on either server. The User Profile Synchronization Service is running on App2….

0