.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

users are known in user profile, but not in security

Posted By:      Posted Date: September 15, 2010    Points: 0   Category :SharePoint
Hi all, I am having this weird issue here: SP2010 was working fine, user profile sync and claims-based security on the web app. Now, with no clear reason, it cannot find users anymore on the security part. People search still works, but I cannot add users on SharePoint to log in. Strange thing is: if I type half a username, it still resolves the full name, but it has a red stripe underneath it as a sign that it does not recognize the user. So it can find the name of the user, but it cannot add it to SharePoint.   Once more, the user profile sync is working great and I can find users on people search.   Any thoughts ? 

View Complete Post

More Related Resource Links

FBA users (ldap provider) don't have any user profile info when logged in.... what am I doing wrong

Sharepoint 2010, Claims authentication, FBA using ldap membership provider and role provider against Active Directory.  User profiles all imported just fine -- used the LDAP FBA provider hitting Active Directory to do so too.  whenever an FBA user logs in, it doesn't seem like sharepoint is picking up any user attributes.  targeted audiences don't work and MY SETTINGS is blank other than account and name.  If the same user logs in but through Active Directory, everything works just fine... targeted audiences, etc. Am I doing something wrong or can I not use the LDAP provider to authenticate to AD and also use the user profiles from Sharepoint?  GRRRRR.  All this to get around the Windows Authentication popup so I can customize a better looking logon experience.  Help?

User Profile Service not returning security groups


I just got the User Profile Service working, and tried using GetCommonMemberships but I am only getting Distro lists and Sharepoint groups.  No security groups (Domain Local, Global, Universal) are showing up.

I did come across one post where someone was not running in Native mode AD, its possible since I *JUST* ADPrepped and added a 2008 DC today that I'm back in a mixed mode and that is the problem...?  Seems weird tho.   Just checked on the new 2008 DC it says Windows 2003 mode or something along those lines

Sharepoint itself is able to see and use the security groups.  If I change permissions on a List or library, I am able to select security groups.  It seems specific to the User Profile Service.

A little more looking... it seems that DL's show up, and Universal security groups show up.  Domain Local and Domain Global security groups do not.




Need Clarifications on SharePoint 2010 User Profile properties and Sync database security


Need few clarifications on SharePoint 2010 user profile sync. I’ve answered some of them but need confirmation/clarity on this front.

  1. Is there option to disable ‘email address’ import from AD?
    Yes. Can disable that property mapping.
  2. Possible to send mails (user alerts) from SharePoint without the user profile property ‘email address’ mapped?
    Yes. User alert mails from SharePoint will work without ‘email address’ mapped in user profile DB.
  3. In case email address too is imported into SharePoint, can we bulk export them from SharePoint? If Yes, how to security harden that database?
    Not Sure. I believe Farm admin account/sync account has access to do this profile DB.

 Thanks in advance for your advice.<

MS SQL Server: Disconnect Users From Database - Kill User Session

If you ever wanted to restore your database from a SQL backup file (.bak), but there are still users connected to your database, the backup operation will fail causing the error: Exclusive access could not be obtained because the database is in use.

Intranet Users Challenged When Using Windows Integrated Security


We've setup an intranet site using Windows Integrated Security. Its up and running and users can access it. However, they are being challenged with a login dialog for the server when they initially access the site.

Isn't is possible to configure the server so that the users aren't challenged AND are recognized as being already authenticated by Windows? We're trying to go with a seamless experience, whereby all they have to do is login to their machine like normal and then go from there.

Security: Authenticate Users Across Organizations Using ADFS


Jack Couch looks at how to set up ADFS and when to use it; he then shows how to connect to an outside organization to offer single sign-on.

Jack Couch

MSDN Magazine December 2007

Attack Surface: Mitigate Security Risks by Minimizing the Code You Expose to Untrusted Users


In this article, Microsoft security expert Michael Howard discusses the cardinal rules of attack surface reduction. His rules - reduce the amount of code executing by default, reduce the volume of code that is accessible to untrusted users by default, and limit the damage if the code is exploited - are explained along with the techniques to apply the rules to your code.

Michael Howard

MSDN Magazine November 2004

Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

Not able to edit user profile in share point


Hi ,

I am new to share point, and not able to edit user profile data in sharepoint2007. I am getting an error "can't edit the property try with user profile services".

I have ran full crawl still getting the same problem. Also let me know how I can fetch data from Active Directory to share point 2007.



stsadm Import command + include user security



When I move sites from test to staging to production, I am using the stsadm –o export command with the –includeusersecurity option in the staging environment.  In production environment, I then use the stsadm –o import command with the –includeusersecurity option.  I was assuming that this option was bringing over the security on the exported site only.  This does not seem to be the case.

Last night I exported one sub site to produtction.  Today, I was notified that the security groups on other sub sites have been altered.  


So why is it when using the –includeusersecurity option effect all sub sites and not just the one sub site being moved from staging to production

SharePoint BDC - User Profile - 1:Many

Hi everyone, sorry for the long post, but I thought it'd be better to give all the information just in case there's a better way to do this. Basically, here's our scenario, we have a requirement to have Customers searchable in the people search (as in which employee sells to which customers).  We have a sql database with 3 tables: - employees(columns: userid, username, displayname); - customers(columns: customerid, customername); and - employeecustomer(columns userid, customerid) - we also have one view UserCustomer(columns: username, customername) So we've tried to create the BDC Applciation Definition on the view.  Here is the Entity Portion of the Application Definition file: <Entity EstimatedInstanceCount="10000" Name="EmployeeCustomer"> <Properties> <Property Name="Title" Type="System.String">username</Property> </Properties> <Identifiers> <Identifier Name="customer_name" TypeName="System.String" /> <Identifier Name="username" TypeName="System.String" /> </Identifiers> <Methods> <Method Name="Get_EmployeeCustomer_List"> <Properties> <Property Name="RdbCommandText" Type="System.String"><![CDATA[SELECT custo

Checking SQL Server User Roles and Creating SQL Server Users using VB.NET

Hello gurus!Firstly I want to apologies if this question is out of place here.. if someone can direct me to the correct forumn great and Thanks!I have a VB.NET application which uses its own Backend Database (MSSQL Server). I need to distribute this application to sites where there will be an existing SQL Server.So I will need to Create the Database on this server. The Application includes methods for building the database on startup if not already connected to one.However the users windows logon may not have the correct permission to connect and create a Database on the Server. I have a DB Setup form in my application which asks for the Servname, Username, Password and Database name. I have catered for Windows Authentication and SQL Server Authentication within the form - the user makes the choice.Assuming they enter a Username and Password for SQL Server Athentication then I will be trying to connect using this user and create the database on the given server. The following is my outline logic:-                                                                  Create db Process                                                                             |                                                                             |                                                               Check Credentials                                                                   / 

limitate user permission to edit other users documents

i have a list where everybody uploads documents, but i want that only the user that uploaded the document can edit it or delete it, is there a simple way without workflows or code? thanks!

Profile User Synchronisation Service

Hi, I have a problem to open Profile User Synchronisation. It doesn' work, I tried to verify this problem by opening services.msc but It show an error when I try to restart the service : Error 1068 The service or the groupe of dependency can't be restarted.   Thanks

User profile in Windows 7

I have Windows Server 2003 and when attaching my Windows 7 Professional machine, it will not create the profile. When logging on it loads a temporary file.  I tried changing to local profile but it will not let select it.  Any suggestions would be greatly appreciated.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend