.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Active Directory - User Deletion - Sync with MOSS 2007

Posted By:      Posted Date: September 30, 2010    Points: 0   Category :SharePoint

Greetings -

I need to know if there is a sync tool that can scan all sites in a site directory and remove users that have been deleted or marked inactive within Active Directory?  I work in a company which has freaquent turn over in some positions due to internships and the like and I want to ensure that we have clean site permissions. 

Thank you for any suggested sites or addins. 


View Complete Post

More Related Resource Links

Moving to Active Directory to 2008 R2 - any issues with MOSS 2007?


Moving to Active Directory to 2008 R2 - any issues with MOSS 2007?

Anybody else running that combination? Any considerations.

Error on Display user's fullname using Active Directory in asp.net using vb.net



wi As System.Security.Principal.WindowsIdentity =  _System.Security.Principal.WindowsIdentity.GetCurrent()



Dim a As String() = HttpContext.Current.User.

Active Directory user impersonation with forms authentication

I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:<identity impersonate="true" /> but that doesn't seem to work. I also have the C# code using the WindowsImpersonationContext class, but still no luck. protected void titleTextBox_TextChanged(object sender, EventArgs e) { TextBox tb = (TextBox)sender; string fieldTitle = "job title"; string fieldName = "title"; if (userDirectoryEntry == null) CaptureUserIdentity(); try { WindowsImpersonationContext impersonationContext = userWindowsIdentity.Impersonate(); if (String.IsNullOrEmpty(tb.Text)) userDirectoryEntry.Properties[fieldName].Clear();

Import user profile from another domain active directory

Hi, I have SharePoint 2010 running on DomainB andwe have corporate users on DomainA. i need to import users from both domainA and DomainB. I am able to import users from domainB and not able to import users from DomainA. I made a successful connection to both Domain A Ad and DomainB AD in SharePoint 2010 user profile synchronize connections. I am able to sync users only from DomainB (SharePoint 2010 running on domainB) and not able to synchronize profiles from DomainA (outside domain). Is there any additional configuration I need to do. Please help me on this issue. Thanks, Ratna

Is there anyway to Sync SharePoint 2010 table to MOSS 2007 table?

Hello, I would like to know what can i use to sync a sharepoint 2010 table to a sharepoint 2007 table? Also could this be done by pulling the webservice for sharepoint 2007 site?

MOSS 2007 - SharePoint Designer Workflow failing when using group vs individual user

I am creating a simple workflow in SharePoint designer that will email a selected user when a list is modified.  I am applying the condition "if modified by" in Designer.  This condition works fine and the email is sent when I select a specific user myDomain\username.  It does not work when I attempt to associate a SharePoint group with the "if modified by" filter. In my example the list has only one SharePoint group associated with it, this is the only group with permissions for the list.  The group contains multiple users. The workflow is successful with the following scenario: if modified by myDomain\user1 or if modified by myDomain\user2 The workflow fails with the follwoing scenario: if modified by mySharePointGroupName  (which includes myDomain\user1 and myDomain\user2) This would be an ungodly if statement with a large membership SharePoint group.  This would also be a nightmare as people leave the organization and their account credentials are left in the large if statement in the workflow.  Looking for the modified condition when associated with a group seems like the logical way of doing this. I also tried "myDomain\domain users" which accounts for all user in my domain, this failed as well. Any advice would be greatly appreciated.

Unable to see Active Directory Groups in the User Profile Database after Profile Import

SharePoint Server 2010 Enterprise RTM. W2K8R2 w/multi-server setup: AD/DNS SQL 2008 WFE APP Claims Mode Web App only using Windows Integrated Auth So, this was never a problem in 2007, and I didn't even realize it was a problem in 2010 until I started to build a solution that utilized my blog article: InfoPath - User Roles in Browser-Enabled Forms Using AD Groups.  I went to utilize the same web method of the same web service, but I noticed that no data was showing up at all.  Typically, the GetUserMembership/GetCommonMembership methods return the specified user's memberships: AD Security Groups, AD Distribution Lists, and SharePoint Sites (not SharePoint Groups, though). My user profile sync is working.  All AD users are pulled in with the proper profile data. "Users and Groups" is selected in the Synchronization Entities section of my Sync Settings. Security groups are working for permissions and audience targeting.  Confirmed my users are affected properly by the use of Security Groups. My query to the GetUserMemberships web method (and GetCommonMemberships) is running (not failing), but it's not returning anything even though my user is in some Security Groups and has explicit membership to multiple sites. The GetUserProfileByName method of the same UserProfileService.asmx web service returns all the regular profile data

Is there a way to undo/remove/delete an active directory user profile syncronization? [SP 2010]


I successfully managed to synchronize the active directory with Sharepoint 2010.  Unfortunately, the farm I was on has different FQDN /Netbios domain names.  So all ~1000 user profiles are now imported with the wrong domain, and the subsequent errors one would expect.


Is there a way to get back to a blank slate?  technet has an article on "resetting" profile synchronization (http://technet.microsoft.com/en-us/library/ff681014.aspx), but that requires being able to verify the GUID of the user profile synchronization database, which I am also unaware of how to do.


Please help, and thank you in advance.

Active Directory User validation field in ASP.NET


I like to add a field that add active directory user in ASP.NET Web Application .




Thanks in Advance



MOSS 2007 to SharePoint 2010 Upgrade Fails - Exception: The user or group 'wsaarole:wsaa administra


Ok the top part of the error I have tracked down to some entries in the SharePoint_Config database (Classes, Objects, TimerRunningJobs) and since I have a VM I am going to study them and try deleting them probably, if it dies I will delete this VM and roll up another VM in my case its a timer job that I am guessing the farm can live without.

The other error further down is more of a concern to me which is the one I listed above. The Group exists and it is in the farm and appears to be healthy no errors in preugrade check or the like or in the Farm. When upgrading the show stopper for me is that the content databases will not upgrade (assuming they upgrade FBA I can configure) the chicken and egg issue for me is this is an FBA farm, so is it the case that b/c FBA is missing not configured yet on the other side of the upgrade in 2010 that these content dbs connected to FBA (by FBA users in the content dbs) will upgrade affter FBA is configured ( I haven't tried this yet sorting my error log one error at a time). The Particular content dbs with an issue are shared services and the main site collection db which includes my sites site collections also.

[psconfigui] [SPConfigurationDatabaseSequence2] [INFO] [9/30/2010 3:44:42 PM]: SPConfigurationDatabase Name=SharePoint_Config
[psconfigui] [SPConfigurationDatabaseSequence2] [WARNING] [9/

Accessing Active Directory's User Profile Information in InfoPath Form



I want the User Profile information in InfoPath Form from active directory and I want complete information of currently logged in user which include:

User Name, First Name, Last Name, Email Address, Designation, Company, Manager Name and everything which is in the profile of user in Active Directory. Please help me in getting this.


M Kamran Rafi

Can I pass a user's active directory group as a parameter to reporting services?


Hi there,

I am wondering if I can pass a user's active directory group as a parameter to reporting services? If so, how can I do that (e.g. where can I get that group from?)?

Is there something as User.UserID for active directory groups?

Many Thanks and best wishes



Copy and Maintain Active Directory User details into mysql table using C#


For a given Domain name how can I retrieve the AD User details including a Unique identifier so that any changes to the user details including the username can be updated using the unique Identifier.

I can use System.DirectoryServices.DirectoryEntry to get the user details but not able to figure out how to work with the Unique Identifier to maintain the user details consistently.

Please provide me with some sample.

Thank you

Moving User In Active Directory - ASP.NET VB



Can anyone help with an error I am recievibg when trying to move a user in Active Directory, The error is -2147016672 - An Operations error occured

    Sub UpdateUser(ByVal vUsername, ByRef vFirst, ByRef vSurname, ByRef vJobTitle, ByRef vDepartment, ByRef vLocation, ByRef vPhone, ByRef vCompanyName, ByRef vDirectorate)

        Dim vCapitaAD As New DirectoryServices.DirectoryEntry("LDAP://Domain.com/DC=Domain,DC=COM", vADUserName, vADPassword, AuthenticationTypes.Secure)
        Dim mySearcher As New DirectorySearcher(vCapitaAD)

        mySearcher = New DirectorySearcher(vCapitaAD)
        mySearcher.SearchScope = SearchScope.Subtree
        mySearcher.Filter = ("(samaccountname=" & vUsername & ")")

        Dim result As DirectoryServices.SearchResult = mySearcher.FindOne
        Dim vUsrObj = result.GetDirectoryEntry

            vUsrObj.InvokeSet("givenname", New Object() {vFirst})
        Catch ex As Exception
        End Try

            vUsrObj.InvokeSet("sn", New Object() {vSurname})
        Catch ex A

Changes in Active Directory not reflected in SharePoint user info



I have a client who uses WSS 3.0 w/ SP1, and does not want to move to MOSS 2007.  The client will be migrating to Exchange 2007 soon, and part of this migration will include populating attributes for the user objects in Active Directory so that the phone numbers, addresses, departments, etc are all stored in AD.  The problem is that the mojority of the user base has already used SharePoint, and when each user first used SharePoint, their info was imported from AD.  Is there a way to force an import so that all the user info in SharePoint will be updated based on what is in Active Directory?  Is it possible to do it in the reverse direction so that users can update their info in SharePoint, and have it write back to their AD user object?


-Derek Brown

Sr System Engineer



Error upgrading MOSS 2007 SSP database/user profiles to 2010


I am trying to use the new-spprofileserviceapplication powershell script to do a db attach/upgrade of my 2007 SSP to upgrade the user profiles.

New-SPProfileServiceApplication -applicationpool User_profile_service_app_pool -Name "User Profile Application" -Profiledbname prodsspconfig2 -Profiledbserver dbname\int

It gets a certain way and then errors out with the following error:

[powershell] [ProfileDatabaseSequence] [ERROR] [10/22/2010 12:13:56 PM]: Action of Microsoft.Office.Server.Upgrade.ProfileDatabaseSequence failed.
[powershell] [ProfileDatabaseSequence] [INFO] [10/22/2010 12:13:56 PM]: ProfileDatabase Name=prodsspconfig2
[powershell] [ProfileDatabaseSequence] [ERROR] [10/22/2010 12:13:56 PM]: Exception: The INSERT statement conflicted with the FOREIGN KEY constraint "FK_ProfileTypePropertyAttributes_PropertyList". The conflict occurred in database "ProdSSPConfig2", table "dbo.PropertyList".
The statement has been terminated.
[powershell] [ProfileDatabaseSequence] [INFO] [10/22/2010 12:13:56 PM]: ProfileDatabase Name=prodsspconfig2
[powershell] [ProfileDatabaseSequence] [ERROR] [10/22/2010 12:13:56 PM]:    at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
   at System.Data.SqlClient.TdsParser.ThrowE

automatically determine active directory user name

hey there

my situation is the following:
i need some kind of automatic user authentication for some intranet page of a company.
whenever anybody of the company is surfing on this webpage, i need to determine the active directory user name and the name of the active directory user group that user belongs to.

maybe somebody knows a solution ;)

thanks in advance,
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend