Sharepoint 2013 Active Directory Import- Manager field not updating

Similar Messages

• Sharepoint 2013 - Active Directory Import User Profile Property manager fields

  Hi there,
  I juste encountered actually a little issue regarding the Active Directory Import User Profil.
  Importation seems to work well but I have a little problem regarding the Manager field.
  When I verify a user profil through the sharepoint admin page ("Manage user profil") , I can see the manager field is correctly populated, but if I want to check my profil as a user (personal information), the manager field is not visible.
  With Sharepoint Admin and Manage Profil Properties, I haven't the possibility to modify some settings for the manager.
  For example, Policy parameters is greyed.
  The only way I found to show this field in a user profil is to give the permission "allow users to Edit values ...".... setting I don't want to set.
  Have you already this sort of issue ?
  Thanks for your help/idea.

  Hi Michael,
  I don't remember well what I did exactly regarding this issue because I played a lot with user profil.
  I know I used this powershell script from Sheyia which in fact help me a lot to clean and create a good profil setting.
  http://blogs.technet.com/b/sheyia/archive/2013/10/09/sharepoint-2013-another-way-to-change-order-for-user-profile-properties-via-powershell.aspx
  For example, this script help me to resolve some double entries.
  Let-me know if it help you (or not of course)

• ADFS- SharePoint 2013 ( Active Directory federation Services)

  Can you please brief me in what scenarios we go for ADFS in SharePoint 2013.
  We have external users for them we create accounts in our AD and then provide access to SP. I am not sure if external users directory is LDAP or Windows AD. Please explain in detail if ADFS can be leveraged in this scenario to provide access to external
  users to our internal domain SharePoint site. Or in other words in which scenario ADFS will come into picture.
  Most of the blogs talks about how to configure ADFS but not explained in what scenario and why it has been implemented.
  Thanks, Ram Ch

  Hi
  You can use AD FS with the Windows Server 2012, Windows Server 2008, or Windows Server 2008 R2 operating systems to build a federated identity management solution that extends distributed identification,
  authentication, and authorization services to web-based applications across organization and platform boundaries. By deploying AD FS, you can extend your organization’s existing identity management capabilities to the Internet.
  AD FS 2.0 enables identity federation, extending the notion of above centralized authentication, authorization, and single sign-on to Web applications and services located virtually anywhere.
  As previously introduced, identity federation relies on standards-based protocols to establish federation trusts between claims providers and relying parties, facilitating secure access to Web
  applications and services across security boundaries.
  For an organization, AD FS 2.0 provides corporate users with a rich federated experience and seamless access to resources located:
  - Inside the corporate intranet;
  - Outside the corporate network in a corporate perimeter network, extranet and/or in the Cloud, for example in the Microsoft Windows Azure platform, the Microsoft’s Platform as a Service (PaaS)
  offering;
  - At the perimeter networks of partner organizations that have made resources available to the considered organization’s users;
  - In the Cloud with Software as a Service (SaaS) vendors that support federated identity
  More Information:
  http://blogs.technet.com/b/abizerh/archive/2013/04/11/more-information-about-sso-experience-when-authenticating-via-adfs.aspx
  Please follow below mentioned article to configure ADFS for your scenario:
  https://samlman.wordpress.com/2015/02/28/configuring-sharepoint-2010-and-adfs-v2-end-to-end/

• SharePoint 2013 Active Directory Groups represented as c:0+.w| SID in UserInformation list instead of c:0+.w|Domain\Groupname

  Hi
  We are running on SharePoint Server 2013.When we add AD groups as permissions, we see that the group name is being displayed properly in the permissions. Whereas when I click on the groupname I see the SID with the Sharepoint specific claims characters,
  instead of domain\groupname. I understand that the claims characters are because of claims mode. But I expected domain\groupname instead of SID. Is this the right behaviour.
  When I call SiteData.GetContent web service, I get the SID of the group name instead of the domain\groupname.
  Can someone please clarify?
  Thanks
  Naga

  Hi,
  Yes, the identity claim for an AD group is based on the SID of the group. The claim encoding for an Active Directory group consists of the following sections:
  c:0+.w|<SID>
  •"c" for a claim other than identity
  •"+" for a group SID
  •"." for a string
  •"w" for a Windows claim
  More information:
  http://www.sharepointfire.com/MyBlog/2013/11/get-ad-group-identity-claim-in-sharepoint-2013/
  Thanks,
  Dennis Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Dennis Guo
  TechNet Community Support

• SharePoint - Automated Active Directory User Management

  We are currently using a custom list to capture data from our HR team related to Employee Changes such as New Hires, Change of Information, and Exits.  The next step after the form is filled out is to make the AD/Exchange change for that request.  I'm
  looking for a way to take the data from that list and automate the Active Directory change.  Curious if anyone else is doing that or if you know of any products that allow that sort of integration.
  I've seen a number of products that manage the AD accounts outside of SharePoint, and I've seen a number of products that will manage accounts in AD using SharePoint as the front end.  I've yet to find anything that automates the process.
  Thanks in advance.
  Environment is SharePoint 2010 Enterprise, Server 2008 R2, and Exchange 2010

  The other option is I do have a .net/C# developer on staff.  I could have her write the code behind the scenes to pull this out of the list and automate if that is the best route.  I'd just rather used an out of the box product if there is one.

• SharePoint 2013 profile service account requirements when using "Use SharePoint Active Directory Import" option

  Hi All,
  I am trying to configure SharePoint Profile service. We would like a straightforward profile import from Active Directory.
  On the "Configure Synchronization Settings" page, we have chosen the option "Use SharePoint Active Directory Import" option.
  We have created a connection to the Active Directory using Configure Synchronization Connections page. We have specified the account that would be used for the import process.
  Question:
  I would like to confirm whether the account configured for the profile import need any special privileges when using "Use SharePoint Active Directory Import" option ?
  Thanks,
  Saurabh

  Grant Replicate Directory Changes permission on a domain
  To do this please follows below procedure
  On the domain controller, click Start, click Administrative Tools, and then click Active Directory Users and Computers.
  In Active Directory Users and Computers, right-click the domain, and then click Delegate Control.
  On the first page of the Delegation of Control Wizard, click Next.
  On the Users or Groups page, click Add.
  Type the name of the synchronization account, and then click OK.
  Click Next.
  On the Tasks to Delegate page, select Create a custom task to delegate, and then click Next.
  On the Active Directory Object Type page, select This folder, existing objects in this folder, and creation of new objects in this folder, and then clickNext.
  On the Permissions page, in the Permissions box, select Replicating Directory Changes (select Replicate Directory Changes on
  Windows Server 2003), and then click Next.
  Click Finish.
  Thanks & Regards
  ShivaPrasad Pola
  SharePoint Developer 

• Hide/remove "memberof" data in hover preview sharepoint 2013 simple directory

  I have a simple people directory set up all is working fine as described here: http://www.sharepointconfig.com/2013/05/how-to-create-a-simple-sharepoint-2013-people-directory/
  i would like to remove the hover window to the right or the Member Of info: 
  the data seems to pull from the "MemberOf" attribute" located in Manage User Properties as well as in Manage Policies. The policy setting for this field is grayed out and disabled. It is the only attribute set to disabled by default and cannot
  figure out how to change this.

  Hi ian,
  Could you provide more information about how to set up a simple directory?
  Where is "memberof" data?
  Whether you set up a simple people directory, and search people in SharePoint serach center, then you want to customize the hover panel of a poeple.
  Please provide a screenshot about this issue, it will make others easy to find a solution for your issue.
  There are some articles about how to customize hover panel in search center, please check if they are useful for you:
  http://blogs.technet.com/b/tothesharepoint/archive/2013/09/17/how-to-display-values-from-custom-managed-properties-in-the-hover-panel-in-sharepoint-server-2013.aspx
  http://www.sharepointnutsandbolts.com/2014/01/extending-SP2013-Office-365-search-hover-panel.html
  http://sharepoint.stackexchange.com/questions/95243/modify-the-hover-panel-on-the-search-page
  Best Regards,
  Wendy
  Wendy Li
  TechNet Community Support

• Laptop (Running Windows 8.1) no longer able to print and now see message Active Directory Domain Services is not available

  Have a very recent Lenovo Ideapad Laptop running Windows 8.1. Connected via USB port to HP LaserJet Pro CM1415 frw Color MFP Printer. Was able to print fine nearly 2 weeks ago, but something recently happened - either a new windows or office 2013 update
  or perhaps I blew away a certain file by mistake. I can see the printer installed but cannot print to it from anything (Word, Notepad, IE, Firefox etc.). The one thing to note is that usually when I plug or unplug a USB related device, Windows 8.1 recognizes
  this and makes a certain chime noise, but with the printer USB cable it never makes that noise - making me think that it never fully recognizes the printer. Also when I select the printer (from within the control panel) and right click for properties (via
  admin rights) It never lets me fully connect to it.
  I have tried all the usual remedies - remove, install all drivers, reinstall printer, Windows update, start/stop print spooler and all other printer related services,  etc. Its really annoying because this printer was working fine nearly 2
  weeks ago. Looking for any advice now. Thanks.
  -Chris

  Hi Chris,
  à
  I have tried all the usual remedies - remove, install all drivers, reinstall printer, Windows update, start/stop print spooler and all other printer related services, etc.
  I noticed that you had reinstalled the printer. Just a confirmation, when un-install this printer, please check
  if this printer still exist in registry. For more details, please refer to following KB.
  Registry entries for printing
  If printer entry still exist in registry, please delete that printer entry and re-install this printer again,
  then check if this issue still exists. (Please backup registry entries before operating registry. It will help us to avoid unexpected issue.)
  àand now see
  message Active Directory Domain Services is not available
  By the way, would you please let me know where/when get this
  Active Directory Domain Services is not available error message? Or provide a screenshot of it?
  (Please hide all protected or private information) Please check if all services are running correctly on the computer. Meanwhile, please refer to following article and check if can help you.
  Printer
  Problem: Active Directory Domain Services is currently unavailable – Why does windows say no printers are installed?
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
  does not guarantee the accuracy of this information.
  If any update, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Server 2012 CDP PKI Setup on Subordinate CA - Active Directory Certificate Services could not create an encryption certificate

  Hi,
  When I check pkiview.msc on my 2012 Subordinate CA I get the error shown in the first picture below. I'm also getting errors similar to below in the event log:
  "Active Directory Certificate Services could not create an encryption certificate.  Requested by contoso\admin1.  The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE)."
  I'm assisting in setting up a 2 tier PKI infrastructure using Windows 2012. The root CA looks good, but we're getting errors on the subordinate. The server was working, but we discovered that the server would only issue certificates with a maximum of a 1
  year expiry date - obviously no good, so we decided to run through the following commands on the root CA (as recommended byhttp://www.techieshelp.com/subordinate-ca-increase-certificate-validity/)
  certutil -setreg ca\ValidityPeriodunits "Years"
  certutil -setreg ca\ValidityPeriod "5"
  restarted AD certificate services on the root and subordinate CA.Then did the following on the subordinate CA:
  1.On the Subordinate CA create a new CA request by right clicking the server in ADCS and select New Request.
  2.Supplied the original request file from the subordinate CA (I couldn't find a way of generating a new request file)
  3.Issued the certificate using the Root CA.
  4.On the Subordinate CA ADCS installed new CA cert.
  However, I keep on getting CDP or AIA errors on my subordinate CA.Also I'm missing a CDP field value when I look at the certificate listed in the personal and trusted certification authority store on my subordinate CA.
  In addition, when I look at my CDP locations in Certificate Authority, I see a lot of CDPs, but I'm not sure if I need them all - I suspect I could just get away with LDAP, the C:\windows path and a single http:// path.
  I've tried renewing the existing certificate and CRL on my subordinate CA, but that didn't work either.
  Please advise.
  Thanks

  Ok, the process to renew the subordinate CA is incorrect. Once the registry setting to change the validity period was made on the root CA, the root CA ADCS service needs to be restarted. That is the only time those keys are read. Then:
  1) On the subordinate CA, open the CA tool, right click the CA and select Renew CA Certificate. You can use the same key, no need to create a new one. It will create a NEW certificate request file
  2) Copy that to the Root CA and submit like you would have done during the initial install
  3) Approve the request and export the issued certificate
  4) On the subordinate CA, in the CA tool, right click the CA and choose Install CA Certificate.
  You can not reuse request files.
  Mark B. Cooper, President and Founder of PKI Solutions Inc., former Microsoft Senior Engineer and subject matter expert for Microsoft Active Directory Certificate Services (ADCS). Known as “The PKI Guy” at Microsoft for 10 years.

• Sharepoint 2013 list view quick edit does not work with out remote API permissions

  sharepoint 2013 list view quick edit does not work with out remote API permissions.
  When I give Use Remote Interfaces  -  Use SOAP, Web DAV, the Client Object Model or SharePoint Designer interfaces to access the Web site it works which is not an ideal situation..
  MCTS Sharepoint 2010, MCAD dotnet, MCPDEA, SharePoint Lead

  This is true. If you use Fiddler to watch the requests from the list view quick edit you can see CSOM calls. For example when changing a value in a cell, when you tab out you will see the SetFieldValue and Update method calls on the list item.
  Blog | SharePoint Field Notes Dev Tools |
  SPFastDeploy | SPRemoteAPIExplorer

• Certificate issues Active Directory Certificate Services could not process request 3699 due to an error: The revocation function was unable to check revocation because the revocation server was offline. 0x80092013

  Hi,
  We have some problems with our Root CA. I can se a lot of failed requests. with the event id 22: in the logs. The description is: Active Directory Certificate Services could not process request 3686 due to an error: The revocation function was unable to
  check revocation because the revocation server was offline. 0x80092013 (-2146885613).  The request was for CN=xxxxx.ourdomain.com.  Additional information: Error Verifying Request Signature or Signing Certificate
  A couple of months ago we decomissioned one of our old 2003 DCs and it looks like this server might have had something to do with the CA structure but I am not sure whether this was in use or not since I could find the role but I wasn't able to see any existing
  configuration.
  Let's say that this server was previously responsible for the certificates and was the server that should have revoked the old certs, what can I do know to try and correct the problem?
  Thank you for your help
  //Cris

  hello,
  let me recap first:
  you see these errors on a ROOT CA. so it seems like the ROOT CA is also operating as an ISSUING CA. Some clients try to issue a new certificate from the ROOT CA and this fails with your error mentioned.
  do you say that you had a PREVIOUS CA which you decomissioned, and you now have a brand NEW CA, that was built as a clean install? When you decommissioned the PREVIOUS CA, that was your design decision to don't bother with the current certificates that it
  issued and which are still valid, right?
  The error says, that the REQUEST signature cannot be validated. REQUESTs are signed either by itself (self-signed) or if they are renewal requests, they would be signed with the previous certificate which the client tries to renew. The self-signed REQUESTs
  do not contain CRL paths at all.
  So this implies to me as these requests that are failing are renewal requests. Renewal requests would contain CRL paths of the previous certificates that are nearing their expiration.
  As there are many such REQUEST and failures, it probably means that the clients use AUTOENROLLMENT, which tries to renew their current, but shortly expiring, certificates during (by default) their last 6 weeks of lifetime.
  As you decommissioned your PREVIOUS CA, it does not issue CRL anymore and the current certificates cannot be checked for validity.
  Thus, if the renewal tries to renew them by using the NEW CA, your NEW CA cannot validate CRL of the PREVIOUS CA and will not issue new certificates.
  But it would not issue new certificates anyway even if it was able to verify the PREVIOUS CA's CRL, as it seems your NEW CA is completely brand new, without being restored from the PREVIOUS CA's database. Right?
  So simply don't bother :-) As long as it was your design to decommission the PREVIOUS CA without bothering with its already issued certificates.
  The current certificates which autoenrollment tries to renew cannot be checked for validity. They will also slowly expire over the next 6 weeks or so. After that, autoenrollment will ask your NEW CA to issue a brand new certificate without trying to renew.
  Just a clean self-signed REQUEST.
  That will succeed.
  You can also verify this by trying to issue a certificate on an affected machine manually from Certificates MMC.
  ondrej.

• Activity stream in CC desktop manager is not updated

  Hello, the activity stream on the Home panel of the Adobe CC desktop manager is not updated. I'm logged, I sync, I reinstalled the Adobe CC manager. I use the same Adobe CC account on another MacBookPro OS X 10.10 and the activity stream in the Home panel is fine.
  MacBookAir OSX 10.10.1, Adobe CC (2014), no firewall

  I'm having the opposite problem.  All those listed in the screen shot as "Install" have been installed.
  Deleting OPM.db and downloading and installing CreativeCloudInstaller.dmg did not fix the issue.
  Do I really need to delete all of my installed apps and starting from scratch?
  david
  Apps are listed as "Install" when they've already been installed

• Vendor field not updated in CRM pricing condition table

  Hi,
  We have maintained condition table with Material and Vendor fields in ECC and table is active
  After replicating this table from ECC to CRM, vendor field not updated in table and it is inactive.
  There is any mapping settings required to update vendor field in CRM table from ECC.
  Please help me out to solve this issue
  Regards
  kishore kumar

  hi,  the data field of vendor is a standard one or custimizing one?
  I remeber there is a data mapping setting in CRM, for condition field.   If you want to mapping a ERP standard field to a CRM custmizing one, you need to setting your rule in it.  Maybe you can find it in SM30 view.
  I can't login a CRM system now, so sorry for not offer your the view name.

• Application Manager is not updating

  Application manager is not updating and i keep getting an A12E5 error. I have also tried to install Creative Cloud app and i get error A12E6. I have a CC account and would like to start using the new software but i cannot install any of the managers to be able to access this. I am on OS 10.7.5. I have checked all my ethernet and internet connections with my IT and i am connected. Please can someone help with this as i am now quite frustrated with trying to figure out what the issue is and none of the forum threads appear to be woriking for me. 

  I have tried that solution and it doesn't work for me. Creative cloud desktop app is not installed on my machine as i cannot get the Adobe Application Manager to work which comes up with error A12E5.
  Uninstall the Creative Cloud Desktop application.
  Mac OS
  Using Finder, navigate to /Applications/Utilities/Adobe Installers/ and double-click Adobe Creative Cloud.
  Follow the onscreen instructions.
  i cannot do this as it is not on my machine. Issue appears to be Adobe Application Manager where it keeps telling me that it can't update and this is holding up the Creative cloud installation as well as all my CC updates.

• Fabric Manager SA not updating 3.3(1c)

  Fabric Manager SA not updating 3.3(1c). When I make zone changes or when a port goes down it won't update even after doing a rediscover or resync. Is this a bug in FM 3.3(1c)?

  When FM was installed, was the option to continuously monitor the fabric after is was discovered? Not sure if this is your issue.
  If you exit and then log back into FM after the change occurs, and is not observed, does the change show up? If the change is still not seen then I would suspect a bug and ask you to open a case with your MDS service provider. If the change is seen upon the new log in, then I would look into the option to 'monitor continuously'.
  Hope this helps,
  Mike