Project Server 2010 Active Directory Synchronization - duplicate Windows Name - Event ID 7734

Similar Messages

• Project Server 2010 - Active Directory Enterprise Resource Pool Synchronization limitations

  Greetings again.
  I have a quick question about the limitations of Active Directory Enterprise Resource Pool Synchronization.  Specifically, what has your experience
  been with extremely large numbers of users (10k plus).  Is anyone aware of a
  practical limit of users in your AD group you would recommend when using the
  Schedule Synchronization feature on a nightly or weekly basis?
  There is a caveat to this question however.  The client has decided (perhaps for some misinformed reasons) to allow access for every user, to every
  project site, within their PWA environment.  They’ve selected the View Project Site option within the
  Categories for the Team Members PWA Group for which 90% of their intended users reside.  So when we ran a couple test syncs in DEV with a smaller AD group of about 8,000 users, the sync understandably
  lasted upwards of 18 hours.  Obviously unacceptable for a PROD environment on a nightly basis and not necessarily ideal for a weekly sync either.
  Experience in addition to documents like these, “Best
  practices for managing a large number of resources in Project Server 2010” tell me that we are way over the practical limit of a scheduled resource pool synchronization...IF
  the client really desires that all users access all their sites.  But before I submit my recommendations, I wanted to check with the community just in case others may have found a way to synchronize large numbers of users (10k plus) on a nightly or weekly
  basis, within a reasonable time frame AND allowed all users to access all sites within PWA.
  What do you think?
  As always, thanks for your help.
  Chris Addis - MCTS

  Hello Hrishi.
  My delayed response has been due to a large amount of testing we have been performing on this particular topic.  Here is an update, please feel free to provide feedback.
  We went back to testing and spent more time reviewing the documents: 
  Best practices for managing a large number of resources in Project Server 2010 and
  SharePoint Server 2010 capacity management: Software boundaries and limits.  Our team interpreted those documents as saying, 1,000 security
  scopes per site is a recommended limit.  It does not say it’s a hard limit, just a recommended limit.  “When the recommended unique security scope boundaries are exceeded, performance issue can occur.”
  So we decided to perform some tests (31 in total) to try and get a gage of what we are seeing.
  We needed to establish a baseline first.  So we performed a series of 23 Active Directory Resource Pool Synchronizations with various settings in a clean, Out of the Box, environment in order to see some consistent numbers.  Here is it’s summary:
  Our AD group of 8,000 users took about 32 minutes, on average, every time to sync.  The difference between the first sync and last sync differed only by 1-3 minutes.
  Adding 40 project sites increased the average sync time from 32 to 120 minutes.
  Adding 100 users to each of those 40 project sites, did not increase the sync times.
  One setting (identified at this time) reduced the synchronization time.  It was the
  Project Site Permissions check box found within the Project Web App > Server Settings > Project Site Provisioning Settings area.  By deselecting this check box we reduced or synchronization time back to the 32 minute
  average.
  The View Project Site check box within the Project Web App > Server Settings > Manage Groups > Team Members group had no apparent effect on the sync times besides what we had gleaned from the Microsoft documentation.
  Naturally, this left us with a problem.  As I’m sure you know, by deselecting the check box (Project Site Permissions), our project sites are now (figuratively speaking) orphans with no connection to the parent site.  This generates
  a new set of issues.  For example:
  Newly created project sites cannot be accessed by the owner and team members.  They will require someone like the farm admin to come in behind them and add the intended users to the project site along with their required permissions.
  All current and futures sites will no longer have users added via the standard method of building a team and publishing the project, but will have to be added manually.
  You can use the Synchronize option found within Project Web App > Server Settings > Project Sites page, but that kinda defeats the purpose.  It would require constant updating on a per site basis to keep up with
  PM changes.  Not very sensible, but it does work.
  With this baseline information, we moved our tests into our DEV environment which somewhat mimics our PROD environment.  This environment has 352 project sites and we performed 8 tests.  This is where we had some large sync time numbers. 
  Here is the DEV test summary:
  With the Project Site Permissions check box cleared, our AD group of 8,000 users took on average 30 minutes to sync.  This was in line with our baseline times.  With the exception of one test sync that took 99 minutes to complete. 
  That anomaly is acquiescent with what I’ve seen over the years.  Sometimes syncs do some unusual things.
  With the Project Site Permissions check box selected, our AD group of 8,000 users took on average 690 minutes (11.5 hours) to sync.  Unacceptable of course.
  So here’s what we’ve learned when dealing with extremely large numbers of active directory users in your Resource Pool sync:
  We did not see a decrease in subsequent sync times after the initial Active Directory Resource Pool Synchronization as some might expect.
  Our attempt to decrease sync time via the option of removing the View Project Sites was not successful.  (Unless we interpreted Microsoft's document incorrectly.)
  However, our interpretation of the recommended software boundaries and limits of SharePoint Server 2010 as it pertains to security scopes per site at 1,000, appears to be correct.
  Using the option of clearing the Project Site Permissions does produce a reduction in AD sync time, but at a cost segregating your project sites and thus the creation of new processes of maintaining them.
  I’ll remind others that these results are particular to our environments, there may still be exceptions yet to discover.  Others may see numbers contrary to ours.
  The biggest surprise to some members on our team (myself excluded) was that we did not see a reduced sync time after any of our initial syncs.  Some are under the impression that after your initial sync, you should see reduced sync times.  I haven’t
  found that to be the absolute case in all situations, just in some situations.  The reason for this still eludes me.  Any thoughts would be appreciated.
  I’ll let this sit a bit longer, but if no one disagrees with the results, I think we have our answer:
  The number of project sites directly affects your Active Directory Resource Pool Synchronizations if you are using the
  Project Site Permissions option.  If you plan on synchronizing over 1,000 users
  and you have a large number of project sites, proceed with the knowledge that you may have performance issues and long sync times.
  As always, I’d love to hear from you or others just in case I’m missing something.
  Chris Addis - MCTS

• Project Server 2010 compatibility with IE11 and Windows 8.1

  Hi All!
  Maybe a silly question since compatibility is always asked about older versions, but here is my question:
  Is Project Server 2010 compatible with IE11 and Windows 8.1?
  I personnaly tested with IE11 and it seems to be ok. All views and pages can be opened with IE11.
  But what about windows 8.1? 
  Has Microsoft done any communication about this?
  Thanks in advance for your helps.
  Guillaume.
  Guillaume Rouyre - MBA, MCP, MCTS

  I am seeing a minor issue with the timesheet grid after users are upgraded from IE8 to IE11.
  We are using Project Server 2010 with SP1 and Oct 2013 CU.
  When some users (using IE11) switches between filters or views in the Timesheet page, the grid shrinks making to content un readable.  The only way to get it back is to refresh the page. After a refresh, the grid returns to normal size, but the pane
  divider is too far to the left and always must be dragged to the right in order to see the task names in the left grid. 

• Download issue when Windows 7 Pro joins a Windows Server 2008 Active Directory

  Hi,
  I purchased 2 new Dell OptiPlex 3010 desktop computers that came with Windows 7 Professional operating system with SP1. 
  There were no Microsoft updates installed yet.  After I added one of these Dell computers to the Windows Server 2008 Active Directory, I was not able to download several items. 
  Below are several examples:
  1) I downloaded the Norton anti-virus installation file.  This file is not the full installation of Norton; it is more of a file where you execute it and it will download the full installation from the Internet like from their Norton web
  site.  So when I executed this installation file, it does not download the full installation files. 
  It just hung at the screen saying “Downloading” and it will finally stop with an error (don’t remember the error message).
  Note: If I have the full Norton installation file then I am able to install it on this computer with no problems.
  2) I downloaded the Adobe Reader installation file.  This file is not the full installation of Adobe Reader; it is more of a file where you execute it and it will download the full installation from the Internet like from their Adobe web
  site.  So when I executed this installation file, it hung at the downloading part and then it will error out with a “Actionlist Not Found” message.
  Note: If I have the full Adobe Reader installation file then I am able to install it on this computer with no problems.
  3) I installed Microsoft Office 2010 Standard version on this computer. 
  I configured Microsoft Outlook to retrieve emails from my email provider (pop and smtp settings). 
  After configuring Microsoft Outlook, I was able to send emails through Microsoft Outlook successfully (and very quickly), but he was unable to retrieve my emails. The progress bar for the Receiving in the "Outlook Send/Receive Progress" box
  shows no progress. The Progress bar is not moving. There is a message at the bottom of Microsoft Outlook stating "Receiving message 1 of 6 (x.xx KB of x.xx MB)" and it is very slow. My new emails were not being retrieved at all. 
  I tried various pop and smtp servers that was available for my email provider, but all had the same effect.
  4) I can access certain web sites (e.g.
  www.yahoo.com, www.cnn.com) while I cannot access other web sites like
  www.usatoday.com, my web hosting email site.
  Note: I had a Dell computer with Windows XP Professional operating system and this computer does not have any of the above issues.
  The above are only a few examples that I have experienced. 
  If I removed this Dell OptiPlex 3010 computer from the Windows Server 2008 Active Directory then I still experience the same issue.
  So as another test, I setup the other new Dell OptiPlex 3010 with the same Windows 7 Professional OS with SP1. 
  This time, I did not join the Windows Server 2008 Active Directory and I was able to successfully download the full Norton installation files, download the full Adobe Reader installation files, download my emails from Microsoft Outlook 2010, etc. 
  But once I joined this computer to the Windows Server 2008 Active Directory then I am not able to download these files and emails at all.
  It seems like there might be some group policy or a security setting that is preventing these downloads so I disabled the group policy on the Windows Server 2008 AD and Windows 7 Profession OS, but it didn’t resolve the issue.
   I disabled all of the firewall programs on this Windows 7 Professional OS, but it still did not resolve the issue.
  Since the Windows Server 2008 AD did not have DHCP installed, I installed DHCP and setup a scope. 
  Then configured the Windows 7 Professional OS to obtain an IP address, but it didn’t resolve the issue.
  If I move this Windows 7 Professional computer to another network where it did not have any Active Directory; it just had a wireless router serving DHCP then everything works on the Windows 7 Pro computer.
  Any ideas what is the root cause when a Windows 7 Professional computer join a Windows Server 2008 AD?
  Thanks,
  wl_tech

  Hi,
  Could you please tell some information for the AD environment and how it connect to the internet?
  Regarding 3rd party installlers didn't work as expected, please also seek help in their offical website.
  For outlook not receiving emails, could you please take a look in
  Event Viewer and see if there are any special errors logged there?
  And when trying to access the website like
  www.usatoday.com, any special errors IE showed out?
  Best regards
  Michael Shao
  TechNet Community Support

• Upgrade from Windows Server 2012 Active Directory to Windows Server 2012 R2 Active Directory

  We are currently running Windows Server 2012 Active Directory and would like to upgrade to Windows Server 2012 R2 AD. Is it OK to just do an in-place upgrade, or is it advisable to build new domain controllers on R2? Are there any guides or articles anyone
  can recommend?

  Hi Ginandtonic,
  To upgrade DC(Domain Controller) from windows server 2012 to windows server 2012 r2, please refer to these articles:
  Upgrade from windows Server 2012 to 2012 R2                                 
  Upgrade Active Directory from 2012 to 2012 R2
  I hope this helps.
  Best Regards,
  Anna

• Require list of all events for Windows Server 2008 Active Directory

  Hi all,
  I require list of all events for Windows Server 2008 Active Directory. Event Log name for Active Directory log is "Directory Service".
  Regards,
  SR

  Hi,
  Thanks for your posting.
  Do you mean you want to list all Active Directory logs into one file named “Directory Services”?
  If that, it’s hard to achieve. There are kinds of Active Directory logs stored in different locations and they have different file formats. It’s hard
  to collect them into one file.
  Active directory records events in the directory services log in Event Viewer. By default, Active Directory records only critical error events. To instruct Active
  Directory to record other events in the directory services log, we need to modify registry.
  For more information please refer to following MS articles:
  Active Directory Diagnostic Logging
  http://technet.microsoft.com/en-us/library/cc961809.aspx
  How to configure Active Directory diagnostic event log
  http://support.microsoft.com/kb/314980
  Lawrence
  TechNet Community Support

• Project Server 2010 Web services access with Client Certificate Authentication

  We switched our SharePoint/Project Server 2010 farm to use client certificate authentication with Active Directory Federation Services (AD FS) 2.0, which is working without issue. We have some administrative Project Server Interface (PSI)
  web service applications that no longer connect to server with the new authentication configuration.  Our custom applications are using the WCF interface to access the public web services.
  Please let us know if it is possible to authenticate with AD FS 2.0 and then call
  Project Server web services. Any help or coding examples would be greatly appreciated.

  what is the error occurred when the custom PSI app connects?
  can you upload the ULS logs here for research?
  What is the user account format you specified in the code for authentication?
  For proper authorization, the “user logon account” in PWA for the user needs to be changed from domain\username to the claims token (e.g.
  'I:0#.w|mybusinessdomain\ewmccarty').
  It requires you to manually call the UpnLogon method of
  “Claims to Windows Token Service”. if (Thread.CurrentPrincipal.Identity is ClaimsIdentity)  
  {  var identity = (ClaimsIdentity)Thread.CurrentPrincipal.Identity;  }  
  if (Thread.CurrentPrincipal.Identity is ClaimsIdentity)
  var identity = (ClaimsIdentity)Thread.CurrentPrincipal.Identity;
  Than you need to extract UPN-Claim from the identity.
  Upload the verbose log if possible.
  Did you see this?
  http://msdn.microsoft.com/en-us/library/ff181538(v=office.14).aspx
  Cheers. Happy troubleshooting !!! Sriram E - MSFT Enterprise Project Management

• Do I *really* need a Service Connection Point in AD to complete a Project Server 2010 SP2 installation?

  Hi all,
  I have installed Project Server 2010 SP2 and run psconfig.exe
  PSCONFIG is failing because it cannot set up a Service Connection Point in AD. I've checked in AD and the contains 'Microsoft SharePoint Products' does not exist. All the resolutions I can find suggest adding the container into AD.
  The issue I have is that I have no control of the AD, and adding containers will take lengthily negotiation.
  Is there any way of completing the installation and getting my site back without adding the container into AD?
  Thanks in advance.

  other solutions
  1) check timer service see if it is running
  http://www.jonthenerd.com/2011/06/30/sharepoint-2010-sp1-upgrade-error-unable-to-create-a-service-connection-point-in-the-current-active-directory-domain/
  2) check UAC (and the rest of the technet answers - some are listed below)
  http://social.technet.microsoft.com/Forums/en-US/94a8bb64-e0ea-493f-8e29-01347b1fc6c7/psconfig-fails-failed-to-upgrade-sharepoint-products
  3) My workaround:I
  run once again the command „PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures“  in
  the “Bin” Folder as an administrator console session.In the moment I saw the staus “Configurationtask 5 of 6 is executed”
  I start to run the command “net start SPTraceV4 & net start SPWriterV4 & net start SPAdminV4 & net start SPSearch4 & net start SPTimerV4” in a parallel administrator console session and after that the configuration task finished successfully.
  http://social.technet.microsoft.com/Forums/en-US/94a8bb64-e0ea-493f-8e29-01347b1fc6c7/psconfig-fails-failed-to-upgrade-sharepoint-products
  4) Try running the psconfig.exe command a second time
  5) had the same issue and called Microsoft support.  Here is the fix:
  Stop the "SharePoint 2010 Timer" service
  Delete ONLY the xml files from C:\ProgramData\Microsoft\SharePoint\Config\216f8013-b78b-4e5b-8631-3a5f4c7277e8
  Note: Do NOT delete the cache.ini file in this folder
  Edit cache.ini and change to "1"
  Start "SharePoint
  2010 Timer" service
  Run psconfig again:  PSConfig.exe -cmd upgrade -inplace b2b -wait -force
  6) Initially I tried http://support.microsoft.com/kb/2009272 but
  it did not help (I re-implemented later).
  I re-registered the DLL’s as perhttp://social.technet.microsoft.com/Forums/da/winservergen/thread/b4bd0deb-45d0-4661-8c50-a2b45db41103 from
  NareshD.  I do not believe this is necessary unless there is a corruption in the system but I am noting here just
  in case.
  I tried to run The PSConfig but it was failing:  I
  had to do the following in order to make it finish successfully:
  (from same page at http://social.technet.microsoft.com/Forums/en-US/smallbusinessserver/thread/94a8bb64-e0ea-493f-8e29-01347b1fc6c7/)
  On the migrated SBS2011 PSCDiagnostic Log I found no entry to detect or start the services SPWriterServiceInstance and SPTimerServiceInstance.
  I run once again the command „PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent
  -install -cmd installfeatures“ in the “Bin” Folder as an administrator console session.
  In
  the moment I saw the status “Configuration task 5 of 6 is executed” I
  start to run the command “net start SPTraceV4 & net start SPWriterV4 & net start SPAdminV4 & net start SPSearch4 & net start SPTimerV4” in a
  parallel administrator console session and after that, the configuration task finished successfully.  (I
  just opened another cmd window and copy/paste the sequence below when I saw the status “Configuration Task x of y” on the screen:
  net start SPTraceV4 
  net start SPWriterV4 
  net start SPAdminV4 
  net start SPSearch4 
  net start SPTimerV4
  -Note SPSearch4 is disabled in our system…
  Very awkward but it worked…
  I implemented http://support.microsoft.com/kb/2009272 again.
  Backup started working with no errors.

• Project Server 2010 , Project Center, Resource Center, My Work not loading

  Hi,
  We have Project Server 2010 SP-2 env
  Yesterday one of my Project Manager told me that he is not able to access any of the following page Project Center, Resource Center, My Work in our Quality env. Issue is it shows page is loading infinitely long and on botton it shows some script error mentioned
  below
  Webpage error details
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
  Timestamp: Tue, 21 Oct 2014 13:55:19 UTC
  Message: 'null' is null or not an object
  Line: 217
  Char: 4
  Code: 0
  URI: http://XXXXXXXXXXX/_layouts/inc/pwa/library/webmethodmanager.debug.js?rev=BtnvMSOtt14tg%2FnfhDTJpA%3D%3D
  Also I have checked event logs in shows WebHost failed error with Event ID 3 , complete detail mentioned below.
  Event Log Error
  WebHost failed to process a request.
   Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/45523402
   Exception: System.ServiceModel.ServiceActivationException: The service '/_vti_bin/PSI/ProjectServer.svc' cannot be activated due to an exception during compilation.  The exception message is: Could not load file or assembly 'FirePoint.SharePoint.RssViewerWebPart,
  Version=1.4.7.12, Culture=neutral, PublicKeyToken=e891f27e2edd24d0' or one of its dependencies. The system cannot find the file specified.. ---> System.IO.FileNotFoundException: Could not load file or assembly 'FirePoint.SharePoint.RssViewerWebPart, Version=1.4.7.12,
  Culture=neutral, PublicKeyToken=e891f27e2edd24d0' or one of its dependencies. The system cannot find the file specified.
  File name: 'FirePoint.SharePoint.RssViewerWebPart, Version=1.4.7.12, Culture=neutral, PublicKeyToken=e891f27e2edd24d0'
     at System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection)
     at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)
     at System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)
     at System.Reflection.Assembly.Load(String assemblyString)
     at System.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses)
     at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath)
     at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
     at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
  WRN: Assembly binding logging is turned OFF.
  To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
  Note: There is some performance penalty associated with assembly bind failure logging.
  To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].
     --- End of inner exception stack trace ---
     at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
     at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
   Process Name: w3wp
   Process ID: 5052
  Also I have checked Brian Smith blog to resolve WebHost error with Event ID 3, but that didn't help.
  So kindly help me to get this issue resolve and do let me know in case need further details.
  Thanks

  Hi,
  From error log it seems you have some custom or thrid party web part activated in your application and that web part is not able to load which might causing those pages to get corrupt.
  As a fix can suggest you below to two thing to check
  1) Remove that "FirePoint.SharePoint.RssViewerWebPart" from your environment and try to access those PWA pages again.
  2) Even after removing above web-part solution does not fix this issue, as it is quality env can you try to disconnect and reconnect the share-point farm . Then try to access those pages again.
  Share us the latest update and your finding on this issue.
  Regards
  Sachin Vashishth MCTS

• Project Server 2010 Task page - An unknown error has occurred

  Hi All,
  I have searched inside the forum for similar problems but i didn't find any solution.
  We have Project Server 2010 with December CU installed and
  we are
  experiencing
  a serious
  problem with two enterprise resources.
  They can login to pwa succesfully but when they enter in the Task page the following error is raised:
  An unknown error has occurred
  There are no errors reported in the event viewer while in the ULS Log I found only this entry but i don't know if it's related with this issue:
  Detected use of SPRequest for previously closed SPWeb object. Please close SPWeb objects when you are done with all objects obtained from them, but not before. Stack trace:
  at Microsoft.SharePoint.SPWeb.get_CurrentUser()
  at Microsoft.Office.Project.PWA.PJContext.get_RegionalSettings()
  at Microsoft.Office.Project.PWA.PJContext.get_LocaleCulture()
  at Microsoft.Office.Project.PWA.WCFContext.AuthenticateUser(Message message, WCFContext& wcfContext, String userName, Boolean isWindowsUser)
  at Microsoft.Office.Project.PWA.WCFContext.GetContext(Message message, String userName, Boolean isWindowsUser, Boolean newCookie, Uri originalTargetUri)
  at Microsoft.Office.Project.Server.ProjectServerRouter.Microsoft.Office.Project.Server.IProjectServerRouter.ProcessMessage(Message message)
  at SyncInvokeProcessMessage(Object , Object[] , Object[] )
  at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
  at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
  at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
  at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(MessageRpc& rpc)
  at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
  at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(RequestContext request, Boolean cleanThread, OperationContext currentOperationContext)
  at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(RequestContext request, OperationContext currentOperationContext)
  at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(IAsyncResult result)
  at System.ServiceModel.Diagnostics.Utility.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result)
  at System.ServiceModel.AsyncResult.Complete(Boolean completedSynchronously)
  at System.ServiceModel.Channels.InputQueue`1.AsyncQueueReader.Set(Item item)
  at System.ServiceModel.Channels.InputQueue`1.EnqueueAndDispatch(Item item, Boolean canDispatchOnThisThread)
  at System.ServiceModel.Channels.InputQueue`1.EnqueueAndDispatch(T item, ItemDequeuedCallback dequeuedCallback, Boolean canDispatchOnThisThread)
  at System.ServiceModel.Channels.InputQueueChannel`1.EnqueueAndDispatch(TDisposable item, ItemDequeuedCallback dequeuedCallback, Boolean canDispatchOnThisThread)
  at System.ServiceModel.Channels.SingletonChannelAcceptor`3.Enqueue(QueueItemType item, ItemDequeuedCallback dequeuedCallback, Boolean canDispatchOnThisThread)
  at System.ServiceModel.Channels.SingletonChannelAcceptor`3.Enqueue(QueueItemType item, ItemDequeuedCallback dequeuedCallback)
  at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, ItemDequeuedCallback callback)
  at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
  at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
  at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
  at System.ServiceModel.PartialTrustHelpers.PartialTrustInvoke(ContextCallback callback, Object state)
  at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequestWithFlow(Object state)
  at System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.WorkItem.Invoke2()
  at System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.WorkItem.Invoke()
  at System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.ProcessCallbacks()
  at System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.CompletionCallback(Object state)
  at System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
  at System.ServiceModel.Diagnostics.Utility.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
  at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
   It's not a task related errors because i have alredy done an analysis of the resorce's assignments.
  I have also verified IIS authentication settings as described in this
  post but all had been alredy correctly configured.
  We have a farm installation with two physical server:
  Application Server with Windows 2008 R2, SharePoint 2010 Enterprise, Project Server 2010
  Database Server with Windows 2008 R2 and SQL Server 2008 SP2
  Any help would be greatly appreciated!
  Thanks in advance.
  Raffaele

  Hi,
  I faced exactly the same problem: some resources try to connect to My Tasks, and get an Unknown error. No error message in ULS or Eventlog.
  I hope I solved the problem, and want to share the experience here.
  First, by reading this article,
  http://www.projectserverexperts.com/ProjectServerFAQKnowledgeBase/Unknown%20Error%20My%20Tasks%20Page.aspx: even if the SQL Query returns me no records, it gives me the idea to delete (unpublish) some tasks (i managed to identify some tasks which raised
  the problem, by assigning a test account on them, and see that the pb happened).
  So I decided to delete my project from the Published Database (and keep it in the Draft of course). Than in Project Pro, I opened and Published: the problem seem to be solved.
  I don't know the root cause of the pb: maybe some SQL data were corrupted for an unknown reason.
  Hope it could help some one ! Don't hesitate to give feedback if you solved this pb with this solution, or workaround.
  Sylvain

• Project Server 2010 / Sharepoint 2010 Permissions not syncing to Project Site

  Project Permissions not syncing to Project Site
  Project Manager Group
  New project is created and published project server sends permissions to Sharepoint which puts users into the following groups:
  <dir><dir></dir></dir><dir><dir>
  Web Administrator (Microsoft Project Server)
  Project Managers (Microsoft Project Server)
  Team members (Microsoft Project Server)
  Readers (Microsoft Project Server)
  At this time the creator/owner, owner’s management, portfolio managers, and executives should all have Project Manager rights on the sharepoint site, and Admins will have Web Admin permissions.
  Issue #1: Only the Web Admin permissions and creator/owner permissions are being added to the Sharepoint permission groups
  Workaround #1: Going into the project site permissions and adding the
  Project Managers (Microsoft Project Server) group manually and the sync will keep the permissions
  Workaround #2: Going into the Server Settings, Manager Groups then removing or add all users to the No Permission Group, which forces an sync to all workspaces. Con: This workaround can only be down at night when users are not active since it will
  block the queue for at least an hour.
  Project Owner Transfer
  Previously created project has owner change, once saved and published project server sends permissions to update user’s permission to
  Project Managers (Microsoft Project Server) on Sharepoint project site.
  Issue #2: When Project owner is changed and project is published the owner is not getting permissions to the Sharepoint project site. However, if owner is also added to the team using the Build Team Feature the sync will give the owner Project
  Manager permissions on the Project Site.
  Workaround #1: Going into Server Settings, Project Sites, select project and Synchronize. Once this is done, the owner will have Project Manager Permissions without being added to the team.
  Users who have been added to this project in Project Server 2010, but not assigned to tasks. Users who have assignments in this project in Project Server 2010 and are contributors to the project workspace site,
  meaning that they can create and edit documents, issues, and risks. Users who have published this project or who have
  Save Project permission in Project Web App and are contributors to the project workspace site, meaning that they can create and edit documents, issues, and risks. Users who have
  Manage SharePoint Foundation permission in Project Web App and are contributors to the project workspace site, meaning that they can create and edit documents, issues, and risks.</dir></dir>

  By default when you create project build team add users in the task and publish the project plan then All the User which are available in the project plan including Project owner will go to below mentioned group in project site:
  1. creator/owner, owner’s management, portfolio managers, and executives should all have Project Manager will get access to Project Managers (Microsoft Project Server)
  2. User who are having team member access to PWA will get Team members (Microsoft Project Server) access if they are assigned to the project task.
  3. User who are having team member access to PWA will get Readers (Microsoft Project Server) access if they are not assigned to the project task.
  4. Only PWA Administrator will get the access to Web Administrator (Microsoft Project Server)
  Sharepoint permission you have to use when you want to give permission manually to users on project site  
  In the Project Site provisioning setting under Server setting if you have Check to automatically synchronize Project Web App users with Project Sites when they are created, when project managers publish projects, and when user permissions change in Project
  Server.
  Then all the user get access as per describe above and if you will give access manually to any of the user either in project server group or in Sharepoint group once you will publish the project next time all the manually given permission will go away.
  IF you want to give permission to user manually to sharepoint group or project server group then uncheck automatically synchronize Project Web App users with Project Sites when they are created, when project managers publish projects, and when user permissions
  change in Project Server.
  You check PWA site setting --> Site permission then member of Sharepoint group user who will have access to sharepoint group in PWA site setting site permission will have access to all the project site sharepoint group as Project site inherit permission
  from PWA root site.
  Both the issue which you have described is behavior of project site.
  For issue 2 when first time project owner create and publish the project and projectsite is getting created then porject owner name gets access  in the porject manager (project server group) nect time if you will change the owner and publish the project
  until he will not present in the project plan will not get the permission.
  If you want to give sharepoint permission to users then uncheck automatically synchronize Project Web App users with Project Sites when they are created, when project managers publish projects, and when user permissions change in Project Server and give
  the permission manually. 
  Project site in 2010 has some issue and not full filling customer need some time ,Ms has came up with 2013 which is having tight integration with project sites .
  Project workspace security groups are equal to the SharePoint Server 2010 security groups.
  Web Administrator equals Full Control
  Project Managers equals Design
  Team members equals Contribute
  Readers equals Read
  Users who have Manage
  SharePoint Foundation permission in Project Web App and are contributors to the project workspace site, meaning that they can
  create and edit documents, issues, and risks will get access to Web Administrator (Microsoft Project Server)
  http://technet.microsoft.com/en-us/library/cc197668(v=office.14).aspx
  kirtesh

• Active Directory synchronization working, authentication not on CUBM BE5000 8.6(1a)

  I successfully set up Active Directory synchronization between my CUCM BE5000 appliance running 8.6(1a) and our Windows 2008 Server Active Directory.  Users are replicating successfully, but authentication is not working even though I am using the same LDAP manager distinguished name and password for both.  I have a suspicion to the cause of this problem but for the record, the following is my relevant configuration:
  System/LDAP/LDAP System:
  LDAP Server Type Microsoft Active Directory iPlanet or Sun ONE LDAP Server OpenLDAP Microsoft Active Directory Application Mode
  LDAP Attribute for User ID userPrincipalName sAMAccountName mail employeeNumber telephoneNumber
  LDAP Server Type: Microsoft Active Directory
  LDAP Attribute for User ID: userPrincipalName
  System/LDAP/LDAP Directory:
  LDAP Configuration Name: bgctnv.local
  LDAP Manager Distinguished Name: CN=cm.sync,OU=BGCTNV Users,DC=bgctnv,DC=local
  LDAP User Search Base: DC=bgctnv,DC=local
  LDAP Server Information: bgctnv.local, port 389 (to query any domain controller in DNS; I have also tried specific IP addresses)
  System/LDAP/LDAP Authentication:
  LDAP Manager Distinguished Name: CN=cm.sync,OU=BGCTNV Users,DC=bgctnv,DC=local
  LDAP User Search Base: LDAP user search base is formed using the User ID information (pre-populated, I cannot change this)
  LDAP Server Information: bgctnv.local, port 3268
  All of my Active Directory users are now populated and active under End Users.  However, I am not able to log into /ccmuser among other things using my valid domain credentials.  I am a super user as well as a standard end user.
  Curiously, invalid usernames (userPrincipalName in my case) return the error "Log on failed - Invalid User ID or Password" while a valid username, with or without the correct password, returns only "Log on failed."  That seems to imply that some part of the authentication or LDAP bind is taking place.
  Here's the catch.  The base domain here is bgctnv.local while we use bgctnv.org as a valid and acceptable alternative UPN suffix in Active Directory.  Every Microsoft and every third-party program I have used will accept [email protected], but I'm beginning to think that CM will not, or is having some sort of translation issue.  I read that alternative suffixes can cause problems in Active Directory forests with multiple trees, but this is a vanilla, single domain environment.
  I don't even know where to look to debug this issue.  Has anyone seen this before or can anyone tell me where to look for logs?
  Thanks,
  John

  I found the following:
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/directry.html
  As mentioned in the section on LDAP Synchronization, in order to support synchronization with an AD forest that has multiple trees, the UserPrincipalName (UPN) attribute must be used as the user ID within Unified CM. When the user ID is the UPN, the LDAP authentication configuration page within Unified CM Administration does not allow you to enter the LDAP Search Base field, but instead it displays the note, "LDAP user search base is formed using userid information."
  This may help in some situations where there are multiple trees in an AD forest, but it is definitely not the solution.  Even with multiple trees, it is common to use alternative UPN suffixes.  Nothing in AD requires or even recommends that you exclusively use your AD domain root as the UPN suffix.
  For example, company.local may use company.com as an alternative but primary UPN suffix to provide simplicity for users.  Users can then achieve more broad SSO capabilities by using their familiar email credentials when authenticating for company.local services.
  When using UserPrincipalName as the LDAP synchronization attribute for the CM User ID, the configuration requires that the search base for authentication be derived from the UPN suffix, regardless of whether it is a single domain or multiple trees within a forest.  This makes it impossible to authenticate by UPN unless your UPN is explicitly your root domain name.  From the example above, CM would try to bind [email protected] against DC=company,DC=com instead of the correct DC=company,DC=local.
  The logical solution would be to allow the administrator the option.  Why not have a choice of whether to generate the user search base from the userid (UPN) information, or be able to specify the search base as well like it allows with any other synchronization attribute?
  Would this be a feature request, bug report, or neither?  I'd really appreciate it if Cisco considered this but I don't know the proper channel.

• Sun java directory server and Active Directory

  We are using two different directory servers Sun java directory server and active directory.
  My question is how we can have password synchronization between these two directory servers.
  I have checked Sun Java[TM] System Identity Synchronization for Windows 1 2004Q3
  http://www.sun.com/download/products.xml?id=41537425
  It seems that it's supported platforms is only for solaris and windows , but I have installed my Sun java directory server on linux and obviously it doesn't work for me.
  I would be grateful if anyone can suggest a solution to work around this situation.
  I have checked identity manager , I would like to know that if I can do this using this product.
  http://www.sun.com/software/products/identity_mgr/specs.jsp
  --regards.
  Sara

  Yes RHEL 4 is a supported OS with DSEE 6.0.
  Identity Synchronization for Windows is a part of DSEE that allows synchronization of users, passwords and groups between Sun Directory Server and Active Directory bi-directionally without altering the users environments, ie it does not require that users change their current habits.
  Identity Manager is a complete identity management solution that is targetting enterprise work flow when it comes to user provisioning and de-provisioning, but also allows to build authentication and password change forms that will provision the passwords to many different systems including Sun Directory Server and Active Directory but also IBM mainframes, legacy applications, databases...
  If you are implementing a complete identity management solution, then go with Identity Manager. If you need a lightweight and fast solution for just synchronizing users and passwords between Sun DS and MS AD, Identity Synchronization for Windows should be your choice.
  Regards,
  Ludovic.

• Mac OS X Server and Active Directory Replica

  Hello,
  Has anyone ever encountered any problems when making a Mac OS X Leopard server an Active Directory Replica? We're working on this project and we want to make sure that we don't mess up our primary AD server when we configure this.
  Thanks so much,
  Mac man of the Bay

  Hi
  Not sure what you mean by Active Directory Replica? If you mean you want your Mac Server to be the BDC to a Windows-based PDC then no it won't happen. OSX Server can only perform as a Domain Member when a Windows Server is the PDC. Neither can you have a Windows Server as the BDC when the PDC is an OD Master - as far as I know.
  Have you downloaded and read the manual?
  http://images.apple.com/server/macosx/docs/OpenDirectory_Admin_v10.5_2ndEd.pdf
  Briefly: OD Master/Replica relationship can also be PDC/BDC only if both boxes are OSX.
  Tony

• Project Server 2010 Migratet from one farm to another farm

  Hi ,
  I need to migrate existing Project server 2010 farm one server to another server.
  Kindly suggest me what is the best way we need to fallow.
  Existing Environment two server:
  1.  App server(SharePoint 2010 +Project Server 2010)- Existing PWA site is running
  2.Database server(with DNS instance name)
  New Environment:
  1.App server (fresh installed SharePoint + project server 2010)
  2.DB server fresh server with sql 2008
  Hasan Jamal Siddiqui(MCTS,MCPD,ITIL@V3),Sharepoint and EPM Consultant,TCS
  |
  | Twitter

  Event viewer Error:
  Failed to provision site PWA with error: Microsoft.Office.Project.Server.Administration.ProvisionException: Membership synchronization failed. ---> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
     at Microsoft.SharePoint.Library.SPRequest.RemoveRoleDef(String bstrUrl, Int32 lRoleID)
     at Microsoft.SharePoint.SPRoleDefinitionCollection.Delete(SPRoleDefinition roleDefinition)
     at Microsoft.Office.Project.Server.BusinessLayer.SharePointSecurityHelper.DeleteRoleByName(SPWeb web, String roleName)
     at Microsoft.Office.Project.Server.BusinessLayer.SharePointSecurityHelper.DeleteRoles(SPWeb web)
     at Microsoft.Office.Project.Server.BusinessLayer.SharePointSecurityHelper.ConfigureDefaultPWAWSSSecurityModel(SPSite topSite, SPWeb web)
     at Microsoft.Office.Project.Server.BusinessLayer.Admin.<>c__DisplayClass18.<QueueUpdateUsersAddRemoveStatusOnPwaRootsAndWorkspaces>b__17()
     at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.<RunWithElevatedPrivileges>b__2()
     at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)
     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)
     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode)
     at Microsoft.Office.Project.Server.BusinessLayer.Admin.QueueUpdateUsersAddRemoveStatusOnPwaRootsAndWorkspaces(Dictionary`2 deletedUserUidsLoginNames, Guid[] addedUserUids, Boolean isFullSync, Boolean syncWorkspaces)
     at Microsoft.Office.Project.Server.BusinessLayer.Admin.SynchronizeMembershipForPwaAppRootSite()
     at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.SynchronizePwaMembership(ProjectProvisionSettings provset, ProjectSite projectSite)
     --- End of inner exception stack trace ---
     at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.SynchronizePwaMembership(ProjectProvisionSettings provset, ProjectSite projectSite)
     at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.CreateSite(ProjectProvisionSettings provset
  Hasan Jamal Siddiqui(MCTS,MCPD,ITIL@V3),Sharepoint and EPM Consultant,TCS
  |
  | Twitter