SharePoint 2010 - Claims Based Authentication - Access Denied for AD Group members

We're in the process of migrating our SharePoint 2003 system to 2010 and have used Metavis to migrate the data. We had to do the data migration in a lab environment and then move/attach the content database to our production server. The database attached successfully
and I, as a site collection administrator, can see all sites and the data therein. We are using claims-based auth with ADFS 2.0 as the provider.
My users, however, get access denied trying to go anywhere on the site. I have added the Active Directory groups to the appropriate SharePoint groups and have confirmed the groups are appearing with the c:0-.t|adfs|group_name syntax. If I add them as individual
users (i:05.t|adfs|[email protected]) they can authenticate fine, but not by AD group membership.
I enabled ADFS tracing and I see that the claim being provided includes the SIDs for all the groups the user belongs to. Using ULS Viewer I can see that SharePoint sees the correct number of claims (it doesn't show what those claims are, just the number) but
it doesn't seem to be connecting the SIDs passed to the group name used in the permissions list. I have also updated the portalsuperreader and portalsuperuser accounts after the database was moved, just in case there was something weird there.
The ADFS and SharePoint servers are all in the same AD domain, so they should be able to resolve SIDs ok. I suspect the issue is somehow related to the migration of the content database from a separate
environment (different domain), but I can't figure out for the life of me how to get the group authentication to work.
Thoughts?

Brilliant idea. Unfortunately that didn't work - I can get to the new site as the site collection owner, but members of groups to which I assigned permissions still get Access Denied. :-(

Similar Messages

SharePoint 2013 Claim based authentication

Hi,
I'm trying to configure SharePoint 2013 web application to use Claim based authentication. I updated the SharePoint web application using the following cmdlet:
Convert-SPWebApplication -Identity "http:// <servername>:port" -From Legacy -To Claims -RetainPermissions -Force
I noticed that the authentication mode has been changed to Claims Based Authentication for the detault zone. But when I use fiddler to capture the traffic, there is no FedAuth cookie for the traffic to my SharePoint site.
Questions:
1. Does FedAuth cookie must exist when the SharePoint web application is configured to use Claims Based Authentication?
2. The "Enable Windows Authentication" is checked and NTLM is selected for "Integrated Windows Authentication". Is this a correct setup for Claims based authentication?
3. Is there any documents talking about how to configure Windows Claims-Based authentication?
Thank you!

Hi Wu Tao,
Please find the below technet links and white paper (Claims-based
Identity for Windows (white paper)) which will talk about windows claim based authentication.
http://technet.microsoft.com/en-us/library/cc262350(v=office.15).aspx
http://technet.microsoft.com/en-us/library/jj219571(v=office.15).aspx
And the below link will talk about setup for claim based authentication.
http://technet.microsoft.com/en-in/library/ee806885(v=office.15).aspx
If you need more information, please let us know
Sekar - Our life is short, so help others to grow
Whenever you see a reply and if you think is helpful, click "Vote As Helpful"! And whenever
you see a reply being an answer to the question of the thread, click "Mark As Answer

How to pass credentials/saml token access sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication

How to pass credentials/saml token exchange to the sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication
Identity provider here is Oracle identity provider
harika kakkireni

Hi,
The following materials for your reference:
Consuming List.asmx on a claims based sharepoint site
http://social.technet.microsoft.com/Forums/sharepoint/en-US/f965c1ee-4017-4066-ad0f-a4f56cd0e8da/consuming-listasmx-on-a-claims-based-sharepoint-site?forum=sharepointcustomizationprevious
Sharepoint Claims based authentication and Single Sign on
http://social.technet.microsoft.com/Forums/sharepoint/en-US/2dfc1fdc-abc0-4fad-a414-302f52c1178b/sharepoint-claims-based-authentication-and-single-sign-on?forum=sharepointadminprevious
Sharepoint Claim Based Authentication Web Service issuehttp://social.msdn.microsoft.com/Forums/office/en-US/dd4cc581-863c-439f-938f-948809dd18db/sharepoint-claim-based-authentication-web-service-issue?forum=sharepointgeneralprevious
Best Regards
Dennis Guo
TechNet Community Support

Sharepoint 2010 on Windows 2012R2 and claims based authentication

Hello,
We have installed a sharepoint 2010 SP2 CU dec 2014 on a Windows 2012R2 server.
The installation went without problems.
However, we want to use claims based authentication on a certain web app pool.
Therefore some configuration on IIS is required.
The first issue we ran into, is the web application pool uses ASP.NET 2.0, which is the default settings.
However, using this ASP.NET Version 2.0 the feature "Providers" and ".net users" are invisible.
When changing the .net version to 4.0, the features comes back again.
I can fill in the connection strings without problem.
The providers feature however, gives me the following errors:
There is a duplicate .... sections defined.
When googling on this error, it seems that on .net 4.0 these sections are already globbally defined in the machine.config, So i removed these entries in the machine.config
These are the lines that are "double"
<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false"
allowDefinition="MachineToApplication"/>
<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false" allowDefinition="Everywhere"
/>
<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false" allowDefinition="MachineToApplication"
/>
<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false"
allowDefinition="MachineToApplication" />
So after removing these lines, i can get into Providers feature in IIS.
but, when i click on "Add..." i get the following error:
Add Provider
There was an error while performing this operation.
Details:
This method cannot be called during the application's pre-start initialization phase.
OK
I spent to much time already to solve this issue and i hope that someone can give me some advice to address this issue.

The STS web.config:<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>

<behaviors>
<serviceBehaviors>
<behavior name="SecurityTokenServiceBehavior">

<serviceMetadata httpGetEnabled="true" />

<serviceThrottling maxConcurrentCalls="65536" maxConcurrentSessions="65536" maxConcurrentInstances="65536" />
</behavior>
</serviceBehaviors>
</behaviors>

<services>
<service name="Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract" behaviorConfiguration="SecurityTokenServiceBehavior">

<endpoint address="" binding="customBinding" bindingConfiguration="spStsBinding" contract="Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract" />

<endpoint name="ActAs" address="actas" binding="customBinding" bindingConfiguration="spStsActAsBinding" contract="Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract" />

<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
<service name="Microsoft.SharePoint.Administration.Claims.SPWindowsTokenCacheService">
<endpoint address="" binding="customBinding" bindingConfiguration="SPWindowsTokenCacheServiceHttpsBinding" contract="Microsoft.SharePoint.Administration.Claims.ISPWindowsTokenCacheServiceContract" />
</service>
</services>

<bindings>
<customBinding>
<binding name="spStsBinding">
<binaryMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</binaryMessageEncoding>
<httpTransport maxReceivedMessageSize="2162688" authenticationScheme="Negotiate" useDefaultWebProxy="false" />
</binding>
<binding name="spStsActAsBinding">
<security authenticationMode="SspiNegotiatedOverTransport" allowInsecureTransport="true" defaultAlgorithmSuite="Basic256Sha256" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12" />
<binaryMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</binaryMessageEncoding>
<httpTransport maxReceivedMessageSize="2162688" authenticationScheme="Negotiate" useDefaultWebProxy="false" />
</binding>
<binding name="SPWindowsTokenCacheServiceHttpsBinding">
<security authenticationMode="IssuedTokenOverTransport" />
<textMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</textMessageEncoding>
<httpsTransport maxReceivedMessageSize="2162688" authenticationScheme="Anonymous" useDefaultWebProxy="false" />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="true">
<providers>
<clear />
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
</authentication>
</security>
<modules>
<add name="WindowsAuthenticationModule" />
</modules>
</system.webServer>
<system.net>
<connectionManagement>
<add address="*" maxconnection="10000" />
</connectionManagement>
</system.net>
<connectionStrings>
<add connectionString="Server=sqldb_qa_sharepoint2010;Database=SG_SHP_Claims_Authentication;Integrated Security=true" name="SHP_Claims_Authentication" />
</connectionStrings>
</configuration>
I have backupped the machine.config and restored it (the file i edited was in the following dir: C:\Windows\Microsoft.NET\Framework\v4.0.30319\Machine.config)

Cannot create dataset from claims based authentication sharepoint site in report builder 3.0

I have a sharepoint site, which is configured as claims based authentication (ref:
http://ashrafhossain.wordpress.com/2011/05/25/how-to-configure-claim-based-authentication-for-sharepoint-project-server-2010/) . both AD and asp.net members can log in to the site successfully. My user need to use the report build to create report
on this sharepoint site. As a result, the site is also integrated with reporting service. I try to create a report in the sharepoint site by clicking "New Document" -> "Report builder Report". The report builder will comes out and ask for credential to
connect to the report server. I use asp.net member to login and it can let me to create a data source which connect to a the list of the sharepoint site with credential option "Use current Windows user. Kerberos delegation might be required". However, when
I try to create a data set and click the query designer, error "Server was unable to process request. ---> Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))" appear as below:
Besides, non of my AD account can be used to login to the report builder. Errors below found in the ULS log:
09/26/2012 14:47:27.75 w3wp.exe (0x116C)
0x11F4 SharePoint Foundation
Claims Authentication fo1t
Monitorable SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password could not be validated.
(Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
09/26/2012 14:47:27.76 w3wp.exe (0x140C)
0x0F38 SharePoint Foundation
Claims Authentication fsq7
High Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated. at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message
response) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken
rst) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
524a2f96-f5ff-4c96-80d1-f08d3c7ef14f
09/26/2012 14:47:27.76 w3wp.exe (0x140C)
0x0F38 SharePoint Foundation
Claims Authentication 8306
Critical An exception occurred when trying to issue security token: The security token username and password could not be validated..
524a2f96-f5ff-4c96-80d1-f08d3c7ef14f

Hi Foxvito,
Claims authentication types supported by SharePoint 2010 are Windows Claims, forms-based authentication Claims, and SAML Claims. In SAML-Claims mode, SharePoint Server accepts SAML tokens from a trusted external Security Token Provider (TST). From the
blog you referenced, it seems to use the SAML Claims authentication.
However, the Reporting Services client applications: Report Builder, the Report Designer in Business Intelligence Development Studio, and Management Studio do not support connecting and authenticating with LiveID or SAML Claims based SharePoint Web applications.
That's because the SAML Claims don't use the Reporting Services authentication endpoint. So, you have to change the Claims authentication type to use Report Builder on the SharePoint site.
References:
Overview of Kerberos authentication for Microsoft SharePoint 2010 Products
Claims Authentication and Reporting Services
Regards,
Mike Yin
Mike Yin
TechNet Community Support

SharePoint 2013 web service: Error while sending claim based authentication request (The corresponding SID in the domain is not part of the intended account type)

We are using .asmx services for SharePoint features such as comments, and rating.
Service
Feature used
http://<<hostname>>/_vti_bin/socialdataservice.asmx
Commenting, Rating
http://<<hostname>>/_vti_bin/UserProfileService.asmx
For out of box workflows
In SharePoint 2013,
SharePoint – 80 web application is on claims based mode and user is logging in with windows authentication. With logged-in client context used to call SharePoint's default web service, we are getting below error message from
web service (Social data and user profile services).
Server was unable to process request. ---> The corresponding SID in the domain is not part of the intended account type.
When the service is accessed using console application with Visual Studio credentials (logged in user), we are able to access the service. Below is the code snippet
using (SocialDataService
service = new
SocialDataService())
service.Credentials =
CredentialCache.DefaultCredentials;
SocialCommentDetail detail = service.AddComment("<<url>>",
"Test Comment",
null,
null);
Are SharePoint 2013 web services not supporting request coming with claim based authentication web application?
Thanks, Pratik Agrawal (MAQ Software)

While this applies to 2010, I believe the same is true with 2013:
http://social.technet.microsoft.com/Forums/sharepoint/en-US/925e5f46-317f-46d3-bc55-c67f07eb2372/call-sharepoint-web-services-using-claimbased-authentication?forum=sharepointgeneralprevious
Trevor Seward
Follow or contact me at...
&nbsp&nbsp
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Claims Based Authentication and Editing User Profiles

Hi All,
I have an interesting issue where I have a SharePoint Farm setup with both the intranet and mysites web applications setup using Claims Based Authentication. While everything seems to work fine, you are able to search for users, view properties and users
can change their own profile properties. However when you configure a profile administration account (an account with the "manage user profiles" permission on the User Profile Service Application) and you attempt to use that account to edit
another users profile you get hit with a generic error page.
Delving deeper you get the following errors:
ULS:
Date   Process   Thread Id   Area   Category   Event Id   Level   Correlation   Message
5/7/2013 00:31:44:64   App Pool: MySites   0x1DC8   SharePoint Foundation   Logging Correlation Data   xmnv   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Name=Request (GET:http://mysite.DOMAIN.loc:80/_layouts/15/EditProfile.aspx?UserSettingsProvider=234bf0ed%2D70db%2D4158%2Da332%2D4dfd683b4148&ReturnUrl=http%3A%2F%2Fmysite%2EDOMAIN%2Eloc%2Fperson%2Easpx%3Faccountname%3DDOMAIN%255CAUSER&accountname=DOMAIN%5CAUSER)
5/7/2013 00:31:44:66   App Pool: MySites   0x1DC8   SharePoint Foundation   Authentication Authorization   agb9s   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Non-OAuth request. IsAuthenticated=True, UserIdentityName=0#.w|DOMAIN\sp_config, ClaimsCount=24
5/7/2013 00:31:44:66   App Pool: MySites   0x1DC8   SharePoint Foundation   Logging Correlation Data   xmnv   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Site=/
5/7/2013 00:31:44:69   App Pool: MySites   0x1DC8   SharePoint Foundation   Files   00000   High   4001199c-6bd8-c03d-920f-55177fbff00c
UserAgent not available, file operations may not be optimized.
at Microsoft.SharePoint.SPFileStreamManager.CreateCobaltStreamContainer(SPFileStreamStore spfs, ILockBytes ilb, Boolean copyOnFirstWrite, Boolean disposeIlb)
at Microsoft.SharePoint.SPFileStreamManager.SetInputLockBytes(SPFileInfo& fileInfo, SqlSession session, PrefetchResult prefetchResult)
at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocumentRowset(Guid databaseId, SqlSession session, SPFileStreamManager spfstm, Object[] metadataRow, SPRowset contentRowset, SPDocumentBindRequest& dbreq, SPDocumentBindResults&
dbres)
at Microsoft.SharePoint.SPSqlClient.GetDocumentContentRow(Int32 rowOrd, Object ospFileStmMgr, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres)
at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages,
Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String&
pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64&
pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder,
Guid& pgDocScopeId)
at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages,
Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String&
pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64&
pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder,
Guid& pgDocScopeId)
at Microsoft.SharePoint.Library.SPRequest.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean&
pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String& pbstrTimeLastModified,
String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean&
pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid&
pgDocScopeId)
at Microsoft.SharePoint.SPWeb.GetWebPartPageContent(Uri pageUrl, Int32 pageVersion, PageView requestedView, HttpContext context, Boolean forRender, Boolean includeHidden, Boolean mainFileRequest, Boolean fetchDependencyInformation, Boolean& ghostedPage,
String& siteRoot, Guid& siteId, Int64& bytes, Guid& docId, UInt32& docVersion, String& timeLastModified, Byte& level, Object& buildDependencySetData, UInt32& dependencyCount, Object& buildDependencies, SPWebPartCollectionInitialState&
initialState, Object& oMultipleMeetingDoclibRootFolders, String& redirectUrl, Boolean& ObjectIsList, Guid& listId)
at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.FetchWebPartPageInformationForInit(HttpContext context, SPWeb spweb, Boolean mainFileRequest, String path, Boolean impersonate, Boolean& isAppWeb, Boolean& fGhostedPage, Guid& docId,
UInt32& docVersion, String& timeLastModified, SPFileLevel& spLevel, String& masterPageUrl, String& customMasterPageUrl, String& webUrl, String& siteUrl, Guid& siteId, Object& buildDependencySetData, SPWebPartCollectionInitialState&
initialState, String& siteRoot, String& redirectUrl, Object& oMultipleMeetingDoclibRootFolders, Boolean& objectIsList, Guid& listId, Int64& bytes)
at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.GetWebPartPageData(HttpContext context, String path, Boolean throwIfFileNotFound)
at Microsoft.SharePoint.ApplicationRuntime.SPVirtualPathProvider.GetCacheKey(String virtualPath)
at System.Web.Compilation.BuildManager.GetVPathBuildResultFromCacheInternal(VirtualPath virtualPath, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResult(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean ensureIsUpToDate)
at System.Web.UI.MasterPage.CreateMaster(TemplateControl owner, HttpContext context, VirtualPath masterPageFile, IDictionary contentTemplateCollection)
at System.Web.UI.Page.ApplyMasterPage()
at System.Web.UI.Page.PerformPreInit()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)
at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
5/7/2013 00:31:44:69   App Pool: MySites   0x1DC8   SharePoint Foundation   Files   aiv4w   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Spent 0 ms to bind 33542 byte file stream
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ai7z6   High   4001199c-6bd8-c03d-920f-55177fbff00c
User was not successfully retrieved: i:0#.w|DOMAIN\AUSER in ProfileUI.OnInit. Seeing if this is a system account
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ai7z7   High   4001199c-6bd8-c03d-920f-55177fbff00c
User i:0#.w|DOMAIN\AUSER not found and not a system account.
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ahn7m   Unexpected   4001199c-6bd8-c03d-920f-55177fbff00c
ProfileUI: Unhandled exception inside OnInit: Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ahn7h   Unexpected   4001199c-6bd8-c03d-920f-55177fbff00c
ProfileEditor: Unhandled exception inside OnInit: Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   General   8nca   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Application error when access /_layouts/15/EditProfile.aspx, Error=DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   Runtime   tkau   Unexpected   4001199c-6bd8-c03d-920f-55177fbff00c
Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   General   ajlz0   High   4001199c-6bd8-c03d-920f-55177fbff00c
Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   General   aat87   Monitorable   4001199c-6bd8-c03d-920f-55177fbff00c
5/7/2013 00:31:44:73   App Pool: MySites   0x1DC8   SharePoint Foundation   Monitoring   b4ly   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Leaving Monitored Scope (Request (GET:http://mysite.DOMAIN.loc:80/_layouts/15/EditProfile.aspx?UserSettingsProvider=234bf0ed%2D70db%2D4158%2Da332%2D4dfd683b4148&ReturnUrl=http%3A%2F%2Fmysite%2EDOMAIN%2Eloc%2Fperson%2Easpx%3Faccountname%3DDOMAIN%255CAUSER&accountname=DOMAIN%5CAUSER)).
Execution Time=87.1739285300227
It seems similar to an issue in the blog post here: http://kb4sp.wordpress.com/2012/12/05/user-cannot-be-found-shenanigans-one-way-active-directory-trusts-and-sharepoint-2013/ however I tried what was suggested and it didn't work.
Any help with this is appriciated.

This line offers clues about the actual problem:
Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
According to the MSDN link (http://msdn.microsoft.com/en-us/library/microsoft.office.server.userprofiles.usernotfoundexception.aspx)
it is not able to find the user in the profile store. Additionally the link you mentioned (http://kb4sp.wordpress.com/2012/12/05/user-cannot-be-found-shenanigans-one-way-active-directory-trusts-and-sharepoint-2013)
suggests that the account being used to validate accounts on the production domain may have a problem.
If there a way you can test that account in isolation against the DC?
With Regards Shailen Sukul Entrepreneur/Software Architect/Developer/Consultant/Trainer (BSc | Mct | Mcpd (.Net 2/3.5/SharePoint2010) | Mcts (Sharepoint 2010/MOSS/WSS), Biztalk, Web, Win, Dist Apps) | Mcitp(SharePoint) | Mcsd.NET | Mcsd | Mcad) MSN | Skype
| GTalk Id: shailensukul Twitter: http://twitter.com/shailensukul Website: http://sukul.org Blog: http://shailen.sukul.org/ http://www.linkedin.com/in/shailensukul

Claims Based Authentication SPSecurityTokenService.Issue() failed: The security token username and password could not be validated.

Please excuse the lousy table...Its late :-)
I have a multi-server SP2010 farm. Patched up to
Configuration database version: 14.0.6106.5002
My goal is to have a claims based web application that authenticated to ADAM for Extranet. I have configured the servers exactly to MSDN and technet specs (following this spec to the
letter (
http://technet.microsoft.com/en-us/library/ee806882.aspx) to allow the forms side of the web app to authenticate to ADAM.
IT WORKS IN DEV!!! , which is a single server farm. However, it does not work in production. I get the following:
Claims Auth log entries:
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
f2ut
Verbose
Authenticated with login provider. Validating request security token.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Using membership provider 'ADAMProvider'.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Doing password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Failed password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Unexpected
Password check on '[email protected]' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security
token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
fo1t
Monitorable
SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password
could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
fsq7
High
Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
8306
Critical
An exception occurred when trying to issue security token: The security token username and password could not be validated..
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
f2un
Verbose
Form authentication failed.
I have tried EVERYTHING (well, nt everything, I don’t have the fix I suppose).
I found plenty out there and nothing directly correlates with this issue.
I searched on all parts of the errors I got.
This contains an interesting blurb about setting up access for the apppool id correctly.
That’s not the case for me. It works in dev and the same id are used there.
http://sharepoint-2010-world.blogspot.com/2011/03/adam-forms-based-authentication-in.html
This was good but it doesn’t give specs on what the environment looks like:
http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/557143a6-4b36-4939-bb7f-d62a9335fd18
The was interesting…but I am patched up beyond the June 2011 CU so it’s a moot point:
http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/9b8368ef-c5e5-4ead-b348-7b2b5587cfc8
Any and all help would be greatly appreciated!

Hi.
You say its a multiserver farm, do you have more than one web server then?
If thats the case, have you tried accessing the site on each server directly?
Found this for you, maybe that can help?
Troubleshooting Exceptions: System.ServiceModel.FaultException`1
http://msdn.microsoft.com/en-us/library/bb907220.aspx
and this:
SharePoint 2010 Claims Authentication - The security token username and password could not be validated reoccurring every morning
http://social.technet.microsoft.com/Forums/pl-PL/sharepoint2010setup/thread/383f1f9b-5c4a-4e19-b770-2a54b7ab1ca1
and
This seems to be a good guide:
http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
Good luck
Thomas Balkeståhl - Technical Specialist - SharePoint - http://blksthl.wordpress.com

Adobe Acrobat X Pro cannot handle claim based authentication

Hi,
The system has licensed 'Adobe Acrobat X Pro' installed successfully. When SharePoint 2010 site collection has NTLM authentication, pdf document can be edited sucessfully using 'Adobe Acrobat X Pro'.
Issue arises when the sharepoint 2010 site collection has claim based authentication.
User logs in and navigate through links as-
Workspace->Document Library.
Selects PDF document->select "Edit Document" link.
This action opens Adobe Acrobat X Pro, but do not open pdf and displays error "There was error opening this document. The filename, directory name, or volume label syntax is incorrect."
In this case, request-response caught as-
OPTIONS http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/WS%20Library/89000000 HTTP/1.1
Accept: */*
User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 10.1.1 )
Host: dev-ms-db-01.devrapdrp.mahadiscom.in
Content-Length: 0
Connection: Keep-Alive
Pragma: no-cache
Cookie: SPSESSION=IWyGCxHlHGZr0eWSuEDJvOt7+i2Io81ggZFn+tFAtcuOYqDUjzIINxLXo5V69CSSbTi+UsSjgB8fow/ Gr0UWuGEHRpliqgfRGPsjaPO4vdYVCKJ+HAtMjCgcVx6HuVHUeO4/hpsI7gb47X9s4OmsgXkd6MqTFlVQIIMHxDtuE 6WpZxnSEl47voXnX11FkcIWSk8BqEl4+PnC7Paktct3SEJdgY+lWsazcsMqD3HrEGe0w7Qn0VN2lWglt1N5ejSDNyR oKoPAZKsm7fDqxO+SDHBF+UDEN2VvOhOV/PL5OIwRLKU+niaYolAZyDrASixdMm012NwchcLbqELJPT6sxfYEyMbRB MF2o1W922SYSkfAEKSFZ5ikkRyTCcuMNuI6fMQ6t+Xti6pcX/Vula+qf9q+vqPVxkZ5ACPih6EgvnUqxiNXgzLQ7c/ gYjo0D8ZP79KixoROJPs5VRZhmVKCnMY+SSn/4TNf2vW5eMiJeHdeeciMWpHC7cZ+Z6Uh3w+Aj9n9FTux2N++WTjRx wbIBluqQL1ZuCd3XnXBxlG9C4Wi1dAynp3YSd1axyOciVQmwnPuZg9XgROeqCM0/z4nmKkAYuu1MRH0acgVOu3PL/q C06T+UOxvHUKtU7Qe14TFFioYY8e/Rrfnd2uOIujUZLM/kJEM+kSguvoWeK+ABZHyTvPCw5FRxAsDNCiA2rklzFtUx yoI6SqDDlGidY+TRQaRfLX0xvlTqr7PPuEMLKAoEGwkBPvOV24eUPcVC1+PgKMt2rsbt1tZYn7adS4dZ3aRaj0zp9Q 8Pea2lFTxvsANYklT05kHQt832VsFQ9PGuHPTX7A7z6QUW4P4GOE5dJ5USawOrjxZ/Mi621NZlLaLfTzPTJmxcJu3X cCG8VrkMco9JfbxnM0ZKgD9OI+qjnQpJXpkjNChtrgZ+tYzLPb4TpQgQphBTfKIyhcXwW9Y+Lze/3P0zmjpiTIWWN3 mbyE5W07KpCtwvvECJhCn1cMlPoaEV0ZxWJsPcYNVNqFcWeQiDJugkAe7VlWJsiznjJDioW+98SsFoZWz/4U0KCB0P Ja/4VAMdzRQmm0owEucWBHUUw1//9ufkgk7DqZ75sH28cjfsfiKiBZvLe61Q8yxs5iiXqHBkp6WRaPH93CslYI1sa4 izeScEye2decQObEfVDY7KAOFAQSW95hlqSHcSlm1hgYR+AsMmffnqHcH0ebyjsvYJoI3o7AMXjev7o9qGH9eEd+eU Tpn3lnqvDdbbTYdkjtE8HeOkhqiEIXUj5jX/owYjASbW0Q0l6M+QjRUu/eJaBVNYEG8l3xIbnPTGyEWM3hCCbIvoXA WlN972hL4x+SDGkr7pK+gq/D6+5+FL2qqB7Vr9aRnc1nPSV6nx8oEgX/fcZpPWSACwphq
HTTP/1.1 302 Moved Temporarily
Date: Tue, 16 Jul 2013 10:42:30 GMT
Server: Apache/2.2.15 (Win32) mod_jk/1.2.30
Set-Cookie: SMSESSION=yFelHh2awfWW7yLKZHpSnNHDstixrmkciGIIqfLtwSRrLEQeVdI4R9iO3Q9qynhWDFCk8OIW2HXl+Cl JOdVC5/mwavCdDtHZYn5tL1s6C3BjIGLJowaDVTXUeGZAt0JcyVHEQcsIVgiiFlmkPKPapEOprHPItaa/vZJal5eeK 7NN8s0RrJ+Me1PlBmRQdBSklMxilciwMaLMXAKRwHSstl3kw5n2Qo5VCRmjG34k3gsYWNHh/I5o6buRRszeGpdZLeU 9GLeOdk8r3qXiXwIOvBhkBZrfuPKMAa1IIhftEdeJgKh9XSuCxAHs8wTEGCDzBNSzqZ3Q6S1UhC8/aA8qw1o2lVMbn 3AaYb2LE2/PgW9pN6VctY4XW6O8Dpvri8iXMCHLR28F8KrzLgust3CPBu1D/APPyJpsc1ya/IxdO5FWmCmBvGviEnN m9sNjPZVMSg3rpUgH8C492Kg5k4TzbqRsCvnI7o8ulycpBLvQOoQ97xOO8esCj/jtQAC8Y2bKLCKPqJhSJO4ROCaK7 6cGMihhGDhqE5+IJsW4Wr7Om4l4mO1Ov28hwJiGZVW0NsF0BJDrqPcagMAolIQ8xgTX1wpxPQebt/voTr5+ZjPbUj5 5LRvavod8ePnrE9majS/Fzr1QkHpeZvMxE6UBJ3r32uiEqykcm91nKIZpgBNkwKP9HzbgMSh8KV+y4vxQeOUT2rQo8 8r3vql9d+XCU7jk0jv6J+ugBBxGVaRC99thR6kvolTo7QMn6vsUk6ZC57IpSy84CQHSxp0vtNYdnTRcL8IZUPXyh3L iBnmCmdpRbEpN2l8kR23Jn0Zb1i/BxbMFU5El8xkhxWiZPCRLHctIIoXhv6Mt4amlc84MbawQedaL3ynWQFPg3sgyn 8KbigvV6nKf+rOBeVVU/fwCpLRwHxZ8x5aKWXPTZuT1W3tCkA6OwWIi9fshksawMgzTnNYpP/vz+Yrp/akquH5qb25 ZXsUHaMzR6YC0Lnw7wAMjRoDELznOVg0fgL12mjRkplI2Fg1HjsbmGNtdsCuS5Nt/VAiur40GNPnRG+kYtTVvaTOLw ShaXSqbKc5y0Z2MiQ+sCxXmXueRTtnXYiMKd3dszcGkor3mW2QrJqkFblcTSnIUeYDHhCMK+dt/0xA1jsVVA9Zal4F ISyWTryDUK5BQHVGyAHOoZK7NsYosGabLtvVe777VO4Q3eBSWkEU5QWpe47eAe54o1nfsR+gl0lJjR7q9Ms5LNW9qU NZaBahic1+c4MqhqLY5l+yqrig3CaFm; Domain=.mahadiscom.in; Expires=Tue, 23-Jul-2013 10:42:30 GMT; Path=/
Set-Cookie: SPSESSION=aecQ9bgin1o3zGDHNhZJB8l5o1MmEmOjAMaACmYoXuqvLFak53UjUmMYKSW5VJ6CyOr/ahKrDAhWXja D8f/eFAW6G5oZ/4t6D0TSiozDepGNHdCRJ72Z/mAenAOQI63rkXwnWuCzmOZXGW6ZPIvSjPw3+0GGWnNFkM4ZhBhxs ZBKM2x2v4xy7I2LUTW4vV8IQovBHXIUfGxD38TuqBBfRR1tQu8GsW/q7LFQSSim+arvHSaJwrcNk63pCX539ouCEBi Ng8LUj9NPUF5FwiZwA7hcGNiRWdMae71ccYkVqmWC0WkU06KZETrqotVFGS8azZSPd+/xx6OodV5wxTq43Y/8CwEAL NqCZv/Ye4OJYYmParYAhgdON/PZ4UEuI5+dG/pICSxYA6NJyuswMz7LiIEXaltAhhhK+margc26sMGOf8hpE7M5OpV sU/Fc7ylpg2bmvT0bKOGg1o8h2jJIBx0SRhs6CByjauPdu3rBA0HVTRQnammCiWnjkHgJvyONi7B78HDo2vmQvB9og 7U9xQkhywLwg+ZyCmtx91zV1paP7Sk2pBPnGRQK+/WLdk8zEOG5d9Thmg4X9INZVgt8qwwOTky8mp9wNi48eO670BF DdD4PCM+PpiYAjV8NernCXcREpSD75THtvZNLq5LEzgmwNk6bThLcXHNYt5zhZEo/v559nDrx97r1EceZImKfII0kI QA6RS0MajM1/UvoI+gBjXqnXbybskBhdnt13zeoth6OmIP9DSjahILqOban09bmLXgzspG5t/EmIOdawfy/JKuRNPA H4nExF8Tt2iBRu1mLvcqWOidFKG1Qm/fo0YEalDZe2+m5PF9vCe5nWnqEPyzCOfcSzU4HnTFjyatlnunbexREhDNz7 2/oVfxq9sii+fiJgMM04J83WSwIE2dDhNN1/PU8+TH+WIkkB1r/DkI7ynir9g+5o2pKPyWem+HxRUmWy4AWGlbp+xT gPP7A7ZcOFMcWbzItEIEUpgYOXILk5DIXe8o08910s6bmYlUDZNRPBp/ZsqhI4A1cCQcdKqnCmx8BGkjJ/3VRxFxvx CeBJ6sEJomnUD+mw6Lxy10Q1r0QHAvbv2j4NLOR+XAoxMU2ye9mzrhspyWWEa2S+LgxhV5V563sNFXB57f+WJzIblk ww1iENF2rEhJtTebC3EEy5MkFlXPsacq4OUKsgavAlhO0xDIdhrg233eTZYFvIZ3xOhmjrfiLdkS/XvB2gwq6QRniU QDIY/D0QPtnNJ+GGFM/Mqvciu5K7gi6SK85nWiY08hnBJfiUen7C+KZ0lAEH2zNUhPnIJav0BgA/yIZhNswd3fZXoS ioFFz45isPRMYkZqkNEkoy32wBH5qVSHRJPIGxiGXT1b0ccUiuJx4ptKt7xKDqvsGmnu5; Domain=.mahadiscom.in; Expires=Tue, 23-Jul-2013 10:42:30 GMT; Path=/
Location: http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/_layouts/Authenticate.aspx?So urce=%2Fportal%2Fworkspace%2FWS%20Library%2F89000000
SPRequestGuid: 4fb96723-8eaf-4249-9f63-13a3c4d61a25
X-SharePointHealthScore: 5
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6106
Via: HTTP/1.1 dev-ms-db-01.devrapdrp.mahadiscom.in:80
Content-Length: 259
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/_layouts/Authenticate.aspx?So urce=%2Fportal%2Fworkspace%2FWS%20Library%2F89000000">here</a>.</h2>
</body></html>
After getting this response, 'Adobe Acrobat X Pro' do not send any more request.
Note, the same site collection(with claim based authentication), opens and allows to edit microsoft document successfully. There is request-response sequence.
Giving one of them for example, because all will flood the page-
OPTIONS http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/WS%20Library/89000000/ HTTP/1.1
User-Agent: Microsoft Office Protocol Discovery
Host: dev-ms-db-01.devrapdrp.mahadiscom.in
Content-Length: 0
Connection: Keep-Alive
Pragma: no-cache
Cookie: SMSESSION=yFelHh2awfWW7yLKZHpSnNHDstixrmkciGIIqfLtwSRrLEQeVdI4R9iO3Q9qynhWDFCk8OIW2HXl+Cl JOdVC5/mwavCdDtHZYn5tL1s6C3BjIGLJowaDVTXUeGZAt0JcyVHEQcsIVgiiFlmkPKPapEOprHPItaa/vZJal5eeK 7NN8s0RrJ+Me1PlBmRQdBSklMxilciwMaLMXAKRwHSstl3kw5n2Qo5VCRmjG34k3gsYWNHh/I5o6buRRszeGpdZLeU 9GLeOdk8r3qXiXwIOvBhkBZrfuPKMAa1IIhftEdeJgKh9XSuCxAHs8wTEGCDzBNSzqZ3Q6S1UhC8/aA8qw1o2lVMbn 3AaYb2LE2/PgW9pN6VctY4XW6O8Dpvri8iXMCHLR28F8KrzLgust3CPBu1D/APPyJpsc1ya/IxdO5FWmCmBvGviEnN m9sNjPZVMSg3rpUgH8C492Kg5k4TzbqRsCvnI7o8ulycpBLvQOoQ97xOO8esCj/jtQAC8Y2bKLCKPqJhSJO4ROCaK7 6cGMihhGDhqE5+IJsW4Wr7Om4l4mO1Ov28hwJiGZVW0NsF0BJDrqPcagMAolIQ8xgTX1wpxPQebt/voTr5+ZjPbUj5 5LRvavod8ePnrE9majS/Fzr1QkHpeZvMxE6UBJ3r32uiEqykcm91nKIZpgBNkwKP9HzbgMSh8KV+y4vxQeOUT2rQo8 8r3vql9d+XCU7jk0jv6J+ugBBxGVaRC99thR6kvolTo7QMn6vsUk6ZC57IpSy84CQHSxp0vtNYdnTRcL8IZUPXyh3L iBnmCmdpRbEpN2l8kR23Jn0Zb1i/BxbMFU5El8xkhxWiZPCRLHctIIoXhv6Mt4amlc84MbawQedaL3ynWQFPg3sgyn 8KbigvV6nKf+rOBeVVU/fwCpLRwHxZ8x5aKWXPTZuT1W3tCkA6OwWIi9fshksawMgzTnNYpP/vz+Yrp/akquH5qb25 ZXsUHaMzR6YC0Lnw7wAMjRoDELznOVg0fgL12mjRkplI2Fg1HjsbmGNtdsCuS5Nt/VAiur40GNPnRG+kYtTVvaTOLw ShaXSqbKc5y0Z2MiQ+sCxXmXueRTtnXYiMKd3dszcGkor3mW2QrJqkFblcTSnIUeYDHhCMK+dt/0xA1jsVVA9Zal4F ISyWTryDUK5BQHVGyAHOoZK7NsYosGabLtvVe777VO4Q3eBSWkEU5QWpe47eAe54o1nfsR+gl0lJjR7q9Ms5LNW9qU NZaBahic1+c4MqhqLY5l+yqrig3CaFm; SPSESSION=EHC4LQyCHd29iQYBYn4tZz32xTbluDRCKmE7MfoOvlo4X4bkU2z2+YB3GbbMs99E/nVU/QwCPFaNxTz 6dx9EAHyBo1xhs6fNhkrlFX+m/EZiufmafae/osbzcdx2fWbEsh78UnstGbRPRX5kSx8gCXRnc14vWagr+Y6nufb3w 50c+5u96DQJSR+WhoZOiVnmoeUHq7TIgd9N9dUl+9lBOyFfetYCHjvZNWHKANLMIl3lkbvO5xtMBpGLGZ/m12mitKx TQKJ++dbRcCUM9f8e52nz/soFLjhd3bL9KCln9IsaqBtBW1n/rBtxogQq8CLGl64RT3gW/yIAPPvCKQHKvT/PjsNOQ c4K4vSdN9zSxJFwrC6s1s046wxg707+iHQzChaVI8E/DcQPFn4FkdntwrO9CejVT1qSEkqRbr1XsxONaNWQu2SOyTQ 6vz3fO1j/Y+SH3R9+liZ/Q9HnQyh6DgMkswvbcJDqoVK61B6QGOJECihpMxjrtdHCEFDulMb5rnE70V3hBttLJRj8R 5T5ttHG5geAjync4BaWfIDLoi1hfJtUMPASnZKLzIl/SOwYHxFLIWL/P57T3NkrjiqTkoeqvP63Qf1pnWgh18gOFIF JuncxdnNI2Mg67UlJ+JPxQMPf6tuPWHD78SActM6r0pAnz7tbHmjb14D7ZmPjPN98yORlUxbL4vNzoXJYbYn0f3ZPw Rw6I1pF8cThGuMy7mb+0zwCPrsDCl23yS03l7GFavyk9bGRc4SDh5INslA1TI1rVS4k+9ECZpPKHiEtDDjQKWoO4Pi u/WrXgNWT3wl49qslDfBnHucyXFH6+FWfOBcP82DsbGLXt6+wsDIdOhTXFbweAIPXgsLL1bIjpBPzwR4KwIf0lOKxp O+Bah5ZQs7JtPIBjsnWO/KUfU4vQN3H6lBUBm8+lLEVNA8tBnyDhXhxvLmL3j7eeMCigRQsVtVOAwT9Lbyk+wie6Fa 2JzgNUXDJFL/n3uo/I1U6Z+UFz+oKaP/MPutCGUMFUq1K9zO9g60UD9YaB+OxIfO5vudJ0yrhaVAeSeyWn3bnVCKZi xHTpG1frsQqMm2NkmnMoe3r3KvyqvbdEBiLGVniyBUDRYqOn5vTTnvnRMuxpR+jRiSSg1REarO1IJLEUBX2XDAkuNY 5/ulMUVJXikVpRHE8T4NXVFssFtMYE6ff4Whc1ZrLiIt4QQy85QFszpI4jqVdb5Zrn66JdgY4w168+wHllLZh9iyoK CZKAWNRQzJSqfOmEqbMVMR+dAnBAwDRqydZ8AiE2lhlgqHB2dk3hETwickBvAldOqZdJu3jJ/w6CGL82Tx2W5eyHQU EkHU/gs7Lrpjxyc+fJSPK03LKZlS2Gpy5wHx2LFybBX1FndVbml0axdbX62uIjEOnDvD1; FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+MMe1LnR8c2hhcmVwb2lud HJlYWxtMWZvcmRldnNoYXJlcG9pbnRhZ2VudHw4OTAwMDAwMCwwx7UudHxzaGFyZXBvaW50cmVhbG0xZm9yZGV2c2h hcmVwb2ludGFnZW50fDg5MDAwMDAwLDEzMDE4NDQ5NzYwMjAyMDAwMCxGYWxzZSxlSGZscEVHNDJEK2F3SXRQVFNLa GNXMzR5VU1HZ2hIVVRNT2ppaDJxY2YzcVRtKzcwR3RxblNmQUlQSisxZkhZZXNzaUhsejRWU1owRkJJRExEWDdXZWt 0dXNYUjd5YUtiRzNxdEdzZEVWM0ZXWmp0Y20vdWpkdHhlTTcxd0luRllEQ25ld1oxa3k0MUJ4NVFOanFlSGpaMmdtZ GVWZEdLczdHTGxWV1J0NUVYMWJNT2pnMTBsaGQvV2VQc1dCNGFWUDBXWnlwdEpmUEZHTEV2QjVCdHZpd1ZjekFwQ0d HTGY5bkk5S2IxS285aHhxMXNuUkxKbi9GNi9HdG50M3FMaEl1YnR5ZGwyNHBiaXBVQ2RuZjNldWExeVFxQWdqV25zN mFONFV5VHMrQVpGUlRmcDBUVHNzL0R1d2dGa1IwSlpCZGd5UVpTNlBRTTZhK3J5ejlpZmc9PSxodHRwOi8vZGV2LW1 zLWRiLTAxLmRldnJhcGRycC5tYWhhZGlzY29tLmluLzwvU1A+
HTTP/1.1 200 OK
Date: Tue, 16 Jul 2013 10:49:17 GMT
Server: Apache/2.2.15 (Win32) mod_jk/1.2.30
Set-Cookie: SPSESSION=v9NiXhTOuExWMzaHXx+oFJTtC8w0vd23LS5AQL+js7Z+xCp9rbe1nlErG4kE+MQ1JzYoeF7PQ/h7Jjm l+8Z/qBIeTuO2muL+g/fQAYSAxx7kPlVVkRZ/gwq+2EtkYtQ/5egbPmSvyY/Uba5QndnYpjok3r4qJRY7p48tN4rr+ vcoolRC1bSVZaU7WrjOxnX7YbAeNNWRUIpI9Ut9L4G0tmv5NlGtg6SxnTZ1q+lbAG+/ZEnAxJorBFkq+tZZP9cRLB5 4u67swngb67etK8EVNbFrTXW/8n/XlotfF6dUgiVfD+tAfdsNJO7jsQ4bsAh4dP0frS/XDlPyv7QE1ZbYKC5gw5UOi m4Zw3Fitc0DrrQCEOpDZiWvK/gqxzAHm2PJPMNoM0jYxiuSAU8P6Y76vFsHWTY4Kkdhin9VTdEAxDMweMaEyS1ISbZ CHHxLHsAWyhUm24CFL1fZDcRW0x1DcoMu3y8yAN4tvXz4hn5GC46qI/q83+f3uNn6mdDYoEcEwbrVHP6K2YlErWfox gCz3Us7msXb2eK93fBQDRhUvhm9F300mr7523tWvVioeiNPGX7dl8CQxU67TGkkV9s45F3ShZKTlH0DsWSLJPhtd/D xENhCJR6yG4VkT1nThp6SpT2CuHmnlzYodKsRAtaDx5kCwlo9TKsIezs1FQqxtxZkvKxqaULgRx5ZSK/fJz6PiQwNd lRKUFw9uG5J9EWTRuz0AoWn0WF+32VWIeglhyDaMi/GWaD1pVZffnT68KRQWINVm/r3WPvk+23mPOYUX07Vy5bGO21 sZzCxLjmrhibt1wgF/syg9swcplf46JV61Q6ASMi/tXxRGcaCg75+8PrE7sjYjnxXsutmJJqtvnx6pdgpb4akmWnZF DRvptVxs0d/kMbf2YA7sJRpbNcIIR6tpIgm2FzKtk80Bj5aDM/e+FVfH0mpoqEk9/IwC2SdCoUfg6OFVV9JBowhCkj 17o1saz73pQoAzG5o51m33R1959jrQIwOwsI4t2R27F6jY9RCRzKvbEBPxhwl4hzpZ/LY5cQr1CvOlCPilXGlgKFGx rQl56OVQfsUFwBLEufTrHN5XR4SITUU1PW0IOgjxwems5jNlmsddWIsu08nmVuuagFQUaKwxk0p8jd9S4QBHFbknLv WhSgPfcd7yahHw0oqJ5cAFyjMa/LY1QD8MN8INDIEuY5jvzM5l5Jxn0Tr5i4aqHit89i3n6VeealPDEzS1CSSg0U3y P5K0DTAKMQLyUzFMB9ND63pAeNJaY3+PfmIYZsiQgEprNv+dagHVL3j8iU5kskxsIiRqJxVLt4G6WagnKcbCQt4gmz Enb5LSst1Zhx+MvYfCTwr8wYhrgnBCMNQEuC0i8FH5rM2GrpFDOL1336GX1tgyR5nTSXi; Domain=.mahadiscom.in; Expires=Tue, 23-Jul-2013 10:49:17 GMT; Path=/
Cache-Control: private,max-age=0
Allow: GET, POST, OPTIONS, HEAD, MKCOL, PUT, PROPFIND, PROPPATCH, DELETE, MOVE, COPY, GETLIB, LOCK, UNLOCK
Expires: Mon, 01 Jul 2013 10:49:15 GMT
Accept-Ranges: none
SPRequestGuid: 2f248360-fd85-4fb3-a185-b01dadac3f7a
X-SharePointHealthScore: 4
MS-Author-Via: MS-FP/4.0,DAV
X-MSDAVEXT: 1
DocumentManagementServer: Properties Schema;Source Control;Version History;
X-MSFSSHTTP: 1.0
DAV: 1,2
Public-Extension: http://schemas.microsoft.com/repl-2
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6106
Via: HTTP/1.1 dev-ms-db-01.devrapdrp.mahadiscom.in:80
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/plain
When site is with NTLM authentication, adobe acrobat x pro opens and allow to edit successfully. But when it there is Claim Based authentication, it cannot. It seems Adobe Acrobat X Pro does not have capability to send appropriate headers to handle claim based authentication. Also it is not able handle the sequence of request-response for claim based authentication. When searched on web, there is one product of Acrobat called LiveCycle, which has capability to handle SAML. Does that mean Adobe Acrobat X Pro does not have the capability to handle Claim based authentication so it is depend on LiveCycle for it?
thanks
Sharmila

Hi MkkLam
The below mentioned link might resolve this issue, kinldy try it:
LInk: http://helpx.adobe.com/creative-suite/kb/acrobat-failed-launch-30-days.html
Other related thread:
http://forums.adobe.com/thread/1021632
Thanks!
Atul Saini

Where I can get visio file of SAML claims-based authentication process

Hello
I saw SAML claims-based authentication process flow diagram on
http://msdn.microsoft.com/en-us/library/office/hh394901(v=office.14).aspx . Please let me know where I will get the visio of this file.
Regards
Avian

What makes you think that such a file is available (to the public)?
Use the graphic, or make your own.
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs

Access denied for all (most?) users in all site collections of web app

Hi,
I have a Sharepoint 2010 farm pre-SP1 (yes should be updated!) and for all site collections of a web app, all users are getting access denied.
Now in my title I said "most?" because I have found one user in another office who does not have this issue. This web app/site collections also do not go through f5 or any proxies.
Even if I add myself as a site collection admin via central admin, I get the same result. I've looked at everything, windows time on the server (not using kerberos), errors in event log (nothing), uls logs just say access denied (very helpful!), etc...
I can try what's suggested at http://social.technet.microsoft.com/Forums/en-US/e66f1b09-605d-4546-a581-2a9283c238c0/access-denied-for-all-users-and-for-site-collections-owner?forum=sharepointgeneralprevious but when asking colleagues, there's been no
changes, let alone with those accounts? I can do a get on the property tomorrow to find if there is a value set first, however.
Any suggestions on this?

Hi,
Please try logging in the site with farm account.
If it works, please make sure you have superuser and superreader accounts in CA > Application management > web application policy. If not, please add both accounts with the powershell script in the article below, this can cause all users denied when
access the site:
http://technet.microsoft.com/en-us/library/ff758656.aspx
Here is a similar thread:
http://social.technet.microsoft.com/Forums/sharepoint/en-US/a49b1ab8-273f-41e4-a0b8-be0e31c6733b/all-users-including-site-collection-admins-receiving-access-denied-from-one-site-collection?forum=sharepointadminprevious
Regards,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected] .
Rebecca Tu
TechNet Community Support

Custom Login Web Part In SharePoint 2010 Forms Based

Hi ,
Im trying to make Custom Login Web Part In SharePoint 2010 Forms Based , all membership configration is done .
my question is why (Login1.username , Login1.password ) give this error :
login1 does not exist in the current context
protected
void
Login1_Authenticate(object
sender, AuthenticateEventArgs e)
02        {
03            string
membership = "MembershipProvider";
04            string
role = "RoleProvider";
05
06            e.Authenticated
= SPClaimsUtility.AuthenticateFormsUser(new
Uri(SPContext.Current.Web.Url),Login1.UserName,Login1.Password);
07
08            if
(!e.Authenticated) return;
09
10            SecurityToken
token = SPSecurityContext.SecurityTokenForFormsAuthentication(new
Uri(SPContext.Current.Web.Url), membership, role,
Login1.UserName,
Login1.Password);

Error 1 No overload for method 'SecurityTokenForFormsAuthentication' takes 3 arguments
Error 2 The name Wss doesnot exisit in current context
Can anyone give sugeestion please
cant recitfy this error
protected void Login1_Authenticate(object sender,
AuthenticateEventArgs e)
02        {
03            string membership
= "MembershipProvider";
04            string role
= "RoleProvider";
05
06            e.Authenticated
= SPClaimsUtility.AuthenticateFormsUser(newUri(SPContext.Current.Web.Url),Login1.UserName,Login1.Password);
07
08            if (!e.Authenticated) return;
09
10            SecurityToken
token = SPSecurityContext.SecurityTokenForFormsAuthentication(newUri(SPContext.Current.Web.Url),
membership, role,
Login1.UserName,
Login1.Password);

MySQL connection with OWB 11gR2 results in "access denied for user"

Hello,
I just try to establish a connection to a MySQL database with OWB 11gR2, but I always get the error "access denied for user...". I did the things written on [http://blogs.oracle.com/warehousebuilder/2010/01/owb_11gr2_mysql_open_connectivity.html] and I also used the platform configuration from this description. Newest JDBC driver was downloaded and I put the jar-file into the folder OWB_HOME/owb/lib/ext. The definition of the MySQL platform worked and the entry "MySQL" was created in OWB, but no connection can be established. I also tried other tools like MySQL Administrator in order to find out whether the problem is caused by network configuration or sth. like that, but with this tool the connection works.
OWB is installed on OpenSuse 11.1 64bit. Does anyone know why this error occurs? Perhaps I missed some configuration tasks, which I don't know so far?
I'm looking forward to your answers.
Greetings
Joerg

Hi David,
thank you for your reply. The corresponding user has already got this host setting. Anyway he got the wildcard '%' and with other tools I can connect.
I solved the problem now due to just trying around with usernames. The error was quite funny: OWB changes the username always into upper case and MySQL cannot handle this username. The username must match 100% to be able to login.
Now I just changed the user in MySQL and wrote the username in upper case. But in fact I would like to know if it is possible to avoid that OWB changes the username, with quotes it didn't work ;-)
Greetings
Joerg
UPDATE:
Now I'm facing another problem: the connection works, but I cannot import any metadata. When I click on "Browse" to select the correct schema in MySQL DB, no result is displayed. The user anyway has go the privileges to select data from this schema. I also tried to provide the user with every possible privileges for this schema, but I still cannot select any schema. When I write the schema manually and then try to import database objects iin OWB the error message "definitions of userdefined metadata interface are invalid" is displayed (translated from german, so the wording could be different). Does anybody have an idea what the problem could be?
Edited by: Scantid on 15.01.2010 00:41

Error...java.sql.SQLException:Access denied for user

Hi,
I am getting the following error message while connecting with the MySQL .(O/S :Sun OS 5.6)
Error.....java.sql.SQLException: Invalid authorization specification: Access denied for user: 'some_user&password@localhost' (Using password: NO)
Note that i have given all permission to the user using,
GRANT ALL PRIVILEGES .......................
The code i have used to connect with the database is,
import java.io.*;
import java.sql.*;
class test
public static void main(String a[])
try
Connection con;
Statement stmt;
ResultSet rs;
Class.forName("org.gjt.mm.mysql.Driver");
con=DriverManager.getConnection(jdbc:mysql://localhost/db_name?user=some_user&password=some_pass");
stmt=con.createStatement();
//do something with resultset
catch(Exception e)
System.out.println("Exception in second try.."+e);
plese guide me on this problem to solve.
Thankz,
Bala.

Hi friends...
I've read the last post...
The problem that I have is as follow....
1. I have installed on my machine MySQL 5.0 Server running
1.1 I have a database called "base1"
1.2 User "root", password "works"
1.3 I have the following sentence to connect it using JDBC
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/base1", "root", "works");
More notes:
- I use the JDBC 5.0
- My Machine is a Windows XP SP2 Pentium 3.0 512Mb
and it connects��
but I have this environment to develop applications, now that I want to connect to Production Environment happens the following:
2 The Production database is mounted on a Linux Server with MySQL 3.2.
2.1 I change the sentences as follow:
Connection con = DriverManager.getConnection("jdbc:mysql://192.168.0.7/base1", "user", "password");
2.3 But a message appears when I run the Java Program:
java.sql.SQLException:Access denied for user: '[email protected]' (Using password: YES)
2.4 As you can see it changes the IP Address...
More notes:- I have the MySQL Query Browser and I got connection.
- The IP that display the Error Message is my Second IP configurated on my Network Properties.
- Server is a Pentium 4 3.0 GHz 2Gb Linux Red Hat 3.0
I leave this case for the spider... I hope that somebady has the solution.
What is the problem? Why the JDBC doesn't respect the IP that I wrote.

BI Dashboard - access denied for user to path /users/administrator/_portal/

Hi,
While I am within OBI EE, I try to access My Dashboards and I get this error message:
" access denied for user to path /users/administrator/_portal/dashboard layout.
Error Details
Error Codes: O9XNZMXB "
I have looked in other forums and found a solutions which was to delete cookies and then restart the system whole. It didn´t work at first. After a while, the system would allow me to access My Dashboards but then....
....I wasn´t able to access the shared filters that are on the network, thus impeding my others dashboards to work.
Does anybody know what the correct procedure for having this work is?
Thanks in advance,
Javier Rincon

Hi...
go to Catalog Manager.
Open and navigate to particular folder (_portal in shared)
right click that and go to permissions.
In left pane are you able to see the presentation Administrator ??
If then, check what kind of permission Administrator has (full control or not), if not.. add Administrator into this pane from right pane (In the right pane, You can see the user by Unchecking the check box present below show groups only check box.)
you didn't tell with whom you logged in?
If administrator then follow the steps i mentioned,
else... same steps but instead of administrator check it for particular user.
Thanks & Regards
Kishore Guggilla

SharePoint 2010 - Claims Based Authentication - Access Denied for AD Group members

Similar Messages

Maybe you are looking for