User search in group

Hi All,
Iam having a problem in searching the user in group tab.
Iam having about 2500 users in portal and all og them are assigned to a group.When Iam searching the user in that group it is taking about 10 min to search for a single user.
All the users are in LDAP but the group is not pointing to LDAP.
User UNique IDS are of the form USER.CORP_LDAP.<userID>
Grops have unique IDS in the form GRUP.PRIVATE_DATASOURCE.un:<Group ID>
so my question is as the users and groups are both not pointing to LDAP it is taking time for me to search user in the group?
If yes, how can I reduce the search time ?
Thanks,
Master.

Hi Fareed,
a while ago I worked with a portal installation that came up with very large user groups. The number of user members were far above 10 000. We had enormous performance problems searching for users. On enquiry SAP recommended to avoid large numbers of group members to increase performance. But that was back at SAP NetWeaver 2004.
Meanwhile I work with another portal installation (SAP NW 2004s SPS 09). Groups and user ids are stored in an LDAP. Number of users in a group is up to 4000. No problems there. For test purposes I created some groups in the portal database (UME) and assigned a couple of users stored in LDAP. Works fine as well.
How many users do you have in your groups?
Best regards,
Martin

Similar Messages

  • User Search in a Group

    <p><br>i am using shared services system 9.2<br>i have 200 users in a group. i am wondering whether there is a wayto search for a particular user<br>in a group, as we do search in native user directory/NT userdirectory.<br><br>thanks and regards<br><br>--------------<br>[email protected]</p>

    <p>Yes, we can search for a user in a perticular group in SS.</p><p>First search for appropriate group, double click on th group andthat will open a new window.</p><p>Which has 3 tabs. go to last tab for searching a perticularuser. Just type starting 2-3 letter and a star it will bring youthe user in that group</p><p> </p><p>Eg: pra*</p><p> </p><p>HTH</p><p>Jagan</p><p> </p>

  • User Search time for Assigning group

    Hello Portal gurus,
    Iam using EP6 SP 14.
    The time taken for adding or deleting users from a group is over 10 min to search single user. As we have around 2500 users its taking a long time to search for the user  from the assigned groups.
    Can anbody suggest  me how to reduce the time for the user search in assigned group.
    Thanks in advance......
    Regards,
    Master.

    So I figured it out.  For anyone else wondering, here's the answer...
    Back in May I ran gpresult against user A and user B.  I compared both users and noticed one difference.  I'm still not sure why, but user A had a single registry key group policy preference that was not applied like the rest of the users in the entire
    domain.  Thus, user B had all the same group membership, SharePoint, SQL Server settings as user A, and still didn't function properly with the peoplepicker.
    Due to security posture, it was recommended we set the "State" REG_DWORD value to 10000 (Hex), or 65536 (Dec) using group policy, restricting the following registry keys:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
    NOTE:  SIDs S-1-5-19 and S-1-5-20 had different, apparently less restrictive "State" values of 23c00 (Hex) and 146432 (Dec)
    I did some searching and found another
    post where someone had a seemingly similar issue with Webex malfunctioning after restricting the same key values.
    Upon reverting the above three key "State" values of 23c00 (Hex) and 146432 (Dec) on the AD box and forcing a group policy update, peoplepicker started working properly again for all users in SharePoint.
    \:D/

  • Error message "The specified user or domain group was not found" when trying to access certain sites

    Hello.
    My setup is as such (this is a testing environment), spread over two virtual machines:
    -Windows Server 2012 with AD DS and MS SQL Server 2012
    -SharePoint Server 2013
    When trying to access a lot of site collections in different web applications, I am given this error message. The error message started suddenly appearing, and I do not know what caused it. It started happening after I turned on Request Management Service
    Application, though I can't see how that would cause this, and it was not fixed after I turned it off.
    I have the necessary permissions, as I have been able to log on to the sites before without any issue. I am using a domain administrator account who is a site collection administrator.
    At first I thought it was an issue related to User Profile Service Application, as I was having issues starting the Synchronisation instance. I deleted and re-installed UPS, got synchronisation to work, and it still does not work. I have made no changed
    to the AD schema. I have not moved any accounts recently, and I have not deleted any accounts.
    Here are the ULS log entries. It seems to have been truncated some.
    06/11/2014 10:17:31.94 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=True, UserIdentityName=0#.w|sp\administrator, ClaimsCount=26 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Database ahjqp High [Forced due to logging gap, cached @ 06/11/2014 10:17:31.95, Original Level: Verbose] SQL connection time: 0.0556 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High UserAgent not available, file operations may not be optimized. at Microsoft.SharePoint.SPFileStreamManager.CreateCobaltStreamContainer(SPFileStreamStore spfs, ILockBytes ilb, Boolean copyOnFirstWrite, Boolean disposeIlb) at Microsoft.SharePoint.SPFileStreamManager.SetInputLockBytes(SPFileInfo& fileInfo, SqlSession session, PrefetchResult prefetchResult) at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocumentRowset(Guid databaseId, SqlSession session, SPFileStreamManager spfstm, Object[] metadataRow, SPRowset contentRowset, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres) at Microsoft.SharePoint.SPSqlClient.GetDocumentContentRow(Int32 rowOrd, Object ospFileStmMgr, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...) at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String& pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, ... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid& pgDocScopeId) at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String& pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbst... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...rRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid& pgDocScopeId) at Microsoft.SharePoint.Library.SPRequest.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion,... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ... String& pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid& pgDocScopeId) at Microsoft.SharePoint.SPWeb.GetWebPartPageContent(Uri pageUrl, Int32 pageVersion, PageView requestedView, HttpContext context, Boolean forRender, Boolean includeHidden, Boolean mainFileRequest, Boolean fetchDependencyInformation, Boolean& ghostedPage, String& siteRoot, Guid& siteId, Int64& bytes, ... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...Guid& docId, UInt32& docVersion, String& timeLastModified, Byte& level, Object& buildDependencySetData, UInt32& dependencyCount, Object& buildDependencies, SPWebPartCollectionInitialState& initialState, Object& oMultipleMeetingDoclibRootFolders, String& redirectUrl, Boolean& ObjectIsList, Guid& listId) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.FetchWebPartPageInformationForInit(HttpContext context, SPWeb spweb, Boolean mainFileRequest, String path, Boolean impersonate, Boolean& isAppWeb, Boolean& fGhostedPage, Guid& docId, UInt32& docVersion, String& timeLastModified, SPFileLevel& spLevel, String& masterPageUrl, String& customMasterPageUrl, String& webUrl, String& siteUrl, Guid& siteId, Object& buildDependencySetData, SPWebPartCollectionInitialState& initialState, ... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...String& siteRoot, String& redirectUrl, Object& oMultipleMeetingDoclibRootFolders, Boolean& objectIsList, Guid& listId, Int64& bytes) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.GetFileForRequest(HttpContext context, SPWeb web, Boolean exclusion, String virtualPath) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.InitContextWeb(HttpContext context, SPWeb web) at Microsoft.SharePoint.WebControls.SPControl.SPWebEnsureSPControl(HttpContext context) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.GetContextWeb(HttpContext context) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PostResolveRequestCacheHandler(Object oSender, EventArgs ea) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IEx... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...ecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompl... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...etion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files aiv4w Medium Spent 0 ms to bind 3356 byte file stream dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Monitoring b4ly High Leaving Monitored Scope (PostResolveRequestCacheHandler). Execution Time=66.6457 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Portal Server User Profiles ajk4d Medium UserProfileProperty_WCFLogging::Begin ProfilePropertyServiceClient.ExecuteOnChannel acc2999c-dfbc-a0b4-a4e8-f962e574ee66
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Portal Server User Profiles ajk35 Medium MossClientBase_WCFLogging::Begin MossClientBase.ExecuteOnChannel acc2999c-dfbc-a0b4-a4e8-f962e574ee66
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Portal Server User Profiles ajk36 Medium MossClientBase_WCFLogging:: MossClientBase.ExecuteOnChannel - Executing codeblock on channel acc2999c-dfbc-a0b4-a4e8-f962e574ee66
    06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Foundation Topology e5mc Medium WcfSendRequest: RemoteAddress: 'http://sp13:32843/44fa09d6891d4d7bb9856a0da10f6a84/ProfilePropertyService.svc' Channel: 'Microsoft.Office.Server.UserProfiles.IProfilePropertyService' Action: 'http://Microsoft.Office.Server.UserProfiles/GetProfileProperties' MessageId: 'urn:uuid:ec3c0f34-3285-4771-a7a1-24039cb4ced8' acc2999c-dfbc-a0b4-a4e8-f962e574ee66
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC Web Content Management Publishing 7fz3 Medium Setting [Display] as the FormContext.FormMode for the current page dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High DelegateControl: Exception thrown while adding control 'Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource': Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.SPSite.get_Request() at Mi... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...crosoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.SharePoint.Publishing.CachedAreaLookup.EnsureLookup(Boolean errorsAsExceptions) at Microsoft.SharePoint.Publishing.CachedAreaLookup.GetCachedAreaOrException() at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetCachedWebInfo(CachedAreaLookup cachedAreaLookup) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetWebNavigationSetting... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...s(CachedAreaLookup cachedArea, CachedAreaLookup& parentCachedArea, Exception& loadError) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettingsList(CachedAreaLookup cachedArea, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](CachedAreaLookup cachedArea, String siteMapProviderName, Boolean includeInheritedSettings, CachedAreaLookup& cachedAreaWithSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](SPWeb web, String siteMapProviderName, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.SwitchableSiteMapProvider.GetCurrentWrappedProvider() at Microsoft.SharePoint.Publis... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...hing.Navigation.SwitchableSiteMapProvider.get_RootNode() at Microsoft.SharePoint.Publishing.Navigation.SwitchableDataSourceBehavior.AssignProperties(SiteMapProvider targetProvider) at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High DelegateControl: Exception thrown while adding control 'Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource': Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.SPSite.get_Request() at Mi... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...crosoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.SharePoint.Publishing.CachedAreaLookup.EnsureLookup(Boolean errorsAsExceptions) at Microsoft.SharePoint.Publishing.CachedAreaLookup.GetCachedAreaOrException() at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetCachedWebInfo(CachedAreaLookup cachedAreaLookup) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetWebNavigationSetting... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...s(CachedAreaLookup cachedArea, CachedAreaLookup& parentCachedArea, Exception& loadError) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettingsList(CachedAreaLookup cachedArea, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](CachedAreaLookup cachedArea, String siteMapProviderName, Boolean includeInheritedSettings, CachedAreaLookup& cachedAreaWithSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](SPWeb web, String siteMapProviderName, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.SwitchableSiteMapProvider.GetCurrentWrappedProvider() at Microsoft.SharePoint.Publis... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...hing.Navigation.SwitchableSiteMapProvider.get_RootNode() at Microsoft.SharePoint.Publishing.Navigation.SwitchableDataSourceBehavior.AssignProperties(SiteMapProvider targetProvider) at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High DelegateControl: Exception thrown while adding control 'ASP._controltemplates_15_metadatanavtree_ascx': Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyCla... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...im(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.SPSite.get_Request() at Microsoft.SharePoint.SP... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...Site.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationSettings.GetCachedArea(SPWeb web) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationContext.GetMetadataNavigationHintsForList(SPWeb web, Guid listGuid) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationSettings.GetMetadataNavigationSettings(SPWeb web, Guid sourceListId, Boolean check... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...WebPropHint) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationContext.get_NavigationSettings() at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationContext.EnsurePageInitEventHandling(Control controlOnPage) at Microsoft.Office.Server.WebControls.MetadataHierarchyDataSourceControl.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8nca Medium Application error when access /SitePages/Home.aspx, Error=Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Runtime tkau Unexpected System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ...Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ...SPSite.get_Request() at Microsoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.SharePoint.Publishing.Internal.WebControls.PublishingRibbon.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ... System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteS... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ...tep(IExecutionStep step, Boolean& completedSynchronously) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General aat87 Monitorable dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
    06/11/2014 10:17:32.05 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://sp13:80/SitePages/Home.aspx)). Execution Time=97.7205 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35

    This is a very generic error message. 
    What user you are trying to search. Are you using username, display name or email address when searching
    Was any domain related changed done
    What if that users tried to logon to sharepoint site. 
    Does this error occur with all the account when you click edit? If not, based on the error,
    the user account which might be removed from Active Directory or renamed accidentally. Please have a check.
    Try to follow below:
    http://architectevangelist.wordpress.com/2010/12/07/sharepoint-2010-the-specified-user-or-domain-group-was-not-found/

  • Assigning User to a Group.

    Hi All,
    We have installed EP 7.0. We need to add the user "xxx" to the group "SAP_HR_LSO_DEVELOPMANAGER".
    We searched for the user "xxx" and click on modify button to edit the Assigned groups. But the Add button is disabled for the Admin.
    How to enable it ? & How to add the user to the group?
    Kindly provide your answers.
    Thank You.
    Regards,
    Eben.

    Hi,
    I hope the following links will help you,
    https://forums.sdn.sap.com/click.jspa?searchID=15809839&messageID=4604222
    Re: Add users to a group through programming
    Regards,
    Harish

  • Adding users to PAB group with same last name as existing

    Cannot add user to PAB group when user has same last name as an existing Group member.
    Seems to work, see number tick up and green bar flash, but, never really adds.

    Joea,
    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.
    Has your problem been resolved? If not, you might try one of the following options:
    - Visit http://support.novell.com and search the knowledgebase and/or check all
    the other self support options and support programs available.
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://forums.novell.com)
    Be sure to read the forum FAQ about what to expect in the way of responses:
    http://forums.novell.com/faq.php
    If this is a reply to a duplicate posting, please ignore and accept our apologies
    and rest assured we will issue a stern reprimand to our posting bot.
    Good luck!
    Your Novell Product Support Forums Team
    http://forums.novell.com/

  • [Forum FAQ] The Value drop down list is grayed out when you perform search for Group Policy Objects in GPMC

    Symptom
    On Windows Server 2012 or Windows Server 2012 R2, when you use the Search for Group Policy Objects feature in GPMC, the “Value” field is not populated when you choose “User Configuration” as the Search Item. (See Figure 1.)
    <Figure 1>
    Cause
    The happens because the  Data of the (Default) value of the following Registry Key is not correct.
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}]
    By default the Data is (value not set). (see Figure 2)
    <Figure 2>
    Resolution
    The registry keys under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions] are the Group Policy Preference Client Side Extensions. The CSE name of the GUID {4D2F9B6F-1E52-4711-A382-6A8B1A003DE6} is
    RemoteApp and Desktop Connections. Please follow the steps below to resolve the issue.
    1. Locate the registry key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}]
    2. Take the ownership of this key: Right click on the registry key and choose Permissions option and click the Advanced button on the dialogue window. Then on the Advanced Security Settings dialogue window, click Change button to take the ownership
    of the key for the current logon account and make the current logon account Full Control permission with the registry key. (See Figure 3.)
    <Figure 3> 
    3. Change the data of (Default) value from "(value not set)" to
    "RemoteApp and Desktop Connection Component". (See Figure 4)
    <Figure 4>
    4. Once the steps above are completed, the Value drop down list will be populated again when you perform Search in GPMC. (See Figure 5)
    <figure 5>
    This article has been created as a TechNet Wiki
    here.
    Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

    thanks for the tip - but you should create this as a wiki article as it will be easier to reference in the future
    Regards,
    Denis Cooper
    MCITP EA - MCT
    Help keep the forums tidy, if this has helped please mark it as an answer
    My Blog
    LinkedIn:

  • Add user search functionality in a custom form

    Hi,
    I am new to IDM . I have two doubts regarding search functionality. Please help me out.
    1.     I want to add a user search option for a field and populate the value(user name ) from the searched result to that filed. The search option should have some search criteria like firstname ,lastname ,userid etc; depending on which we can search a particular user and after selecting one record that data should populate to that filed. Please let me know how can I archive that functionally? Is it possible to use the existing (out of box) search operation for it.
    2.     When we use selector, is it possible to change the default search option. I want to search depending on some criteria like firstname,lastname ,userid etc.
    Thank in advance.
    Regards,
    Nirupam

    I know this is old post - but I dealed with this requirement one and I knew it's pain. So, I just want to share my little expereinced here if someone else needed it.
    For this requirement - I have to customed the jsp pages. The file is tjspSearchUserTiles.jsp in the xlWebApp war file under tiles folder. What I did is check the current loging user's group. If he/she belong to Manager group, I set the search value Users.Manager Login equal to the username (this user name attribute alway available in the selvet section throught the USR BEAN.
    If you could make this cutomization work from your OIM env you then could customize alot more.
    Let me know if you need help - [email protected]

  • Searching 'parent' group for member of 'sub group'

    Running XI 3.1 using Windows AD SSO .   BOE group 'Report users' contains Windows AD subgroup '<domainname\groupname>'.  In CMC searching for an individual user from parent BOE group 'Report users' search returns nothing.  When searching 'User list' the user is returned.  When searching Windows AD subgroup '<domainname\groupname>' directly the user is returned.
    Is there a way to search for an individual from the parent BOE group level?
    Thanks in advance for any info.

    members of a sub groups will not display in the parent unless you copy them to the parent. This is by design. The reason nothing returns is because they aren't actually members. But since they belong to a sub group that is a member then they will inherit permissions from the parent. This is usually why everything gets set up this way.
    There may be a complex query that you can try with query builder to pull both group members and sub group members. Best to check in the [SDK forums|/community [original link is broken]; for that.
    Regards,
    Tim

  • Is user member of group in C#

    Hello everyone,
    I have to bind our application from ActiveDirectory to eDirectory. Is
    there a simple way to determine if the currently logged in user is a
    member of a group?
    In ActiveDirectory this is really simple but in eDirectory (using the
    LDAP C#-library) it seems that I always have to create LDAP strings
    which always have to contain username and password (which is an
    absolutely no-go in my opinion).
    I found many articles to my problem but no one with an easy solution.
    Perhaps someone got this running without the novell LDAP library through
    Microsoft DirectoryServices-Namespace.
    inno1
    inno1's Profile: http://forums.novell.com/member.php?userid=109362
    View this thread: http://forums.novell.com/showthread.php?t=437637

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    A few things come to mind. First your authentication problem; binding
    anonymously is definitely allowed in eDirectory, and is even allowed by
    default, but that doesn't mean the environment you are hitting will allow
    it. This is something you'll need to check with whomever setup the
    eDirectory environment. The documentation should cover how to set
    restrictions like anonymous binds.
    Next we have what I'm guessing is how you are searching for the group. I
    do not see how you are going to find either your group or your user in the
    group using that code so I'll suggest something else that I think is
    better taking advantage of the power of eDirectory and LDAP. First a
    little more information about eDirectory. By default group memberships
    are shown on both the group and user sides so you can either query the
    entire directory for groups that have users in their 'members' attribute,
    or you can go to the user and simply get a listing of all of the values in
    the groupMembership attribute. This is the best way, in my opinion, to
    see if a user is a member of a group.
    Now, about finding the user. In LDAP environments objects are found by
    full DNs, not just their relative DNs or usernames. If you do not have a
    full DN (users seldom know the full DN or use them) the first step is to
    find these, which you can do with a search like you are doing, although
    hopefully you wouldn't need to loop through results. Having a query like
    the following should find the user in one shot in a well-designed environment:
    (&(objectClass=inetorgperson)(cn=userNameHere))
    Once you have found the resulting DN of the user you can find the
    groupMembership attribute and either use the full set of values in that
    attribute or you can iterate through the values looking for the group DN.
    For both user and group you must use the full DN to verify membership.
    Good luck.
    On 04/28/2011 02:36 AM, inno1 wrote:
    >
    > ab;2100491 Wrote:
    >> The check for is a user is a member of a group does not require the
    >> password...I ask because the samples from the LDAP-library (ListGroup.cs, for
    > example) all seem to require a password. The samples check the number of
    > command line arguments and if something is missing the program does not
    > work.
    >
    > ab;2100491 Wrote:
    >> what do you mean[..]
    > I need a function like
    > Code:
    > --------------------
    > bool UserIsMemberOf(string groupName) {}
    > --------------------
    > to determine if a user is a member of a group.
    >
    > I get the userName from Environment.UserName and the groupName the user
    > has to be a member of is configured somewhere in my application.
    >
    > In ActiveDirectory I just connect to LDAP://RootDSE and everything
    > works fine.
    >
    > ab;2100491 Wrote:
    >> [..] and what does your code look like?
    > I used the 'Using .NET C# LDAP Library'
    > (http://www.novell.com/coolsolutions/...e/11204.html):
    >
    >
    > Code:
    > --------------------
    > Anonymous Binding
    >
    > // C# Library namespace
    > using Novell.Directory.Ldap;
    >
    > // Creating an LdapConnection instance
    > LdapConnection ldapConn= new LdapConnection();
    >
    > //Connect function will create a socket connection to the server
    > ldapConn.Connect (ldapHost,ldapPort);
    >
    > //Bind function with null user dn and password value will perform anonymous bind
    > //to LDAP server
    > ldapConn.Bind (null, null);
    > --------------------
    >
    > After this ldapConn.Bound is false. Is this correct? It could be
    > correct because I didn't really authenticate when doing anonymous
    > binding but it could be also wrong because even an anonymous bind should
    > be a form of authentication.
    >
    > I also tried Identity Bind:
    >
    >
    > Code:
    > --------------------
    > Binding using an Identity
    >
    > // C# Library namespace
    > using Novell.Directory.Ldap;
    >
    > // Creating an LdapConnection instance
    > LdapConnection ldapConn= new LdapConnection();
    >
    > //Connect function will create a socket connection to the server
    > ldapConn.Connect(ldapHost,ldapPort);
    >
    > //Bind function will Bind the user object Credentials to the Server
    > ldapConn.Bind(userDN,userPasswd);
    > --------------------
    > After this, ldapConn.Bound is true but the user has to give a password.
    > I don't want the user to have to use a password because in this case the
    > user has to configure it somewhere in the configuration of my
    > application.
    >
    > Then - for testing purposes - I wrote a function to get the users of a
    > group:
    >
    >
    > Code:
    > --------------------
    > LdapSearchResults lsc=ldapConn.Search("ou=Users,o=DomainAdmins", LdapConnection.SCOPE_ONE, "objectClass=*", null, false);
    >
    > string result = String.Empty;
    >
    > while (lsc.hasMore()) {
    > LdapEntry nextEntry = null;
    >
    > try {
    > nextEntry = lsc.next(); // <--- EXCEPTION: see [1]
    > } catch(LdapException e) {
    > result = String.Concat(result, "Error: ", e.LdapErrorMessage, Environment.NewLine);
    > // Exception is thrown, go for next entry
    > continue;
    > }
    >
    > result = String.Concat(result, nextEntry.DN, Environment.NewLine);
    >
    > LdapAttributeSet attributeSet = nextEntry.getAttributeSet();
    > System.Collections.IEnumerator ienum = attributeSet.GetEnumerator();
    >
    > while(ienum.MoveNext()) {
    > LdapAttribute attribute=(LdapAttribute)ienum.Current;
    > string attributeName = attribute.Name;
    > string attributeVal = attribute.StringValue;
    > result = String.Concat(result, attributeName, "value:", attributeVal, Environment.NewLine);
    > }
    > }
    > --------------------
    >
    >
    > [1] "00000000: LdapErr: DSID-0C090627, comment: In order to perform
    > this operation a successful bind must be completed on the connection.
    >
    > I think this is the problem:
    >
    >
    > Code:
    > --------------------
    > LdapSearchResults lsc=ldapConn.Search("ou=Users,o=DomainAdmins", LdapConnection.SCOPE_ONE, "objectClass=*", null, false);
    > --------------------
    >
    >
    > So, how does this have to look for a domain named "MyDomain.com" for a
    > group named "DomainAdmins" if I want to get all members of this group?
    >
    > And how does this have to look if I want to know if a user named
    > "myuser" is member of a group "mygroup" in domain "MyDomain.com"?
    >
    > I think this would help me a lot.
    >
    > ab;2100491 Wrote:
    >> There may be a need for authentication that would require a
    >> username/password but that depends on the rights you assign to your
    >> tree
    >> to allow (or deny) anonymous access.So, this is someone the customer has to configure I think. Since I only
    > want to read from a domain it has to work some way without giving a
    > password.
    >
    > ab;2100491 Wrote:
    >> Good luck.Thank you very much!
    >
    >
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.15 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
    iQIcBAEBAgAGBQJNujvFAAoJEF+XTK08PnB5Vn4QAJ8wDKZw5h Q5AWWkeMhKZ57U
    DctNKO9Wl1xU3agTp+PjgFFCQMHTiME7/UFU7/KR+eyY0hgp9R6r0k2lK3iX1TFd
    1Zwg0rkEjV+Pydy7vHk/LvqpoyWYKhrSGHhvkj/RChiIj1yEKR0rgAXGZG8NPemO
    nIXJtPHQ8ZkH8ZrEGfL+25abIc5b0Ch5KXN76nSFRGORgqPRvO 2gpQW36KKj+Tfq
    RZARJgBKyKaG4MOlatnS2ZNuAy1meI/1oTN/ouO8K1MR+Hey2ZvI85VUSlg3nG/z
    fgj6QdIMj80KRnpgJCO4K7SFO6effHQaijRUIszz5xHxSEaPXv FcB/xPhRdedzxb
    NKZu/rti0Jt3PABCG3nibbUcA05vbb6mLbufwDISJGXyUp5PK3533yT xoGFjkt1I
    PL+p7ZpL4Q5s4wHBGME0y579V5EfncqqUsFh2aONzhIAmOSxu0 huaqcLG5QWmQnQ
    HMn8+npkdlyGGJy4hslpyoTQefYNsn7PdXig1KAMEZjQHGlI1S WJf/hsztcP4/jM
    Zf8oKMZz/35+EphCgRgXl0h5gOFk+WpxHRJ8NyAVLZioV4mcUwBzLDD7d9z lW47/
    SZxxlIOKpFB1c0FokkFR2SBteDsd4dzfMPgD7MTDBNj174u7wn y3LkSvWfPTDjBS
    12SwchOZ+PPL3PxfsUNc
    =/n4u
    -----END PGP SIGNATURE-----

  • Shared Services Users Disappear from Groups

    We have Native Groups in Shared Services that we added users from our MSAD directory to. Yesterday we found that the groups no longer have these users in them and IT did say they did some moves in the directory over the weekend. But I'm wondering if that would really cause SS to drop all the users from the groups like this.
    Basically, no one is able to log in although we are testing adding users back to the groups and think that's working.
    I just don't want to have to re-create our groups anytime our MSAD is updated.
    I'd appreciate any help in understanding this better,
    Paul

    Our MSAD administrators moved some OU's around one day and it caused a lot of problems for us since our Shared Services MSAD configuration setting for "User DN" had all the OU's hard coded or what have you. I had to change them to the same that the AD folks had changed them to, then restart everything.
    So on the native side I can see how if they moved OU's around that could throw off what you had done. There's a utility which I've been too scared to use (probably harmless but I can't afford any mishaps) which tells Shared Services to search for MSAD changes and to force them through Shared Services, which is probably a nice thing to do once in a while especially when MSAD OU's are moved around. SS does not automatically poll for that type of change but you should be able to automate this.
    There's an updatenativedir utility that you can read up on which might help. Don't forget to do backups first of all the security-related databases & files, etc. first.
    Perhaps someone reading this is comfortable running UPDATENATIVEDIR and can help provide better guidance, if that's the issue here.
    Karen

  • Limited searching on Group share, can't automount

    Hi, OS X Server newbie here, but I'm starting to get a decent feel of how things work.
    I have set up OD and the client computers up with mobile accounts that store their home directory locally but still allow authentication. I lumped the appropriate users into a group, say "officegroup", with their own share, /Groups/officegroup.
    Now, once clients log in to their workstation, I cannot get the group share to automount. To access it I have to go through Finder, enter the username and password, and it works fine. I thought that upon login, authentication would be good to go to access other services and the user would not have to enter their username and password in again. I've checked DNS (dig, dig -x, -checkhostname, etc.), and everything checks out fine and says that it's all being resolved correctly. So, what am I missing?
    Second, it seems that searching is limited in the group share. If I search for something, only folders come up, but no files. Spotlight is enabled on the share, I've rebuilt the indexes with mdutil, but nothing changes. Any ideas?
    Thanks,
    Nate

    I wanted to write what I found out in hopes of helping someone else who uses OS X Server and isn't as experienced as some people who contribute here. When I upgraded to 10.4, I was using Netinfo domain and Open Directory to bind my clients to the server. In WGM I had to authenticate to LDAP, for reasons I still don't completely understand. I wasn't however, correctly using LDAP for authentication across my network.
    I used Server Admin to migrate my Netinfo domain to LDAP in Open Directory. Then I turned on DHCP in OS X Server and turned off DHCP on my router. Then I used DIrectory Access to configure LDAP to use DHCP-supplied addresses and added an entry for my server. I disabled Netinfo on each client once I verified that this worked.
    Once this was done the automounts showed up in the correct location as specified in WGM. And no, you don't have to create the folders on the client machines. In addition, my authentication for my users has been fixed to use LDAP properly (well, at least as far as I can tell at this point).
    All of this info is in the Open Directory and Authentication Manual. The lesson I learned is that the OD stuff has to be properly configured otherwise services that depend on it will not perform quite right. What's scary is that I used this half-baked configuration since I installed Tiger a long time ago. I run a simple server-based enironment in my house, so I never picked up on the inconsistency.

  • User search in AD

    I have a question on AD user search. In AD, I have created OU and under OU, again created two sub OU's for Users and groups. I have 10000 users If I want to search for 500 users, How do I achieve it?
    Where do we specify mutliple OU? Under User Base DN or Group Base DN? Will it be something like uid=xxx,ou=OU1,ou=OU1,dc=BDC1?
    What will be my serach string in WLS to search for 500 users which are under OU of OU.
    Edited by: user734247 on Feb 24, 2012 6:53 AM
    Edited by: user734247 on Feb 24, 2012 6:56 AM

    I have a question on AD user search. In AD, I have created OU and under OU, again created two sub OU's for Users and groups. I have 10000 users If I want to search for 500 users, How do I achieve it?
    Where do we specify mutliple OU? Under User Base DN or Group Base DN? Will it be something like uid=xxx,ou=OU1,ou=OU1,dc=BDC1?
    What will be my serach string in WLS to search for 500 users which are under OU of OU.
    Edited by: user734247 on Feb 24, 2012 6:53 AM
    Edited by: user734247 on Feb 24, 2012 6:56 AM

  • Task Search in Group Queue

    Hi,
    I am trying to provide search facility to the users using the search templates. The task are assigned to a group "Reviewers". All of the reviewers can see  the task in the group queue that appears left to the to-do list.
    I have created a search templates and its work fine with the tasks in the To- Do list. but it is not working for the group. Do i have to do some settings in the workflow, task ACL etc?
    Regards,
    Waqas

    Hi Jasmin,
    Thanks for your reply. What is the use of search templates? only searching tasks in the To-Do list or in tracking list.
    Is there a workaround to this problem? By Task sharing ? Customizing task ACL?
    I want to allow users to seach the task that are in the group queue. I was checking the ACL in the User Action. if i am assigning any user to it then he can search the task.
    I am thinking to create some custom component that will allow users in that group to have access to the task using APIs. Can you please help me on this because this is very a critical requirement from our client.
    Regards,
    Waqas

  • UserIdentityStores Creation fails in case large number at User Search Base

    ou=users1,o=test contains 300 000 users.
    ou=users2,o=test contains 10 users.
    ou=users3,o=test contains 10 users.
    If i create UserIdentityStores with ou=users1, OAM shows fails "
    Failed to connect to User Identity Store.
    URL or Credentials specified are invalid.
    No entries were found under the User Search Base : username with attribute : ou=users1,o=test.
    If i create UserIdentityStores with ou=users2, OAM shows successfully"
    If i create UserIdentityStores with ou=users3, OAM shows successfully"
    Configuration:
    * User Name Attribute : username
    * User Search Base : ou=users1,o=test
    User Filter Object Classes : sso
    * Group Search Base : cn=sso-group,o=test
    This is ODSEE:
    o=test
    -- ou=users2
    ---- username=123
    ---- username=456
    -- ou=users3
    ---- username=abc
    ---- username=123
    -- ou=users4
    -- cn=sso-group
    -- ou=users1
    Is it a bug with OAM when users1 had too much DN inside. I stuck 2 weeks at this step. Any advices is apprecited.
    Thank you!

    Thanks.
    Yes, I know of that 100 column limitation.  But notice that I had 79 columns. Also, it doesn't mention the fact that you can display a certain amount a column, but you are then not able to use the search bar fully.
    "One interactive report per page.
    100 columns can be seen using report columns. You can edit additional columns using Tree view or paginating through Report Column Attributes.
    1,000,000 rows per column heading filter (if no custom LOV is specified in the column attributes).
    You can edit additional columns using Tree view or paginating through Report Column Attributes."
    So the issue that I have is a non documented issue, unless I'm missing something.

Maybe you are looking for