An Issue with changing ProxyGroup for a ServiceApplication in SharePoint

We had an issue with multiple proxy groups and UPA , MMS configurations.

My suggestion is, Do not use Central Administration UI for creating or changing proxy group of Service Applications from UI.

Instead use Powershell scripts.

And don’t forget to set manually “SPServiceApplication.ServiceApplicationProxyGroup” property for each ServiceApplication if you move it rather than default proxy group.

If you do it from UI this property always be “NULL” in configuration database and persisted object of ServiceApplication is not updated. SO when you or SharePoint reach to ProxyGroup of a Service Application, if this property is NULL it returns the Default proxy group even the Service Application is on another proxy group.

Well if you already move it from UI, you should update the ServiceApplications as below where they are not in default proxy group.

#Lets assume we have 2 proxy group  “default” and “myProxyGroup”
#Get the related Service Application where it is present in “myProxyGroup”
#You should do it for all ServiceApplications if they are not in default proxy group.

$app = Get-SPServiceApplication -Identity <GUID>

$ProxyGroups = Get-SPServiceApplicationProxyGroup
$myProxyGroup = $ProxyGroups[1]   # -> this is my second proxy group.

#Set it manually
$app.ServiceApplicationProxyGroup = $myProxyGroup


Creating New Service Application Proxy Groups and Associating Services and Sites

SharePoint 2013 Workflows are not working issue

If you are facing following symptoms and your workflows are not working ;

01/17/2014 16:29:17.11 w3wp.exe (0x1740) 0x1500 SharePoint Foundation Authentication Authorization ajmmu Medium Permission check failed. asking for 0x10000, have 0x2000000000
01/17/2014 16:29:17.11 w3wp.exe (0x1740) 0x1500 SharePoint Foundation CSOM afxwb High System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.     at
permissionMask)     at Microsoft.SharePoint.Client.SPClientServiceHost.OnBeginRequest()

01/17/2014 16:29:17.13 w3wp.exe (0x210C) 0x2648 SharePoint Portal Server UserProfiles ae0sx Unexpected
Error trying to search in the UPA. The exception message is ‘Microsoft.Office.Server.UserProfiles.UserProfileApplicationNotAvailableException:
UserProfileApplicationNotAvailableException_Logging ::UserProfileApplicationProxy.ApplicationProperties

RequestorId: 688a2648-fa2d-617b-b6ef-c5059d97480d. Details: System.ApplicationException: HTTP 401 {“error_description”:”The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs.”} {“x-ms-diagnostics”:[“3001000;reason=\”There has been an error authenticating the request.\”;category=\”invalid_client\””],”SPRequestGuid”:[“688a2648-fa2d-617b-b6ef-c5059d97480d”],”request-id”:[“688a2648-fa2d-617b-b6ef-c5059d97480d”],”X-FRAME-OPTIONS”:[“SAMEORIGIN”],”SPRequestDuration”:[“18″],”SPIisLatency”:[“2″],”Cache-Control”:[“private”],”WWW-Authenticate”:[“Bearer realm=\”ada7f9dd-5619-496c-9ad2-03bec5bb978e\”,client_id=\”00000003-0000-0ff1-ce00-000000000000\”,trusted_issuers=\”00000005-0000-0000-c000-000000000000@*,00000003-0000-0ff1-ce00-000000000000@ada7f9dd-5619-496c-9ad2-03bec5bb978e\””,”NTLM”],”X-AspNet-Version”:[“4.0.30319″],”X-Powered-By”:[“ASP.NET”],”X-Content-Type-Options”:[“nosniff”],”X-MS-InvokeApp”:[“1; RequireReadOnly”],”MicrosoftSharePointTeamServices”:[“″],”Date”:[“Fri, 17 Jan 2014 16:04:05 GMT”]} at Microsoft.Activities.Hosting.Runtime.Subroutine.SubroutineChild.Execute(CodeActivityContext context) at System.Activities.CodeActivity.InternalExecute(ActivityInstance instance, ActivityExecutor executor, BookmarkManager bookmarkManager) at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)
Check for your

TroubleShooting Steps:
1) Check that your SharePoint 2013 has latest CU has installed.
2) Check that Workflow Manager and Service Bus features has latest patches.
3) User Profile Service Proxy is up and running and the related Web Application has connected this service Proxy .

You can reset Proxy connection as below:
CA-> Application Management -> Manage Web Application
Select related your web application
Click Service Connections on the ribbon
Deselect/ Reselect UPA Proxy service connections.

4) Check and define all your Web Application’s Application pool , STS Service Application pool , UPA Service Application identities.

5) Open CentralAdministration -> Application Management -> Manage Service Application
6) Select User Profile Service Application
7) Click the Permissios button on the ribbon
8) Add if any missing account belong to Web Application’s ,STS Service’s or UPA Service Applications’s pool identities with Full Control.

9) Open Central Administration -> Services on Server
10) Restart
*User Profile Service
*User Profile Syncronization Service .







“pick a term set for this property” is empty in Manage User Profiles

You have created a Term Set in Managed Metadata Service Application then I can create a custom property from User Porfile Service Application -> Manage User Properties  and  want to use the term set in a custom property in the User Profile. But the he drop down list under the “Pick a term set for thsi property” is always empty.


For Fixing this issue:
1) Central Administration -> Application Management- > Manage Service Applications

2) Select the Managed MetaData Service Connection Application and click properties



3) Check  “This service Application is the default storage location for column specific term sets” option (Which is unchecked by default)



After restoring SharePoint profile databases some of users pictures are not shown.

Ok this is a very specific issue and it could happen rarely. So the problem is somehow your SharePoint User Profile Application (UPA) has corrupted and you had to restore an old database back and see that some of user pictures are not shown. While you check the Photo Store (MySite->User Photos->Profile Pictures) all users pictures are present but when you check one of the problematic user’s profile from UPA the pictureURL attribute is not set. You can mannually fix it by using UPA Manage User Profile page but what happen if you have hundreds of users.

So fixing this issue.

1)      Copy the fallowing script in to your c: drive and save the file name as  “UpdateMissingPictures.ps1

2)      Check the picture folder name in Mysite-> User Photos library because it is diffrent depend on installed language.For example in Turkish it is “Profil Resimleri” not “Profile Pictures.Change the bold field belowed script and correct according to your envoriment.

3)      Run SharePoint PowerShell Consol.

4)      For confirming and detecting which profile pictures link are broken run script with fallowing parameters.

5)      C:\> .\UpdateMissingPictures.ps1  <MYSITE Sitesi root url>  | out-file c:\results.txt
.\UpdateMissingPictures.ps1  | out-file c:\results.txt
(With this paremeters the script can not change anything (yet 🙂 )

6)     If you see open the  Results.txt file you can find information listed as
i) No change needed profiles as
ii) Profile picture broken Link accounts
Updatable !!! DOMAIN\User
iii) Profile picture is never exists ones:
            Missing !!! DOMAIN\User

7)   This script can able to updates only marked accounts as “Updatable” . For fixing picture url run script like:

C:\> .\UpdateMissingPictures.ps1  <MYSITE Sitesi root url>  -Update | out-file c:\results.txt
.\UpdateMissingPictures.ps1  -Update| out-file c:\results.txt

8)    What about the Missings !!! The missing ones should be uploaded by manually or used another script for Upload profile pictures by bulk upload.
This is out of our article’s scope.

9)     You can check the  Results.txt file and confirm that  Updated !!! profiles .

If everything is ok The missing user pictures will shown after refreshing caches.
For Search  you have to run a full crawl.

Here is the Script:

Param (

$mySiteHostSite = Get-SPSite $MySiteUrl
$mySiteHostWeb = $mySiteHostSite.OpenWeb()
$context = Get-SPServiceContext $mySiteHostSite
$spPhotosFolder = $mySiteHostWeb.GetFolder("User Photos")

$profileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($context)

$AllProfiles = $ProfileManager.GetEnumerator()

foreach($profile in $AllProfiles)
$AccountName= $profile[[Microsoft.Office.Server.UserProfiles.PropertyConstants]::AccountName].Value
   if($profile["PictureURL"].Value -eq $null -or $profile["PictureURL"].Value -eq $null )
  $checkUrl =$spPhotosFolder.url +"/" + "Profile Pictures" + "/" + $AccountName.Replace("\","_") + "_MThumb.jpg"

    $profile["PictureURL"].Value = $mySiteHostWeb.Url + "/" + $checkurl
    "Updated!!! " + $AccountName  
    $mySiteHostWeb.Url + "/" + $checkurl
    "Updatable!!! " + $AccountName 
   "Missing !!! " + $AccountName 
  "OK! " + $AccountName + " " + $profile["PictureURL"].Value


“The specified database is not a valid synchronization database” issue

Good Day Everyone,

Let me guess , if you are reading this article possible you may in the middle of a restore or migration issue and not able to restore User Profile Service Application .
This warning means you can not restore old sycronization database (default name is Sync DB) .This is a by design issue and you do not allowed to do it. that’s why you are getting fallowing warning.  For resolution just create a new Syncronization database. Don’t worry about the content in it because SharePoint will rebuild it once you configured User Profile Service Application correctly.


Could we create a second User Profile Service Application ?

Yes you can but ,
If you have only one server in your farm you can use just one User Profile Service Application (UPA) in this server because the windows Service of User Profile Syncronization Service just configurable only one UPA. So if you have more than one sharepoint server in your farm for example 3 server;  you can create more than 3 UPA but you can only syncronize 3 of them.

For Another scenario, i assume that you have only one server and already provisioned one UPA and configured the syncronization connection. After adding second UPA as you know you can not able to add any Sycronization connection for Second UPA . But if you stop CA-> Services On Server -> User Profile Syncronization Service and restart it will prompt you to select UPA options mean you can change the relation for specific UPA . Still only one UPA can able to sync for one server.

Recursive Triggers on SQL Server and User Profile Service Problem

Recently Microsoft has published a “FAST PUBLISH” article about User Profile Application service starting problem with FIM Syncronization service.In KB defined problem is caused by The ‘Recursive Triggers Enabled’ property for the Model database is set to ‘True’ in the SQL instance. And the error is in your application log

The server encountered an unexpected error and stopped.
“ERR: MMS(6016): sql.cpp(5580): Query (update [mms_run_history] set [is_run_complete] = 1,[run_result] = N’stopped-server’,[end_date] = <Date & Time> where ([is_run_complete] = 0)) performed with error
ERR: MMS(6016): sql.cpp(5633): Maximum stored procedure, function, trigger, or view nesting level exceeded (limit 32).

What is a Recursive Triggers ?
A requirsive trigger is a trigger that fired by the other triggers or intreacting object that fire the trigger when executed recursively.

SQL Server also allows for recursive invocation of triggers when the RECURSIVE_TRIGGERS setting is enabled using ALTER DATABASE.

Recursive triggers enable the following types of recursion to occur:

  • Indirect recursion
    With indirect recursion, an application updates table T1. This fires trigger TR1, updating table T2. In this scenario, trigger T2 then fires and updates table T1.
  • Direct recursion
    With direct recursion, the application updates table T1. This fires trigger TR1, updating table T1. Because table T1 was updated, trigger TR1 fires again, and so on.

The following example uses both indirect and direct trigger recursion Assume that two update triggers, TR1 and TR2, are defined on table T1. Trigger TR1 updates table T1 recursively. An UPDATE statement executes each TR1 and TR2 one time. Additionally, the execution of TR1 triggers the execution of TR1 (recursively) and TR2. The inserted and deleted tables for a specific trigger contain rows that correspond only to the UPDATE statement that invoked the trigger.

Note:The previous behavior occurs only if the RECURSIVE_TRIGGERS setting is enabled by using ALTER DATABASE. There is no defined order in which multiple triggers defined for a specific event are executed. Each trigger should be self-contained.

Disabling the RECURSIVE_TRIGGERS setting only prevents direct recursions. To disable indirect recursion also, set the nested triggers server option to 0 by using sp_configure.

If any one of the triggers performs a ROLLBACK TRANSACTION, regardless of the nesting level, no more triggers are executed.

How to change “Recursive Triggers Enabled” property to false ?

From the SQL Server Management Studio, expand ‘System Databases’ > Right-click ‘Model’ | Properties | Options | under Miscellaneous section, set ‘Recursive Triggers Enabled’ property to ‘False’.


The recursive trigger setting works on a database level . For checking the status of the recursive setting, use this command:

 EXEC sp_dboption '<name of db>', 'recursive triggers' -

for enabling Recusive Triggers:

 EXEC sp_dboption '<name of db>', 'recursive triggers', 'true' 

for disabling Recursive Triggers:

 EXEC sp_dboption '<name of db>', 'recursive triggers', 'false' 

For our senario use like this:

EXEC sp_dboption 'Model', 'recursive triggers', 'false'