An Issue with changing ProxyGroup for a ServiceApplication in SharePoint

We had an issue with multiple proxy groups and UPA , MMS configurations.

My suggestion is, Do not use Central Administration UI for creating or changing proxy group of Service Applications from UI.

Instead use Powershell scripts.

And don’t forget to set manually “SPServiceApplication.ServiceApplicationProxyGroup” property for each ServiceApplication if you move it rather than default proxy group.

If you do it from UI this property always be “NULL” in configuration database and persisted object of ServiceApplication is not updated. SO when you or SharePoint reach to ProxyGroup of a Service Application, if this property is NULL it returns the Default proxy group even the Service Application is on another proxy group.

Well if you already move it from UI, you should update the ServiceApplications as below where they are not in default proxy group.

Example:
#Lets assume we have 2 proxy group  “default” and “myProxyGroup”
#Get the related Service Application where it is present in “myProxyGroup”
#You should do it for all ServiceApplications if they are not in default proxy group.

$app = Get-SPServiceApplication -Identity <GUID>

$ProxyGroups = Get-SPServiceApplicationProxyGroup
$myProxyGroup = $ProxyGroups[1]   # -> this is my second proxy group.

#Set it manually
$app.ServiceApplicationProxyGroup = $myProxyGroup
$app.Update()

Resources:
https://docs.microsoft.com/en-us/powershell/module/sharepoint-server/get-spserviceapplicationproxygroup?view=sharepoint-ps

https://docs.microsoft.com/en-us/sharepoint/administration/add-or-remove-a-service-application-connection-to-a-web-application

https://docs.microsoft.com/en-us/powershell/module/sharepoint-server/add-spserviceapplicationproxygroupmember?view=sharepoint-ps

Creating New Service Application Proxy Groups and Associating Services and Sites

SharePoint 2013 Workflows are not working issue

If you are facing following symptoms and your workflows are not working ;

01/17/2014 16:29:17.11 w3wp.exe (0x1740) 0x1500 SharePoint Foundation Authentication Authorization ajmmu Medium Permission check failed. asking for 0x10000, have 0x2000000000
01/17/2014 16:29:17.11 w3wp.exe (0x1740) 0x1500 SharePoint Foundation CSOM afxwb High System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.     at
Microsoft.SharePoint.SPSecurableObject.CheckPermissions(SPBasePermissions
permissionMask)     at Microsoft.SharePoint.Client.SPClientServiceHost.OnBeginRequest()
at

01/17/2014 16:29:17.13 w3wp.exe (0x210C) 0x2648 SharePoint Portal Server UserProfiles ae0sx Unexpected
Error trying to search in the UPA. The exception message is ‘Microsoft.Office.Server.UserProfiles.UserProfileApplicationNotAvailableException:
UserProfileApplicationNotAvailableException_Logging ::UserProfileApplicationProxy.ApplicationProperties

RequestorId: 688a2648-fa2d-617b-b6ef-c5059d97480d. Details: System.ApplicationException: HTTP 401 {“error_description”:”The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs.”} {“x-ms-diagnostics”:[“3001000;reason=\”There has been an error authenticating the request.\”;category=\”invalid_client\””],”SPRequestGuid”:[“688a2648-fa2d-617b-b6ef-c5059d97480d”],”request-id”:[“688a2648-fa2d-617b-b6ef-c5059d97480d”],”X-FRAME-OPTIONS”:[“SAMEORIGIN”],”SPRequestDuration”:[“18″],”SPIisLatency”:[“2″],”Cache-Control”:[“private”],”WWW-Authenticate”:[“Bearer realm=\”ada7f9dd-5619-496c-9ad2-03bec5bb978e\”,client_id=\”00000003-0000-0ff1-ce00-000000000000\”,trusted_issuers=\”00000005-0000-0000-c000-000000000000@*,00000003-0000-0ff1-ce00-000000000000@ada7f9dd-5619-496c-9ad2-03bec5bb978e\””,”NTLM”],”X-AspNet-Version”:[“4.0.30319″],”X-Powered-By”:[“ASP.NET”],”X-Content-Type-Options”:[“nosniff”],”X-MS-InvokeApp”:[“1; RequireReadOnly”],”MicrosoftSharePointTeamServices”:[“15.0.0.4481″],”Date”:[“Fri, 17 Jan 2014 16:04:05 GMT”]} at Microsoft.Activities.Hosting.Runtime.Subroutine.SubroutineChild.Execute(CodeActivityContext context) at System.Activities.CodeActivity.InternalExecute(ActivityInstance instance, ActivityExecutor executor, BookmarkManager bookmarkManager) at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)
Check for your

TroubleShooting Steps:
1) Check that your SharePoint 2013 has latest CU has installed.
2) Check that Workflow Manager and Service Bus features has latest patches.
3) User Profile Service Proxy is up and running and the related Web Application has connected this service Proxy .

You can reset Proxy connection as below:
CA-> Application Management -> Manage Web Application
Select related your web application
Click Service Connections on the ribbon
Deselect/ Reselect UPA Proxy service connections.

4) Check and define all your Web Application’s Application pool , STS Service Application pool , UPA Service Application identities.

findstsapppool
5) Open CentralAdministration -> Application Management -> Manage Service Application
6) Select User Profile Service Application
7) Click the Permissios button on the ribbon
8) Add if any missing account belong to Web Application’s ,STS Service’s or UPA Service Applications’s pool identities with Full Control.

UPAPermissions
9) Open Central Administration -> Services on Server
10) Restart
*User Profile Service
*User Profile Syncronization Service .

ResetUPAServices

 

 

 

 

 

“pick a term set for this property” is empty in Manage User Profiles

You have created a Term Set in Managed Metadata Service Application then I can create a custom property from User Porfile Service Application -> Manage User Properties  and  want to use the term set in a custom property in the User Profile. But the he drop down list under the “Pick a term set for thsi property” is always empty.

terms3

For Fixing this issue:
1) Central Administration -> Application Management- > Manage Service Applications

2) Select the Managed MetaData Service Connection Application and click properties

 

Terms1

3) Check  “This service Application is the default storage location for column specific term sets” option (Which is unchecked by default)

terms2

 

After restoring SharePoint profile databases some of users pictures are not shown.

Ok this is a very specific issue and it could happen rarely. So the problem is somehow your SharePoint User Profile Application (UPA) has corrupted and you had to restore an old database back and see that some of user pictures are not shown. While you check the Photo Store (MySite->User Photos->Profile Pictures) all users pictures are present but when you check one of the problematic user’s profile from UPA the pictureURL attribute is not set. You can mannually fix it by using UPA Manage User Profile page but what happen if you have hundreds of users.

So fixing this issue.

1)      Copy the fallowing script in to your c: drive and save the file name as  “UpdateMissingPictures.ps1

2)      Check the picture folder name in Mysite-> User Photos library because it is diffrent depend on installed language.For example in Turkish it is “Profil Resimleri” not “Profile Pictures.Change the bold field belowed script and correct according to your envoriment.

3)      Run SharePoint PowerShell Consol.

4)      For confirming and detecting which profile pictures link are broken run script with fallowing parameters.

5)      C:\> .\UpdateMissingPictures.ps1  <MYSITE Sitesi root url>  | out-file c:\results.txt
Example:
.\UpdateMissingPictures.ps1  http://mysite.bugrapostaci.com:4444  | out-file c:\results.txt
(With this paremeters the script can not change anything (yet 🙂 )

6)     If you see open the  Results.txt file you can find information listed as
i) No change needed profiles as
OK!
DOMAIN\User URL
ii) Profile picture broken Link accounts
Updatable !!! DOMAIN\User
iii) Profile picture is never exists ones:
            Missing !!! DOMAIN\User

7)   This script can able to updates only marked accounts as “Updatable” . For fixing picture url run script like:

C:\> .\UpdateMissingPictures.ps1  <MYSITE Sitesi root url>  -Update | out-file c:\results.txt
example:
.\UpdateMissingPictures.ps1  http://mysite.bugrapostaci.com:4444  -Update| out-file c:\results.txt

8)    What about the Missings !!! The missing ones should be uploaded by manually or used another script for Upload profile pictures by bulk upload.
This is out of our article’s scope.

9)     You can check the  Results.txt file and confirm that  Updated !!! profiles .

If everything is ok The missing user pictures will shown after refreshing caches.
For Search  you have to run a full crawl.

Here is the Script:

Param (
[parameter(Mandatory=$true)][string]$MySiteUrl, 
 [parameter(Mandatory=$false)][Switch]$Update
)

$mySiteHostSite = Get-SPSite $MySiteUrl
$mySiteHostWeb = $mySiteHostSite.OpenWeb()
$context = Get-SPServiceContext $mySiteHostSite
$spPhotosFolder = $mySiteHostWeb.GetFolder("User Photos")

$profileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($context)

$AllProfiles = $ProfileManager.GetEnumerator()

foreach($profile in $AllProfiles)
{
$AccountName= $profile[[Microsoft.Office.Server.UserProfiles.PropertyConstants]::AccountName].Value
   if($profile["PictureURL"].Value -eq $null -or $profile["PictureURL"].Value -eq $null )
{
  $checkUrl =$spPhotosFolder.url +"/" + "Profile Pictures" + "/" + $AccountName.Replace("\","_") + "_MThumb.jpg"

  if($mySiteHostWeb.GetFile($checkURL).Exists)
  {
   if($Update)
   { 
    $profile["PictureURL"].Value = $mySiteHostWeb.Url + "/" + $checkurl
    $profile.Commit()
    "Updated!!! " + $AccountName  
    $mySiteHostWeb.Url + "/" + $checkurl
   }
   else
   {
    "Updatable!!! " + $AccountName 
   }
 }
  else
  {
   "Missing !!! " + $AccountName 
  }
}
else
{
  "OK! " + $AccountName + " " + $profile["PictureURL"].Value
}
}

$mySiteHostWeb.Dispose()
$mySiteHostSite.Dispose()

“The specified database is not a valid synchronization database” issue

Good Day Everyone,

Let me guess , if you are reading this article possible you may in the middle of a restore or migration issue and not able to restore User Profile Service Application .
This warning means you can not restore old sycronization database (default name is Sync DB) .This is a by design issue and you do not allowed to do it. that’s why you are getting fallowing warning.  For resolution just create a new Syncronization database. Don’t worry about the content in it because SharePoint will rebuild it once you configured User Profile Service Application correctly.