Background :
Currently using ClientPeoplePickerSearchUser(ClientContext, ClientPeoplePickerQueryParameters) web service to determine orphan user. If query returns empty, then user will be flagged as orphan user.
The program loops through the root site and all site collections to complete the scanning for the whole web application.
Problem :
There are list of users are flagged as Orphan User in other site collections, but not the root site collection based on logic above.
Troubleshooting :
Checked, user accounts are active status in Active Directory.
User can be searched in people picker from the root site.
Questions :
Why these users not able to query by ClientPeoplePickerSearchUser(ClientContext, ClientPeoplePickerQueryParameters)
Please find the code snippet (userValue = UserDisplayName item from UserInformationList)
Related
I have an issue here with an user who has taken over the email of an old employee.
aa#domain.com
When searching for the user in sharepoint the correct name shows up
"Alex Alexen"
When looking at the user data either in azure active directory,graph api or delve
it all shows up as
"Alex Alexen"
However, if "Alex Alexen" tries to access a site he does not have access to "request access", the request shows up as
"Ali Alison" has requested access to X.
"Accept/Deny"
Is there somewhere else on sharepoint where user data is store?
Many years have
Years have passen from Ali to Alex.
• In sharepoint online, the items are retained for a period of 93 days from the time you delete them from their original location. They stay in the site recycle bin for the time until the bin is emptied, or the items are deleted from there. After that, these items are permanently deleted from the sharepoint database.
• Check if you are using directory synchronization, if yes, then the user has to be deleted from the on premises active directory first and then from Microsoft 365 admin center. After you delete a user, a series of jobs will remove the user from sharepoint. After the next incremental profile import job, the user (or users) will be marked as deleted, the user's profile page will be deleted, and the user's OneDrive will be marked for deletion by the MySite cleanup job.
• To delete a user from Microsoft 365 admin center, you will have to login as a global administrator and delete the user from there. Also, you can try clearing the browser cache and history of the browser from which you are accessing the sharepoint site.
Even after deleting a user from Microsoft 365, if the user still appears in people searches, you will have to delete it from user info list. To do this, please refer the steps below: -
• Browse to each site collection that the user had access to and visited the site, then add the ‘/_layouts/15/people.aspx?MembershipGroupId=0’ string to the site collection URL as a suffix and access it. Ex.: - ‘https://abc.manage.com/_layouts/15/people.aspx?MembershipGroupId’
• Once opened, select the person from the list, then on the ‘Actions’ menu, select ‘Delete users from site collection’.
Please refer the below links for more information: -
https://learn.microsoft.com/en-us/compliance/assurance/assurance-sharepoint-online-data-deletion
https://learn.microsoft.com/en-us/sharepoint/remove-users
Thanking you,
In Kentico 9 application, assigned different role to specific documents, so that only authorized user can have access of that specific document or page.
There is drop down list showing page list, and need to show only those page which have same access role as logged in user have.
Is there in kentico in built macro available to achieve same or what kentico API could be used to get document assigned role in transformation or grammatically?
If you're using some viewer web part, like repeater, there is a checkbox in web part settings saying check permissions - this will return only documents current user can see.
If you're pulling documents in code behind use document query CheckPermissions method like this:
DocumentHelper.GetDocuments()
.Published()
.Where(where)
.CheckPermissions();
I am new to sharepoint and working on already configured project.
A new site collection is created for a each user in my site.
I.e : http://mysite is my web application URL.
For news and about us section all going good. But whenever i Click on tasks link.
It will go to a new URL which is seems to be a new site collection URL.
So newly created site collection doesn't inherit the master page.
Is there is a way to stop this ? means to stop a new site collection creation for each users?
Well, it is normal that new site collections are created for each user. It is used to store their Tasks list, their My Documents library, and other personal stuff.
If you want to prevent users from creating these site collections, you can deny them the right "Create Personal Site" in the User Profile Service (see this blog post for instance: http://www.toddklindt.com/blog/Lists/Posts/Post.aspx?ID=222).
However you loose all related functionnality of course.
However these site collections should all use the same master page. So if your Sharepoint is not heavily customized, you can simple modify this masterpage.
There's a strange problem on my sharepoint website. When I try to give access to a user on home page it detects a different name of that user, say abc pqr, and on sites and lists its detects a different name, say abc def pqr(middle name added in second name).
When I give access to a user the name is pulled from the active directory. So, I contacted the person who manages active directory to clarify if 2 accounts have been created for the same user in active directory. But this is not the case. I myself checked the active directory and there's only one account of this user and i.e. with the name abc pqr.
So, the user is able to access the home page but not the sites.
So my next guess is somewhere in the sharepoint database, this second name exists. But I'm unable to find the user database.
Also, when I tried to access the profile of this user by clicking on abc pqr, I was able to see the profile(my site).
But, when I clicked on abc def pqr I got this error - An unexpected error occurred. Troubleshoot the cases with sharepoint foundation(something like that with a correlation id). - For this I tried to start the profile synchronization but its not starting. I start it and then come back to synchronization page, in the right hand side it still mentions "Profile synchroniztion unavailable."
More info - this user's name was first deleted from the active directory and then was again added after a few years.
I guess I need to find out the sharepoint access database and there I need to delete this second name because except the homepage all the site, lists, libraries(when I try to give access) are pulling the second name.
can anyone help me with this?
Thanks in advance!
PS: I'm too new to sharepoint. So, sorry for the confusion I might have created. And, would love it if somebody explains me as to where is the backend of a sharepoint webste.
Have you tried giving permissions using the username instead of the name?
If you suspect that there's a duplicate user in your SQL database (Your SP site uses both AD and FBA?), all info about FBA db is found here: http://blog.morg.nl/2011/08/step-by-step-forms-based-authentication-fba-on-sharepoint-2010/
I have crated a custom site that would provide registration for new user who wold like to access my sharepoint site with asp.net membership account. When new user clicks register, i would like to send email notification about new user to all members of a particular sharepoint group. The problem is, the registration site allows anonymous access (well it has to :)) but the code (second line) that gets all the users in group redirects me to a login page:
var web = SPContext.Current.Web;
return web.Groups[groupName].Users;
I have created a new user group and set 'Who can view the membership of the group?' to everyone, but still, I can't get the groups without being logged in. Is is possible at all?
SharePoint has the ability to run code blocks using RunWithElevatedPrivileges, which runs under the identity of the SharePoint system account. If you wrap your code block above, you should be able to get the group you are referencing.
It is really important to make sure you are properly calling Dispose on your code so you are not leaving around reference to the spSite object etc. As a result, almost all RunWithElevatedPrivileges examples utilize the using construct.
More info at
http://msdn.microsoft.com/en-us/library/bb466220.aspx
When I did this before, I created a list that allowed anonymous users to create new items and then placed an alert on the list that sent notifications to the appropriate people/group. I don't remember there being any security problems sending notifications this way.