Very odd problem occurs when I try to assign permissions to a single user by using the name picker. I have two users that has similar names: Jason Hillmer and Jason Hill.
When permission is assigned to Jason Hillmer everything is working as expected, but when trying to assign any permission to Jason Hill it fails saying: "The user does not exist or is not unique.". I've checked into the database from which SharePoint 2010 sources the users and they are totally different, with different emails, last names, usernames and so on.
Actually I don't have any way to grant access to Jason Hill into SharePoint website.
Does anybody know how to solve this problem? Is there a way to trick the system? And I would like to know WHY this problem occurs when we have two totally different users, even if they have similar names...
Regards,
Martin
Generally when you receive the "does not exist or is not unique" message, you can click the underlined name to see available options and choose the correct user.
Another way to accomplish the same would be to type in the user's email address or login instead of their "friendly" display name, since those unique values should resolve to the correct account immediately.
Related
I have this weird problem when I try to use a simple default flow template to save email attachments to the company main SharePoint site: company.sharepoint.com (not subsite).
So I get started, by taking all the defaults of this flow, however, once i get to the point of providing the site address and document library path I get the error highlighted in red.
Where I get confused is that when I create a subsite like company.sharepoint.com/sites/testsite I enter the subsite address and the folder path automatically populates the folder structure for me to pick where I want to save such attachment.
I have given full owner permission to this test account with same results. So permission is not the problem.
My question is, could it be I'm using the wrong flow to save to a main SharePoint site? or this is something not allowed?
You could check the connector and recreate a new connection to SharePoint.
In many cases, an error code of 403 appears in a flow fail because of an authentication error. If you have this type of error, you can usually fix an authentication error by updating the connection, please make sure you have update the connection.
You could refer to this article.
Just in case anyone has a similar problem, the account to which you are creating a power automate flow must be a site collector to the root SharePoint site.
SharePoint On Prem. 2013. Currently the people picker is configured to see users in DomainA, DomainB and DomainC.
That was OK, but now users in DomainA have been added to DomainC as part of an integration activity. The people picker now shows duplicates for users in A and C. I do not want to hide all users in Domain C. I only want to hide those users in Domain C who are already in A.
I added a custom attribute to a test user in Domain C and mapped it to "someattribute" in the user profile service. I populated the custom attribute for my test user with the text "sometext"
I then configured people picker using LDAP query thus:
stsadm -o setproperty -pn peoplepicker-searchadcustomfilter -pv "(&(objectCategory=user)(!someattribute=sometext))" -url http://mywebapp
Unfortunately instead of hiding the user in Domain C with the custom attribute set, this always shows the user in Domain C and hides the duplicate user in Domain A instead.
Any help from the experts here appreciated. If there is a better way than doing it like this, let me know.
Zero responses? OK for anyone else looking for an answer to this, I could not get the custom attribute approach to work. I think this is because the attribute only exists in Domain C, not the others and this led to unpredictable results.
I didn't want to start creating new attributes in the other two domains, so instead I had a group created in Domain C and added some users to it that have accounts in both Domains A and C.
I then configured the people picker to filter on the group like this:
(&(objectCategory=user)(!memberOf=CN=groupmigrated,OU=X,OU=Groups,DC=DomainC,DC=com))
The breakthrough for me was using dsquery to get the CN/OU path of the new group.
Hope this helps someone.
I have one user that has problem converting a Lead from an E-Mail.
The error she gets is this one:
Have you ever seen it before?
There must be a permission issue due to which the CRM is unable to retrieve data.
Check the Append Permission or read permission of the records which is used in the email. Most Probably it must be from user contact, or account
Currently I develop a database for another employee at my company. I have Manager Rights at the database to access everything. The administrator of the database should only be able to create/edit/delete documents. He currently got Editor-Access with selected "delete documents"-option. When he wants to delete a document on the database (i tried it with Simple Actions or with Javascript Code-both don't work) he gets redirected to the same page and nothing happens or with Simple Actions the Server-Login page shows up with the message "You don't have the permission to perform this action".
When im testing the functions with my manager access everything works fine. But when i'm changing my rank to Editor like the normal administrator of the database i also can't delete any documents. Like i already said the option in the ACL is activated.
I hope you can understand my problem and there is a solution for it. Normally that access right works fine on every other database at our company.
Another point: There are no Reader or Editor fields in the Documents. So there is no restriction with fields. Could this be the problem?
Check to see if there is some code in the QueryDocumentDelete event for the database. Perhaps that is failing and / or preventing you from deleting.
Given that you mention redirecting and server login, I presume it's a web enabled database?
In which case have you tried looking at the ACL (Access Control List) for the problem database and clicking the Advanced tab.
In there is a field Maximum Internet name and password, this is the maximum access allowed for internet users. If it's not editor, this could be the problem?
Try deleting with ?DeleteDocument URL. That way it will for sure not try to do anything else.
Check the user's access level at server with Database.getCurrentAccessLevel() and Database.queryAccessPrivileges(String name)
After the great suggestions of you all the problem was the checkbox "Allow document locking" at the database properties was enabled. That caused the problems at deleting documents. As Manager is have enough rights to go over that but for the normal Administrator with Editor Access the deletion request got blocked by the little option.
Thanks to everyone!
I'm using Sharepoint in combination with Nintex. The possibility to query the ldap is available via Nintex, and basic querying actions work well! Now I am trying to get an array or collection of the groups the user is member of.. i've tried
(&(objectCategory=group)(member=cn={itemproperty:ldapName},dc=MyDomain))
Unfortunately this does not work, I'm not getting a response back from the logging nor can I find any other solution...
any tips or help on this issue would be greatly appreciated!
Erik
You will need to retrieve the "memberOf" attribute from your user to get a list of groups he's a direct member of.
I say direct because there are nested groups (User being member of Group A, which in turn is member of Group B) and those won't be returned.
Also, the primary group (usually "Users") is not being returned by the "memberOf" attribute either.
Marc
PS: If you can use .NET 3.5, there's a newer AD interface exposing users as strongly typed objects - see the excellent article by Joe Kaplan and Ethan Wilansky.
There, you can grab a user and then just call .GetAuthorizationGroups on the user object and you're done!