Update (08.07.2015):
I tried WireShark on one WFE during a peoplepicker request.
The disabled accounts are clearly shown in the LDAP AD (GC) response.
SharePoint 2013 still doesn't show the disabled account in the GUI
Conclusion: SharePoint does filter out "UserAccountControl = 514" ({if}?) somewhere else in the code (xxx.dll?). I don't know why Microsoft changed the behaviour from 2007/2010 to 2013.
Can i change this??? Is it configurable???
Dear StackOverFlow Community
We have SharePoint 2013 SP1 and CU Sept. 2014.
Problem:
Since last year we are filtering in "AD Import" disabled Users out. We didn't need them in our Intranet environment. But now we are building a collaboration platform. And some poeple need to authorise disabled users for their workspaces. (Site Collection)
The idea was, to use the people picker to find all (enabled and disabled) users and thats it. But i can't find any disabled users with people picker.
The question is:
Why does it not work? (It should because many SharePoint Administrators claims to see the disabled users over people picker)
I tried to enforce the people picker to find explicit users with (userAccountControl:1.2.840.113556.1.4.803:=2). (i set just the filter not the query)
$wa.PeoplePickerSettings.ActiveDirectoryCustomFilter = "(&(objectCategory=person)(objectClass=user)(! (userAccountControl:1.2.840.113556.1.4.803:=2))"
Still doesen't find any disabled users. Even with $null value as you can see below:
PS C:\Windows\system32> $wa.PeoplePickerSettings
SearchActiveDirectoryDomains : {}
ActiveDirectoryCustomQuery :
ActiveDirectoryCustomFilter :
OnlySearchWithinSiteCollection : False
PeopleEditorOnlyResolveWithinSiteCollection : False
DistributionListSearchDomains : {}
ActiveDirectorySearchTimeout : 00:00:30
NoWindowsAccountsForNonWindowsAuthenticationMode : True
ServiceAccountDirectoryPaths : {}
ReferralChasingOption : None
ActiveDirectoryRestrictIsolatedNameLevel : False
AllowLocalAccount : True
ShowUserInfoListSuggestionsInClaimsMode : True
UpgradedPersistedProperties : {}
PS C:\Windows\system32>
Observation:
It seems like it can find Users who were in the "User List" on the Site Collection (but only over email address). Users who perhaps were logged once on the WebApplication and now are disabled. In my understanding, the people picker does:
Check the UserList on the site collection
Check direct in the AD (or Global Catalog)
We still have a 2007 environment which has no problem with people picker to find any disabled users. Why does SP2013 make so much trouble?
I even tried to import every user (enabled and disabled) in our test lab to find out, if it has something to do with the LDAP filtering in the AD Import. But it wasn't much help for this situation. The disabled users are now imported, but people picker still doesent find any disabled users.
I tried to find someone with the same problem --> https://sharepoint.stackexchange.com/questions/80032/unable-to-get-disabled-ad-accounts-in-people-picker (no solution here...)
I posted the same question in Technet --> https://social.technet.microsoft.com/Forums/en-US/75272928-6370-4d8d-9b8f-ce5ec6642407/peoplepicker-cant-find-disabled-ad-users-514?forum=sharepointgeneral
I just want to know how I can find disabled users in people picker. This should be the normal case. As long as you don't set custom filters to it, people picker should find every user account in the specific domain. But in my case it doesn't.
We just have one domain and not multidomain environment.
I was in contact with Microsoft Support. This behaviour is "by design". So theres only one workaround:
create a custom claims provider for peoplepicker
https://technet.microsoft.com/en-us/library/gg602072%28v=office.15%29.aspx?f=255&MSPPError=-2147217396
Greets
SharePoint_Dude
Related
Does anyone know if there is a way to do this, or an extension that displays who is logged in at the Front End and at the Back End.
Something that displays a list of the logged-in users (both fe_users and be_users).
Thanks.
In TYPO3 you can also check who is online in real-time :
Connect as Admin
Click on User Admin in ADMIN TOOLS part
Change Compare User Settings by List Users Online
You will see Who Is Online.
Check the demo site to try : http://demo.typo3.org
every user has his own session. Table be_session. Look at it. you got every info you need
I'm in charge of a Sharepoint collection, and a user asks this. Is it possible that when a user creates an item, some fields are automatically filled with some info, such as email address and location?
Authentication uses Active Directory, so every user is identified when using Sharepoint. The only issue is that, being in a big corporate company, I don't have any access to the server, so it must be feasible through configuration of said site/list or using Sharepoint Designer, but I can't and won't be allowed to deploy anything server side.
Any idea?
With your limitations, your best bet would be a combination of ajax (I suggest jquery) and sharepoint webservices (if necessary), you need to do a XmlHttpRequest in the userdisp.aspx page, if this page has all the info you need, then get it, otherwise, get the currently logged account and use it to query the webservices (this part I'm not sure if theres a method that will return this info).
This all works using only the browser (Content Editor WebPart) or the SharePoint Designer client.
I'm currently working on a MOSS 2007 site and i need to set up a "system" which will e-mail all the changes in all the lists and libraries in the site.
I'm new to the Sharepoint world, i wonder if it is possible.
P.S. I have no access to the Central Administration panel. (If it has anything to do with my purpose)
Thanks
You can write custom timer job to do this task.
You could do it in this way:
Create custom timer job feature, set timerjob schedule.
On FeatureActivated event add that timerjob to SharePoint and have a [Persisted] property like SiteUrl in timerjob, which you could pass in constructor to let timerjob determine with which site to work with.
Use SPWeb.SiteUsers to get all users in SharePoint.
Loop each user, open new SPSite impersonated as each user.
On SPSite.RootWeb (SPWeb) execute GetSiteData (read community comments for some great examples and explanation on how to use it). Use Query that queries items where Modified field has value greater than (follow link for important info to query correctly) what you want.
Generate html out of your data and SPUtility.SendMail.
There is a scheduled reminder job feature available. However it works only on 1 List scope. But you can download source code, open RmdJobDefinition class and just see how it works to assist you writing your own class.
Good luck.
I'm afraid you can only setup the alert on a list (or item) basis. In the list you go to Actions => Alerts => When to send alerts => Weekly. I didn't check the Central Admin since you don't have access in your scenario.
In a Sharepoint web page I am having a problem identifying the logged in user!
The Masterpage contains a normal ootb control that displays the username
<%# Register TagPrefix="wssuc" TagName="Welcome" Src="~/_controltemplates/Welcome.ascx" %>
.....
.....
<wssuc:Welcome id="explitLogout" runat="server" />
This always displayed the correct logged on user.
However if I call
HttpContext.Current.User.Identity.Name
from within a webpart then In 1 or 2 % of cases I will get the incorrect name returned.
This gives me a page that will have the correct username at the top, and the incorrect one in the webpart. Other methods of getting the name in the webpart return the same incorrect name. If the name checker webpart is on the same page multiple times then very rarely the second copy of the webpart will have the correct name or a third incorrect identity!
The identities are stored in Active Directory, and the users authenticate against and ISA server, users are not on the same domain as the SharePoint infrastructure. The sharepoint farm is rather complex with the ISA servers, four web front ends, an apps server and finally a database server.
Has anyone had this happen before? or have any clue as to the direction I should take to investigate the problem!
The servers are running IIS6 on server 2003. Sharepoint is at SP2 but without the latest bunch of patches.
Additional:
Output Cache is enabled. Authenticated Cache Profile is "Intranet"
The settings for that profile are as follows
Title Intranet (Collaboration Site)
Display Name (BLANK)
Display Description Optimized for collaboration sites where authoring, web part cusomization, and minor version are enabled.
Perform ACL Check Yes
Enabled Yes
Duration 180
Check for Changes Yes
Vary by Custom Parameter (BLANK)
Vary by HTTP Header Browser
Vary by Query String Parameters (BLANK)
Vary by User Rights Yes
Cacheability ServerAndPrivate
Safe for Authenticated Use Yes
Allow writers to view cached content (BLANK)
SharePoint runs under the application pool account. You need to use
SPContext.Current.Web.CurrentUser.LoginName
to get the current user.
This was a while ago and I am sorry for not reporting back our solution... and now I don't remember clearly what it was! Something to do with Donut Caching that we had misunderstood.
http://blogs.catapultsystems.com/tlingenfelder/archive/2011/03/24/sharepoint-caching-techniques.aspx
I am creating a form within InfoPath which is to be integrated into a SharePoint 2007 Portal. Within this form there will be a textfield into which a user can enter the Name of a Person.
How can I validate whether this Person exists or not?
Instead of validating the user, is there a way to fill a dropdown List with all usernames of the portal? (which of cause would be users from the Active Directory)
I haven't done this specifically, so there may be a better way, but I've been pulling a lot of data out of SharePoint and into an InfoPath Form (deployed to a SharePoint forms library and accessible through SharePoint Forms Service with MOSS Enterprise) and also going the other way using the SharePoint web services - very quick to use, and the person web service is right there.
Have you tried looking at the Contact Selector (an ActiveX control). Here is a MSDN-article describing how to add it as a control in InfoPath and this one describes how to make it work.
I have been using it in the majority of my infopath projects and it works flawlessly - also for browser-enabled forms.
When doing something similar in an ASP.NET application, I've used the Sharepoint search and searched the "People" Scope for the specific user. You can also search across profile information so you can pull back everyone with a certain Job Title, or in a specific Department.
I don't validate a person's existance, but I do determine a person's full name using their login and SharePoint. You should be able to modify this code for your purposes, it is below. For it to function you need a data connection in your InfoPath document called GetUsersFromSP. Configured as follows:
Location is - http://njintranet2/_vti_bin/usergroup.asmx?WSDL
Operation is – GetUserColectionFromSite (last one on list)
Automatically retrieve data when form is opened should be checked.
string ADName = System.Environment.UserName;
IXMLDOMDocument3 UserQuery = (IXMLDOMDocument3)thisXDocument.GetDOM("GetUsersFromSP");
UserQuery.setProperty("SelectionNamespaces",
"xmlns:dfs=\"http://schemas.microsoft.com/office/infopath/2003/dataFormSolution\" " +
"xmlns:tns=\"http://schemas.microsoft.com/sharepoint/soap/directory/\"");
((WebServiceAdapterObject)thisXDocument.DataAdapters["GetUsersFromSP"]).Query();
IXMLDOMNode Users = UserQuery.selectSingleNode("//dfs:myFields/dfs:dataFields/tns:GetUserCollectionFromSiteResponse/tns:GetUserCollectionFromSiteResult/tns:GetUserCollectionFromSite/tns:Users");
foreach (IXMLDOMNode current in Users.selectNodes("tns:User"))
{
string Login = current.attributes.getNamedItem("LoginName").text;
Login = Login.ToUpper();
if (Login.EndsWith(ADName.ToUpper()))
{
thisXDocument.DOM.selectSingleNode("my:root/my:config/my:User").text = current.attributes.getNamedItem("Name").text;
break;
}
}
Use this control:
http://blogs.msdn.com/infopath/archive/2007/02/28/using-the-contact-selector-control.aspx
Or if you want to build your own validator, you'll need to query the SharePoint profile database. I'd recommend this over querying AD directly. There's lots of articles online about working with the profile database.
Have a look at this Link, it explains how to populate a dropdown with the SharePoint Users
http://blueinfopath.blogspot.com/2008/10/how-to-populate-list-with-sharepoint.html
I you want to validate,
- Make a textbox
- Add a Button, name it ValidateUser
- Create a Receive Connection to the ......
- Att Rules to the ValidateUser
- Add the textbox to the field AccountName in the Secondary Datasource
- Execute the receive connection
- Get the value of the field Value with filter Name="PreferredName"
This work for Infopath Form Services
Test it and enter the UserLogin into the textbox and click on the Validate Button
Frederik