When I click Manage on the Search Service application I get the access denied page.
ULS gives me nothing but:
"Unknown SPRequest error occurred. More information: 0x80070005"
We have upgraded through Search Foundation to Search Server Express to Search Server.
Our main web app is claims based authentication whereas our Central Administration is NTLM.
I found the following post which seems to be the same issue but there doesn't appear to be a solution.
http://social.msdn.microsoft.com/Forums/en-US/sharepoint2010setup/thread/2deafa72-6e91-4c43-aed3-895b24d504ac
Any advice on hunting down permissions issues of this type would be greatly appreciated.
I had the same problem but since I had no access to the "farm account" mentioned above, I had to remove this webpart programmatically.
Powershell:
$site = new-Object Microsoft.SharePoint.SPSite("http://path-to-central-admin:<portnumber>/")
$web = $site.OpenWeb()
$page = $web.Url + "/searchadministration.aspx"
$webpartmanager = $web.GetLimitedWebPartManager($page, [System.Web.UI.WebControls.WebParts.PersonalizationScope]::Shared)
for($i=0;$i -lt $webpartmanager.WebParts.Count;$i++)
{
if ($webpartmanager.WebParts[$i].title -eq "Shortcuts")
{
$webpartmanager.DeleteWebPart($webpartmanager.Webparts[$webpartmanager.WebParts[$i].ID])
}
}
$web.Update();
$site.Dispose();
Save the script as a .ps1-file and call from the SharePoint 2010 Management Shell! :)
Found the solution to my problem.
The links web-part at the top of the Search Administration page was being auto-populated with links, some of them I didn't have access to.
I logged in with the farm account and closed this worse-than-useless web-part and all was well.
Related
A week ago I was able to access SharePoint Online programmatically through a c# application. Now I am getting the following error:
The remote server returned an error: (503) Server Unavailable.
I can access the SharePoint site in my browser completely fine.
I tried accessing it through SharePoint Online Management Shell but I get the same error when doing the following:
$adminUPN="name#business.com"
$userCredential = Get-Credential -UserName $adminUPN -Message "Type the password."
Connect-SPOService -Url https://business.sharepoint.com/sites/bd/resume/ -Credential $userCredential
When I try and connect without the credentials using:
Connect-SPOService -Url https://business.sharepoint.com/sites/bd/resume/
It firstly pops up a Microsoft Sign in window to enter just my username/email, which looks normal. But when I enter my email, click next it takes me to different sign in page which looks off (See screenshot below, I removed company information with black scribble).
After I enter my password and hit enter I get a different error:
Connect-SPOService : Could not authenticate to SharePoint Online https://business.sharepoint.com/sites/bd/resume/ using OAuth 2.0
Firstly, I want to confirm if this is a problem on my end or if this a problem with permission, etc on the admin end.
The cause for your issue could be the fact that the LegacyAuthProtocolsEnabled property, at tenant level, is set to False. Setting the value of this property to True can solve the issue.
To get the current value run the following command in PowerShell:
Connect-SPOService
Get-SPOTenant
To set the value to True for LegacyAuthProtocolsEnabled run the following commands in PowerShell:
Connect-SPOService
Set-SPOTenant -LegacyAuthProtocolsEnabled $True
After you run the commands it's necessary to wait some time until will work.
According to documentation, a value of False prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources.
A value of True- Enables Office clients using non-modern authentication protocols (such as, Forms-Based Authentication (FBA) or Identity Client Runtime Library (IDCRL)) to access SharePoint resources.
I had a subsite in a site collection I wanted to transfer to another site collection (both in Sharepoint 2013). I made a site template with content out of it so I can transfer it to another site collection. I uploaded the solution and activated it. I made sure the activated features were completely identical. However, when I create a new subsite and choose to use the uploaded solution, I continue to receive a error message saying it is missing a feature called "MobileExcelWebAccess."
I have no clue where to find that feature. I literally enabled every site feature and site collection feature but I still end up with that error. I've read on other resources that it could be found on Central Admin but I don't have access there.
If I can't enable it in the new site, is there a way to disable it in my old site?
Try running this from a SharePoint 2013 Management Shell: Enable-SPFeature MobileExcelWebAccess -Url http://[replace with your url]
The simple line script from Ola Ekdahl did not work for me, but this did:
Replace the $url with your site collection url
save the script in .ps1 file
Open SharePoint Online Management Shell in Administrator mode and execute the script like .\
A prompt will be poped-up that asks your credential (Administrator) for the site collection
$url = "https://<your site collection url>"
$clientDll = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client")
$runtimeDll = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.Runtime")
$cred = get-credential
$clientContext = New-Object Microsoft.SharePoint.Client.ClientContext($url)
$credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($cred.username, $cred.password)
$clientContext.Credentials = $credentials
if (!$clientContext.ServerObjectIsNull.Value)
{
Write-Host "Connected to SharePoint site: '$Url'" -ForegroundColor Green
}
$clientContext.Site.Features.Add('e995e28b-9ba8-4668-9933-cf5c146d7a9f',$true,[Microsoft.SharePoint.Client.FeatureDefinitionScope]::None)
$clientContext.ExecuteQuery()
source: http://mahedevelopment.blogspot.gr/2016/07/sharepoint-online-mobileexcelwebaccess.html
I have a script to list all the users that have accounts on sharepoint. However, not all them are being listed. There are only 5/8 Marks that are listed for example.
I'm using powershell and a query:
"<Query><OrderBy><FieldRef Name='ID' /></OrderBy></Query>"
I don't know why there are not all showing. I can find them under the portal and admin center.
Users are added to the User Information List when they login to the site or granted specific permissions (not through an AD Group).
You can read more on SharePoint.StackExchange.com at How is the user information list populated?
You can write a PowerShell script(named ListWebUserInformationListItems.ps1) as following:
# Run with SharePoint 2010 Management Shell
$webUrl = Read-Host "Enter the web url"
$web = Get-SPWeb $webUrl
$list = $web.Lists["User Information List"]
$query = New-Object Microsoft.SharePoint.SPQuery
$queryCamlString = '<Query><OrderBy><FieldRef Name="Title" Ascending="True" /></OrderBy></Query>'
$query.Query = $queryCamlString
$userInformationListItems = $list.GetItems($query)
foreach($userInformationListItem in $userInformationListItems)
{
echo $userInformationListItem.Title
}
Then execute the script and input the web url when console window display the "Enter the web url" message.
Note: You can use SPQuery the get the User Information List items which are the users in this web application. The users are not all the users in the farm. And if you add a ADGroup to the SharePoint, you will add the only one SharePoint user to user information list(The SharePoint User stand for the ADGroup, the ADUser in the ADGroup will not present to the user information list).
The User Information List item title will display in the console window.
More over:
You can visit the "http://[your web application url]/_catalogs/users/detail.aspx" to view the users who are in the web application.
Hope the answer will help you
I think you might get better of by listing all User Profiles instead. By doing this, you will at least get a list of all users that have been synchronized into SharePoint. Something like:
$site = Get-SPSite "your URL"
$context = Get-SPServiceContext $site
$profileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($context)
$profiles = $profileManager.GetEnumerator()
foreach($profile in $profiles)
{
$displayName = $profile.DisplayName
}
I've got a sharepoint site and a custom aspx portal, both under Windows Authentication.
With the same machine, it happens that my sharepoint site returning me my current login, while my custom aspx returning me my domain admin account instead.
Is there anyway that I could ensure both logins are the same? Otherwise, is there anyway to consume SPUserProfileService from a custom aspx portal?
Mainly, I need to have the custom aspx portal to get sharepoint logon id. Nevertheless, i could still trigger AccessDenied.aspx in sharepoint to prompt for logins.
When you say "Custom ASPX Portal", is it still hosted on the SharePoint Site?
In that case, how do you get the user? You can use SPContext.Current.Web.CurrentUser to get the user.
It seems that you are connecting from your custom aspx to SharePoint using your Domain Admin Account.
Could you please describe more about your custom aspx portal and the way you are reading the username?
However, you can check my article (Even though it is for FBA users, you may find the code snippet useful):
Possible ways to get logged in User Name & Handling Changes in FBA Users' Names if Membership Provider Name Changed
public string GetFlatUserName()
{
//First, be sure that the user is not anonymous user:
if (SPContext.Current == null || SPContext.Current.Web.CurrentUser == null)
return "Anonymous";
//Second, parse it:
else
{
string flatUserName = this.Page.User.Identity.Name;
if (flatUserName.Contains("\\"))
{
flatUserName = flatUserName.Substring(flatUserName.IndexOf("\\") + 1);
}
else if (flatUserName.Contains("|"))
{
flatUserName = flatUserName.Substring(flatUserName.IndexOf("|") + 1);
}
return flatUserName;
}
}
I'm trying to run a console application that uses the SharePoint Object Model.
I'm getting the error Cannot open database "dbname" requested by the login. The login failed. Login failed for user 'DOMAIN\userid'.
Some place I have read that the user must have permission to the Content DB.
I can not find an article that explains what permissions to setup. I need this as ammunition to go to my Sys Admin guy to get the permission setup.
Where is there an article that explains that? I have searched google but with no luck.
RunWithElevatedPrivileges doesn't help because it just changes the thread user to the process identity - in a console application, this has no effect because they're the same. The "elevation" in an impersonated web context works because the process identity is the application pool account, which has db_owner on its content database.
If I ask that the account I'm using be given Full Control, under the Policies for Web Application, should that work?
Not according to Ishai Sagi: Object model code and stsadm fail with "Access Denied". In short, it seems db_owner permissions on the content database are required for a user to run object model code (including STSADM) without a web context.
Are you running the console application on the server itself? I assume so.
In this case it is likely to be a permissions issue with the account you are using (RDP?) on the server. The database error side of things can be misleading as you will need to be permissioned within SharePoint itself, which will then give permissions to the database.
I would get your sys admins to create a service account for you to use that can be granted the correct rights. (site collection administrator is often needed, but it depends on the code inside the console app. most do assume site collection admin rights though). you may get more mileage from looking at the application instructions (or if it is your own code just go for site collection admin)
Running a console app is a bit of a major though, so you may have better luck if you give the sysadmins the application to run and instructions... though I doubt you are running this on the prod box.
your user propably don't have permissions to access those lists or webs. You can run your code with elevated privilegies, but it can sometimes give you unexpected results.
Example of how elevated privilegies is used can be found here
Or you can set user unser who's account console app runs as site collection administrator.
Your code updated to run with elevated privilegies can look like this:
private static void DisplayAllLists(string site, string webToOpen)
{
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using ( SPSite siteCollection = new SPSite(site) )
{
try
{
using (SPWeb web = siteCollection.OpenWeb(webToOpen))
{
SPListCollection lists = web.Lists;
foreach (SPList list in lists)
{
Console.WriteLine(string.Format("List Title: {0}", list.Title));
}
}
}
}
finally
{
siteCollection.RootWeb.Dispose();
Console.ReadLine();
}
}
}
catch (Exception ex)
{
Console.WriteLine("Exception: "+ex.Message);
}
}
Note: This code was written from top of my head, so maybe something is missing..you will have to try it