SharePoint 2010 Claims Auth/FBA - Reset password not working - sharepoint

I have a SP site with Claims Authentication and FBA setup. Dual auth Win/Forms is working perfectly.
I have a asp:PasswordRecovery control on app page.
It appears to lookup the account correctly - returning 'not found' messages if the username is not found. However, it fails to reset the password with the following execption:
Exception information:
Exception type: NotImplementedException
Exception message: The method or operation is not implemented.
Thread information:
Thread ID: 10
Thread account name: SERVER01\SPS_Farm
Is impersonating: False
Stack trace: at Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider.GetUser(String name, Boolean userIsOnline)
at System.Web.Security.MembershipProvider.GetUser(String username, Boolean userIsOnline, Boolean throwOnError)
at System.Web.UI.WebControls.PasswordRecovery.AttemptSendPasswordUserNameView()
at System.Web.UI.WebControls.PasswordRecovery.OnBubbleEvent(Object source, EventArgs e)
at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Thanks in advance.
Update:
I added:
enablePasswordReset="true"
to the app web.config AND the token-service web.config
Wrote some some code to do a manual test, and still got this when my code tried to 'reset' the password:
This provider is not configured to allow password resets. To enable password reset, set enablePasswordReset to "true" in the configuration file.

This may not help since you seem to be looking up the user properly... but if you aren't doing this I know you can run into not implemented issues:
Make sure to get an instance of the user using the appropriate Membership Provider.
e.g.
MembershipUser myUser = Membership.Providers["aspMembership"].GetUser(userName, false);
Hope this helps.

Related

CRM Perfomance tool installation

I am getting following error while importing data through the CRM Performance toolkit. Please help with solution:
System.Security.SecurityException: Requested registry access is not allowed.
at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable)
at System.Diagnostics.PerformanceCounterLib.CreateRegistryEntry(String categoryName, PerformanceCounterCategoryType categoryType, CounterCreationDataCollection creationData, Boolean& iniRegistered)
at System.Diagnostics.PerformanceCounterLib.RegisterCategory(String categoryName, PerformanceCounterCategoryType categoryType, String categoryHelp, CounterCreationDataCollection creationData)
at System.Diagnostics.PerformanceCounterCategory.Create(String categoryName, String categoryHelp, PerformanceCounterCategoryType categoryType, CounterCreationDataCollection counterData)
at dbPopulator.DbPopulator.Main(String[] args)
The Zone of the assembly that failed was:
MyComputer
Its probably because the account you are running the toolkit as doesn't have enough permissions. it looks like the toolkit is trying to write something to the event. Try running as a server admin to rule out any permissions issues.
Related info: You receive the "Requested registry access is not allowed" error message when you try to create a custom event log

Error installing new CRM 2011/2013 Server or new organization

Already tried everything with lot of google search but nothing, could not solve the problem.
I'm creating a Virtual Machine for testing to run CRM 2011/2013 and is connect to a active directory from which the user is maximum administrator of this AD.
Already installed all hot fix and changed the windows registry, but still no success, using the following steps on this website:
http://support.microsoft.com/kb/2584871/en-us
Also already tried changing the registry of
AutoGroupManagementOff = 1
and
VerifyDomainName = 1
The name of the domain and this:
Domain: maindomain.local
Computername: TEST-CRM.maindomain.local
Username: maindomain\admin
The user in question and AD administrator.
This is the error:
14:23:50| Info| CrmAction execution time; ProvisionBusinessAction; 00:00:07.0686308
14:23:50| Error| Installer Complete: OrganizationCreator - Error encountered
14:23:50| Error| Exception occured during Microsoft.Crm.Tools.Admin.OrganizationCreator: Action Microsoft.Crm.Tools.Admin.ProvisionBusinessAction failed.
InnerException:
System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Crm.ObjectModel.SystemUserServiceInternal1.RetrieveSpecialUsers(ExecutionContext context)
at Microsoft.Crm.ObjectModel.SystemUserServiceInternal1.RetrieveCountCurrentUsersFilteredBy(ExecutionContext context, Int32 accessMode, Boolean useUpdateLock)
at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.ValidateUsersCount(ExecutionContext context, Int32 accessMode, Int32 additionalUsers)
at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
14:23:50| Info| Setting organization state. New state = Failed
14:23:51| Error| Create new Organization (Name=6a5f9fd8-f721-e311-becc-005056bd0078, Id=crmtest1) failed with Exception:
System.Exception: Action Microsoft.Crm.Tools.Admin.ProvisionBusinessAction failed. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Crm.ObjectModel.SystemUserServiceInternal1.RetrieveSpecialUsers(ExecutionContext context)
at Microsoft.Crm.ObjectModel.SystemUserServiceInternal1.RetrieveCountCurrentUsersFilteredBy(ExecutionContext context, Int32 accessMode, Boolean useUpdateLock)
at Microsoft.Crm.ObjectModel.SystemUserServiceInternal1.ValidateUsersCount(ExecutionContext context, Int32 accessMode, Int32 additionalUsers)
at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
at Microsoft.Crm.Caching.ObjectModelCacheLoader2.LoadCacheData(TKey key, IOrganizationContext context)
In my experience you have two options for installation in terms of the installing user's privileges:
First:
Using Domain Admin Right.
Delegate full control right on the dedicated OU.
If this is a test environment grant the user Domain Admin right and get it over with.
you can view more information about installation including video tutorials in http://dynamics.co.il
Microsoft say it ways is a known issue in our current build.. to try other Access Key or other CRM Build version. After change the Access Key it works, thanks all!

ACS azure for published application

Hy guys ,
I developed a WebForms application using VS 2012 . I've published it on Azure .
After that I integrated ACS ( i've set the URL to my allready published application)
I published the application again , but it doesn't work .
After I've registered myself (for ex using Yahoo or LiveID) I've got this error :
Server Error in '/' Application.
The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Security.Cryptography.CryptographicException: The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[CryptographicException: The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.]
System.Security.Cryptography.ProtectedData.Protect(Byte[] userData, Byte[] optionalEntropy, DataProtectionScope scope) +379
System.IdentityModel.ProtectedDataCookieTransform.Encode(Byte[] value) +52
[InvalidOperationException: ID1074: A CryptographicException occurred when attempting to encrypt the cookie using the ProtectedData API (see inner exception for details). If you are using IIS 7.5, this could be due to the loadUserProfile setting on the Application Pool being set to false. ]
System.IdentityModel.ProtectedDataCookieTransform.Encode(Byte[] value) +167
System.IdentityModel.Tokens.SessionSecurityTokenHandler.ApplyTransforms(Byte[] cookie, Boolean outbound) +57
System.IdentityModel.Tokens.SessionSecurityTokenHandler.WriteToken(XmlWriter writer, SecurityToken token) +658
System.IdentityModel.Tokens.SessionSecurityTokenHandler.WriteToken(SessionSecurityToken sessionToken) +86
System.IdentityModel.Services.SessionAuthenticationModule.WriteSessionTokenToCookie(SessionSecurityToken sessionToken) +144
System.IdentityModel.Services.SessionAuthenticationModule.AuthenticateSessionSecurityToken(SessionSecurityToken sessionToken, Boolean writeCookie) +82
System.IdentityModel.Services.WSFederationAuthenticationModule.SetPrincipalAndWriteSessionToken(SessionSecurityToken sessionToken, Boolean isSession) +216
System.IdentityModel.Services.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequestBase request) +860
System.IdentityModel.Services.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args) +369
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69
What should i do ?
I've set the URL's correctly. I don't have in web.config any reffernces of "localhost"..
I don't know what I must set additionly for this to work..
By default WIF uses DPAPI to encrypt cookies. Switch to cert based encryption. See this answer:
Is it possible to run WIF without LoadUserProfile = True
Vittorio Bertocci answers the question here
http://www.cloudidentity.com/blog/2013/01/28/running-wif-based-apps-in-windows-azure-web-sites-4/
DPAPI is not available in the cloud web apps and 4.5 has a simple solutions

SharePoint The My Site of <user name> is scheduled for deletion

In my email today I got the following:
The My Site of is scheduled for deletion. As their manager you are now the temporary owner of their site. This temporary ownership gives you access to the site to copy any business-related information you might need. To access the site use this URL: http://mysites.mycompany.com/personal/
I click on the link and I can see that there site is there. I do not want there site to be deleted at all what can I do.
When I search for the user using the PeopleSearchBoxEx web part the user comes up but when I click on there name I get the error:
Server Error in '/' Application.
--------------------------------------------------------------------------------
User not found.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Microsoft.SharePoint.SPException: User not found.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[SPException: User not found.]
Microsoft.SharePoint.Portal.WebControls.ProfilePropertyLoader.OnInit(EventArgs e) +4415
System.Web.UI.Control.InitRecursive(Control namingContainer) +333
System.Web.UI.Control.InitRecursive(Control namingContainer) +210
System.Web.UI.Control.InitRecursive(Control namingContainer) +210
System.Web.UI.Control.InitRecursive(Control namingContainer) +210
System.Web.UI.Control.InitRecursive(Control namingContainer) +210
System.Web.UI.Control.InitRecursive(Control namingContainer) +210
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +378
Any idea how I can stop this person from being "delete" and get there profile to work again?
I experience the same error.
I changed the primary site collection admin to myself on this mysite and that worked. This message is coming from the primary site collection admin being the user that has been deleted.
Go to central admin > application management > site collection administrators and choose your mysite application and then your user site collection for this site.
It looks like the user has already been deleted (possibly due to sync with AD) but not yet removed from the search index. You'll need to look into what caused the user to be removed.

Sharepoint SSL Web.Config access issue

I’ve got a strange scenario:
I’ve got a webpart that calls into a dll in the GAC, which is trying to read a section from web.config file.
This works fine normally, but under SSL it fails, saying it does not have access to the path (of the config file). However, it’s under the mosssvc account, which has full control over the webconfig file.
Both the 80 web.config file and the 443 web.config file have the same entries the dll is looking for, and mosssvc has full control on both configs.
I have tried elevating the trust level on 443 to full, which didn't work.
Any ideas, or anything you can think of that I can try?
EDIT: I should have been more clear: the SSL site has already been created and works fine until the one method in the GAC'd assembly tries to examine the web config.
The full error message is:
Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1310
Date: 2/9/2009
Time: 1:44:49 PM
User: N/A
Computer: XXXXX
Description:
Event code: 3008
Event message: A configuration error has occurred.
Event time: 2/9/2009 1:44:49 PM
Event time (UTC): 2/9/2009 9:44:49 PM
Event ID: 2d7180cdfbb34acfa6c61f95df12ddde
Event sequence: 26
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: YYYYYYYYYYYYYYYYYYYYYYY
Trust level: Full
Application Virtual Path: /
Application Path: C:\Inetpub\wwwroot\wss\VirtualDirectories\8443\
Machine name: XXXXXXXX
Process information:
Process ID: 5168
Process name: w3wp.exe
Account name: XXXXXXXXX\mosssvc
Exception information:
Exception type: ConfigurationErrorsException
Exception message: An error occurred loading a configuration file: Access to the path 'C:\Inetpub\wwwroot\wss\VirtualDirectories\8443\web.config' is denied. (C:\Inetpub\wwwroot\wss\VirtualDirectories\8443\web.config)
Request information:
Request URL: https://XXXXXXX:443/training/Pages/smartregister.aspx?c=383
Request path: /training/Pages/smartregister.aspx
User host address: 64.34.27.186
User:
Is authenticated: False
Authentication Type:
Thread account name: XXXXXXX\mosssvc
Thread information:
Thread ID: 10
Thread account name: XXXXXXX\mosssvc
Is impersonating: True
Stack trace: at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
at System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(ConfigurationSchemaErrors schemaErrors)
at System.Configuration.Configuration..ctor(String locationSubPath, Type typeConfigHost, Object[] hostInitConfigurationParams)
at System.Configuration.Internal.InternalConfigConfigurationFactory.System.Configuration.Internal.IInternalConfigConfigurationFactory.Create(Type typeConfigHost, Object[] hostInitConfigurationParams)
at System.Web.Configuration.WebConfigurationHost.OpenConfiguration(WebLevel webLevel, ConfigurationFileMap fileMap, VirtualPath path, String site, String locationSubPath, String server, String userName, String password, IntPtr tokenHandle)
at System.Web.Configuration.WebConfigurationManager.OpenWebConfigurationImpl(WebLevel webLevel, ConfigurationFileMap fileMap, String path, String site, String locationSubPath, String server, String userName, String password, IntPtr userToken)
at System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(String path)
at XXXXXXXXX.RegistrationHelper.RegisterStudents(Boolean sendEmail, String Time, String Title, String bFirstName, String bLastName, String bAddress, String bPostalCode, String bCity, String bTelephone, String bCompany, String bEmail, List`1 Registrants, Int32 courseDateID, String pType, String CCNumber_, String NameOnCard, String cExpiry, Double Discount, String DiscountCode, Double CostPerRegistrant, String PurchaseOrder)
at ASP.SmartEventRegistration.lnkSubmit_Click(Object sender, EventArgs e) in c:\Program Files\Common Files\Microsoft Shared\web server extensions\12\TEMPLATE\CONTROLTEMPLATES\SmartEventRegistration\SmartEventRegistration.ascx:line 401
at System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e)
at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at Microsoft.SharePoint.Publishing.TemplateRedirectionPage.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
try this, form Faranz Kan SharePoint blog on how to enable SSL in MOSS:
Go to central admin --> Create or extend a new web application -->
Create a new web application.
Fill in the Web app, DB and App pool names as usual. Select yes to
enable SSL on the web application. If
you are using host headers for this
web app, then enter those too.
(Important: Make sure to set the port
to 443, not 80).
After the web application has been created, reset IIS and then open up
IIS mmc. Scroll to the IIS website
that MOSS just created for you and
select the right SSL certificate from
the available certificates (Ask your
network folks to generate an internal
or external SSL cert for you depending
on whether this is a test or prod
server). Important: Go to the Home
Directory tab and click Advanced. Make
sure you set the host header and the
right IP for port 80. For SSL entries,
select port 443 and the IP. (If you
have multiple IP's on the server, I
usually pick one here for these
entries). Click on the edit button for
SSL entries and check the 'Require
SSL' box. Also check 'Require 128 bit
encryption' to make this more secure.
Now go ahead and create your first site collection for this web app. MOSS
will automatically create a new site
collection for you and present you
with a "https://.." link upon
completion. You should now have a SSL
ready web app.
By default, if you want multiple web apps using SSL on the same server
this does not work in IIS 6. If you want multiple MOSS 2007 Web apps to be
SSL enabled, there are two ways of
going about this. One way is to get as
many IPs as you want SSL web apps for
that web server and assign one IP per
host header settings for port 80 and
443 under IIS Website properties -->
Home Directory --> Advanced. The other
option is to modify the IIS metabase
to allow multiple SSL web apps on the
same IP. Be careful with the second
option and make sure you know what you
are doing.

Resources