SharePoint: SAML and FBA authentication fail from Word, Excel, Outlook, etc

Consider the following scenario: You have a SharePoint web application that uses Trusted Provider (SAML) authentication. When trying to open a Microsoft Office (Word, Excel, PowerPoint, etc) document from a SharePoint library, the Office app pops up a dialog with a “Sorry, something went wrong” error: Outlook calendar sync behavior: Users have SharePoint calendars that

SharePoint MIM Profile Sync – Completed No Objects

Consider the following scenario: You’re using SharePoint 2016 or 2019 and using Active Directory Import to import user profiles. You decide to switch to using an external identity manager utilizing Microsoft Identity Manager (MIM). You configure MIM and run a Full Import on the SharePoint Management Agent (SPMA). The Full Import does not import anything

SharePoint: Domain Local groups from Trusted Forest are not valid

  Consider the following scenario: You have a SharePoint 20xx (doesn’t matter) site and have configured People Picker to search a trusted Active Directory Forest or Domain. You have a security group of type “domain local” in the trusted forest that has several users in it. You use People Picker to search for the group,

Kerberos – KRB_AP_ERR_MODIFIED is not always an SPN problem

TLDR: This can also be caused by a mismatch in security policy “Network Security: Configure encryption types allowed for Kerberos“.   Consider the following scenario: You have a web site set up to use Kerberos authentication. It doesn’t matter what kind of site, but we’ll say it’s a SharePoint site, since that’s the theme around

SharePoint – AD Import: Using PowerShell to create property mappings

First off, when using Active Directory Import in SharePoint 2013, 2016, and 2019, it’s completely normal to see very few (like 2) mapped properties in the User Profile Service Application (UPA) | Manage User Properties. That’s because with AD Import, those property mappings are hard-coded and not shown on that page. See my other post

SharePoint: Users intermittently notice they are logged in as someone else

Problem: Intermittently users notice that they have automatically been logged in as a different user. For example, while browsing, you look in the upper right-hand corner of the page and see another users display name listed there. Clicking around more may result in switching back to yourself, or switching to another user altogether. Possible Causes:

SharePoint 2016 / 2019 – Timer jobs with Job lock type do not run

This is going to be very similar to another recent post: https://joshroark.com/sharepoint-2016-2019-timer-jobs-with-contentdatabase-lock-type-do-not-run/. In that case, timer jobs with lock type “ContentDatabase” would not run because no server in the farm has its AllowContentDatabaseJobs property set to “true”. In this case, Timer jobs with LockType = “Job” and IsServiceJob = “True” will not run because no