SharePoint: Common NTLM Authentication Issues, aka: Consider Ditching NTLM
Update 4/1/22: Added Important note to Issues #2 and #6 Update 1/26/21: Added Issue #7 NTLM authentication is not great. It’s not the fastest. In most cases, that honor would go to Kerberos. It’s not the most secure. Again, Kerberos. It’s not all that flexible. For example, it doesn’t work well for extranets or anything cross-firewall.
SharePoint: Another Reason User Profiles are not Imported
This is kind of a “fringe” case, but since it may not be the last time it happens, here’s a post: Consider the following scenario: In SharePoint 2013+ you’re using Active Directory Import to import user profiles as trusted provider-type (SAML) profiles. You find that profiles for some users are not imported. You have already
SharePoint – Distributed Cache – Cache referred to does not exist
Problem: You may find that certain functions within the farm that rely on Distributed Cache are not working. You review the SharePoint ULS logs and find errors like the following: Unexpected Exception in SPDistributedCachePointerWrapper::InitializeDataCacheFactory for usage ‘DistributedBouncerCache’ – Exception ‘Microsoft.ApplicationServer.Caching.DataCacheException: ErrorCode:SubStatus:Cache referred to does not exist. Contact administrator or use the Cache administration tool to
SharePoint: SAML and FBA authentication fail from Word, Excel, Outlook, etc
Consider the following scenario: You have a SharePoint web application that uses Trusted Provider (SAML) authentication. When trying to open a Microsoft Office (Word, Excel, PowerPoint, etc) document from a SharePoint library, the Office app pops up a dialog with a “Sorry, something went wrong” error: Outlook calendar sync behavior: Users have SharePoint calendars that
SharePoint: Domain Local groups from Trusted Forest are not valid
Consider the following scenario: You have a SharePoint 20xx (doesn’t matter) site and have configured People Picker to search a trusted Active Directory Forest or Domain. You have a security group of type “domain local” in the trusted forest that has several users in it. You use People Picker to search for the group,
SharePoint – AD Import: Using PowerShell to create property mappings
First off, when using Active Directory Import in SharePoint 2013, 2016, and 2019, it’s completely normal to see very few (like 2) mapped properties in the User Profile Service Application (UPA) | Manage User Properties. That’s because with AD Import, those property mappings are hard-coded and not shown on that page. See my other post
SharePoint: Users intermittently notice they are logged in as someone else
Problem: Intermittently users notice that they have automatically been logged in as a different user. For example, while browsing, you look in the upper right-hand corner of the page and see another users display name listed there. Clicking around more may result in switching back to yourself, or switching to another user altogether. Possible Causes: