SharePoint: Capture MIM traffic with Fiddler
Microsoft Identity manager (MIM) communicates with SharePoint via a web service, specifically, the “ProfileImportExportService” web service, located at http://YourCentralAdminSite/_vti_bin/ProfileImportExportService.asmx When there are problems with the synchronization, you should always look at what the MIM client (miisclient.exe) and the SharePoint ULS logs are saying, but sometimes there is a need to dig a little deeper
SharePoint: SAML auth login error: There are multiple keys on the token
Consider the following scenario: Your users authenticate to SharePoint using “Trusted Provider” authentication. This is also known as SAML or WS-Fed authentication, typically provided by AD FS, Ping Federate, Okta, SiteMinder, etc. After SharePoint upgrade or security patching, users are no longer able to authenticate. They may see a “Server Error in ‘/’ Application”
SharePoint – Active Directory Import – Do NOT map Claim Provider Identifier and Claim Provider Type
This is similar to a previous blog post I wrote. However, we’ve since found a few customers that have done something similar with Windows authentication. We’ve seen this a few times now. It seems to most commonly occur when Admins are setting up a new User Profile Service app using Active Directory Import (AD
SharePoint 2010 / 2013: FIM Sync – Most steps fail with “stopped-extension-dll-load”
This one may be a bit of a one-off. As far as I can tell, it’s only happened once in the history of SharePoint. However, that also means that documentation on this problem is non-existent, and if happened once, it could happen again. Note: This is only valid for SharePoint 2010 and SharePoint 2013
SharePoint: Active Directory Import with Trusted Provider authentication: Map only Claim User Identifier
Summary: You do this a bit differently than when using FIM Sync. When using Active Directory Import (AD Import) with SharePoint 2013, 2016, 2019, etc, only the “Claim User Identifier” (SPS-ClaimID) profile property needs to be mapped manually. “Claim Provider Identifier” (SPS-ClaimProviderID) and “Claim Provider Type” (SPS-ClaimProviderType) are mapped automatically when you create the
SharePoint: A Troubleshooting Guide for UserProfileApplicationNotAvailableException
Why a whole troubleshooter? In SharePoint, the User Profile Service can be one of the more finicky web services. Problems with the User Profile Service Application (UPA) may manifest themselves in several ways like: Trying to access the User Profile Service Application within Central Administration fails with “An unexpected error has occurred” Missing “Target Audiences”
SharePoint: All about one-time timer jobs
Update 9/15/19: Added some clarifying info, and some PowerShell that can be used to delete any “stuck” one-time timer jobs. One-time timer jobs are created on the fly, should run immediately, and then disappear when they are done doing whatever they were supposed to do. If you have one-time timer jobs hanging around, you have