SharePoint: Facts and Troubleshooting the Claims To Windows Token Service (C2WTS)
Update: 3/18/24 — Added fact: the C2WTS is deprecated in SharePoint Server Subscription Edition. Update: 3/31/22 — Added a reference to a related post from my colleague Mike: Unable to start the C2WTS Facts: 1. In SharePoint Server Subscription Edition (SPSE), the C2WTS has been deprecated. The service still shows up in Central Administration, but the
SharePoint: Users randomly lose permission – are deleted from site
Update 11/16/22: I’ve just tested this in the latest (November 2022) builds of both SharePoint 2019 (16.0.10392.20000) and SharePoint Server Subscription Edition (16.0.15601.20226). The problem still occurs in those builds. This is a good one. It appears to be both random and intermittent (it’s actually neither), and is extremely hard to track down. It’s known
SharePoint 2013 & 2016 – Manager and Assistant values swapped in User Profiles
Here’s one that was a problem in SharePoint 2013, was fixed, but never ported to SharePoint 2016, so we had to fix it again. Consider the following scenario: You are importing user profiles from Active Directory (AD). This can happen using any of the profile import methods for either SharePoint 2013 or 2016. 2013: SharePoint
SharePoint: Certain users not resolved in People Picker – invalid character
Here I cover how to use Fiddler and IE Developer Tools (F12) to troubleshoot People Picker problems in SharePoint 2013 and 2016 within the context of a problem I recently came across. Problem: Certain users are not resolved in People Picker. The client-side people picker control shows no results, but doesn’t throw an error either.
SharePoint: Issues with profile pictures when MySite uses SAML auth
There are a couple known issues with user profile pictures when your Mysite web application uses Trusted Provider (ADFS / SAML) authentication. Symptoms There are two different known symptoms with the same cause and solution: #1When running User Profile Synchronization, nothing is imported or exported. In the Forefront Identity Manager (FIM) client, we see
SharePoint: Considerations when switching from FIM Sync to AD Import
Many times we end up battling “SharePoint Profile Synchronization” (aka: “FIM Sync”) for a while before we realize that “SharePoint Active Directory Import” (aka: “AD Import”, aka: “ADI”) was a better fit all along. Why switch? Or for new farms, why go with AD Import? “SharePoint Active Directory Import” (“AD Import” from here on) is
SharePoint 2013: Troubleshooting Check Permissions – Windows auth
Update 11/24/19: Although the “Background” section below applies to all SharePoint versions and authentication types, this post is specific to Windows Authentication (NLTM or Kerberos) within SharePoint 2013. For SharePoint 2016, see this post: https://joshroark.com/sharepoint-2016-check-permissions-windows-auth/ For Forms-based authentication see this: https://joshroark.com/sharepoint-check-permissions-and-external-tokens-fba/ And for Trusted Provider (SAML) auth, see this: https://joshroark.com/sharepoint-check-permissions-and-external-tokens-adfs-saml-auth/ Why should you care? Having “Check