SharePoint Experts, Information Architects, Expert Witness

SICG provides a broad array of business and technology consulting from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. We focus on the "How", not just the possible. Contact me direct: or call 704-873-8846 x704.

Search This Blog

Saturday, October 28, 2017

Event 6398 - The Execute method of job definition Microsoft.Office.Server.UserProfiles.UserProfileImportJob

Like many of you know, SharePoint 2013 and 2016 comes up with some recurring issues from time to time - one of these is Event ID 6398:

"The Execute method of job definition Microsoft.Office.Server.UserProfiles.UserProfileImportJob..."

Seen in the event log, it looks like this:

I myself forget about this occasionally (thus why I am posting here!).

Fortunately, this is not a big deal - this just means that the Forefront Identity Manager Service is not running. From Administrative Tools, open the Services (or use Start > Run and enter services.msc). Look for the two Forefront services - you will see the Manager service is stopped:

Right click on the service and select Start - problem solved!


Started getting various errors in a User Profile Service:

Detection of product '{90150000-104C-0000-1000-0000000FF1CE}', feature 'PeopleILM', component '{1C12B6E6-898C-4D58-9774-AAAFBDFE273C}' failed

Fix is easy - just add the NETWORK SERVICE account to the WSS_WPG Group: Technet Fix

Monday, October 23, 2017

Using LdapConnection and Checking account status in Active Directory

Dual purpose post here - I needed to set up a test to determine if users had an expired password the most efficient way. I found a number of ways but the best was using LdapConnection.

First issue was knowing what to use for the LDAP connection string - I usually use LDAP://<server>/OU=<ou>,DC=<domain>,DC=<extension> - for example:


and sometimes simply:


(Note the OU is optional)

However these didn't work for LdapConnection - examples I found showed "" - that didn't work either. The easiest was simply to use the LdapDirectoryIdentifier:

        //LdapConnection connection = new LdapConnection("");
        //LdapConnection connection = new LdapConnection("LDAP://myadcontroller/DC=testdom,DC=com");
// This works:
        LdapDirectoryIdentifier LDI = new LdapDirectoryIdentifier("myadcontroller");
        LdapConnection connection = new LdapConnection(LDI);
        NetworkCredential credential = new NetworkCredential("TheAccountWODomain", "ThePassword");
        connection.Credential = credential;