SharePoint Experts, Information Architects, Expert Witness

We provide consulting in a broad array of business and technology from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. Specialists in Microsoft, we are a premier provider of SharePoint Expertise (including 2016 and Office 365). We also provide Expert Witness/Legal Expert in eDiscovery, source discovery, patent infringement, piracy and more! We also have established SICG DLDS s.a. - our counterpart in Costa Rica that specializes in water systems (http://www.crwatersolutions.com) - Contact me direct: david_sterling@sterling-consulting.com or call 704-873-8846 x704.

Search This Blog

Saturday, October 28, 2017

Event 6398 - The Execute method of job definition Microsoft.Office.Server.UserProfiles.UserProfileImportJob

Like many of you know, SharePoint 2013 and 2016 comes up with some recurring issues from time to time - one of these is Event ID 6398:

"The Execute method of job definition Microsoft.Office.Server.UserProfiles.UserProfileImportJob..."

Seen in the event log, it looks like this:


I myself forget about this occasionally (thus why I am posting here!).

Fortunately, this is not a big deal - this just means that the Forefront Identity Manager Service is not running. From Administrative Tools, open the Services (or use Start > Run and enter services.msc). Look for the two Forefront services - you will see the Manager service is stopped:


Right click on the service and select Start - problem solved!

NEW RELATED ISSUE:

Started getting various errors in a User Profile Service:

Detection of product '{90150000-104C-0000-1000-0000000FF1CE}', feature 'PeopleILM', component '{1C12B6E6-898C-4D58-9774-AAAFBDFE273C}' failed

Fix is easy - just add the NETWORK SERVICE account to the WSS_WPG Group: Technet Fix



Monday, October 23, 2017

Using LdapConnection and Checking account status in Active Directory

Dual purpose post here - I needed to set up a test to determine if users had an expired password the most efficient way. I found a number of ways but the best was using LdapConnection.

First issue was knowing what to use for the LDAP connection string - I usually use LDAP://<server>/OU=<ou>,DC=<domain>,DC=<extension> - for example:

LDAP://MyADServer/OU=users,DC=testdom,DC=com

and sometimes simply:

LDAP://DC=testdom,DC=com

(Note the OU is optional)

However these didn't work for LdapConnection - examples I found showed "ldap.domain.com" - that didn't work either. The easiest was simply to use the LdapDirectoryIdentifier:

// NO GOOD:
        //LdapConnection connection = new LdapConnection("ldap.testdom.com");
// NO GOOD:
        //LdapConnection connection = new LdapConnection("LDAP://myadcontroller/DC=testdom,DC=com");
// This works:
        LdapDirectoryIdentifier LDI = new LdapDirectoryIdentifier("myadcontroller");
        LdapConnection connection = new LdapConnection(LDI);
        NetworkCredential credential = new NetworkCredential("TheAccountWODomain", "ThePassword");
        connection.Credential = credential;
        connection.Bind();