Comments (15)
Can you check the SharePoint logs and filter on Product/Area "LDAPCP"?
It should give you more insight on what's happening.
from ldapcp.
I turned on Verbose logging for LDAPCP and get no results from it in logs.
from ldapcp.
This is a good example. I'm logged in as spadmin, but when I type it in to the people picker there no results. (I do have a couple of users that were previously NTLM and noticed they show up in the people picker, but no ADFS profiles)
from ldapcp.
Can you access LDAPCP administration page in central administration > security and confirm that there is nothing wrong (no error message in red)?
Then, in LDAPCP claims mapping page (same location), is the identity claim type (bold green line) present, with valid LDAP attribute/class?
from ldapcp.
NOTE: when i installed this on 2013, I was able to choose the attribute from a drop down list on the User Profile Property, but with 2016 There was nothing populating the drop down so I had to type it in ("mail").
from ldapcp.
NOTE: I'm using this on an extended web application. Where the default is NTLM for search results, and the actual domain is using the extranet zone for ADFS authentication. I'm not sure if this would make a difference so I wanted to throw that out there.
from ldapcp.
It makes no sense that you don't see any LDAPCP activity in the logs, it should log something, especially in verbose.
Can you run that to double check logs:
Merge-SPLogFile -Path "C:\Temp\LDAPCP_logging.log" -Overwrite -Area "LDAPCP" -StartTime (Get-Date).AddDays(-1)
Can you also run this and confirm LDAPCP is displayed:
Get-SPClaimProvider "LDAPCP"
from ldapcp.
Thank you for your responses.
The logs are producing now.
I can see "Add AD Server" > "Connecting to..." and where I'm getting "Get 0 Results"
but no errors.
There are a few entries throughout the logs that are "Monitorable" and say "[LDAPCP] Entry with LDAP class group is defined but it doesn't match any entry with the same LDAP class and a claim type defined. Add an entry with same LDAP object class and a claim type to fix this issue."
from ldapcp.
So LDAPCP is connecting and does LDAP queries, but they return nothing.
Then the question is if LDAP server should actually return results, or if the LDAP query is invalid.
You can replay LDAP queries with PowerShell to investigate this further, you can use the script in http://ldapcp.com/Troubleshoot-LDAPCP.html
from ldapcp.
@jshenderson any update on this?
from ldapcp.
not yet. due to building the farm with the daggum port in the DB connection. I was unable to update the farm. So I am in the process of rebuilding, but I'm about done. I should have an answer very soon. Again, I really appreciate your tool, and your assistance. BTW, you're tool was suggested to me by a MS PFE .
from ldapcp.
Awesome, thanks for your feedback!
Please keep updating this thread with your progress
from ldapcp.
Thank you for your patience. I have rebuild the farm successfully and had good success with ADFS. However, I'm having the same issue with LDAPCP and the people picker having no results returned.
I have replayed the queries I found in the logs and they do bring back results in powershell, but say "Got 0 results..." in the logs.
Do you know what I could be missing?
from ldapcp.
Hi @jshenderson , you should pay attention about the LDAP filter, there must be something wrong with it that explains why LDAP server returns no result.
You can try to replay the LDAP query with PowerShell using the script available in http://ldapcp.com/Troubleshoot-LDAPCP.html
Hopefully you'll find what's wrong.
from ldapcp.
You can make this complete. I have found the issue, and now need to figure out how to fix it.
The LDAP query the server is running is on a subdomain hence the 0 results. But my user profile sync is running on the actual domain and pulling everything correctly. I'm not sure why this happening maybe because the server is in the subdomain?
from ldapcp.
Related Issues (20)
- LDAPCP and securitytoken.svc timeout when .Net Helper is enabled under augmentation HOT 8
- Claims provider for ADFS: Resolving user thats belongs to a nested group HOT 6
- Filtering on Custom ldapcp HOT 3
- Set Custom LDAP filter by powershell HOT 5
- LDAPCP not being queried when assigning targeted audiences (navigation, list items, etc) HOT 3
- Customization in LDAP solution HOT 3
- Replay LDAP query test returned user account result but people picker doesn't return this user account HOT 8
- Target Audience not working for LDAPCP groups added to sharepoint groups HOT 6
- LDAPCP on a non-ADFS federated setup HOT 2
- Domain groups can't be added after resolving it in people picker HOT 5
- LDAPCP on a farm with Windows / Kerberos authentication HOT 2
- need to remove the users with (role) prefix HOT 2
- Using Custom LDAPCP wsp and standard LDAPCP wsp HOT 9
- LDAP Filter for Two Classes HOT 4
- Augmentation does not work with Nintex Workflow and Other third party HOT 4
- Searching by Name on samAccountName HOT 2
- User Can't receive emails HOT 2
- EntraCP claimprovider issue HOT 4
- [LDAPCPSE] After adding a LDAPS connection as second option, going to global config page will error out HOT 21
- LDAPCPSE An item with LDAP newAttribute 'userPrincipalName' and LDAP class 'user' already exists for the object type 'User' HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ldapcp.