Sometimes you find a solution to a stubborn problem, that leaves you feeling kind of silly how you could have missed that. The SPUserLicenseMapping was one of those. The problem was related to new Mysites not being created properly. The solution was to add the correct value for the SPUserLicenseMapping.
When using ADFS as a TrustedIdentityTokenIssuer, you need to use the proper claims in all properties and settings. This is also needed when you want “All Authenticated Users” to have access or rights.
The code I had used to create a new SPUserLicenseMapping, which led to the problem:
1 2 3 4 5 6 |
If(@(Get-SPUserLicenseMapping | ?{$_.License -eq "Standard"}).Count -ne 1){ $claim = New-SPClaimsPrincipal -EncodedClaim "c:0(.s|true" $a = New-SPUserLicenseMapping -License Standard -Claim $claim $a | Add-SPUserLicenseMapping Enable-SPUserLicensing } |
This resulted in the following UserLicense Mapping:
1 2 3 4 5 6 7 8 9 |
PS C:\> Get-SPUserLicenseMapping Identity : ca9f7881-eea3-487d-8056-c2d8d45109f7 License : Standard Name : true ClaimValue : true ClaimType : http://sharepoint.microsoft.com/claims/2009/08/isauthenticated OriginalIssuer : SecurityTokenService ValueType : http://www.w3.org/2001/XMLSchema#string |
The errors I got:
User profile property ‘EduUserRole’ not found from from MySitePersonalSiteUpgradeOnNavigationWebPart::GetUserRoleFromProfile(). This should indicate that the current user is not an edudation user.
Skipping creation of personal site from MySitePersonalSiteUpgradeOnNavigationWebPart::CreatePersonalSite() because one or more of the creation criteria has not been met. [SPWeb Url=https://sharepoint.company.com/Person.aspx?accountname=i:05.t|adfs|user@company.com] https://sharepoint.company.com/Person.aspx?accountname=i:05.t|adfs|user@company.com]Self-Service Site Creation == True Can Create Personal Site == False Is user licensed == False Storage&Social UPA Permission == True Site or Page or Web Part is in design mode == False
Exception during creation of personal site from MySitePersonalSiteUpgradeOnNavigationWebPart::CreatePersonalSite(). [SPWeb Url=https://sharepoint.company.com/Person.aspx?accountname=i:05.t|adfs|user@company.com] Message: Thread was being aborted. Stack Trace:
at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.AbortCurrentThread()
at Microsoft.SharePoint.Utilities.SPUtility.Redirect(String url, SPRedirectFlags flags, HttpContext context, String queryString)
at Microsoft.SharePoint.Portal.WebControls.MySitePersonalSiteUpgradeOnNavigationWebPart.<>c__DisplayClass6.<CreatePersonalSite>b__4()
at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)
at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)
at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode)
at Microsoft.SharePoint.Portal.WebControls.MySitePersonalSiteUpgradeOnNavigationWebPart.CreatePersonalSite(UserProfile userProfile, Uri personalSiteUrl)Call to PersonalSiteInstantiationState::Init for i:05.t|adfs|user@company.com with IsUserSelf(): True, IsProfileAdmin: False, resulted in m_bCanUseStorage: True, m_bCanUseMicrobloggingAndFollowing: True, m_bCanPersonalize: True, m_bCanFollowTagsAndUsers: True, [MySiteHost Found?=True CompatLevel=15 Licensed?=False URL=https://sharepoint.company.com:443] StackTrace:
at Microsoft.Office.Server.UserProfiles.UserProfile.PersonalSiteInstantiationContext.Init(UserProfileManager objManager, UserProfile userProfile, SPSite mySiteHost)
at Microsoft.Office.Server.UserProfiles.UserProfile.PersonalSiteInstantiationContext..ctor(UserProfileManager objManager, UserProfile userProfile)
at Microsoft.Office.Server.UserProfiles.UserProfile.InitPersonalSiteInstantiationContext()
at Microsoft.Office.Server.Microfeed.MicroBlogEntity.get_PersonalSiteNotFoundCode()
at Microsoft.Office.Server.Microfeed.MicroBlogEntity..ctor(UserProfile userProfile, MicroBlogEntity currentUser)
at Microsoft.Office.Server.Microfeed.SPMicrofeedManager..ctor(UserProfile userProfile, SPServiceContext context, SocialAdminCapability socialAdminCapability)
at Microsoft.Office.Server.Social.SPSocialFeedManager.<>c__DisplayClass8.b__6()
at Microsoft.Office.Server.Social.SPSocialUtil.InvokeWithExceptionTranslation(ISocialOperationManager target, String name, Action action)
at Microsoft.SharePoint.Portal.WebControls.MicroFeedWebPart.OnPreRender(Object sender, EventArgs e)
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)
at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)Property get of UserProfile.PersonalSiteInstantiationState for user i:05.t|adfs|user@company.com. Returning: ErrorSelfServiceSiteCreateCallFailed
FeedsWebPart: PersonalSiteInstantiationState for accountName i:05.t|adfs|user@company.com fetched is ErrorSelfServiceSiteCreateCallFailed
The problem was caused by the EncodedClaim “c:0(.s|true” which is displayed as ClaimValue. This value is case sensitive and needs to be “True“.
Solution
The right code:
1 2 3 4 5 6 |
If(@(Get-SPUserLicenseMapping | ?{$_.License -eq "Standard"}).Count -ne 1){ $claim = New-SPClaimsPrincipal -EncodedClaim "c:0(.s|True" $a = New-SPUserLicenseMapping -License Standard -Claim $claim $a | Add-SPUserLicenseMapping Enable-SPUserLicensing } |
This provides the correct UserLicense Mapping:
1 2 3 4 5 6 7 8 9 |
PS C:\> Get-SPUserLicenseMapping Identity : abca6e7c-c0dc-4e35-a51c-d825ce7d89d8 License : Standard Name : True ClaimValue : True ClaimType : http://sharepoint.microsoft.com/claims/2009/08/isauthenticated OriginalIssuer : SecurityTokenService ValueType : http://www.w3.org/2001/XMLSchema#string |
Oh and by the way: adding UserLicenseMapping for the SharePoint Standard License to all users is a good choice to prevent many errors in your logfiles, while it doesn’t actually seems to give any errors to end-users.