This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 56.00000000000001%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Last week we installed Windows security update KB5006669. Ever since then, our SharePoint 2019 environments are having issues resolving names in the People Picker fields on list forms and when attempting to add someone to permissions on a list or site. We have two separate SharePoint 2019 farms. One is used for testing and has all roles on one server with a separate SQL server. The other is used for production and has two SharePoint servers in minrole with a separate SQL server. We also have a SharePoint 2016 farm. It was experiencing this issue but then we rebooted it and it went away. But then a few days later the problem returned. The 2019 servers we rebooted and the issue still exists.
We installed the latest SharePoint CU to see if this resolved the problem and it did not. So then I uninstalled the Windows KB5006669 from our test server and the problem seemed to be gone. But then the next morning the problem returned.
I have found that sometimes the server will resolve in the permissions box if I type in either the full email address or the domain\username. At one point it was case sensitive when doing this.
I turned on verbose logging, reproduced the problem and here are some of the ULS showing an indication of why it's not resolving. The strange thing is, there's been no change of username or password. None of the accounts are expired. I checked the profile account, search accounts, farm account. All are good. And it's odd how it works for a while then stops working. I asked our server team if changes had been made on the domain controllers and they said no changes have been made other than windows updates.
Is anyone else experiencing this issue? Or do you recognize the error in the ULS logs? Some of logs below and screenshots of symptoms.
----------
10/29/2021 13:07:22.91 w3wp.exe (0x15C4) 0x2CEC SharePoint Foundation Unified Audit blc0m Verbose Updating persisted audit counter, and associated perf counter, took 0 milliseconds 6dfdfd9f-1282-d0b4-7b7f-9f312455a8bb
10/29/2021 13:07:22.91 w3wp.exe (0x25D0) 0x1E6C SharePoint Foundation Performance ftq3 Medium SearchFromGC name = mydomain.com. Error Message: The user name or password is incorrect. 6dfdfd9f-327b-d0b4-7b7f-91f9b1e45c5b
10/29/2021 13:07:22.91 w3wp.exe (0x15C4) 0x2CEC SharePoint Foundation Runtime bcyfw Verbose Cached identity info: UserName: ''. UserKey: ''. 6dfdfd9f-1282-d0b4-7b7f-9f312455a8bb
10/29/2021 13:07:22.91 w3wp.exe (0x25D0) 0x1E6C SharePoint Foundation General 7fbh Verbose Exception when search "shelly" from domain "mydomain.com". Exception: "The user name or password is incorrect. ", StackTrace: " at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at Microsoft.SharePoint.WebControls.PeopleEditor.SearchFromGC(SPActiveDirectoryDomain domain, String strFilter, String[] rgstrProp, Int32 nTimeout, Int32 nSizeLimit, SPUserCollection spUsers, ArrayList& rgResults) at Microsoft.SharePoint.Utilities.SPUserUtility.SearchAgainstAD(String input, Boolean useUpnInResolve, SPActiveDirectoryDomain domainController, SPPrincipalType scopes, SPUserCollection usersContainer, Int32 maxCount, String customQuery, String customFilter, TimeSpan searchTimeout, Boolean& reachMaxCount)". 6dfdfd9f-327b-d0b4-7b7f-91f9b1e45c5b
----------
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 78%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EU%3C/text%3E%3C/svg%3E)
Here are few additional things I will check in this situation.
Choose one user to test the scenario.
Make sure user is active and has valid email in AD , you can use Get-ADUser.
Go in to the user profile properties for that user and make sure email address, ID and other info is correct. main thing here is email.
Tee if the user resolves or not by using email address.
If no luck, try adding user using PS , e.g. new-spuser .....
Check if SP server can communicate to the domain server : Nltest /dsgetdc:Enter the UPN Connection name. e.g Nltest /dsgetdc:ADConnect
Ah yes, I should have mentioned I have tested some of those things. I have tested several accounts that are active in AD, even my own account that is active. I verified they are all showing up in Central Admin user profiles. The odd thing is that it works temporarily after a reboot on the 2016 server. Then it stops working after a day or more. Brand new users are showing up in user profiles as expected.
I tried the Nltest but it does not seem to work with the UPN connection name. See results below. I tested instead with our forest domain name and then with our local domain name. Both resolved.
I did notice that in the ULS logs that I posted before, where I replaced the text with "mydomain.com" for privacy reasons, the domain it had listed is our FOREST name. Should it be our local domain as that is what is listed in the sync connection.
Ok so I have an update. Our production 2019 farm is working. It was not working yesterday but now it is. No changes have been made not even a reboot. Since it is working, I decided to enable verbose logging to see what we should be seeing. It looks like the forest level domain name does show up in the logs.
I have our server team looking into the DC at the forest level. I will report back tomorrow.
Hi @Dominique Graves , thanks for sharing and looking forward to your update.
Hi @Dominique Graves , is the issue resolved? Any updates are welcomed.
The server team restarted the DC at the forest level. I'm not sure what the problem is on the DC end. Our company does not manage that server but has access to reboot it if necessary. It is older 2008 server and will be decommissioned soon so I don't think they will put any effort into trying to resolve the problem. They said it also causes an issue with Exchange mail flow to our trusted domain and reboot resolves that as well. Hopefully they will replace it soon.
The reboot of the DC fixed it for now.
Hi @Dominique Graves ,
Glad to hear that and you could accept your answer as "Accept Answer" which will help other users with the same issues in the future. Thanks for your understanding and support. :)
Thanks,
Elsie Lu
@Dominique Graves As this issue is resolved, please accept your answer to close this thread. Thanks for your undestanding!
If you have any concerns, please feel free to reply.
---------------
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".