sharepoint wf issue

Question

sharepoint wf issue

sns 7,281

workflow logic just one line "send email"
but when see workflow status we see below error. Please help

Mail is going to internal user and not going to external user.

Please help

JoyZ 17,901 Reputation points

2020-09-21T01:18:57.977+00:00

Hi @sns ,

Is there any progress on this issue?

Please feel free to reply.
sns 7,281 Reputation points

2020-09-21T08:04:28.15+00:00

Hi Wang,

Thank you for the follow up.
I am still waiting for customer response on some of the suggestions. Will update you as soon as I get information.

JoyZ 17,901 Reputation points

2020-09-21T01:18:57.977+00:00

Hi @sns ,

Is there any progress on this issue?

Please feel free to reply.
sns 7,281 Reputation points

2020-09-21T08:04:28.15+00:00

Hi Wang,

Thank you for the follow up.
I am still waiting for customer response on some of the suggestions. Will update you as soon as I get information.

Answer 1

JoyZ 17,901

Hi @sns ,

Whether the user who triggers the workflow is in a nested AD security group of the SharePoint group?

If it is true, please check as follows:

Make sure User Profile Service is up and running.
Make sure workflow initiator has a user profile associated.
Make sure the Security Token Service App Pool has the Load User Profile property set to True as shown in the image below:

Then recycle the Security Token Service application pool and run full user profile sync to compare the result.

If all the above ways do not work, please check the ULS log with the Correlation ID for more information.

Reference:

https://www.peters.com/blog/resolve-http-unauthorized-error-sharepoint-2013-designer-workflow/

If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

sns 7,281 Reputation points

2020-09-14T10:11:51.647+00:00
24370-logswithuser.txt

User profile service up and running

Yes

Load user profile is FALSE in our case , doe it have any impact if we change it
and how it is related to with this issue? why we should set it true?
what happens if we set to true?
and what we miss if we set it to false?

It is ADFS (ping ) authentication
I have attached ULS logs related to above correlation. Please let me know what is causing this issue. Thank you.

PFA: below is the workflow logic
JoyZ 17,901 Reputation points

2020-09-15T06:12:03.877+00:00

Hi @sns ,

Detailed instructions on setting the load user profile to true in the security token service application pool:

https://social.technet.microsoft.com/Forums/en-US/dfe81502-a014-4045-a899-b5fa3d3ff6eb/want-to-check-impact-of-load-user-profile-setting-in-iis?forum=sharepointadmin

From the error message in your ULS log:

STS Call: Failed to issue new security token. Exception: System.InvalidOperationException: GetUserProfileByPropertyValue: Multiple User Profiles found with propertyName 'SPS-UserPrincipalName' of specified value

The user who initiate the workflow has two different profiles due to a move from NTLM to using ADFS.

Remove the old user profiles in the SharePoint User Profile Service then compare the result.
sns 7,281 Reputation points

2020-09-15T07:32:16.647+00:00

Hi Itch Sun,

I have verified from respective team, these mail ids does not have different profiles.
so what could be the cause?
JoyZ 17,901 Reputation points

2020-09-16T06:10:04.363+00:00

Hi @sns ,

Have you configured user profile service with newly created Trusted Claims Provider for ADFS user?

ADFS user profile looks like this:

More information:

https://sharepointobservations.wordpress.com/2013/08/06/sharepoint-2013-configure-user-profile-service-for-adfs-provider/
sns 7,281 Reputation points

2020-09-16T06:22:32.837+00:00

Hi Itch Sun,

Please find the details of user and connection type in below screenshots

other user not able to see in the user profile itself.
JoyZ 17,901 Reputation points

2020-09-16T06:53:24.517+00:00

Hi @sns ,

Whether all ADFS users occur the issue?

From your screenshot, the user doesn't have duplicate user profile.

Please create a new user and import his userprofile then test again.

If the issue still exists, please re-create the sync cnnections, start full sync to compare the result.
sns 7,281 Reputation points

2020-09-21T09:31:20.32+00:00

Hi Wang,

Here is the what I observed, it looks like these 2 ids having 2 profiles as you said. this I could notice from people and groups.

I have removed the 2 mail ids associated with old email address
and added only 2 mail id associated with new mail ids
but still I see issue

When I see with old mail address in the check permissions, below is the message

and when I see new mail address it resolved with no errors in the people picker when I verified from CHECK permissions.

Is there any thing I have to do further?

and Please share me the command to remove and add the users with no issues. I have done using GUI not PowerShell it seems it is not effective

and I noticed that one of the ID from these 2 not showing in the user profile with both old and new mail address from the beginning.

Thank you

Note: this old and new email address both are external ids only.
sns 7,281 Reputation points

2020-09-22T11:30:03.06+00:00

Hi Wang,

Did you have a chance to look in to above thread?
JoyZ 17,901 Reputation points

2020-09-23T09:39:50.25+00:00

Hi @sns ,

How did you remove user mail ID?

Please go to the user information list to check if you have duplicate entries in SharePoint, if true, remove it.

Hidden list URL: <Site collection>/_catalogs/users/simple.aspx
sns 7,281 Reputation points

2020-09-24T05:23:45.537+00:00

Hi Wang,

yes I removed from site collection using blog you have shared.
and added in the subsite which is user subsite.

is there <Site collection>/SUBSITE/_catalogs/users/simple.aspx
I have used above one for subsite to get duplicate URLS from subsite , but URL came up with 404
is there any to get list of duplicate users from subsite?
JoyZ 17,901 Reputation points

2020-09-24T06:34:50.317+00:00

Hi @sns ,

Uer information list only resides in root site collection.

If you removed the duplicate user in user information list, it will also affect subsite since they use the same one content database.
sns 7,281 Reputation points

2020-09-24T06:38:50.797+00:00

Hi Wang,

We are trying to add below user but still we see below user.
user is there in AD and user profles in CA as well.
can you tell me why it is happening? and what needs to be done? Thank you

and it is resolving if I choose 2010 platform workflow for same site
but if I choose 2013 platform it is coming up with this message in designer

what is the difference between 2010 and 2013 workflow type?
what is the reason mail id is not resolving when choosen 2013 platform type?
what we need to do to work in 2013 designer also?

even after deleting the user we see message in people saying that multiple entries found in people picker

does it take time to reflect? ( I removed now)
JoyZ 17,901 Reputation points

2020-09-29T08:36:24.217+00:00

Hi @sns ,

This is because by default SharePoint Designer workflows creating using SharePoint 2013 Workflows will not sent emails to the external users (email addresses).

For detail information, please refer to https://learn.microsoft.com/en-us/archive/blogs/rajbugga/sharepoint-2013-unable-to-send-emails-to-external-email-addresses-sharepoint-2013-workflows
sns 7,281 Reputation points

2020-09-29T08:44:52.517+00:00

hi Wang,

Thank you. Noted.
As per part of trouble shooting on this I have remvoed the user using below command and added using below commands mentioned in below blog.
I have set the user again with contribute access but still below error.
https://www.sharepointdiary.com/2016/04/add-user-to-sharepoint-group-with-powershell.html

But user can access the site , but if he clicks on any document/list getting below error
where as he used to access before this workflow issue. Please help.

sharepoint wf issue

1 answer

Activity