Hello, no, LDAPCP is designed to interact with requests from people picker, you cannot use it in another way.
thanks,
Yvan
thanks,
Yvan
↧
New Post: Adding custom claims in SharePoint
↧
New Post: 0 permission(s) to create after filtreing
Hello,
I will look into this and keep you posted
thanks,
Yvan
I will look into this and keep you posted
thanks,
Yvan
↧
↧
New Post: Don't show Windows Accounts in the people picker when SAML and AD auth are enabled on a zone?
Hello,
I think I did this a long time ago but I'm not sure about the final conclusion.
Can you try this and let me know if it works:
thanks,
Yvan
I think I did this a long time ago but I'm not sure about the final conclusion.
Can you try this and let me know if it works:
$cpm = Get-SPClaimProviderManager
$ad = Get-SPClaimProvider -Identity "AD"
$ad.IsVisible = $false
$cpm.Update()thanks,
Yvan
↧
New Post: Sharepoint Groups
Hello Michael,
I'm not familiar with PeopleEditor.ValidateEntity, but without LDAPCP, on what claim type the permission is created?
What are you trying to achieve with this code?
thanks,
Yvan
I'm not familiar with PeopleEditor.ValidateEntity, but without LDAPCP, on what claim type the permission is created?
What are you trying to achieve with this code?
thanks,
Yvan
↧
New Post: Feature request? - Handling of special characters
Hello Miklos,
This scenario is interesting. LDAPCP could let SharePoint administrator decide if special characters should be replaced with wildcard '?' through an additional option in LDAPCP administration page.
Then the only issue is that I don't know if I will have the time to implement this in the near future...
Did you already test this kind of LDAP query in your environment to measure the impact in terms of performance?
thanks,
Yvan
This scenario is interesting. LDAPCP could let SharePoint administrator decide if special characters should be replaced with wildcard '?' through an additional option in LDAPCP administration page.
Then the only issue is that I don't know if I will have the time to implement this in the near future...
Did you already test this kind of LDAP query in your environment to measure the impact in terms of performance?
thanks,
Yvan
↧
↧
New Post: FillSearch maxcount parameter doesn't work
Hello,
well it's true the threshold is ignored. Here are some reasons to explain why:
Yvan
well it's true the threshold is ignored. Here are some reasons to explain why:
- FillSearch method is rarely called in SharePoint 2013. Actually I think it's only called from central admin.
-
I never received any complain about this causing an actual performance issue, so I never saw the need to honor the threshold
Yvan
↧
New Post: FillSearch maxcount parameter doesn't work
Hi Yvand,
Thanks for your reply, regarding to your explanation:
Thanks for your reply, regarding to your explanation:
- I debug the code and found that every people picker in SharePoint will use FillSearch when searching users.
- You're right, the performance is not a problem, since the max size for one query in Active Directory is 1000, but I think it's a function, currently in SharePoint peoplepicker, it will return 1000 results instead of 30 results.
↧
New Post: Issues after removal of LDAPCP on SP 2013
Hello All,
I have been facing an issue post removal of LDAPCP while creating the new token issuer which is as follows.
It is trying to locate ldapcp dll while creating new token issuer after removal all components of ldapcp.
$Issuer = New-SPTrustedIdentityTokenIssuer -Name "XYZ" -Description "identyfingclaim" -realm $realm -ClaimsMappings $id.$groups -SignInUrl $signinurl -IdentifierClaim $id.InputCLaimType -UseWReply -ImportTrustCertificate $corpcert
New-SPTrustedIdentityTokenIssuer : Could not load file or assembly 'ldapcp, Version=3.0.0.0, Culture=neutral, PublicKeyToken=6520e17cd9489fc0' or
one of its dependencies. The system cannot find the file specified.
At line:1 char:47
I have been facing an issue post removal of LDAPCP while creating the new token issuer which is as follows.
It is trying to locate ldapcp dll while creating new token issuer after removal all components of ldapcp.
$Issuer = New-SPTrustedIdentityTokenIssuer -Name "XYZ" -Description "identyfingclaim" -realm $realm -ClaimsMappings $id.$groups -SignInUrl $signinurl -IdentifierClaim $id.InputCLaimType -UseWReply -ImportTrustCertificate $corpcert
New-SPTrustedIdentityTokenIssuer : Could not load file or assembly 'ldapcp, Version=3.0.0.0, Culture=neutral, PublicKeyToken=6520e17cd9489fc0' or
one of its dependencies. The system cannot find the file specified.
At line:1 char:47
-
$CorpIssuer = New-SPTrustedIdentityTokenIssuer <<<< -Name "XYZ" -Description "identyfingclaim" -realm $realm -ClaimsMappings $id.$groups -SignInUrl $signinurl -IdentifierClaim $id.InputCLaimType -UseWReply -ImportTrustCertificate $corpcert
- CategoryInfo : InvalidData: (Microsoft.Share...dentityProvider:SPCmdletNewSPIdentityProvider) [New-SPTrustedIdentityTokenIssuer],
FileNotFoundException -
FullyQualifiedErrorId : Microsoft.SharePoint.PowerShell.SPCmdletNewSPIdentityProvider
- CategoryInfo : InvalidData: (Microsoft.Share...dentityProvider:SPCmdletNewSPIdentityProvider) [New-SPTrustedIdentityTokenIssuer],
↧
New Post: ldap connection error
I am getting an error when trying to setup a connection to AD LDS server using LDAPCP v3.9 the error I am getting is
Unable to connect to LDAP for following reason:
The user name or password is incorrect.
It may be expected if w3wp process of central admin has intentionally no access to LDAP server.
I am able to use ldp.exe to connect to ADLDS from the sharepoint server (ADLDS) is on the same server (Sandbox)
Unable to connect to LDAP for following reason:
The user name or password is incorrect.
It may be expected if w3wp process of central admin has intentionally no access to LDAP server.
I am able to use ldp.exe to connect to ADLDS from the sharepoint server (ADLDS) is on the same server (Sandbox)
↧
↧
New Post: ldap connection error
Hello, can you check SharePoint logs and filter on Product/Area "LDAPCP" to see exact error?
Besides, did you run ldp.exe with same account as the w3wp process that runs central administration (farm account?
thanks,
Yvan
Besides, did you run ldp.exe with same account as the w3wp process that runs central administration (farm account?
thanks,
Yvan
↧
New Post: ldap connection error
Yvand
Thanks for the reply I was able to connect and bind using the account I believe is used for W3WP process and all worked I will look through the logs.
Thanks
Joe
↧
New Post: ldap connection error
Don’t see anything in sharepoint logs
The SharePoint server is on a domain I am trying to use ADLDS to add users that are not part of our AD and give rights to these users
Thanks
Joe
↧
New Post: Users from other federated domains
Hi Yvand,
would you mind providing an example as mentioned in the last message?
Does LDAPCP support secure LDAP (LDAPS)?
would you mind providing an example as mentioned in the last message?
Does LDAPCP support secure LDAP (LDAPS)?
↧
↧
New Post: Users from other federated domains
Hello, if you are using AD, it can be one of those:
LDAP://OU=OU1,DC=YvanHost,DC=local
LDAP://CN=Users,DC=YvanHost,DC=local
thanks,
Yvan
LDAP://OU=OU1,DC=YvanHost,DC=local
LDAP://CN=Users,DC=YvanHost,DC=local
thanks,
Yvan
↧
New Post: ldap connection error
Hello,
unless logs for products/area "LDAPCP" are deactivated (which you can check in central administration), it's not possible that no message is recorded when error appears.
I can't help further since images are not visible.
thanks,
Yvan
unless logs for products/area "LDAPCP" are deactivated (which you can check in central administration), it's not possible that no message is recorded when error appears.
I can't help further since images are not visible.
thanks,
Yvan
↧
New Post: ldap connection error
Yvan
Thanks for the feed back logging seems to be enabled looked at central admin Diagnostic Logging LDAPCP it was set to error/med I changed to VERBOSE/VERBOSE and then tested same error I went into location of logfiles %CommonProgramFiles%\Microsoft Shared\Web Server Extensions\15\LOGS\ looked in the file CISPDEV-20160118-1053.log searched for LDAPCP and did not see any errors I can send you a the logfiles if that helps
Thanks
↧
New Post: Users from other federated domains
thanks
does LDAPCP support secure LDAP (LDAPS)?
does LDAPCP support secure LDAP (LDAPS)?
↧
↧
New Post: Users from other federated domains
Yes, when you create the connection you need to select appropriate "authentication type" option, and use a valid LDAPS path, but I don't remember exact steps.
↧
New Post: Due to limitations of SharePoint API, do not associate LDAPCP with more than 1 SPTrustedIdentityTokenIssuer
What is the reason for which the solution has been developed with the limitation?
In our project we are in the need to develop the solution with the possibility of associate LDAPCP with more than 1 SPTrustedIdentityTokenIssuerassociations.
Until we start the development would need to know if it is possible to carry out functionality, complexity, etc.
Thanks!!!
In our project we are in the need to develop the solution with the possibility of associate LDAPCP with more than 1 SPTrustedIdentityTokenIssuerassociations.
Until we start the development would need to know if it is possible to carry out functionality, complexity, etc.
Thanks!!!
↧
New Post: Due to limitations of SharePoint API, do not associate LDAPCP with more than 1 SPTrustedIdentityTokenIssuer
Hello,
this limitation is caused by SharePoint and impacts every claim provider: basically a claims provider doesn't know with which SPTrustedIdentityTokenIssuser it is associated.
So the best thing a claims provider can do is to browse all SPTrustedIdentityTokenIssuser and check with which one it is associated. If there is more than 1 then this check becomes invalid...
thanks,
Yvan
this limitation is caused by SharePoint and impacts every claim provider: basically a claims provider doesn't know with which SPTrustedIdentityTokenIssuser it is associated.
So the best thing a claims provider can do is to browse all SPTrustedIdentityTokenIssuser and check with which one it is associated. If there is more than 1 then this check becomes invalid...
thanks,
Yvan
↧