登录
 
主页技术资源库学习下载支持社区论坛
IT 专业人士的资源 >
FIM extension-attribute-not-present

Respondida FIM extension-attribute-not-present

  • 2012年6月21日 12:27
     
      包含代码
    登录进行投票
    0

    Running SharePoint 2010 and a fully functional User profile sync setup. I suddenly find that a new user is getting a "completed-sync-errors" (newly created user in Active directory)

    A deeper look in the FIM reviles: Extension-attribute-not-present

    Stack Trace:
    Microsoft.MetadirectoryServices.AttributeNotPresentException: Attribute "distinguishedName" is not present.    at Microsoft.MetadirectoryServices.Impl.AttributeImpl.get_Value()    at Microsoft.Office.Server.UserProfiles.MetaverseExtension.MAMetaData.InitializeCSEntry(CSEntry csEntry, MVEntry mvEntry)    at Microsoft.Office.Server.UserProfiles.MetaverseExtension.MVExtensionObject.Microsoft.MetadirectoryServices.IMVSynchronization.Provision(MVEntry mventry)

    I have tryed deleating the users profile and doing a full sync = no luck

    In event:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
  <Provider Name="FIMSynchronizationService" /> 
  <EventID Qualifiers="32768">6100</EventID> 
  <Level>3</Level> 
  <Task>1</Task> 
  <Keywords>0x80000000000000</Keywords> 
  <TimeCreated SystemTime="2012-06-22T08:31:15.000000000Z" /> 
  <EventRecordID>307240</EventRecordID> 
  <Channel>Application</Channel> 
  <Computer>Server.domain</Computer> 
  <Security /> 
  </System>
     <EventData>
  <Data>MOSSAD-FIM_AD_Sync</Data> 
  <Data>DS_FULLSYNC</Data> 
  <Data>0</Data> 
  <Data>2</Data> 
  <Data>0</Data> 
  <Data>0</Data> 
  <Data>0</Data> 
  </EventData>
  </Event>

     


     User Action
     View the management agent run history for details.


    "Carpe Diem" does not mean "fish of the day."




    • 已编辑 Emort 2012年6月22日 8:09 created a copy of the user and did a full sync this user is working ok Any ideas??? not true...
    • 已编辑 Emort 2012年6月22日 9:04 added Event xml
    • 已编辑 Emort 2012年6月22日 9:05 Spelling error
    •  
     

全部回复

  • 2012年6月21日 15:46
    版主
     
     
    登录进行投票
    0
    Using ADSIEdit, is the attribute "distinguishedName" present on that user throwing the error (it should be...).

    http://sharepoint.nauplius.net

     
  • 2012年6月22日 7:25
     
     
    登录进行投票
    0
    Using ADSIEdit, is the attribute "distinguishedName" present on that user throwing the error (it should be...).

    http://sharepoint.nauplius.net

    it is
    CN=USER,OU=Users,OU=USERS2,DC=DOMAIN,DC=com

    other Users getting sync for the first time now reports the same error, but ADSIEDIT repports that distinguishedName is present!


    "Carpe Diem" does not mean "fish of the day."


    • 已编辑 Emort 2012年6月22日 8:02
    •  
     
  • 2012年7月1日 11:57
     
     已答复
    登录进行投票
    0

    Hi,

    From your narration, the cause could be as follows:

    The unexpected error is a result of having two metaverse attributes mapped to the same properties. kb2435284

    The Extension attribute not present message was a result of the of the distinguished name property mapping having been deleted.

    Resolution:

    The User profile Service Application was rebuilt to recreate the attribute mapping as the SharePoint UI does not permit this action.

    There were two possible solutions to recreate the attribute mapping.

    1 - reset the sync database

    2 - rebuild the UPA.

    Thanks,

    Rock Wang

    Rock Wang TechNet Community Support

     
  • 2012年7月10日 20:02
     
     已答复 包含代码
    登录进行投票
    0

    Recreated error in test environment:
     
    Found out that I can delete the distinguishedName on the Manage User Properties Mapped to “dn” But im not able to remap it afterwards 
    This recreates the problem in a test environment.

    solution:
    1.First Backup all relevant databases 1.Remember to note which user accounts that are set to DBO on the SYNC database, they will removed later in the “script step” !
    2. Take a SharePoint backup of userprofile service + proxy!
     
    2.Disable synchronization timer job 1.It will also be a good idea to stop the "My Site cleanup job" before you reset the sync database, otherwise you risk that the job will delete all user profiles and My Sites within the farm.
     
    3.Remove synchronization link altogether (CA -->UPS -->Synchronization Connections).
    4.Stop the "User Profile Synchronization Service" (CA -->Manage Services on server).
    5.Stop  "User Profile Service" in (CA -->Manage Services on server).
    6.Start the "User Profile Service" again.
    7.Delete synchronization database  using PowerShell script:

      # Find <uid> via Get-SPDatabase and Get-SPServiceApplication (Sync db and user profile service)
    $Syncdb = Get-SPDatabase <uid>
    $Syncdb.Unprovision ()
    $Syncdb.Status = 'Offline'
    $UPA = Get-SPServiceApplication <uid>
    $Upa.ResetSynchronizationMachine ()
    $Upa.ResetSynchronizationDatabase ()
    $Syncdb.Provision ()

    1.Start the "User Profile Synchronization Service".
    2.Create a new synchronization connection and edit the necessary rules for the connection.
    3.Verify that the mapping between user profile properties and the AD attributes (CA UPS-->"Manage User Properties") is normal.
     
    Q) Is the "distinguishedName" attribute mapping to "dn" AD attribute?

     1. Run a full user profile-sync to see if there is no error 

    If there is no errors enable the synchronization timer job and the My Site cleanup job"

    --------------------------------------------------------------------------------

    "Carpe Diem" does not mean "fish of the day."

     

    • 已编辑 Emort 2012年7月10日 20:04 EDIT spelling error and more
    • 已编辑 Emort 2012年7月10日 20:11
    • 已标记为答案 Emort 2012年7月10日 20:11
    •