none
Unable to access user profile RRS feed

  • Question

  • Hi I using sharepoint 2010,

    I am trying to access user profile of other users (not logged in user). It is always showing user does not exists.

    Code: 

    SPSecurity.RunWithElevatedPrivileges(delegate()

                            {

                                SPSite sc = new SPSite(SPContext.Current.Site.ID);

                                SPServiceContext serviceContext = SPServiceContext.GetContext(sc);

                                //ServerContext context = ServerContext.GetContext(sc);

                                HttpContext currentContext = HttpContext.Current;

                                HttpContext.Current = null;

                                UserProfileManager profileManager = new UserProfileManager(serviceContext);

                    //SPServiceContext serviceContext = SPServiceContext.Current;

                   // UserProfileManager profileManager = new UserProfileManager(serviceContext);

                    if (accountName != string.Empty)

                    {

                        try

                        {

                            if (profileManager.UserExists(accountName))

                            {

                                profile = profileManager.GetUserProfile(accountName);

                            }

                        }

                        catch (Exception ex)

                        {

     

                        }

                    }

                    else

                    {

                        profile = profileManager.GetUserProfile(SPContext.Current.Web.CurrentUser.LoginName);

                    }

                    HttpContext.Current = currentContext;

                            });

                           While I am trying to see the count in the profilemanager object it is showing a different error:

     profileManager.Count        'profileManager.Count' threw an exception of type 'System.UnauthorizedAccessException'        long {System.UnauthorizedAccessException}

     

    Can any one tell me how to get the user profile of the user other than the logged in user. i am really struck in the problem.



    Thanks: Bijay Kumar Sahoo Personal Blog URL: http://www.fewlines4biju.com MCTS(MOSS 2007)
    • Moved by Clayton Cobb Saturday, February 5, 2011 6:01 PM Why post this in General when it's full of code? (From:SharePoint 2010 - General Questions and Answers)
    Thursday, February 3, 2011 11:32 AM

Answers

  • If the logged in user is an Administrator of the "User Profile Service Application" then that user can get other user profiles. At minimum the logged in user must be granted the "Manage Profiles" permission.
    Blog | SharePoint Field Notes Dev Tool | ClassMaster
    • Marked as answer by Wayne Fan Friday, February 18, 2011 2:02 AM
    Saturday, February 5, 2011 4:57 AM
  • Hi,

    the problem here is the security delegation. If you delegate the permission you will end up in the user called "SYSTEM" which is not real a user account and don't have access to the profile store. It's the same with the builtin accounts.

    You don't need to delegate security because in gerneral a normal user should have read access to the user profile service. If the user should update his own fields than this is also no problem without delegation as long as the property of the user profile is marked as "User can overwrite".

    In gerneral SPSecurity.RunWithElevatedPrivileges should be used very limited only if you really need higher permissions than the user you should delegate. So this kind of delegation in general should be avoided as much as you can to get a better secure code.

    What i personally do is to write code without security delegation at all. Only in special cases or if i already know that i need Security delegation than i use it and add the delegation after testing with normal user permissions.

    Hope this helps
    Kind regards
    Stefan


    http://www.n8d.at/blog
    twitter: n8design
    Microsoft Community Contributor 2011
    MCTS - SharePoint / WSS Configuration and Development
    • Marked as answer by Wayne Fan Friday, February 18, 2011 2:02 AM
    Saturday, February 5, 2011 3:47 PM

All replies

  • If the logged in user is an Administrator of the "User Profile Service Application" then that user can get other user profiles. At minimum the logged in user must be granted the "Manage Profiles" permission.
    Blog | SharePoint Field Notes Dev Tool | ClassMaster
    • Marked as answer by Wayne Fan Friday, February 18, 2011 2:02 AM
    Saturday, February 5, 2011 4:57 AM
  • Hi,

    the problem here is the security delegation. If you delegate the permission you will end up in the user called "SYSTEM" which is not real a user account and don't have access to the profile store. It's the same with the builtin accounts.

    You don't need to delegate security because in gerneral a normal user should have read access to the user profile service. If the user should update his own fields than this is also no problem without delegation as long as the property of the user profile is marked as "User can overwrite".

    In gerneral SPSecurity.RunWithElevatedPrivileges should be used very limited only if you really need higher permissions than the user you should delegate. So this kind of delegation in general should be avoided as much as you can to get a better secure code.

    What i personally do is to write code without security delegation at all. Only in special cases or if i already know that i need Security delegation than i use it and add the delegation after testing with normal user permissions.

    Hope this helps
    Kind regards
    Stefan


    http://www.n8d.at/blog
    twitter: n8design
    Microsoft Community Contributor 2011
    MCTS - SharePoint / WSS Configuration and Development
    • Marked as answer by Wayne Fan Friday, February 18, 2011 2:02 AM
    Saturday, February 5, 2011 3:47 PM