none
Active Directory Enterprise Resource Pool Synchronization failure RRS feed

  • Question

  • Hi,

    I'm trying to synchronize Project Server 2013 with Active Directory users via the Active Directory Enterprise Resource Pool synchronization tool, under PWA Settings->Operational Policies.

    When I enter a distribution or a security group in the "Active Directory Group" field, the group is found and can be selected in the auto-completion without any problem. But when I try the click "Save and Synchronize Now" or "Save" button, nothing happens. The page is not refreshed or redirected.

    Here are the last relevant messages I see:

    w3wp.exe (0x2BE8) 0x1568 Project Server General aeby7 Exception
    [bucketHash:F0FACBDF] Exception occured in method 'Admin.ResolveActiveDirectoryGroups' System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
    at Microsoft.Office.Project.Server.ClaimsHelper.GetFormsAuthenticationProviderName(Uri context, SPUrlZone zone)
    at Microsoft.Office.Project.Server.BusinessLayer.ActiveDirectoryUtility.TryGetGroupInfo(String domain, String searchPath, String searchFilter)
    at Microsoft.Office.Project.Server.BusinessLayer.ActiveDirectoryUtility.TryGetGroupInfoByClaim(String encodedClaim)
    at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
    at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
    at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
    at Microsoft.Office.Project.Server.Wcf.Implementation.PWAImpl.<>c__DisplayClass10a.<AdminResolveActiveDirectoryGroups>b__109()
    at Microsoft.Office.Project.Server.Wcf.Implementation.WcfMethodInvocation.InvokeBusinessObjectMethod(String businessObjectName, String methodName, IEnumerable`1 actions) StackTrace:
    2b3d83ee10e5|2|, microsoft.office.project.server.native.pdb, offset=3C1E)
    at Microsoft.Office.Project.Server.Native.dll: (offset=1255D)

    w3wp.exe (0x2BE8) 0x1568 Project Server Unified Logging Service c91s Monitorable
    Watson bucket parameters: Microsoft Project Server 2013, ULSException14, 070f6ea0 "project server",  0f001181 "15.0.4481.0", 6962a0f6 "microsoft.office.project.server.administration", 0f0011ad "15.0.4525.0", 51ade0c4 "tue jun 04 14:42:44 2013",  0000020f "0000020f",  0000003b "0000003b",  0560164b "keynotfoundexception", 00101621 "aeby7"

     w3wp.exe (0x2BE8) 0x1568 Project Server General aeby8 Medium
    Error is: GeneralUnhandledException. Details: General Unhandled Exception in _Admin.ResolveActiveDirectoryGroups_ Attributes:  System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
    at Microsoft.Office.Project.Server.ClaimsHelper.GetFormsAuthenticationProviderName(Uri context, SPUrlZone zone)
    at Microsoft.Office.Project.Server.BusinessLayer.ActiveDirectoryUtility.TryGetGroupInfo(String domain,  String searchPath, String searchFilter)
    at Microsoft.Office.Project.Server.BusinessLayer.ActiveDirectoryUtility.TryGetGroupInfoByClaim(String encodedClaim)
    at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()     at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
    at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
    at Microsoft.Office.Project.Server.Wcf.Implementation.PWAImpl.<>c__DisplayClass10a.<AdminResolveActiveDirectoryGroups>b__109()
    at Microsoft.Office.Project.Server.Wcf.Implementation.WcfMethodInvocation.InvokeBusinessObjectMethod(String businessObjectName, String methodName, IEnumerable`1 actions)  . Standard Information: PSI Entry Point:  Project User: LUXAIRLG\SQLADMIN2012 Correlation Id: 6cef3814-b3a2-e311-93f9-005056921080 PWA Site URL: xxx SA Name: PS2013 - Project Server Service Application PSError: GeneralUnhandledException (42). LogLevelManager Warning-ulsID:0x00101622 has no entities explicitly specified.

    w3wp.exe (0x2BE8) 0x1568 Project Server Project Web App af04k Medium
    Void SaveButtonClick(System.Object.System.Web.UI.WebControls.CommandEventArgs) : GeneralUnhandledException

    I am in a single domain topology between Project Server and AD, and I'm doing the synchronization with the farm admin account, who has read/write access to AD. I have a two-tiers architecture (separate databse server) with SharePoint 2013 and Project Server 2013 RTM + public update of March 2013 installed.

    Any ideas?

    Thanks in advance

    Monday, March 3, 2014 10:55 AM

Answers

  • Try playing around with alternate access mappings, that' another thing I did the morning I solved my issue. Try adding an AAM for your server's hostname. Good luck.

    Hi,

    Indeed I had to play with Alternate Access Mapping.

    The steps proposed by Kiran.K in another topic resolved the issue for me.

    I moved the FQDN url http//portal.servername.com (that I was using the access pwa) to the default zone in Alternate Access Mapping and it worked immediatly!

    Please also verify that "Authenticated users" have read permission on all service account:

    From the AD Users and Computers > edit the AD service account > Security tab > Select "Authenticated Users" > ensure "Read" permissions are enabled

    Thank you for your support,

    ALemaitre

    • Marked as answer by Alemaitre Thursday, March 13, 2014 3:56 PM
    Thursday, March 13, 2014 3:56 PM

All replies

  • Hi Alemaitre,

    No solution I'm afraid, but just wanted to let you know that I'm experiencing the exact same issue. I'll post here if I ever find a solution.

    Good luck!

    Tuesday, March 4, 2014 2:29 PM
  • Hi,

    Try opening the site in Internet Explorer "compatibility view" and check the behavior.

    Tuesday, March 4, 2014 3:24 PM
  • The compatibility view doesn't change the behaviour, for the moment we didn't find any resolution.
    Wednesday, March 5, 2014 8:17 AM
  • I can confirm, IE Compatibility Mode doesn't fix this. It's definitely not caused client-side, as I'm getting the correct POST actions in the ULS logs.
    Wednesday, March 5, 2014 4:25 PM
  • Just a try : has your PWA instance URL been added to your IE trusted sites (both internet and intranet)?

    Guillaume Rouyre - MBA, MCP, MCTS

    Wednesday, March 5, 2014 4:36 PM
    Moderator
  • Lo and behold, my AD sync started working.

    Though I have added the site to my local intranet sites, I'm not very confident whether this was the actual solution. I've performed several actions configuring my farm before I started troubleshooting this issue again, so it might be another action that solved this.

    Alemaitre: can you try the following please:

    • See if the SharePoint Web Service site is started in IIS.  If not, start it, see if that works.
    • Instead of adding the site to your Trusted Sites, try Local Intranet Sites (click Advanced to add sites besides using auto-discovery)
    • Turn the Security Level for the zone all the way down.
    • Turn off Compression for your site in IIS, do an iisreset, see if that works.
    • I've also had to remove a host header from my MySite portal (running on port 8080 here), unlikely for this to be the cause but it's just one of the things I did this morning :-)

    Should I think of anything else, I'll let you know.

    Bonne chance.


    • Edited by DMachiels Thursday, March 6, 2014 10:54 AM
    Thursday, March 6, 2014 10:49 AM
  • Unfortunatly, the steps above didn't do the trick for me.

    DMachiels, if you remember anything else you did, please let me know ;-)

    Thank you

    Thursday, March 6, 2014 3:34 PM
  • Did you try adding the site to your local and internet trusted sites in IE?

    Guillaume Rouyre - MBA, MCP, MCTS

    Thursday, March 6, 2014 3:40 PM
    Moderator
  • Yes, I did
    Thursday, March 6, 2014 3:49 PM
  • Try playing around with alternate access mappings, that' another thing I did the morning I solved my issue. Try adding an AAM for your server's hostname. Good luck.
    Friday, March 7, 2014 3:50 PM
  • Several things can cause to fail

    1)  Look in the events log and see if AD sync is failing because a user record.

    2) The service account that runs the AD sync needs to have access to the Active Directory. 

    cheers!


    Michael Wharton, MVP, MBA, PMP, MCT, MCTS, MCSD, MCSE+I, MCDBA
    Website http://www.WhartonComputer.com
    Blog http://MyProjectExpert.com contains my field notes and SQL queries

    Monday, March 10, 2014 11:34 PM
    Moderator
  • Try playing around with alternate access mappings, that' another thing I did the morning I solved my issue. Try adding an AAM for your server's hostname. Good luck.

    Hi,

    Indeed I had to play with Alternate Access Mapping.

    The steps proposed by Kiran.K in another topic resolved the issue for me.

    I moved the FQDN url http//portal.servername.com (that I was using the access pwa) to the default zone in Alternate Access Mapping and it worked immediatly!

    Please also verify that "Authenticated users" have read permission on all service account:

    From the AD Users and Computers > edit the AD service account > Security tab > Select "Authenticated Users" > ensure "Read" permissions are enabled

    Thank you for your support,

    ALemaitre

    • Marked as answer by Alemaitre Thursday, March 13, 2014 3:56 PM
    Thursday, March 13, 2014 3:56 PM