none
User getting removed from Project Server group on AD Sync? RRS feed

  • Question

  • We have a user "test1" who is part of AD group called say "Team_Members@XYZ.com".

    For some reason, every night during AD sync, this particular user is getting dropped from the respective Project Server group with whom the AD Sync (of above AD group) is happening.

    We have already checked the event log and ULS log for any possible errors during the AD Sync time but could not find anything in there.

    For the time being, we are manually adding this user to the project server group (on daily basis) so this user can atleast access the PWA (of Project Server 2010) site fine.

    Can someone suggest what other things can be checked to have this investigated further?


    Thanks in advance.

    • Edited by Srini-coder Tuesday, April 24, 2012 12:26 AM formatting issue..
    Tuesday, April 24, 2012 12:24 AM

All replies

  • Do you think any attributes of this account has been changed in Active directory?

    Also you can execute following query

    update msp_resources set wres_ad_guid=NULL  where wres_account='domain\test1'

    Re-run AD sync


    Hrishi Deshpande – DeltaBahn Senior Consultant
    Blog | < | LinkedIn

    Tuesday, April 24, 2012 1:43 AM
    Moderator
  • Hi,

    On PWA -->Server Setting-->Operational Policies -->Active directory Resource pool Synchronization

    Clear group if any one is selected.

    and re run the AD synchronization.

    and clear the check box <label for="ctl00_ctl00_PlaceHolderMain_PWA_PlaceHolderMain__resourceOptionsSection_ctl01__autoReactivate">Automatically reactivate currently inactive users if found in Active Directory during synchronization.</label>

    and save the setting.

    Wednesday, April 25, 2012 6:39 AM
  • For this particular user capture the below data from "System Identification Data" section of edit user page.

    Capture this pre and post AD sync when access is given through AD Group.


    Abhijeet M. Mohite

    Wednesday, April 25, 2012 10:01 AM
  • Hi Srini-coder

    Try preventing active directory synchronization for the user, may be it can provide some help.

    Server Settings-->Manage Users under Security-->Open the details of that particular user--> Check on the "Prevent Active Directory synchronization for this user" check box--> Click on Save.

    Re-run AD sync

    Thanks


    Manish


    Friday, April 27, 2012 8:25 AM
  • Hi,

    I noticed the same issue with a few users that every day were dropped from the security group due to the AD synchronization.

    The event viewer or the ULS are not saying anything and the synchronization message says that everything went well

    I prevented those users the sync but this has to be a bug or something similar because this is not the normal behaviour.

    Is there any solution for this issue?

    Friday, May 4, 2012 8:00 AM
  • Hi

    I have noticed this behaviour due to the reason that "The user was deleted and recreated at AD". And hence this is not the same user which exists in PWA inspite of having same display name & login Id.

    So next time when you sync it with PWA, the PWA user goes inactive. The solution can be :-

    (I havent tried it yet, at my level)

    Delete the user completly from PWA as well. Delete all the caches. And then try to sync it with AD again.

    This should give some results.

    Thanks


    Manish

    Friday, May 4, 2012 10:01 AM
  • wouldn't be this the same as reseting the AD column field form the msp_resources table executing the next script:

    UPDATE MSP_RESOURCES SET WRES_AD_GUID=NULL

    I've already done that and this is still happening!!!

    Friday, May 4, 2012 10:17 AM
  • Any solution for this issue, I am still facing same issue.

    One more Issue I am facing, permission getting removed from the project site also.

    Thursday, January 16, 2014 9:06 AM