Home

SharePoint 2019 User Profile --> Manage User Permissions

%3CLINGO-SUB%20id%3D%22lingo-sub-869791%22%20slang%3D%22en-US%22%3ESharePoint%202019%20User%20Profile%20--%26gt%3B%20Manage%20User%20Permissions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-869791%22%20slang%3D%22en-US%22%3E%3CP%3EHowdy!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI've%20found%20a%20very%20strange%20issue%20within%20the%20User%20Profile%20service%20of%20SharePoint%202019.%20First%20of%20all%20some%20information%20about%20our%20topology%3A%3C%2FP%3E%3CUL%3E%3CLI%3E4%20SP%20Servers%20(Minrole)%3A%3CUL%3E%3CLI%3E2%20WFE%20with%20DC%3C%2FLI%3E%3CLI%3E2%20Application%20with%20Search%3C%2FLI%3E%3C%2FUL%3E%3C%2FLI%3E%3CLI%3EVersion%2016.0.10349.20000%3C%2FLI%3E%3CLI%3EWindows%20Server%202019%20is%20the%20OS%3C%2FLI%3E%3CLI%3EOffice%20Online%20and%20SQL%202016%20info%20is%20out-of-scope%20for%20this%20issue.%3C%2FLI%3E%3C%2FUL%3E%3CP%3EWe%20are%20migrating%20our%20environment%20from%20SharePoin%202010%20to%20SharePoint%202019.%20The%20mysites%20will%20be%20migrated%20at%20the%20last%20phase%20of%20the%20project.%20Therefor%20we%20would%20like%20to%20disable%20the%20mysite%20creation.%20Within%20the%20'Manage%20User%20Permission'%20you%20can%20adjust%20the%20settings%20for%20the%20creation%20of%20the%20personal%20site.%20But%20when%20we%20modify%20these%20settings%20I%20get%20a%20popup%20with%20the%20message%20'Sorry%2C%20this%20site%20hasn't%20been%20shared%20with%20you'.%20I%20already%20checked%20many%20things%3A%3C%2FP%3E%3CUL%3E%3CLI%3EUls%20log%20is%20giving%20me%20an%20Access%20Denied%3C%2FLI%3E%3CLI%3EThe%20user%20who%20is%20modifying%20the%20permissions%20is%20admin%20on%20the%20mysite.%3C%2FLI%3E%3CLI%3EThe%20user%20is%20Farm%20Admin%20and%20also%20has%20specific%20permissions%20on%20the%20User%20Profile%20App%20(Full%20Control)%3C%2FLI%3E%3CLI%3EGave%20temporarily%20direct%20database%20permissions%20for%20the%20User%20Profile%20Service%20account%20on%20the%20mysite%20database...%3C%2FLI%3E%3CLI%3EWhen%20I%20change%20the%20mysite%20url%20in%20the%20User%20Profile%20app%20to%20for%20example%20http%3A%2F%2Ffake%2C%20then%20I%20can%20change%20the%20permissions.%20But%20they%20are%20not%20applied%20as%20the%20Mysite%20URL%20is%20not%20correct.%3C%2FLI%3E%3CLI%3EAls%20tried%20to%20change%20the%20permissions%20via%20Powershell...(Revoke-SPObjectPermission)%2C%20but%20I%20cannot%20find%20the%20good%20permissions.%20Also%201%20claim%20cannot%20be%20found%20(c%3A0!.s%7Cwindows)%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlmost%20think%20it's%20a%20bug..%20but%20as%20i'm%20not%20100%25%20sure%20i'm%20writing%20this%20question.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-869791%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EPermissions%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EPowerShell%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%20Server%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
SPLeon
New Contributor

Howdy!

 

I've found a very strange issue within the User Profile service of SharePoint 2019. First of all some information about our topology:

  • 4 SP Servers (Minrole):
    • 2 WFE with DC
    • 2 Application with Search
  • Version 16.0.10349.20000
  • Windows Server 2019 is the OS
  • Office Online and SQL 2016 info is out-of-scope for this issue.

We are migrating our environment from SharePoin 2010 to SharePoint 2019. The mysites will be migrated at the last phase of the project. Therefor we would like to disable the mysite creation. Within the 'Manage User Permission' you can adjust the settings for the creation of the personal site. But when we modify these settings I get a popup with the message 'Sorry, this site hasn't been shared with you'. I already checked many things:

  • Uls log is giving me an Access Denied
  • The user who is modifying the permissions is admin on the mysite.
  • The user is Farm Admin and also has specific permissions on the User Profile App (Full Control)
  • Gave temporarily direct database permissions for the User Profile Service account on the mysite database...
  • When I change the mysite url in the User Profile app to for example http://fake, then I can change the permissions. But they are not applied as the Mysite URL is not correct.
  • Als tried to change the permissions via Powershell...(Revoke-SPObjectPermission), but I cannot find the good permissions. Also 1 claim cannot be found (c:0!.s|windows)

 

Almost think it's a bug.. but as i'm not 100% sure i'm writing this question.

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
22 Replies
flashing a white screen while open new tab
cntvertex in Discussions on
13 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
28 Replies
description for autoplay blocking in settings page
HotCakeX in Discussions on
8 Replies