FIM Groups Missing SharePoint UPS (User Profile Service)

By -
Hi There,

Note: This article applies on SharePoint 2010, SharePoint 2013.

Its a brand new server with Windows Server 2012 R2 and SharePoint 2013 with October 2015 CU installed on it. I created the User Profile Service Application and as usual (from past experiences) it didn't start on first attempt and stuck on starting or sometimes User Profile Service stopped after being in Starting state for few minuets. Strange....! But that's another side of UPS issue.

I read many articles including the best ones Harber1 and Harber2. These articles are in very much detail and helps you to fix the UPS Stuck problem. However my problem was, the below FIM Security groups were not present in Local Users and Groups for User Profile Service Application.

FIMSyncBrowse
FIMSyncJoiners
FIMSyncOperators
FIMSyncPasswordSet

In most of the posts on internet regarding this issue (like this) its stated that to check the FIM groups and many people also commented the same issue. But what if they are not preset on your server machine???

Relax guys, here is the inside story i have observed.

The User Profile Service is not dependent on FIM Security Group's creation but the Groups does. You don't need to create these FIM groups manually or syncing with AD... blah blah. Once the User Profile Service is started, it will automatically create the FIM Security Groups. How???

This is done by FIM services running in Services console (Services.msc). If they are disable, you should set them to Automatic (Delayed Start) but not start manually. The User Profile Service uses the services Forefront Identity Manager ServiceForefront Identity Manager Synchronization Service. The FIM Services uses the FIM security groups which they create once they start successfully. Few points i noted during troubleshotting...


1. The account you have configured for FIM services, must be in the local Administrators group.
2. The account for UPS must have Full Control on the service. You can check this from CA > UPS and permissions from top ribbon.
3. While the User Profile Service is in Starting state, check the FIM services. If they are disabled, you should set them to Automatic (Delayed Start) immediately.
4. At the end of any change, you must IISRESET and restart the SharePoint Timer service and sometimes SharePoint Admin service is also required. Specially when you are doing this on the same machine which is hosting the CA site.
5. As stated here i have not added any account to my FIM groups and my service is working fine.
6. Not to worry if FIM groups does not exists. UPS will create them automatically.
7. No need to provide service accounts for FIM services manually in Services console. They normally run under the Farm account you have configured in "Configure Service Accounts".
8. Set the UPS service account to SVCUPS (or any you have specially for UPS) from "Configure Service Accounts" in CA.

Happy SharePointing...!

Leave a comment if you have any issue or find a new workaround.







Comments

Post a Comment

Popular Posts

GREYCstoration Oil Paint plugin for Photoshop

By -
Image
Oil Paint Filter is missing in Photoshop? Try GREYCstoration plugin. An alternate for Oil Paint filter. I found my Adobe Photoshop CS5 is missing Oil Paint filter plugin due to GPU unavailable on my machine. I found an alternate tool to get oil painting effect on photos. Below are the steps to use this tool. 1.  Download  tool and extract http://www.mediafire.com/download/3j15dj3opmip4ez/GreycShop.zip 2. Copy the extracted files on below path(s)     For 64Bit: C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins     For 32Bit: C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Plug-ins 3. Run Adobe Photoshop 4. Select Noise >> GREYCstoration  For example: Enjoy :)
Read more

Service Bus Gateway service stuck at Starting

By -
Image
Lesson Learned: Never leave your servers to automatically download and install the updates. We had a SharePoint farm where Workflow manager is configured on one of its server and rest of them are just using WFM client to connect with the server. Everything was running smooth until some updates got installed on the servers over night and the next morning Workflows stuck and start giving errors. As initial check, I verified SharePoint services and WFM services, noticed that the Service Bus Gateway service is struck at Starting state. This was very generic thing but at least a point to start thinking... Troubleshooting: 1. Tried manual restart, but no luck. 2. Tried Leaving and Joining the WFM Farm again. But the timeout error. Error message received during rejoining:  “Starting Service bus gateway on machine <servername> failed: timeout has expired and the operation has not been completed” 3. Tried ULS check and noticed below error. "  Service cannot be started. Microsoft.Ser
Read more

PowerApps SubmitForm not clearing People Picker value

By -
Image
Although its a great experience working with Microsoft products but sometimes they surprises you with bugs that being a developer you would not expect. You may come across the problem that PowerApps SubmitForm is not updating data in SharePoint list, specially the People Picker type field (could be the same case with datetime type as well. Same thing I have experienced that while working on a PowerApps form which is connected with simple SharePoint list, I was unable to update the value of People Picker control which was having no special settings in SharePoint, just simple out of the box list with Title and a People Picker column. Spent hours on it but no gain. Finally the Google, a friend who can help you to find the right thing if you search for it. I came across this and this post and found similarity. Made the same changes and boom...! It worked..! You just need to turn ON the Fomula level error management under the Advance Settings. Below is the settings which I set to Yes. Have
Read more

Apple iPhone sending SMS automatically 00447786205094

By -
Image
Hi There, I have just noticed that my credit is being deducted from my mobile account. I am in Pakistan and using Warid Tel network. I see my mobile credit details after few hours on my screen. This facility is provided only by Warid Telecom that they provide your credit details each time you make a call or send SMS. I checked my Message,Calls logs emails logs etc but no point where i can check that why me credit is being deducted. Absolutely nothing found. :-/  I called Warid Tel support center and the guy told me that there are 4 SMS that have been sent internationally from my iPhone 5. Whattt???? :O I have't sent even a single one. He was bound not to tell me the number however i found that number from Warid Tel online customer portal. That magical number was  00447786205094. Warid Web Self Service Portal I googled and found that its UK number and an iPhone application Facetime/iMessage used to send text to this number for their activation without
Read more

SharePoint online hub navigation not updating for other users

By -
Its been quite a time that I am working with SharePoint Online and meeting new challenges every day. Its feels great when you find a solution for something which Google do not tell you. I am just writing this post because there might be someone out there facing the same issue and this post might help him. BTW, before you check the actual post of how to fix the navigation check below, this might also help to change the user language. Problem Description: When an Admin of SharePoint Online site, updates the hub navigation (or may be site navigation), it do not get updated for all the users instantly. User has to clear browser cache to get the updated navigation. As per discussion with Microsoft, SharePoint saves a copy of the navigation in browser cache which automatically refreshes after a certain period of time. By default, you cannot clear browser cache using React or JS code. Browsers do not allow you to do so. So, the user should wait till that time? ABSOLUTELY NOT! (Imran Khan 😋 )
Read more