Unable to add active directory users to the sharepoint groups

This was something really new we figured out while working on this sharepoint site. We were unable to add the active directory users to the exisiting sharepoint groups in the site. We encountered the following error message “Operation aborted (Exception from HRESULT: 0×80004004 (E_ABORT)”. We had no clue where to look at and how to move ahead! Had some SQL expert advice on this one and eventually figured out the cause. This is how we progressed to resolution…

We edited the web.config file of the affected virtual server in the IIS and set the value for “CallStack” as true and set the value for “Custom Error” as off. We saved the file and reset the IIS. We tried to reproduce the error again and found the following error thread as follows:

Operation aborted (Exception from HRESULT: 0×80004004 (E_ABORT)) at Microsoft.SharePoint.Library.SPRequestInternalClass.UpdateMembers(String bstrUrl, Guid& pguidScopeId, Int32 lGroupID, Int32 lGroupOwnerId, Object& pvarArrayAdd, Object& pvarArrayAddIds, Object& pvarArrayLoginsRemove, Object& pvarArrayIdsRemove, Boolean bSendEmail) at Microsoft.SharePoint.Library.SPRequest.UpdateMembers(String bstrUrl, Guid& pguidScopeId, Int32 lGroupID, Int32 lGroupOwnerId, Object& pvarArrayAdd, Object& pvarArrayAddIds, Object& pvarArrayLoginsRemove, Object& pvarArrayIdsRemove, Boolean bSendEmail)

Upon research found that there is option in the SQL Server Instance called XACT_ABORT under Default Connection Options which needs to be unchecked. How would we do that? Follow these simple steps. Open the SQL Server Management Studio and check for the properties of the SQL Server Instance. Select Connection and under Default Connection Options, uncheck XACT_ABORT and save changes. Now that we are done with this we were able to add the users from the active directory to the existing sharepoint groups with no errors.

Here is the cause explained:

When SET XACT_ABORT is ON, if a Transact-SQL statement raises a run-time error, the entire transaction is terminated and rolled back. So, if we look at a sharePoint content database, if SQL runs into a transaction that fails, it will roll the changes back, essentially editing the database. If you break the role inheritance on a group you get two membership adherence lines into the database for that group and then when you try to add new users, and you get a SQL exception error, something like ” Violation of PRIMARY KEY constraint “Webmembers_PK”. Cannot insert duplicate key in object ‘dbo.members’. SharePoint functionality is not hindered by this error message but if the “xact abort” SQL option is enabled on the SQL server in the properties of the default instance under connections, then the transaction is rolled back by the SQL server and this generates a HRESULT abort error in SharePoint. This option is turned unchecked by default.

How to copy attachments from one list item to another

The microsoft support article for WSS 2 shows us how to download attachments from a list item. Basically, the attachments for a list item are stored as SPFile objects under a hidden folder in the list where those attachments are (a folder called "Attachments") - where each list item that has an attachment has its own folder - with the ID of the item being the folder's name.

Here is a code sample for a function to copy attachments from one item to another.

private void CopyAttachments(SPListItem sourceItem, SPListItem targetItem)
{
  try
  {
     //get the folder with the attachments for the source item
     SPFolder sourceItemAttachmentsFolder =
         sourceItem.Web.Folders["Lists"].SubFolders[sourceItem.ParentList.Title].
SubFolders["Attachments"].SubFolders[sourceItem.ID.ToString()];
      //Loop over the attachments, and add them to the target item
     foreach (SPFile file in sourceItemAttachmentsFolder.Files)
     {
        byte[] binFile = file.OpenBinary();
        targetItem.Attachments.AddNow(file.Name, binFile);
     }
  }
  catch { }
  finally
  {
     sourceItem.Web.Dispose();
  }
}

Configuring Form Based Authentication with Sun Java LDAP

Repro steps which helped me configure FBA with Sun java  , please get back to me if you need any help on it as well as iam sending the web.config code which I have configured on my test environment

 => Repro steps

========

 => downloaded Sun Java System Directory Server 5 2005Q4 (5.2 P4)

https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_SMI-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=DirSrv-52005Q4-OTH-G-F@CDS-CDS_SMI

=> installed it on the Sql server 2005

=> created a OU

=> created groups

=> created users in it

=> created a new web app on the SharePoint server http://moss2:1000

=>extended the site on 1001

=> edited the web.config of the central admin

TechNet link in which the code in present to configure the web.config

http://msdn.microsoft.com/en-us/library/bb977430.aspx#MOSSFBAPart3_UsingLDAPProvider

  

Configuration Example for Sun Java System (formerly iPlanet and SunONE)

<membership defaultProvider="LdapMembership">

  <providers>

    <add

    name="LdapMembership"

    type="Microsoft.Office.Server.Security.LDAPMembershipProvider,

    Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral,

    PublicKeyToken=71E9BCE111E9429C"

    server="myServerName"

    port="21801"

    useSSL="false"

    userDNAttribute="entryDN"

    userNameAttribute="uid"

    userContainer="dc=CONTOSO,dc=COM"

    userObjectClass="Inetorgperson"

    userFilter="(ObjectClass=Inetorgperson)"

    scope="Subtree"

    otherRequiredUserAttributes="sn,givenname,cn"

    />

  </providers>

</membership>

<roleManager defaultProvider="LdapRole" enabled="true" cacheRolesInCookie="false" cookieName=".PeopleDCRole">

  <providers>

    <add

    name="LdapRole"

    type="Microsoft.Office.Server.Security.LDAPRoleProvider,

    Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral,

    PublicKeyToken=71E9BCE111E9429C"

    server="myServerName"

    port="21801"

    useSSL="false"

    groupContainer="dc=CONTOSO,dc=COM"

    groupNameAttribute="cn"

    groupMemberAttribute="uniqueMember"

    userNameAttribute="uid"

    dnAttribute="entryDN"

    groupFilter="(ObjectClass=groupofuniquenames)"

    scope="Subtree"

    />

  </providers>

</roleManager>

  

=> also edited the web.config of the site 

Configuration Example for Sun Java System (formerly iPlanet and SunONE)

<membership defaultProvider="LdapMembership">

  <providers>

    <add

    name="LdapMembership"

    type="Microsoft.Office.Server.Security.LDAPMembershipProvider,

    Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral,

    PublicKeyToken=71E9BCE111E9429C"

    server="myServerName"

    port="21801"

    useSSL="false"

    userDNAttribute="entryDN"

    userNameAttribute="uid"

    userContainer="dc=CONTOSO,dc=COM"

    userObjectClass="Inetorgperson"

    userFilter="(ObjectClass=Inetorgperson)"

    scope="Subtree"

    otherRequiredUserAttributes="sn,givenname,cn"

    />

  </providers>

</membership>

<roleManager defaultProvider="LdapRole" enabled="true" cacheRolesInCookie="false" cookieName=".PeopleDCRole">

  <providers>

    <add

    name="LdapRole"

    type="Microsoft.Office.Server.Security.LDAPRoleProvider,

    Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral,

    PublicKeyToken=71E9BCE111E9429C"

    server="myServerName"

    port="21801"

    useSSL="false"

    groupContainer="dc=CONTOSO,dc=COM"

    groupNameAttribute="cn"

    groupMemberAttribute="uniqueMember"

    userNameAttribute="uid"

    dnAttribute="entryDN"

    groupFilter="(ObjectClass=groupofuniquenames)"

    scope="Subtree"

    />

  </providers>

</roleManager>

=> made the changes in the authentication for the web app and changed it to forms and in the providers made the required changes

LDAPMembershipProvider and LdapRole

=> add the user to the policy for web application

=> opened the site and logged in with the user

=> added the group to the site

=> the site was working fine without any issues.