Tag Archives: SharePoint

Loadtesting SharePoint file uploads with mandatory fields in the content types

When a user uploads a document into a library it can be the case that mandatory fields need to be filled in. If these fields aren’t correctly submitted to the server then the file will remain checked out and other users will not be able to see it.

For an automated load test its important that it correctly supplies the required fields. In a previous post I described all the requests that are involved in the upload. In this post we’ll describe how to correctly POST the fields to the server.

Lets assume you have a required field called “ReferenceId” in your content type. When we want to POST the value of this field to SharePoint we must include SharePoint’s Field ID (a GUID) into the name of the form post parameter.

The first point where we need to intervene is the GET request to EditForm.aspx. Its response contains the ID of each field that’s included in the content-type. Each meta-data field of the content type is described in a JSON datastructure that looks like this:

//This JSON structure is sent as 1 very long line in the response
{
   "ListSchema":{
      "...":{
         "Id":"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa",
         "...":"..."
      },
      "ReferenceId":{
         "Id":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
         "...":"..."
      },
      "...":"..."
   }
}

You can use the following ExtractionRule to extract the Id of your ReferenceId field:

Property Value
Context Parameter Name GUID_ReferenceId
Ends With
Extract Random Match False
Html Decode True
Ignore Case False
Index 0
Required True
Search in Headers False
Starts With “ReferenceId”:{“Id”:”
Use Regular Expression True

On the POST request to EditForm.aspx you need to add an extra Form Post Parameter like this:

Parameter Value Explanation
ClientFormPostBackValue_{{GUID_ReferenceId}}_ReferenceId Insert your desired value for the ReferenceId here See how the name of the form post parameter is constructed from the GUID we extracted earlier

Anatomy of a loadtest for SharePoint file uploads to a document library

When you use Visual Studio’s recorder on a file upload to a SharePoint document library, you will get a test that needs some tweaking before its usable.

Firstly it doesn’t take into account where on your test machine the file is stored. The next time you run the test, it will fail because it can’t find the file to upload.

Secondly I like to make this a generic test that can upload any file to any site/library regardless if we’re running on an agent or on the local development machine.

In this post we will take a look at the structure of the test, then we’ll know how to tweak these tests in the future:

Request 1: GET https://root/sites/yoursite/_layouts/15/Upload.aspx

The first requests retrieves SharePoint’s file-upload dialog.

QueryString Parameters

Parameter Value Url encode
ListId The GUID of the library to upload to. In format {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} No
RootFolder The ServerRelativePath to upload to. Eg /sites/yoursite/yourlibrary/yourfolder/anotherfolder Yes
IsDlg Set this to 1. No

Extraction rules

The only thing we need to do with the response is to extract all the hidden form fields in the response because the next request needs to POST them back to the server.

Extract Hidden Fields
Property Value
Context Parameter Name 1
Html Decode True
Required True

Request 2: POST https://root/sites/yoursite/_layouts/15/UploadEx.aspx

The second requests uploads the file from the test PC into the correct library/folder.

QueryString Parameters

Parameter Meaning Url encode
Same as previous request Same as previous request Same as previous request

Form Post Parameters

This request POSTs a lot of the extracted form parameters from the previous request back to the server. The complete list of parameters is in the following image. There are a few interesting ones in there though.

Screenshot of form post fields for request 2

Interesting form post parameters
Parameter Value Explanation
__EVENTTARGET ctl00$PlaceHolderMain$ctl03$RptControls$btnOK I’m not sure if this is needed. I just send it.
ctl00$PlaceHolderMain$UploadDocumentSection$ctl05$OverwriteSingle on Determines whether the user/test placed a check in the “Overwrite existing files” checkbox.
ctl00$PlaceHolderMain$ctl04$ctl01$uploadLocation /<yourfolder>/ Determines into which folder the file will be uploaded.
ctl00$PlaceHolderMain$VersionCommentSection$ctl01$CheckInComment The text of the user’s check in comment.
File Upload Parameter
Property Value
Content Type This is the Mime Type for the file that’s being uploaded. Take a look at freeformatter.com for a list of commont types. For .docx you can use application/vnd.openxmlformats-officedocument.wordprocessingml.document
File Name The path of the document on the machine running the test.
File Upload Name The name of the file as it should appear in the library/folder. Do not include folder names
Generate Unique Name Set to True if you want the test framework to automatically insert a unique value into the name of the uploaded file. This value will not be stored in the test context, so if you want unique names AND you also need to remember that name, then you must generate the unique part of the name yourself before sending this request.
Name ctl00$PlaceHolderMain$UploadDocumentSection$ctl05$InputFile
URL Encode True
Use Guids Determines what the format of the unique part of the filename will be. Its only relevant is Generate Unique Name is set to True

Extraction rules

One the file has been uploaded into the library, SharePoint wants the user to provide values for the various meta-data fields. In order to achieve this, SharePoint assigns the uploaded file a temporary ID, communicates it back to the browser and expects requests 3 and 4 to complete the meta-data input process. If you don’t do this properly, then the uploaded file will remain checked out. The ID is hidden in a bit of JavaScript that looks like this 

window.location.href = 'https:\u002f\u002f......\u002fEditForm.aspx?
Mode=Upload\u0026
CheckInComment=
\u0026ID=HERE IS THE ID YOU NEED
\u0026RootFolder=\...
\u0026IsDlg=1';
Extract Text: The following extraction rule retrieves the ID of the uploaded file
Property Value
Context Parameter Name UploadEx_ID
Ends With \u0026
Extract Random Match False
Html Decode True
Ignore Case False
Index 0
Required True
Search in Headers False
Starts With \u0026ID=
Use Regular Expression False

Request 3: GET https://root/sites/yoursite/yourlibrary/Forms/EditForm.aspx


This GET request retrieves the HTML form that users use to edit the metadata on the uploaded file.

QueryString Parameters

Parameter Value Url encode
Mode Upload No
CheckInComments The user’s comment for the check-in. Yes
ID The value of context parameter UploadEx_ID we extracted on previous requests No
RootFolder See request 1 See request 1
IsDlg See request 1 See request 1

Extraction rules


This request has a lot of extraction rules on its response that retrieve information that needs to be POST’ed in the next request.

Extract Text: The following extraction rule retrieves owsHiddenVersion
Property Value
Context Parameter Name OWSHiddenVersion_0
Ends With ,
Extract Random Match False
Html Decode True
Ignore Case False
Index 0
Required False
Search in Headers False
Starts With {“owshiddenversion”:
Use Regular Expression False
Extract Text: The following extraction rule retrieves the ContentTypeId of the first content type in the dropdown list on the form
Property Value
Context Parameter Name ContentType_0
Ends With
Extract Random Match False
Html Decode True
Ignore Case False
Index 0
Required False
Search in Headers False
Starts With “ItemContentTypeId”:”
Use Regular Expression False
Extract Regular Expression: Extracts the GUID for the ContentType drop down list on the form
Property Value
Context Parameter Name CONTROL_GUID0
Html Decode True
Ignore Case False
Index 0
Regular Expression _g_([0-9a-fA-F]{8}_[0-9a-fA-F]{4}_[0-9a-fA-F]{4}_[0-9a-fA-F]{4}_[0-9a-fA-F]{12})_ctl
Required True
Use Groups True
Extract Hidden Fields
Property Value
Context Parameter Name 1
Html Decode True
Required True

Request 4: POST https://root/sites/yoursite/yourlibrary/Forms/EditForm.aspx

QueryString Parameters

Parameter Value Url encode
Same as previous request Same as prevous request Same as prevous request

Form Post Parameters


Most of the form post parameters are the usual hidden fields extracted from the previous step:

Screenshot showing all the form post parameters of request 4

Interesting form post parameters
Parameter Value Explanation
__EVENTTARGET ctl00$ctl43$g_{{CONTROL_GUID0}}$ctl00$ctl02$ctl00$toolBarTbl$RightRptControls$ctl00$ctl00$diidIOSaveItem I’m not sure if this is needed. I just send it.
ctl00$ctl43$g_{{CONTROL_GUID0}}$ctl00$ctl02$ctl00$ctl01$ctl00$ContentTypeChoice Value of context parameter ContentType_0 The value of this parameter determines which of the possible content types the user/test chose from the drop-down list.
ctl00$ctl43$g_{{CONTROL_GUID0}}$ctl00$ctl02$ctl00$ctl06$ctl00$owshiddenversion Value of context parameter OWSHiddenVersion_0 SharePoint needs this value to detect conflicting changes to the SPListITem that represents this file.

SharePoint people-pickers in loadtests

A significant number of the webtests in out loadtest need to simulate a human tying into a people-picker control. This control waits until the first few letters have been entered and after that calls SharePoint’s client.svc web-service every time the user enters data into the control.

I simulate this with the following logic in webtests:

GET https://...
For Each Character In Targetusers display name:
    POST https://.../_vti_bin/client.svc/ProcessQuery
GET https:/...

As Visual Studio doesn’t contain a plugin that iterates over characters in a string, I wrote my own. This plug-in allows you to choose:

  1. Which input parameter contains the display name to iterate over.
  2. Into which output parameter to place the sub-string.
  3. At which index to start iterating. The 1st iteration of the loop includes all characters upto the starting index. All subsequent iterations add one more letter from the input string into the output string.

Some nice-to-have improvements to this plugin are:

  • Add a configurable delay in milliseconds to each loop. This would be nice as think-times on requests can only be configured in intervals of whole seconds
  • Add an option to automatically clear the output parameter once all iterations have finished

Here is the code for the plug-in:

using System.Collections.Generic;
using System.ComponentModel;
using Microsoft.VisualStudio.TestTools.WebTesting;
using Microsoft.VisualStudio.TestTools.WebTesting.Rules;

namespace LoadTestPlugins
{

    [DisplayNameAttribute("For Each character in context parameter")]
    [DescriptionAttribute("Sequentially copies each character from the source into the destination. You can use this to simulate a user that types a name into a peoplepicker for example")]
    public class ForEachCharacter : ConditionalRule
    {

        #region Methods
        public override void CheckCondition(object sender, ConditionalEventArgs e)
        {
            string Input = e.WebTest.Context[this.InputContextParameterName].ToString();
            string Output;
            try
            {
                Output = e.WebTest.Context[this.OutputContextParameterName].ToString();
            }
            catch (KeyNotFoundException)
            {
                Output = string.Empty;
            }


            //Only do something if the output is not yet complete
            if (Input.Length == Output.Length)
            {
                e.IsMet = false;
                return;
            }
            

            int LengthToCopy;
            if(Output.Length == 0)
            {
                //Copy all characters before the starting index and 1 extra
                LengthToCopy = this.StartIndex + 1;
            }
            else 
            {
                //Copy 1 extra character to the output
                LengthToCopy = Output.Length + 1;
            }

            e.IsMet = true;
            e.WebTest.Context[this.OutputContextParameterName] = Input.Substring(0, LengthToCopy);
            return;
        }
        
        #endregion

        #region Properties
        [Description("Name of context parameter that contains the characters to iterate over"),
        DisplayName("Input Context parameter"), IsContextParameterName(true)]
        public string InputContextParameterName {get; set;}

        [Description("Name of context parameter to store the each successive iteration"),
        DisplayName("Ouput Context parameter"), IsContextParameterName(true)]
        public string OutputContextParameterName { get; set; }

        [Description("The zero-based index to start the iteration from"),
        DisplayName("Start Index")]
        public int StartIndex { get; set; }
        #endregion
    }
}

A loadtest plugin to extract querystring parameters from responses

When a user creates a new casefile in our system. Its created as a custom content-type that inherits from SharePoint’s document set. My load tests need at least the following information in order to continue working with that casefile:

  1. The title of the document set.
  2. SharePoint’s ID of the content-type.
  3. SharePoint’s ID of the list item.
  4. SharePoint’s ID of the list where its created in.

The POST to a MVC controller is the starting point for our system to create the casefile. The only way to find out what the values are is by following a URL contained within the HTTP 200 response (looks like this)

<script type="text/javascript">window.parent.location.href="https://...../DocSetHome.aspx?......";</script>

By doing a GET request to that URL, we get a HTTP 302 response, Visual Studio automatically follows the redirect and the final HTTP 200 response’s URI contains all the dynamic values as querystring parameters:
https://……/docsethomepage.aspx?ID=…&FolderCTID=…&List=…&RootFolder=…&RecSrc=…

Visual Studio doesn’t have an out-of-the-box plugin that can extract the values of those querystring parameters. So I created my own: 

using System;
using System.Linq;
using Microsoft.VisualStudio.TestTools.WebTesting;
using System.Globalization;
using System.ComponentModel;
using System.Web;
using System.Collections.Specialized;
using Microsoft.VisualStudio.TestTools.WebTesting.Rules;

namespace LoadTestPlugins
{
    [DisplayNameAttribute("Extract querystring parameter")]
    [DescriptionAttribute("Extracts the value of a querystring parameter from the URI of a response")]
    public class ExtractQuerystringParameter : ExtractionRule
    {
        //Which field to parse and store in the context
        [Description("Name of the querystring parameter to extract"),
        DisplayName("Field name")]
        public string FieldName {get; set;}


        public override void Extract(object sender, ExtractionEventArgs e)
        {
            if (e.Response.ResponseUri != null)
            {
                NameValueCollection NVC = HttpUtility.ParseQueryString(e.Response.ResponseUri.Query);
                string value = NVC[this.FieldName];
                if(!string.IsNullOrEmpty(value))
                {
                    //The last part of the RootFolder or RecSrc contains the name of the 
                    //documentset. It needs to be Url encoded as it might contain spaces  
                    if (   this.FieldName.ToLower().Equals("RootFolder".ToLower())
                        || this.FieldName.ToLower().Equals("RecSrc".ToLower()))
                    {
                       value = Uri.EscapeUriString(value.Split('/').Last());
                    }
                    e.WebTest.Context.Add(this.ContextParameterName, value);
                    e.Success = true;
                    return;
                }
                else
                {
                    e.Success = false;
                    e.Message = string.Format(CultureInfo.CurrentCulture
                        , "Querystring Parameter Not Found: {0}"
                        , this.FieldName);
                }
            }
        }
    }
}

Loadtesting using Markov chains to simulate user behavior

One of my clients has a rather large SharePoint farm and uses the add-in / provider-hosted-app model a lot. Everyone who looks at the topology and machine specs, expects the farm to provide a ‘huge’ amount of performance. In practice the users report that its rather slow.

The guys in maintenance had done some rudimentary measurements and didn’t really see any reason to doubt the machine specs. So we were wondering…

how come that users are perceiving a lack of performance? Are we measuring correctly? How do we compare the farm’s performance before and after major changes? If we fix bottlenecks, how far can we push the farm?

These are different questions, that all need the results from a ‘proper’ loadtest. So what is a ‘proper’ loadtest and how do we build that?

Besides the criteria described in My Definition of Done for performance and loadtest cases, a proper loadtest needs to simulate realistic behavior patterns. In our case that means:

  • Users will choose to sequentially do many different actions in a short time period.
  • Some actions are usually only done by some types of users. Some actions are usually done by all types of users.
  • Action sometimes depend on data that was generated during an earlier action.
  • Some actions are always followed by another type of action.
  • Its not fixed exactly in which order and when the actions will be executed. Its dependent on probabilities.
  • We have a rough idea what the probabilities are, but we expect these probabilities to change as time progresses and our knowledge increases. We don’t want to invest significant time to change the tests.

In order to satisfy the above, I decided that a plain-old operational profile wasn’t suitable. We needed to combine it with a Markov chain (see Kozialek’s paper on Operational Profiles). Also I wanted the loadtest to decide during run-time which path through the chain would be taken. I really didn’t want to generate the chains at design time and have to redo them once the probabilities are measured more accurately. Visual Studio doesn’t support this out of the box, so I had create some plug-ins that would achieve this:

Plugin Type Purpose
GenerateRandomNumber WebTestRequestPlugin Generates a random number between a user defined lower- and upperbound. Visual Studio only had a plugin that would generate the number once during a test. I needed to generate it every iteration within a single test.
NumberInRange ConditionalRule Executes a block of requests only when the input number falls in a user defined range. This lets me dynamically select the transtions/action in the Markov chain like in the following pseudo-code:

probability = GenerateRandomNumber(1,100)
if probability between 1 and 5: do action1; stay in current state;
if probability between 6 and 90: do action2; go to state xxx;
if probability between 91 and 98 do action3; go to state yyy;
if probability between 99 and 100: go to exit state;
ChooseDocumentSet WebTestRequestPlugin About 70% of the users will select a case-file and start working with it. This plugin queries SharePoint to find a suitable document set and ensures that this document set is never shared by multiple users.
ForEachCharacter ConditionalRule (loop) Simulates a user typing into a people-picker. Its a plugin that that executes a block of requests for each character in user defined context parameter.
GenerateGuid WebTestRequestPlugin Is able to generate a new GUID every time a certain request is executed instead on only once per test.
ExtractQuerystringParameter ExtractionRule Retrieves the value of a specific querystring parameter. My system dynamically generates information and returns a URI containg this information in various querystring parameters. My testcases needed to remember these values for later use.
ClearContextParameter WebTestPlugin Is able to clear the value of an existing context parameter each time a .webtest is called by another webtest.

How to get Selenium to run the browser as a different user

Selenium is great for testing web-apps. One of the challenges that you’ll eventually run into is needing to control which user is connecting to the system under test. Achieving this is far from intuitive. A search for this topic gives many links that don’t solve this problem:

Most of these are attempting to make use of Impersonation. This doesn’t work as the web-browser process ends-up running under your credentials not the credentials that you impersonated into. This is because Selenium’s code on Windows uses the CreateProcess() function to starts its sub-processes. The MSDN page on that says

“If the calling process is impersonating another user, the new process uses the token for the calling process, not the impersonation token”

How do we achieve our objective then? The answer is to start using RemoteWebDriver together with Selenium Grid. Lets assume we want to run testcases under your account and the account of a user I will call user1.

Start a Selenium hub on your local machine under your account.

Start a Selenium node on your local machine under your account.This node will run web-browsers using your credentials. The following command will start a node that can run Firefox and Internet Explorer on Windows: 

java 
-jar Selenium-server-standalone-x.xx.x.jar 
-role node 
-port 55565 
-hub "http://<yourmachine>:4444/grid/register" 
-browser "browserName=firefox" 
-browser "browserName=iexplore"

Start a Selenium node on another machine that is logged on as user1. This node will run web browsers as user1. Make sure that node is starting with different capabilities than your node. For example, here although we start the node on Windows, we manually overrule that and the node tells the hub that its running on Mac.

java 
-jar Selenium-server-standalone-x.xx.x.jar 
-role node 
-port 5556 
-hub "http://<yourmachine>:4444/grid/register" 
-browser "platform=MAC,browserName=firefox,maxinstances=12"

Instead of instantiating the actual implementations such as InternetExplorerDriver or FirefoxDriver, you need to instantiate a RemoteWebDriver. When instantiating the RemoteWebDriver, you can use the DesiredCapabilities object to determine which machine (and thus which user) Selenium will choose to run the browser on. For example:

public IWebDriver CreateNewBrowserFor(string Who)
{
    //Decide which of Selenium nodes we want to connect to 
    string CapabilitiesOfTargetUser;
    if(Who.Equals("user1"))
    {
        //We need to control a browser for user1 on his node
        CapabilitiesOfTargetUser = "platform=Mac;browserName=firefox";
    }
    else if(Who.Equals("me"))
    {
        //We need to control a browser for me on my node
        CapabilitiesOfTargetUser = "platform=WINDOWS";
    }
    else
    {
        throw new ArgumentException();
    }
    
    //Create a Selenium DesiredCapabilities object that contains our choosen capabilities
    Dictionary<string, object> RequestedCapabilities = new Dictionary<string, object> ();
    string[] CapabilitiesArray = CapabilitiesOfTargetUser.Split(';');
    foreach(string KeyValuePair in CapabilitiesArray)
    {
        string key = KeyValuePair.Split('=').First().Trim();
        string value = KeyValuePair.Split('=').Last().Trim();
        RequestedCapabilities[key] = value;
    }
    DesiredCapabilities Capabilities = new DesiredCapabilities(RequestedCapabilities);
    
    //Create the RemoteWebDriver. Selenium's hub will ensure that this RemoteWebDriver is
    //actually controlling a new browser on the correct machine
    return  new RemoteWebDriver
    (
         new Uri("http://localhost:4444/wd/hub")
       , Capabilities
       , new TimeSpan(0, 0, 50)
    );
}

Single Sign On with Selenium and Firefox in a windows environment

When you run a testcase using Selenium WebDriver against a site like SharePoint, you’ll frequently see that Firefox is blocked waiting for you to enter the username and password of a user. This may seem unexpected because it even happens when your own Firefox window doesn’t need you to enter any credentials.

The reason for this is because the FirefoxDriver creates a new temporary profile and it doesn’t include the settings needed for SSO. There’s 2 ways of dealing with this.

The first way

The first way only works on the local machine that is running the tests. You can configure the FirefoxDriver to use an existing profile instead of creating a new one. The following code snippet shows how to do that in C#.

new FirefoxDriver(new FirefoxProfileManager().GetProfile("default"));

You don’t have to use the “default” profile. You’re free to create a dedicated profile for Selenium tests if you want. Just start Firefox from the command line using firefox -p to start Firefox’s Profile Manager.

The second way

The first way wont work if your tests use RemoteWebDriver to connect to a remote instance of FirefoxDriver. This is due to the fact that identically named profiles, still have a different internal name on each machine.

Instead we will configure Firefox to include the relevant SSO settings into every profile that’s created. You will need administrative credentials during this one-time configuration. Lets assume your site is called “https://myserver.contoso.local/sites/myapp”

  1. Open Windows Explorer and navigate to the Firefox installation directory. That’s usually “C:\Program Files (x86)\Mozilla Firefox”
  2. Create a file there (in this example, I used “mozilla.cfg”) with the following content: 
    //
lockPref("network.automatic-ntlm-auth.trusted-uris", "contoso.local");
  3. Use Windows Explorer to navigate to Firefox’s directory containing the preferences to be used for new profiles. That’s usually “C:\Program Files (x86)\Mozilla Firefox\defaults\pref”
  4. Create a file there called “local-settings.js” with the following content: 
    //@line 2 "c:\builds\moz2_slave\rel-m-esr31-w32_bld-0000000000\build\browser\app\profile\channel-prefs.js"
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
pref("general.config.obscure_value", 0);
pref("general.config.filename", "mozilla.cfg");

See Locking preferences in Firefox for details on this.

My Definition of Done for performance and loadtest cases

Load and performance testcases are frequently used for multiple objectives:

  • Determining where a system’s breaking point is
  • Determining if a system is able to meet a required load

Here are the criteria I use to make sure my load/performance testcases are good enough to use and maintain for all the objectives. I’ve been using this for regular load tests on a huge SharePoint farm at one of my clients.

Criteria Explanation
The following information is parametrized into context parameters:

  1. Server name(s)

  2. Site name(s)

  3. List/library/page name(s)

  4. Filenames (up- and download) specific to the testcase
User credentials are included in the testcase
Think-times on the various requests are configured conform test design I always check that the agreed thinktimes are present. I configure the loadtest to either use them all or ignore them all
The testcase includes a transaction encapsulating only the requests relevant to the scenario Test results always state how fast pages are. However, we also want to see fast the system is able to respond to user scenarios that include multiple requests
Testcase has logic to fail if generic errors / messages are returned
Testcase has logic to fail if the correct content has not been returned A simple validation rule to check for a specific string in the output is usually enough
Testcase has logic determine if a performance threshold has been exceeded
The decision to fail the testcase based on the threshold, can be enabled or disabled without changing the testcase I usually include a ‘responsetime goal’ validation rule and set its level to Low or Medium. Then at runtime, I can indicate what level of validation rules should apply to the entire loadtest. That will allow me to run the entire loadtest to stress the farm without a few performance delays causing the run to fail
Testcase is able to run standalone or as part of a loadtest with concurrent users
The testcase should only delete or modify information that it owns. If this is not possible, then the testcase must gracefully accepts errors when concurrent instances of it touch that information
Testcases that create, modify or delete information must include information that uniquely identifies the specific instance of the testcase In practice I use the following combination concatenated into a string:

  1. The id of the virtual user (WebTestUserId)

  2. The id of the iteration (WebTestIteration)

  3. The id of the agent running the test (AgentName)
Testcases conform to the testdesign in their decision to parse and execute dependent requests (.css, .js, images etc etc)

Setting up MySites in Central Admin and the error “An error has occurred in the claim providers configured from this site collection.”

I was busy configuring the User Profile Service through the link “Setup My Sites”. I couldn’t change anything on that page as it listed NT Authority\Authenticated Users; c:0(.s|true; in the box for “Read Permission Level” and was already printing the error message No exact match was found. using the peoplepicker through the little “Browse” icon showed the error An error has occurred in the claim providers configured from this site collection.

If you run into this error then you can try 2 things:
1) Configure an Alternate Access Mapping for Central Admin
2) Point your webbrowser directly at the server instead of the FQDN that resolves to it

Assume Central Admin running on port 555 of server xxxSP01 and DNS is configured to resolve portal.contoso.com to the server. When you access Central Admin through http://portal.contoso.com:555, then you’ll encounter this problem. If you use http://xxxSP01:555, then there’s no problem.

What to do when SharePoint managed account passwords are already expired

Suddenly your SharePoint installation stops working…
You’re seeing HTTP 500 errors even on Central Admin…
The ULS logs contains errors such as:

Unknown SQL Exception 0 occurred. Additional error information from SQL Server is included below. The target principal name is incorrect. Cannot generate SSPI context

This can happen when the various service accounts for SharePoint are no longer able to authenticate due to expired passwords. By default SharePoint wont proactively change that password even if AD policies require them to be changed. And, as admin you don’t even know what the old password is.

Firstly, you can see which service accounts are used by SharePoint using PowerShell’s Get-SPManagedAccount cmdlet. Use the ‘Active Directory Users and Computers’ tools to reset the password of those accounts to something you know.

Secondly, get Central Admin up-and-running:
RDP to the SharePoint Server
Open IIS Manager
Find the Application Pool that hosts Central Admin and open its advanced settings.
The ‘Identity’ row, lists which managed account is used for Central Admin. Hit the … button and enter the account and its new password
Restart the application pool
Central Admin should be available now. If not, try an IISRESET

Finally, use Central Admin to update the service accounts
Go to SharePoint Central Administration->Security->Configure managed accounts.
Click Edit on each account and do the following:


  1. Select “Change password now”

  2. Click “Use existing password”

  3. Type the password, and then click OK

  4. You might want to enable the option “Enable automatic password change” now. As this will avoid the problem from occurring again