Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SPUserProfileServiceApp: Install account needs Full Control on Connection Permissions for User Profile Service Application
See original GitHub issueDetails of the scenario you tried and the problem that is occurring
When running Test-DSCConfiguration or Start-DSCConfiguration with an already present user profile service application, SPUserProfileServiceApp will fail on line 179 https://github.com/PowerShell/SharePointDsc/blob/93619b65b9e18d3a5b5ddbb92184c057276b4880/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/MSFT_SPUserProfileServiceApp.psm1#L179
Verbose logs showing the problem
PowerShell DSC resource MSFT_SPUserProfileServiceApp failed to execute Test-TargetResource functionality with error message: The provided My Site Location is not a valid My Site Host. + CategoryInfo : InvalidOperation: (😃 [], CimException + FullyQualifiedErrorId : ProviderOperationExecutionFailure + PSComputerName : <ServerName>
ULS:
Exception occured while connecting to WCF endpoint: System.ServiceModel.Security.SecurityAccessDeniedException: Access is denied. Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.ThrowIfFaultUnderstood(Message reply, MessageFault fault, String action, MessageVersion version, FaultConverter faultConverter)
at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown
at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Office.Server.UserProfiles.IProfilePropertyService.GetProfileProperties()
at Microsoft.Office.Server.UserProfiles.ProfilePropertyServiceClient.<>c__DisplayClass1.<GetProfileProperties>b__0(IProfilePropertyService channel)
at Microsoft.Office.Server.UserProfiles.MossClientBase`1.ExecuteOnChannel(String operationName, CodeBlock codeBlock)
Suggested solution to the issue
The problem is that the install account needs Full Control on Connection Permissions for User Profile Service Application. Alternatively the Farm account could be used instead to execute the test method as that account already has been granted full control.
The DSC configuration that is used to reproduce the issue (as detailed as possible)
SPUserProfileServiceApp UserProfileService
{
PsDscRunAsCredential = $SPSetupCredential;
ApplicationPool = "SharePoint Web Services";
ProxyName = "User Profile Service Application";
ProfileDBName = "$($ConfigurationData.NonNodeData.EnvironmentDatabasePrefix)_Profile";
NoILMUsed = $false;
Name = "User Profile Service Application";
SocialDBName = "$($ConfigurationData.NonNodeData.EnvironmentDatabasePrefix)_Social";
Ensure = "Present";
EnableNetBIOS = $true;
SyncDBServer = $ConfigurationData.NonNodeData.SyncDBServer;
ProfileDBServer = $ConfigurationData.NonNodeData.ProfileDBServer;
SyncDBName = "$($ConfigurationData.NonNodeData.EnvironmentDatabasePrefix)_Sync";
SocialDBServer = $ConfigurationData.NonNodeData.SocialDBServer;
MySiteHostLocation = $ConfigurationData.NonNodeData.MySitesHostUrl;
MySiteManagedPath = "personal"
}
The operating system the target node is running
OsName : Microsoft Windows Server 2012 R2 Standard OsOperatingSystemSKU : StandardServerEdition OsArchitecture : 64-bit WindowsBuildLabEx : 9600.19101.amd64fre.winblue_ltsb_escrow.180718-1800 OsLanguage : en-US OsMuiLanguages : {en-US}
Version of SharePoint that is used (e.g. SharePoint 2016)
SharePoint 2013
Version and build of PowerShell the target node is running
Name Value
PSVersion 5.1.14409.1012 PSEdition Desktop PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…} BuildVersion 10.0.14409.1012 CLRVersion 4.0.30319.36460 WSManStackVersion 3.0 PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1
Version of the DSC module that was used (‘dev’ if using current dev branch)
2.4.0.0
Issue Analytics
- State:
- Created 5 years ago
- Comments:7 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
It could be a false test, because after refreshing enviroment now it works fine
Was able to reproduce the issue and have implemented a fix. Will be included in my next bugfix PR