Yvand
Update a user information from SharePoint 2016
Hi, I used to use this PS command to update user information but looks like it is not working anymore Set-SPUser -Identity "i:0e.t|microsoftentratrust|[email protected]" -Web https://www.site.com -SyncFromAD get this error Set-SPUser : Cannot get the full name or e-mail address of user "i:0e.t|microsoftentratrust|[email protected]".
please note that we had existing users which are converted to Entra ID format and was working fine but not any more. is there any better solution? Also I like to know why it is not syncing automatically?
Thank you
Hi, When you run this command, is there any error related to EntraCP in the SharePoint logs? Does the profile "i:0e.t|microsoftentratrust|[[email protected]" exist in the User Profile service application?
Yes, the profile "i:0e.t|microsoftentratrust|[[email protected]" exist in the User Profile service application. Hence get-spuser is working fine
I can EntraCP logs but not with error
PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High [EntraCP] LogMsalError False MSAL 4.61.3.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2025-01-24 13:28:08Z - c609f692-4220-4957-9e1f-513a7011d5af] === Token Acquisition (1004) failed. Host: https://login.microsoftonline.com.
01/24/2025 08:28:08.99 PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High [EntraCP] LogMsalError False MSAL 4.61.3.0 MSAL.Desktop 4.8 or later Windows Server 2019 Datacenter [2025-01-24 13:28:08Z - c609f692-4220-4957-9e1f-513a7011d5af] Exception type: System.AggregateException ---> Inner Exception Details Exception type: Azure.RequestFailedException ---> Inner Exception Details Exception type: System.Net.WebException ---> Inner Exception Details Exception type: System.Security.Authentication.AuthenticationException To see full exception details, enable PII Logging. See https://aka.ms/msal-net-logging at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar) === End of inner exception stack trace === To see full exception details, enable PII Logging. See https://aka.ms/msal-net-...
01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ...logging at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context) at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.Pipeline.HttpWebRequestTransport.<ProcessInternal>d__8.MoveNext() === End of inner exception stack trace === To see full exception details, enable PII Logging. See h...
01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ...ttps://aka.ms/msal-net-logging at Azure.Core.Pipeline.HttpWebRequestTransport.<ProcessInternal>d__8.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.Pipeline.HttpWebRequestTransport.<ProcessAsync>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.Pipeline.HttpPipelineTransportPolicy.<ProcessAsync>d__4.MoveNext() --- End of stack t...
01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ...race from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.Pipeline.ResponseBodyPolicy.<ProcessAsync>d__5.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.Pipeline.LoggingPolicy.<ProcessAsync>d__9.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.Co...
01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ...mpilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.Pipeline.RedirectPolicy.<ProcessAsync>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at Azure.Core.Pipeline.RetryPolicy.<ProcessAsync>d__5.MoveNext() === End of inner exception stack trace === To see full exception details, enable PII Logging. See https://aka.ms/msal-net-logging at Azure.Core.Pipeline.RetryPolicy.<ProcessAsync>d__5.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNoti...
01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ...fication(Task task) at Azure.Core.Pipeline.HttpPipeline.<SendRequestAsync>d__18.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Azure.Core.HttpPipelineMessageHandler.<SendAsync>d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Identity.Client.Http.HttpManager.<>c__DisplayClass15_1.<<ExecuteAsync>b__2>d.MoveNext() --- End of stack trace from...
01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ... previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Identity.Client.Utils.StopwatchService.<MeasureCodeBlockAsync>d__51.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Identity.Client.Http.HttpManager.<ExecuteAsync>d__15.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() ... 01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ... at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Identity.Client.Http.HttpManagerWithRetry.<SendRequestAsync>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Identity.Client.Http.HttpManager.<SendPostAsync>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Identity.... 01/24/2025 08:28:08.99* PowerShell_ISE.exe (0x3C34) 0x5EA0 EntraCP Azure Identity 1337 High ...Client.OAuth2.OAuth2Client.<ExecuteRequestAsync>d__121.MoveNext()
Regards
So it does not work because of this error: System.Net.WebException ---> Inner Exception Details Exception type: System.Security.Authentication.AuthenticationException
Are you using a proxy?
Can you try the troubleshooting steps in this page?
@Yvand Again, my question is if I update an email address or last name in Entra ID why it does not automatically update on SharePoint on-premises 2016. That is being a bottleneck for as we have about 15k users. Is there anything you can recommend? I am still getting this Set-SPUser : Cannot get the full name or e-mail address of user "i:0e.t|microsoftentratrust|[email protected]".
Thank you
This is simply because there is no piece of code in SharePoint to fetch the user information from Entra ID to update the profile in the User Profile service. If you want this, you have to implement it yourself (through a PowerShell script or a console app). EntraCP is a claims provider, it is not designed to do that.
Again, question is If I update email address in Entra ID why it does not update in SharePoint? is not it mapped thru UPN? Is there any PowerShell script that will help me? I could NOT find any.
Thank you
https://github.com/bed428/SharePoint-Subscription-Edition/blob/main/SP_EntraID_Profile_Sync.ps1
If you want all the attributes I have, you have to make some of them admin writable. (make them user writable then switch them back, the admin edit will stick.)
https://github.com/bed428/SharePoint-Subscription-Edition/blob/main/SP_EntraID_Profile_Sync.ps1
If you want all the attributes I have, you have to make some of them admin writable. (make them user writable then switch them back, the admin edit will stick.)
Nice work!
In SharePoint this is what I see:
Hello Please note that this user does not have user profile in SharePoint on-premise site as it is a new user and not coming from Active Directory but from Entra ID. User profile is coming from Entra ID and I cannot see its first name, last name. How can I bring them (highlighted fields) to SharePoint? Please let me know.
Am I missing something? This is the mapping I have.
Thank you
EntraCP (or any claims provider) cannot really do this. The only good option is to create the profile for the trusted user in the User Profile Service and set the attributes here. Then SharePoint will propagate it to all the site collections.
Edit: If a user is added for the 1st time in a site collection, EntraCP can populate some metadata about the user. It does that using the settings under the column "PickerEntity metadata", that we can see in your screenshot.
You can see EntraCP setting this metadata when it validates the user permission, by setting EntraCP logs to verboseEx :
"EntraCP:*"| Set-SPLogLevel -TraceSeverity VerboseEx
But most of the time, SharePoint will ignore this, (unless the user is added for the 1st time in a site collection)
Well, I tried to create User Profile based on Entra ID which is already granted permission to a site collection using PowerShell but failed. How can I set these from Entra CP Meta data? what needs to be done?
Also, do you know any script available to create a user profile based on Entra ID?
Thank you
In EntraCP, it is already done: those are the properties set in the column "PickerEntity metadata". But as I already mentioned, SharePoint will ignore it most of the time, unless a user is added for the 1st time in a site collection
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue was closed because it has been stalled for 5 days with no activity.