SharePoint In Action

An attempt to share my day-to-day SharePoint experience

Archive for the category “SharePoint 2013”

InfoPath 2013 – How to populate the logged-in user information using GetUserProfileByName


Claim-based authentication has been chosen as the default authentication method for SharePoint 2013 and as result, I had a tough time getting the logged in user’s information in my InfoPath form using the familiar GetUserProfileByName web service method which I used to conveniently use in my InfoPath forms with SharePoint 2010.
The difference now is that the claim-based request adds a “0#.w|” in front of the user’s domain account. So my account would look like “0#.w|mydomain\naderheshmat” instead of “mydomain\naderheshmat” and this is what makes the web services methods break in InfoPath and you would get “Access Denied error” ūüė¶

It turned out that I had to take following steps to make it work:

1- Create a new domain user account for your to be used for setting up the Secure Store Target Application. We call it “yourdomain\InfoPathUser”. This user should have at least read access to your site

2- Setup a Secure Store Target Application entry called something like InfoPathID. Make sure the target application type is Group and that you are using yourdomain\InfoPathUser and its password for windows user name and password fields. In my case my Target Application Members were all users.

3- Create a Data Connection Library in your site or use a already existing one as a place to keep .udcs files created in your InfoPath form.

4- Create a GetUserProfileByName secondary data connection in your InfoPath form (we call it GUP) and convert it to a connection file and use the address of your Data Connection Library for the place to save the .UDCX file

5- Go to your Data Connection Library and download the udcx file you just created. Open it and edit the XML tag to look like this:

¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† <udc:SSO AppId=’InfoPathID‘ CredentialType=’NTLM’ />

Note that we used the secure store application ID InfoPathID here.

6- Save the file and upload it back to the Data Connection Library.

7- In your InfoPath form create a rule called Rule1. For simplicity we create it as a Form Load rule. Under queryFields node of your data connection (GUP) set the “AccountName” to formula:
substring-after(userName(), “0#.w|”)¬† and then hit Verify Formula.

8- Create another rule called Rule2 and choose “Query for Data” using GUP.

You are all set. All you need to do is populating your fields the old fashion way. For more information for how to populate user’s info please take a look at:

Nader Heshmat


ValidateCredentialClaims – Access Denied: Claims stored in the credentials did not match with the group claim for a group app.

Users were getting an error when they were trying to access the SharePoint site content. I checked the logs and found below errors:

ValidateCredentialClaims – Access Denied: Claims stored in the credentials did not match with the group claim for a group app.
Access is denied to the Secure Store Service.

In my case this was related to the members of my “Target Application” in my “Secure Store Service”. To fix it I went to Central Admin > Application Management > Manage Service Applications > Secure Store Service and edited the Target Application ID. I went to the third page by hitting Next.
I just added my members(or groups) to my target application’s member section.



Nader Heshmat

SharePoint 2013 Workflow is not enabled in SharePoint Designer 2013

I had created a Workflow Manager Farm but I was still unable to see the “SharePoint 2013 Workflow” in my SharePoint 2013 Designer.


Here is what I did to make it work:

On my SharePoint server(s) I executed the PowerShell command below to register my workflow:


Register-SPWorkflowService ‚ÄďSPSite ‚ÄďWorkflowHostUri -ScopeName [-PartitionMode] [-AllowOAuthHttp] [-Force]

an example of abow syntax would be:

Register-SPWorkflowService ‚ÄďSPSite "" ‚ÄďWorkflowHostUri "" ‚ÄďAllowOAuthHttp -force

or in my case since it was a dev box(no SSL):

Register-SPWorkflowService ‚ÄďSPSite "" ‚ÄďWorkflowHostUri "<strong>http:</strong>//" ‚ÄďAllowOAuthHttp -force

Please note that the “Workflow Service EndPoint URL” can be found in your SharePoint Server’s IIS Manager:


Please pay a close attention to the protocol your Workflow Service is using. By mistake I put http:// instead of https:// and I was getting error below:

Register-SPWorkflowService : The underlying connection was closed: An unexpected error occurred on a receive.


After running the Powershell command you would need to go to your Central Admin and check the “Workflow Services Application” under “Manage Service Applications”. The Workflow Service Status should read “Workflow is connected”. Once the workflow is connected you should be able to see the “SharePoint 2013 Workflow” in your SharePoint Designer.




Nader Heshmat

Uninstalling/Removing SharePoint 2013 Workflow Manager Farm

These are the steps you would need to take to uninstall your Workflow manager 1.0:

For each node in your workflow farm:

  1. Leave the workflow farm (Remove the node from the farm using ‚ÄúLeave Workflow Manager Farm‚ÄĚ option)






     2.      Uninstall the following programs in the program list in the Control Panel window, under Programs select Uninstall a Program.

  • Service Bus 1.0
  • Windows Fabric
  • Workflow Manager 1.0
  • Workflow Manager 1.0 Client


Once you are sure all nodes have left the workflow farm, you can delete below databases from you SharePoint SQL Server: (Backing them up beforehand might be a wise choice!)

  • SBMessageContainer01
  • SbGatewayDatabase
  • SBManagementDB
  • WFInstanceManagementDB
  • WFManagementDB
  • WFResourceManagementDB



Post Navigation