SharePoint 2013 InfoPath GetUserProfileService.asmx Error 500 Internal Server Error – Unauthorized or User with the Account Name Could Not Be Found

INTRODUCTION

I’m in the process of migrating a SharePoint 2010 site to 2013. Within the site are several InfoPath forms that need to also be migrated to 2013. The migration was all easy except when I start filling the InfoPath form, I get an error querying the web service.

After some investigations I found out that the error was regarding a call to /_vti_bin/userprofileservice.asmx on GetUserProfileServiceByName method. The form uses this web service to retrieve current user information and also when retrieving manager’s information.

After fiddling around and looking at different articles online there are 2 steps in fixing this issue. Details are as follows.

NOTE: Article audience: medium to advanced users.

STEP 1. SECURE STORE SERVICE

First error I was getting was when I open the form, the web service kicks in to retrieve current user information. The error was 500 Internal Server Error Access Denied. To fix this follow these steps:

– Open InfoPath and modify your template and ensure that your Data Connection for the web service call is already converted to “relative to Site Collection”.

– Go to Central Admin -> General Application Settings -> Configure InfoPath Form Services. Then set the following:
* Require SSL for HTTP authentication to data sources: NO
* Allow embedded SQL authentication: YES
* Allow user form templates to use authentication information contained in data connection files: YES
* Allow cross-domain data access for user form templates that use connection settings in a data connection file: YES

– Then go to Central Admin -> General Application Settings -> Configure InfoPath Forms Services Web Service Proxy, then select the web application which you have your forms on and ENABLE BOTH tickboxes.
* Enable InfoPath Forms Services Web service proxy: YES
* Enable InfoPath Forms Services Web service proxy for user forms: YES

– Provision Secure Store Service, then create a new application.

– Set:
* Target Application ID: InfoPathForm
* Display Name: InfoPathForm
* Contact E-Mail: Your email eg. admin@admin.com
* Target Application Type: Group, then select None
* Click Next

– Leave everything as is on the next screen and click Next

– On the next screen set the following:
* Target Application Administrators: Farm account
* Members: This is basically the users who need to have access to the web service. In my case it’s NT AUTHORITY\Authenticated Users (ie. all domain users)

– Once you’ve done that a Secure Store Service application is created. Now, as you mouse over on it, a drop-down appears, select Set Credentials. Then set the account that has access to the web service. I just simply use Farm Account for simplicity. See below:

– Next step is to modify your UDCX file for the web service call located in the Data Connection Library. I named mine GetUserProfileService.udcx. As you open the file, the following line is commented out:

<udc:Authentication><udc:SSO AppId=”InfoPathForm” CredentialType=”NTLM” /></udc:Authentication>

Un-comment that line then in the AppId specify the ApplicationID you specified in Secure Store Service. In this example is InfoPathForm. Then set CredentialType to NTLM.

Then where it says UseFormsServiceProxy=”false” change it to UseFormsServiceProxy=”true”

– Upload the UDCX back to Data Connection Library.

– Go to IIS -> Your SharePoint web application -> Authentication. Make sure the following is disabled: Anonymous Authentication.

That’s it! You will not get any more authentication errors.

STEP 2. ACCESSING USER’S PROFILE DETAILS

Now, this step is optional. This is only relevant if you have a people picker control in the form, and as you select a user, you automatically access his/her profile such as email, work phone, etc.

I’m not going to detail on how to make it happen but assuming that you have already had a people picker control and a hidden textbox to parse the username, you need to do the following:

In SharePoint 2007 and 2010, you can simply pass in someone’s username without the domain to the GetUserProfileByName. For example, if I pass in “tommy” instead of “DOMAIN\tommy”, it will work. In 2013 this will NOT work. The error message was:

Message: The remote server returned an error: (500) Internal Server Error. A user with the account name tommy could not be found.

In 2013 you HAVE TO pass in the domain. “tommy” will not work but “DOMAIN\tommy” will! Therefore, I have done the following:

See above I append my domain ie. “TFS\”. This is bad because it’s hardcoded. You can obviously do something fancy such as storing it in a SharePoint list then retrieve it in your form, etc.

I hope this helps everyone.

Happy InfoPathing,
Tommy

XsltListViewWebPart and custom XSLT for List View Web Part, Paging Control Top and Bottom

SharePoint 2010 2013 AD Updated, User Profile Updated but not My Settings or WSS Profile or Welcome User Text

Leave a comments Cancel reply

O'Connor, Western Australia