Sorry, something went wrong Unable to cast object of type 'Yvand.EntraClaimsProvider.Configuration.ClaimTypeConfig' to type 'Yvand.EntraClaimsProvider.Configuration.IdentityClaimTypeConfig'.
Closed this issue · 6 comments
Hello Yvand,
SP Server 2019 On-Prem:
I am getting the following error on the EntraCP Global Config Page and Claims Type Configuration Page.
Sorry, something went wrong
Unable to cast object of type 'Yvand.EntraClaimsProvider.Configuration.ClaimTypeConfig' to type 'Yvand.EntraClaimsProvider.Configuration.IdentityClaimTypeConfig'.
Here below are the mapping attributes.
$map = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "emailaddress" -LocalClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims**/upn**"
$map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" -IncomingClaimTypeDisplayName "GivenName" -SameAsIncoming
$map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" -IncomingClaimTypeDisplayName "SurName" -SameAsIncoming
$map4 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Groups" -SameAsIncoming
$ap = New-SPTrustedIdentityTokenIssuer -Name "AzureAD" -Description "SharePoint secured by Azure AD" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3,$map4 -SignInUrl $wsfedurl -IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
$trust = Get-SPTrustedIdentityTokenIssuer "AzureAD"
$trust.ClaimProviderName = "EntraCP"
$trust.Update()
Below are the Enterprise Application Attributes & Claims page settings.
Images attached.
What exactly is wrong in this configuration?
One more thing that is AZURECP is supported on SP Server 2019 On-Prem?
Thank youHello @uday30980,
Do you know what possible actions was done in EntraCP config to end up with this error?
Can you send me the output of this script:
Add-Type -AssemblyName "Yvand.EntraCP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=65dc6b5903b51636"
$config = [Yvand.EntraClaimsProvider.EntraCP]::GetConfiguration()
$config.Settings.ClaimTypes Also, to quickly fix this issue, you can recreate the configuration using this script, but be mindful that all your settings will be lost (including the tenant configuration):
Add-Type -AssemblyName "Yvand.EntraCP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=65dc6b5903b51636"
[Yvand.EntraClaimsProvider.EntraCP]::DeleteConfiguration()
[Yvand.EntraClaimsProvider.EntraCP]::CreateConfiguration()Hi Yvand,
Thank you for your prompt response.
Just an update that I have tried the followed steps before I have received your response and it worked.
Below Steps that I have followed to reset the Global Configuration & Claims Type Configuration Page working again!
Step-1 I have removed the SPTrustedIdentityTokenIssuer.
Step- 2 rerun the mapping attributes with one addition mapping attributes added as "upn" as highlighted below.
$map = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "emailaddress" -LocalClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"
$map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" -IncomingClaimTypeDisplayName "GivenName" -SameAsIncoming
$map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" -IncomingClaimTypeDisplayName "SurName" -SameAsIncoming
$map4 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" -IncomingClaimTypeDisplayName "upn" -SameAsIncoming
$map5 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Groups" -SameAsIncoming
$ap = New-SPTrustedIdentityTokenIssuer -Name "AzureAD" -Description "SharePoint secured by Azure AD" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3,$map4,$map5 -SignInUrl $wsfedurl -IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
$trust = Get-SPTrustedIdentityTokenIssuer "AzureAD"
$trust.ClaimProviderName = "EntraCP"
$trust.Update()
Step-3 Just refresh the "Global Configuration" page and "Claim types confguration" page and it started showing the mapping attributes list as I have set above in Step-2. However I shows the default "LocalClaimType" as "emailaddress" instead of "upn" (as per the Step-2 under $map variable).
Step-4 Finally I have used the "RESET" button at the bottom of the "Claim types confguration" page and it started showing the correct "mapping attributes" with "LocalClaimType" as "upn".
"Global Configuration" page and "Claim types confguration" page both started working.
Hi Yvand,
Just sending you the output of the script that you have requested above..
DirectoryObjectPropertyForGuestUsers : Mail
EntityProperty : Mail
EntityType : User
SharePointEntityType :
ClaimType : http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey :
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : DisplayName
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : DisplayName
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : True
EntityDataKey : DisplayName
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : GivenName
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : True
EntityDataKey :
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : Surname
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : True
EntityDataKey :
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : MobilePhone
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey : MobilePhone
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : JobTitle
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey : Title
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : Department
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey : Department
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : OfficeLocation
EntityType : User
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey : Location
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : Id
EntityType : Group
SharePointEntityType :
ClaimType : http://schemas.microsoft.com/ws/2008/06/identity/claims/role
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey :
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : DisplayName
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : DisplayName
EntityType : Group
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : True
EntityDataKey : DisplayName
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
EntityProperty : Mail
EntityType : Group
SharePointEntityType :
ClaimType :
UseMainClaimTypeOfDirectoryObject : False
EntityDataKey : Email
ClaimTypeDisplayName :
ClaimValueType : http://www.w3.org/2001/XMLSchema#string
PrefixToBypassLookup :
EntityPropertyToUseAsDisplayText : NotSet
FilterExactMatchOnly : False
UpgradedPersistedProperties : {}
@uday30980 you did not need to delete and recreate the SharePoint trust to fix the issue, as it was only in EntraCP configuration itself.
In the worst case, using the script I sent to you to delete and recreate the config fixes this error.
Sadly, we don't know how it happened, but I will add additional checks to ensure that such invalid configuration cannot be committed to the database.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This issue was closed because it has been stalled for 5 days with no activity.