Access denied error while authenticating user in SharePoint 2010

After moving user account to different organizational unit in Active Directory, in some cases this user might then receive Internal server error 500, when accessing SharePoint 2010.

Environment:

  • SharePoint Server 2010 – Standard
  • Intranet – Classic windows authentication (NTLM), no anonymous
  • SQL 2005 (!!!)

Log in dialog keeps pop in for the user, even though he is providing correct credentials (checked for sure).

When it happens

It happened, only when moving user to different organizational unit in Active Directory.

After some digging, we discovered, that this error happens only for users, that have this record in SharePoint Content database, table UserInfo, column tp_Token is set to 0x.

tp_token_0x_error

 

ReasonĀ 

After a consultation with Microsoft, it’s caused by bug, that occurs only if using SQL 2005 database. It doesn’t happen in later versions. There is no KB for it (well not the public one).

Solution

  1. delete a user and recreate the account (using the powershell)
  2. If you really don’t care about Microsoft Support, you can change the value in database to null. (it works, but for obvious reasons don’t do it)

Hope it helps to lighten it up a little.

Leave a Reply

Your email address will not be published. Required fields are marked *