Skip to main content

SharePoint - Search Service Application (SSA) - Attempted to perform an unauthorized operation

On my current project I needed to adjust and add some search mapping via SharePoint's Central Administration web site.

This should have been very straight forward as you have the ability to add managed properties and mappings easily via the UI.

However, when I went to save my changes I got the error "The settings could not be saved because of an internal error: Attempted to perform an unauthorized operation".







Now this was very confusing as I am administrator on the server and added into all of the correct SharePoint groups. I also tried the same action via PowerShell and got the same error.  

After a few hours of research and head scratching I managed to get to the bottom of the problem which is the way my user account had been added as an administrator to the server.

In the company I work for to make it easier to manage the administrators on a server a group is created in active directory called "servername_admins". This group is added to the local administrators group on the server and all of the people who need to be administrators are added into this group. This works well and you might be thinking what is the problem?

Well SharePoint doesn't like it. SharePoint expects to find your user account directory added to the servers actual "Administrators" group. As I was already an administrator on the server I manually added myself to this account to save the search changes and it worked like a charm.

Interestingly if you check the documentation from Microsoft they do actually mention the need for the farm administrator to be included in the "Administrators" group on each server in the farm.

https://learn.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/plan-for-administrative-and-service-accounts

That's all for now, until next time! 



Labels:

Comments

Post a Comment

Popular posts from this blog

Shouldn’t validating a checkbox be easier than this?

  Well it's been a while since I have done a post but with changing jobs recently and life in general getting in the way I just couldn’t seem to find the time. However, now I have a spare five minutes I thought I would fire off a post :) So what's the post about? Validating a checkbox web control. Now I know your reading this thinking that's easy all you need is a custom validator and a event handler in your code behind and job done? Well in most cases yes I would agree with you. However, my latest project (a legacy application) uses code generation to create the vast majority of the ASP.NET pages and user controls. Therefore it’s difficult for me to include anything other than the standard set of ASP.NET validators or something which inherits off the “ BaseValidator ” and get it working correctly in the XSLT templates generating the code. Because of this I decided to create my own validator for the checkbox web control. So how do we get started? Well first off you ne...
Post a Comment
Read more

Dependency Injection in SharePoint Featuring Ninject

A while ago I was having a discussion with one of my fellow developers at EMC Consulting about SharePoint and getting dependency injection working with it. Well finally after a few weeks I have found the time to produce a quick example of just how easy it is to get dependency injection working in SharePoint using a great tool called Ninject. You can find additional information about Ninject at http://ninject.org/ . So this get started! First off Ninject works by providing you with something it calls a kernel which it uses for returning an instance of a specific type. You can think about the kernel as a big brother to the factory pattern we all know and love. Because the kernel is so important the first things you need to do to get Ninject working in SharePoint is create an instance of a kernel and a simple way to do this in SharePoint is through the use of a HttpModule. 1: public class SharePointNinjectHttpModule: IHttpModule, IDisposable 2: { 3: private readonly HttpA...
Post a Comment
Read more