Sorry, something went wrong Unable to cast object of type 'Yvand.EntraClaimsProvider.Configuration.ClaimTypeConfig' to type 'Yvand.EntraClaimsProvider.Configuration.IdentityClaimTypeConfig'.

[uday30980]

Hello Yvand,

SP Server 2019 On-Prem:

I am getting the following error on the EntraCP Global Config Page and Claims Type Configuration Page.

Sorry, something went wrong Unable to cast object of type 'Yvand.EntraClaimsProvider.Configuration.ClaimTypeConfig' to type 'Yvand.EntraClaimsProvider.Configuration.IdentityClaimTypeConfig'.

Here below are the mapping attributes.

$map = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "emailaddress" -LocalClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims**/upn**" $map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" -IncomingClaimTypeDisplayName "GivenName" -SameAsIncoming $map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" -IncomingClaimTypeDisplayName "SurName" -SameAsIncoming $map4 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Groups" -SameAsIncoming $ap = New-SPTrustedIdentityTokenIssuer -Name "AzureAD" -Description "SharePoint secured by Azure AD" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3,$map4 -SignInUrl $wsfedurl -IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" $trust = Get-SPTrustedIdentityTokenIssuer "AzureAD" $trust.ClaimProviderName = "EntraCP" $trust.Update()

Below are the Enterprise Application Attributes & Claims page settings.

Images attached.

What exactly is wrong in this configuration?

One more thing that is AZURECP is supported on SP Server 2019 On-Prem?

Thank you

[Yvand]

Hello @uday30980, Do you know what possible actions was done in EntraCP config to end up with this error? Can you send me the output of this script:

Add-Type -AssemblyName "Yvand.EntraCP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=65dc6b5903b51636"
$config = [Yvand.EntraClaimsProvider.EntraCP]::GetConfiguration()
$config.Settings.ClaimTypes 

Also, to quickly fix this issue, you can recreate the configuration using this script, but be mindful that all your settings will be lost (including the tenant configuration):

Add-Type -AssemblyName "Yvand.EntraCP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=65dc6b5903b51636"
[Yvand.EntraClaimsProvider.EntraCP]::DeleteConfiguration()
[Yvand.EntraClaimsProvider.EntraCP]::CreateConfiguration()

[uday30980]

Hi Yvand, Thank you for your prompt response. Just an update that I have tried the followed steps before I have received your response and it worked.

Below Steps that I have followed to reset the Global Configuration & Claims Type Configuration Page working again!

Step-1 I have removed the SPTrustedIdentityTokenIssuer. Step- 2 rerun the mapping attributes with one addition mapping attributes added as "upn" as highlighted below.

$map = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "emailaddress" -LocalClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" $map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" -IncomingClaimTypeDisplayName "GivenName" -SameAsIncoming $map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" -IncomingClaimTypeDisplayName "SurName" -SameAsIncoming $map4 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" -IncomingClaimTypeDisplayName "upn" -SameAsIncoming $map5 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Groups" -SameAsIncoming $ap = New-SPTrustedIdentityTokenIssuer -Name "AzureAD" -Description "SharePoint secured by Azure AD" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3,$map4,$map5 -SignInUrl $wsfedurl -IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" $trust = Get-SPTrustedIdentityTokenIssuer "AzureAD" $trust.ClaimProviderName = "EntraCP" $trust.Update()

Step-3 Just refresh the "Global Configuration" page and "Claim types confguration" page and it started showing the mapping attributes list as I have set above in Step-2. However I shows the default "LocalClaimType" as "emailaddress" instead of "upn" (as per the Step-2 under $map variable). Step-4 Finally I have used the "RESET" button at the bottom of the "Claim types confguration" page and it started showing the correct "mapping attributes" with "LocalClaimType" as "upn".

"Global Configuration" page and "Claim types confguration" page both started working.

[uday30980]

Hi Yvand, Just sending you the output of the script that you have requested above..

DirectoryObjectPropertyForGuestUsers : Mail EntityProperty : Mail EntityType : User SharePointEntityType : ClaimType : http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn UseMainClaimTypeOfDirectoryObject : False EntityDataKey : ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : DisplayName FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : DisplayName EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : True EntityDataKey : DisplayName ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : GivenName EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : True EntityDataKey : ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : Surname EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : True EntityDataKey : ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : MobilePhone EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : False EntityDataKey : MobilePhone ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : JobTitle EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : False EntityDataKey : Title ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : Department EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : False EntityDataKey : Department ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : OfficeLocation EntityType : User SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : False EntityDataKey : Location ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : Id EntityType : Group SharePointEntityType : ClaimType : http://schemas.microsoft.com/ws/2008/06/identity/claims/role UseMainClaimTypeOfDirectoryObject : False EntityDataKey : ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : DisplayName FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : DisplayName EntityType : Group SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : True EntityDataKey : DisplayName ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

EntityProperty : Mail EntityType : Group SharePointEntityType : ClaimType : UseMainClaimTypeOfDirectoryObject : False EntityDataKey : Email ClaimTypeDisplayName : ClaimValueType : http://www.w3.org/2001/XMLSchema#string PrefixToBypassLookup : EntityPropertyToUseAsDisplayText : NotSet FilterExactMatchOnly : False UpgradedPersistedProperties : {}

[Yvand]

@uday30980 you did not need to delete and recreate the SharePoint trust to fix the issue, as it was only in EntraCP configuration itself. In the worst case, using the script I sent to you to delete and recreate the config fixes this error. Sadly, we don't know how it happened, but I will add additional checks to ensure that such invalid configuration cannot be committed to the database.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[github-actions[bot]]

This issue was closed because it has been stalled for 5 days with no activity.