The Claims authentication does not validate user troubleshooting topic is now available.

I see troubleshooting content as falling into two categories: break-fix and troubleshooting methodology.

Break-fix troubleshooting content is designed to fix a known problem based on a specific configuration and symptom. Many Knowledgebase articles fall into this category and the content typically consists of a procedure to fix the condition. Break-fix content is fine when the root cause of the problem and its solution are known. But, what do you do when the root cause of the problem and its solution are NOT known?

To determine the root cause of an arbitrary problem and its solution, you can spend years developing deep technical understanding and experience, culminating in an almost eerie ability to instantly diagnose the most obscure problems. Although this is a great goal and result to which all well-intentioned IT pros strive, the job demands of the front-line IT pro typically do not allow for such specialization. What is more important is the 10 issues they need to resolve today to address the 10 new issues that they will see tomorrow.

To effectively troubleshoot problems for which the root cause and solution are unknown, harried IT pros—who are not deep technical experts in the technology areas that are related to the problem—need the following:

  • An understanding of the tools that they can use to obtain error condition and system state information and make configuration changes.
  • A step-by-step process that takes them through the verification of system, configuration, and end-to-end process requirements, from the most basic to the more advanced. This process is designed to address the most common misconfiguration issues. If the process does not resolve the problem, the intention is to isolate the root cause of the problem for further investigation with the community or support organizations such as Microsoft Support.

This is what I call troubleshooting methodology content. I developed and published this type of content for DirectAccess in Windows Server 2008 R2 (see Tools for Troubleshooting DirectAccess and General Methodology for Troubleshooting DirectAccess Connections) and am now trying it out for SharePoint environments.

The Claims authentication does not validate user article describes the primary tools that you use to collect information about claims authentication and make configuration changes in SharePoint 2013 and then takes you through the following:

  • Step 1: Determine the details of the failed authentication attempt
  • Step 2: Check configuration requirements
  • Step 3: Additional items to check
  • Step 4: Use a web debug tool to monitor and analyze web traffic
  • Step 5: Capture and analyze authentication network traffic

My hope is that with this article, you are able to perform basic to intermediate claims authentication troubleshooting without having to be a claims guru.

Questions for you:

  • What do you think about this type of content? Is it useful to you?
  • If so, what additional areas of SharePoint Server or SharePoint Foundation would you like to see addressed with this type of troubleshooting content?

Please leave your answers to these questions as comments on this blog post. 



Joe Davies
Principal Writer