Event ID 6142 (Windows SharePoint Services health model)
Applies To: Windows SharePoint Services 3.0
When Windows SharePoint Services 3.0 is in Active Directory account creation mode, any user added to a site is automatically added to the Active Directory organizational unit identified for use by Windows SharePoint Services 3.0. When running in Active Directory account creation mode, every application pool that contains one or more sites must use an account that has permissions to create, read, and update accounts in the Active Directory organizational unit that the domain administrator configured for Windows SharePoint Services 3.0.
Event Details
Product: |
Windows SharePoint Services |
ID: |
6142 |
Source: |
Windows SharePoint Services 3 |
Version: |
12.0 |
Symbolic Name: |
ULSEvtTag_6142 |
Message: |
Insufficient permission to read user data for %1\\%2 from Active Directory. |
Resolve
Assign the application pool account sufficient permissions
In order for Windows SharePoint Services 3.0 to have permissions to create accounts in the sharepoint_ou organizational unit, the identity account for the SharePoint Central Administration v3 application pool and the identity accounts for any Web applications must have the correct permissions delegated to it.
To see which account is being used by the application pool for the site where you could not add a user
You must be a member of the SharePoint Administrators group to perform this task.
In Central Administration Web, on the left navigation pane, click Application Management.
On the Application Management page, in the SharePoint Site Management section, click Site collection list.
On the Site Collection List page, you will see the site collections listed for a specific Web application. If you do not see the site collection that contains the site where you could not add a user, then click the drop-down list next to Web Application to switch to another Web application.
On the left navigation pane, click Application Management.
On the Application Management page, in the SharePoint Application Management section, click Web application list. The name of the Application pool will be to the left of the URL.
In Internet Information Services Manager, expand the server node and then expand the Application Pools node.
Right-click the application pool and click Properties.
In the Properties dialog box, on the Identity tab, the account is shown in the User name box.
Verify
Ensure that a new user can be added to an end-user-accessible site. The action should succeed without error.
You must be a site administrator to perform this task.
To check if a new user can be added to an end-user-accessible site
In the top level page of the site, on the left navigation pane, click People and Groups.
On the Peoples and Groups page, click New, and then click Add users.
On the Add Users page, type the user name in the Users/Groups box.
Click the name-check icon to the right Users/Groups of the box.
If the name resolves (is underlined), the problem has been fixed.
Related Management Information
Active Directory Integration (Health model)