Infopath error using GetUserProfileByName method after converting to Claims or migrating to SP2013

Posted on by

When migrating your SharePoint 2010 InfoPath forms to SharePoint 2013 or while changing your classic web application to claims based web application, all the InfoPath forms which accesses user profile services(GetUserProfileByName method) fails with authentication errors.

In claims based web application user name is prefixed with “0#.w|” .User name in classic mode is “domain\username”  but in claims mode it will be “0#.w|domain\username”. If we use “GetUserProfileByName” method to gather any of the user information in infopath, it fails.You get access denied errors.

Workaround:
First, you need to create a secure store entry, type as Group and set credentials which has access to user profile data. I am not going to explain here about creating SSS(Secure Store Service) entry.

Once you have the SSS entry setup with permissions, we need to do 3 things

1. Create Data Connection library in SharePoint site(like any other library using data connection library template) and save your GetUserProfileByName data connection from Infopath as a udcx connection file.
2. Modify the connection file and include the SSS entry created before
<udc:Authentication><udc:SSO AppId=’SSS Id’ CredentialType=’NTLM’ /></udc:Authentication>. Upload it back and publish

We have handled the access issue in first 2 steps. Now you need to handle the username issue because of Claims.

 3. On form load , create a rule to set the accountname in GetUserProfileByName secondary dataconnection in queryFields node.

Condition: when Accountname is empty
set the account name as substring-after(username(), “0#.w|”)
Query for data using the GetUserProfileByName secondary dataconnection

If you are to display username in any other place instead of using username() function directly use
substring-after(username(), “0#.w|domain\”) to get the username.