When trying to grant permissions in SharePoint using an SAP Role that has been synced using Duet Enterprise, you may get the following error:
"The user does not exist or is not unique."
In the ULS logs you may see one or both of these entries:
1. "ServiceContext for the http://<sharepointserver:port>/ context is null"
Where sharepointserver and port are replaced with values from your environment.
For example: "ServiceContext for the https://litware.litware.com:9000/ context is null"
2. System.Runtime.InteropServices.COMException: The user does not exist or is not unique. at Microsoft.SharePoint.Library.SPRequestInternalClass.UpdateMembers(String bstrUrl, … at Microsoft.SharePoint.Library.SPRequest.UpdateMembers(String bstrUrl, …
The Duet Claims Provider, like most SharePoint functionality, requires a root site collection. The error "ServiceContext for the http://sharepointserver:port/ context is null" means that a root site collection could not be found.
For more information about limitations and supportability when no root site collection exists for your SharePoint Web Application, see the following articles:
SharePoint 2010: Supportability of unprovisioned root site in a SharePoint web application
SharePoint: Office client integration errors when no root site exists
Error message when you try to access a UNC Path of a Windows SharePoint Services 3.0 or in SharePoint Server 2007 if no site collection is mapped to the root of the web application: "The network path was not found"
You can confirm if a root site collection exists by navigating to the http://sharepointserver:port/ site in a browser and then see if a SharePoint site is displayed. If there is no site at that URL, then you will need to create a SharePoint site collection at http://sharepointserver:port/ to resolve this issue. The site template used to create the root site is not important and it can be a blank site.