When trying to grant permissions in SharePoint using an SAP Role that has been synced using Duet Enterprise, you may get the following error:

"The user does not exist or is not unique."

In the ULS logs you may see one or both of these entries:

1. "ServiceContext for the http://<sharepointserver:port>/ context is null"

     Where sharepointserver and port are replaced with values from your environment.

     For example:
     "ServiceContext for the https://litware.litware.com:9000/ context is null"

 

2. System.Runtime.InteropServices.COMException: The user does not exist or is not unique.  
     at Microsoft.SharePoint.Library.SPRequestInternalClass.UpdateMembers(String bstrUrl, …   
     at Microsoft.SharePoint.Library.SPRequest.UpdateMembers(String bstrUrl, …

 

Cause:

The Duet Claims Provider, like most SharePoint functionality, requires a root site collection. The error "ServiceContext for the http://sharepointserver:port/ context is null" means that a root site collection could not be found.

For more information about limitations and supportability when no root site collection exists for your SharePoint Web Application, see the following articles:

SharePoint 2010: Supportability of unprovisioned root site in a SharePoint web application

SharePoint: Office client integration errors when no root site exists

Error message when you try to access a UNC Path of a Windows SharePoint Services 3.0 or in SharePoint Server 2007 if no site collection is mapped to the root of the web application: "The network path was not found"

 

Resolution:

You can confirm if a root site collection exists by navigating to the http://sharepointserver:port/ site in a browser and then see if a SharePoint site is displayed.  If there is no site at that URL, then you will need to create a SharePoint site collection at http://sharepointserver:port/ to resolve this issue. The site template used to create the root site is not important and it can be a blank site.