User Profiles
This category includes posts related to SharePoint Server 2010 User Profiles, and User Profile Synchronization capabilities.
As a small but significant follow up to my UPA session at the SharePoint Conference in Anaheim last month, is that yesterday we pushed out an update to the Database types and descriptions article on TechNet to finally detail that synchronous mirroring of the Social database IS 100% supported. As already detailed in this document, the Profile database already supported synchronous mirroring. That leaves the Sync database, which if you were paying attention in the session we really don’t care about in terms of “HA” or “DR”. Not perfect by a long shot but you can now officially...
As promised during my sessions at the SharePoint Conference in Anaheim last week, here are the Windows PowerShell scripts demonstrated. Please note that these scripts are direct copies of those on my Virtual Machines. You *will* need to tweak them for use on your environments, and remember they are authored for the purposes of demonstration! If you wish to take pieces of them to use in a real deployment, they will need some work. The scripts are provided as is, without any warranties! You know the score. SPC407: Enterprise Deployment Considerations for the User Profile Service Application. ...
Was chatting to my buddy Rob Foster recently and he was slagging me off for not pointing to the SharePoint Pod Show we recently recorded. So here for you listening pleasure (ahem!) is a discussion about the MCM program, some classic mistakes for SharePoint deployments and even a little bit of cricket! SharePoint MCM, Top 3 mistakes, and User Profile Sync discussion with Spencer Harbar-Episode 63 .
One of the most common conversations I have with customers, partners and random SharePoint consultants is around the creation of SharePoint Server 2010 User Profile Synchronization Connections. These guys are the key link, or connection string if you will between the User Profile Service Application (UPA) and the connected directory services. A very common complaint is the inability to automate their creation using Windows PowerShell. The good news is that Service Pack 1 (SP1) introduces a couple of new cmdlets which help in this regard. This post looks at these cmdlets and also details why they might not be all...
One of the most common complaints about the User Profile Synchronization service in SharePoint Server 2010 is the time it takes to perform synchronization runs or “sync” for short. This is due to a number of factors not least of which is that by leveraging Forefront Identity Manager (FIM) SharePoint now effectively includes a metadirectory. This is a good thing. However if you are just doing import then there is a huge increase in the time it takes over previous versions which were simply performing an ADSI query and inserting the results into a database. It’s very important to...
You may have noticed a few new Windows PowerShell cmdlets included with SharePoint Server 2010 Service Pack 1 (SP1), Get-SPProfileLeader, Add-SPProfileLeader & Remove-SPProfileLeader. These cmdlets are causing a little bit of confusion, so this short post explains them and the problem they are intended to address. First up, they have absolutely nothing whatsoever to do with Organizational Profiles. The term “leader” here is somewhat misleading (no pun intended!). What this is all about is User Profiles and People Search Relevance. One of the key pieces of data that SharePoint Server Search uses to drive relevance in people...
One of the best new feature areas of SharePoint Server 2010 was the social computing capabilities delivered by the User Profile Service (UPA). Tags, Ratings, Activities as well as enhancements to the My Sites infrastructure allow enterprises to deliver rich “social” applications with the out of the box capabilities. Furthermore by using these features as building blocks a new class of composite social applications have become possible, enabling the enterprise to leverage social computing for both business benefit and end user happiness. Of course, as with many aspects of SharePoint 2010, with great power comes the need for responsibility...
Planning and implementing Exclusion Filters for SharePoint Server 2010 User Profile Synchronization (UPS) is without doubt one of the most important aspects of any UPS deployment. By making use of Exclusion Filters we can narrow down the objects we sync with. Exclusion Filters reduce the amount of “junk” in the Profile database and can significantly decrease the time taken to perform synchronization runs. I will be posting more about Exclusion Filters in general soon, but for this post I will concentrate on the most commonly used filter – that of the userAccountControl attribute in Active Directory. This is by...
It’s been brought to my attention recently that you all love the User Profile Synchronization service instance in SharePoint Server 2010! :). So much so in fact, that one of the most common requests I get is for more articles on this topic, and in particular details on syncing with directory systems other than Active Directory.
There is very little documentation about syncing with Novell eDirectory. Unfortunately at present TechNet only provides cursory information regarding permissions, and the early White Paper is extremely weak. Neither provide the necessary details to get it running.
This article will walk through the steps needed to...
Recently I’ve been asked a number of times about what happens to accounts deleted from Active Directory with respect to SharePoint 2010 User Profiles, and the User Profile Synchronization service instance. Unfortunately this pretty much isn’t documented at all, and furthermore there is quite a lot of incorrect information and assumptions about this area. There is plenty on how SharePoint 2007 handled things of course, but as regular readers (all two of them) will know, things are mighty different in 2010. The good news is that things are pretty straightforward and this post will walk through the important details.
Let’s take...
As you may already be aware there is a bug when creating the User Profile Service Application (UPA) using Windows PowerShell. This bug prevents the provisioning of the User Profile Synchronization service instance (UPS).
In a nutshell, when using Windows PowerShell to create a UPA the Default Schema of the Farm Account on the Sync DB is set incorrectly, and this will lead to an error during provisioning of the UPS later. The following error will be logged to the Application Event Log:
“IF EXISTS (SELECT * FROM sys.xml_schema_collections c, sys.schemas s WHERE c.schema_id = s.schema_id AND (quotename(s.name) + '.' + quotename(c.name))...
Back about a week after RTM of SharePoint 2010 I published my Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization. This was actually written up long before RTM and was doing the rounds among a circle of SharePoint “insiders”. I then tweaked it for RTM and pushed it out immediately after the SharePoint Evolutions Conference, where I had demoed live the steps.
Amazingly, this article has already been viewed over 260,000 times! An incredible response. Of course the Microsoft documentation in this area is weak at present, and UPS is what you could call a “rough edge” of...
Since I published my article, Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization, I’ve been deluged with email on the topic. All good, it shows me that I chose the right content to post, and that the content has relevance.
However one key aspect keeps coming up over and over again both in these emails and on IM etc. Lots of people after attempting to provision the UPS Service from Services on Server, need to reboot the server before the service is provisioned correctly.
If you are running the UPS Service instance on the machine hosting Central Administration, you MUST...
There's a ton of stuff out there on User Profile Sync in SharePoint Server 2010. Some of it’s good, some of it’s frankly terrible. TechNet has some of the best material, but unfortunately TechNet’s format restrictions are counter-intuitive. Therefore this article presents an end to end, “rational guide” to setting this up.
There are a couple of contentious setup requirements in here. I may discuss those in more depth later. For now, the following steps are required. Don’t try and work around them, UPS will break. The following is the least privilege you can get away with.
This article will also be...