SharePoint User Profile Import / Synchronization

SharePoint User Profile Import/Synchronization has gone through an evolution and has been the number one support issue for SharePoint 2010 at Microsoft. Needless to say, it caused us major issues with clients while Microsoft was figuring it out. So far with SharePoint 2013, it looks like they finally got it right, but time will tell.

 

Below is both a history of User Profile implementations and their issues, as well as links to instructions for properly configuring those various implementations.

 

HISTORY

SharePoint 2003 & 2007:

  • User Profile Import only
  • No issues with any release (that I am aware of, please update me if you are aware of any issues)

SharePoint 2010:

  • User Profile Synchronization (read or write, but not both on the same property)
  • Prior to the April 2012 CU (including SP1); Synchronization would do one of the following behaviors based on which CU you had installed:
    • Profile Synchronization service will not start
    • Profile Synchronization service starts, but synchronization fails
    • Synchronization succeeds once and only once (the full sync)
    • Synchronization succeeds on first full sync and further incremental sync, but fails further full syncs
    • other Sync DB issues, see here
  • As of the April 2012 CU; Synchronization just works with the following notes:
    • There is still a bug where a UPA created with a Windows PowerShell session not running as the Farm Account prevents provisioning of the UPS service instance, has NOT been fixed. We still need to use the workaround here
    • There is also no change to the support of only a single OU per tenant for Synchronization

SharePoint 2013:

  • User Profile Import or Synchronization
  • It appears as if Import does not understand Subscription IDs and therefore cannot be used with a Partition Mode UPA. This may prevent My Sites from working…
  • I have not tried synchronization yet, please provide your experiences…

 

CONFIGURATION

  1. For all versions of SharePoint, you will need to use a domain account for import/synchronization and provide that account the “Replicate Directory Changes” permission.  The following article is directed for SharePoint 2010, but has the same necessary steps for all the other SharePoint versions.
  2. Configure import or synchronization in SharePoint
    1. User Profile Import
    2.  User Profile Synchronization

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s