SlideShare uma empresa Scribd logo

User Profile Synchronization Service: Tips and Troubleshooting by Paul Stork - SPTechCon

Transferir como PPTX, PDF
SPTechCon
SPTechCon

Technical Class: Wednesday, March 6 8:15 AM - 9:30 AM

1 de 27
User Profile Synchronization Service Tips and Troubleshooting
Paul Papanek Stork • Principal SharePoint Architect for BlueChip Consulting Group • http://www.bluechip-llc.com • Contributing Author • Developer’s Guide to WSS 3.0 • MOSS 2007 Best Practices • Author • MCTS: WSS 3.0 Configuration Study Guide (70-631) • Pro SharePoint 2010 Development for Office 365 • Contact Information • Email: Paul.Stork@bluechip-llc.com • Blog: http://dontPaPanic.com/blog • Twitter: @PStork
Agenda • User Profile Sync in 2010 • User Profile Sync Changes in 2013 • AD Profile Sync versus AD Import in 2013 • Preparation for User Profile Sync • Starting User Profile Sync & Troubleshooting • Importing Additional Information
Profile Service Application Architecture Web Front End Profile Profile Service Synchronization Enterprise Metadata Instance Service Tagging and Profile Properties Instance WFE talks to the service and SQL, Mid-tier cache, optimized for most- maintains Front-end used profiles, 256 Mb default (good cache for 500k users on average)
User Profile Service Databases • Profile database – used to store user profile information. • Synchronization database – used to store configuration and staging information for synchronizing profile data. • Social tagging database – used to store social tags and notes created by users. • User Information Table – Synchronized with User Profile (stores information like user display name for each site collection)
User Profile Timer Jobs Name Description Timing Activity Feed Cleanup Cleans up pre-computed activities that are used in activity feeds that Daily at 3 AM are older than 14 days. This job does not affect the User Profile Change Log. Activity Feed Pre-computes activities to be shown in user activity feeds. Hourly Audience Compilation Computes memberships of defined audiences. Weekly, Sat at 1 AM My Site Suggestions Email Sends e-mail messages that contain colleague and keyword Monthly, 15th at 10 suggestions to people who do not update their profile often, prompting PM them to update their profiles. Social Data Maintenance Aggregates social tags and ratings and cleans the social data change Hourly, 30 min after log. Social Rating Synchronization Synchronize rating values between Social Database and Content database Change Cleanup Job Cleans up data that is 14 days old from User Profile Change Log. Daily at 10 PM Change Job Processes changes to user profiles Hourly, on the hour Incremental Synchronization Synchronizes user, group and group membership changes between the Daily at 1 AM User Profile Application and specified directory source Language Synchronization Job Looks for new language pack installations and makes sure that strings Every minute that related to the user profile service are localized correctly. SharePoint Full Synchronization Synchronizes user information from the user profile application to Hourly, on the hour SharePoint users and synchronizes site memberships from SharePoint to the user profile application. SharePoint Quick Synchronizes user information from the user profile application to Every 5 minutes Synchronization SharePoint users who were recently added to a site. My Site Cleanup Job When a user is deleted, sends an e-mail message to the manager Hourly, on the hour containing a request to the manager to move any documents or data that the manager wants to preserve, because the site might be deleted in the future. System Job to Manage User Manages provisioning, run steps and additional tasks related to User Every minute Profile Synchronization Profile Synchronization. (Note: Don’t Change Timing)
Changes in SharePoint 2013 • Re-Introduction of AD Import • Faster Synchronization for Full Synch • Synchronization with multiple directory services • Active Directory Domain Services (AD DS) 2003 SP2 and above • Sun Java System Directory Server version 5.2 • Novell eDirectory version 8.7.3 • IBM Tivoli version 5.2
Active Directory Import • Faster than user Profile Sync. • No bidirectional synchronization • Limited to a single Active Directory forest. • Allows only one farm-wide property mapping. • Fewer properties synced by default than AD Sync • FirstName, LastName, Department, SPS-JobTitle, Office, PreferredName, SPS-Department, Title, WorkEmail, WorkPhone
Important CUs and SPs • Oct 2010 CU – fix for Central Admin SSL issue • Dec 2010 CU – breaks Netbios domain support • Feb 2011 CU – fix for Netbios domain support • Service Pack 1 – major improvements to User Profile Sync, but don’t use it without a later CU • June 2011 CU or August 2011 CU – should be installed after Service Pack 1 • Feb 2012 CU – improved stored procedures for maintenance of SyncDB
Prestart Checklist • Don’t Run the Farm Config Wizard! • If SQL is an Instance or FQDN • Create a SQL Alias • Install SP1 and August 2011 Cumulative Update • Verify Account Permissions • See the Next Slide • Does AD Netbios Domain Name match FQDN? • Example Acme ≠ Acmeman.dev • Additional Permissions required • $upsa = Get-SPServiceApplication –Id User-Profile-App-GUID $upsa.NetBIOSDomainNamesEnabled=1 $upsa.Update()
Security Rights for User Profile Sync • UPS Service Identity (Farm Account) • Must run as Farm Account • Local Admin during Provisioning • Log on Locally • Note: Reboot after changing Farm Account rights • Synchronization Connection Account • Replicating Directory Changes on the Domain • Netbios name ≠ FQDN name • Replicating Directory Changes on Configuration Partition • Member of Pre-Windows 2000 Compatible Access • For Export Only – Create Child Objects and Write Access to OUs
Starting User Profile Sync • Provision the User Profile Service Application through Central Admin • Start the User Profile Service in Services on Server • Reboot the Server • Start the User Profile Sync in Services on Server
Common Issues • SharePoint Farm account isn’t a Local Admin • Add the Farm Account to Local Admin and reboot • Creating User Profile Service App using Powershell • Sync DB schema is incorrect • Running Central Administration over SSL • Fixed in October 2010 CU • Timeouts when configuring Sync Connections • Use PowerShell to slowly increase timeouts until it works
Troubleshooting 1. Re-Verify original Checklist 2. Watch provisioning with ULSViewer
Monitoring UPS provisioning in ULS
Troubleshooting 1. Re-Verify original Checklist 2. Watch provisioning with ULSViewer 3. View Sync run with Forefront Identity Manager C:Program FilesMicrosoft Office Servers14.0 Synchronization ServiceUIShellmiisclient.exe
Watch Sync with MIISclient.exe
Troubleshooting 1. Re-Verify original Checklist 2. Watch provisioning with ULSViewer 3. Check Event Viewer for Errors 4. View Sync run with Forefront Identity Manager C:Program FilesMicrosoft Office Servers14.0 Synchronization ServiceUIShellmiisclient.exe
What Not to Do • Don’t modify the FIM service settings in Windows Services • Don’t try to use something other than the FARM account • Don’t modify FIM settings using MIISClient.exe • Don’t worry about the warning in Health Check about not running other services under the Farm Account
Importing Groups • Used for Audiences and to calculate MySite Memberships List • Has no effect on which users are imported • Has no effect on which users are displayed in People Picker
Importing Additional User Data • Must have a primary sync with a Directory service • Create a BCS external content type • ECT must use a Login identifier as Key • Configure a BCS sync Connection • Can Sync either a Single Valued or Multi Valued Property, but not Multiple records
Additional Resources • Configure profile synchronization (SharePoint Server 2010) - Technet http://technet.microsoft.com/en-us/library/ee721049.aspx • Troubleshooting User Profile Sync Issues on SharePoint 2010 – Steve Chen http://blogs.technet.com/b/steve_chen/archive/2010/10/13/troubleshoot ing-user-profile-sync-issues-on-sharepoint-2010.aspx • Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization- Spence Harbar http://www.harbar.net/articles/sp2010ups.aspx
Questions? Please Fill Out Your Evals!!! Paper in the Back of the room - OR - Use the Event Board “App” Contact Information Email: Paul.Stork@sharesquared.com Blog: http://dontPaPanic.com/blog Twitter: @PStork

Recomendados

Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...
Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...
Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...Richard Harbridge
 
Introduction to the SharePoint 2013 User Profile Service
Introduction to the SharePoint 2013 User Profile ServiceIntroduction to the SharePoint 2013 User Profile Service
Introduction to the SharePoint 2013 User Profile ServiceRegroove
 
Adfs 2 & claims based identity
Adfs 2 & claims based identityAdfs 2 & claims based identity
Adfs 2 & claims based identityNathan Winters
 
Implementing Enterprise Search in SharePoint 2010
Implementing Enterprise Search in SharePoint 2010Implementing Enterprise Search in SharePoint 2010
Implementing Enterprise Search in SharePoint 2010Agnes Molnar
 
Users, Profiles, and MySites: Managing a Changing SharePoint User population
Users, Profiles, and MySites: Managing a Changing SharePoint User populationUsers, Profiles, and MySites: Managing a Changing SharePoint User population
Users, Profiles, and MySites: Managing a Changing SharePoint User populationPaul Stork (Microsoft MVP)
 
SPCSEA 2013 - Upgrading to SharePoint 2013
SPCSEA 2013 - Upgrading to SharePoint 2013SPCSEA 2013 - Upgrading to SharePoint 2013
SPCSEA 2013 - Upgrading to SharePoint 2013Michael Noel
 
Managing the SharePoint 2010 Application Lifecycle - Part 1
Managing the SharePoint 2010 Application Lifecycle - Part 1Managing the SharePoint 2010 Application Lifecycle - Part 1
Managing the SharePoint 2010 Application Lifecycle - Part 1Chris O'Brien
 
SharePoint 2010 User Profile Sync
SharePoint 2010 User Profile SyncSharePoint 2010 User Profile Sync
SharePoint 2010 User Profile SyncNilesh Mehta
 

Recomendados

Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...
Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...
Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...Richard Harbridge
 
Introduction to the SharePoint 2013 User Profile Service
Introduction to the SharePoint 2013 User Profile ServiceIntroduction to the SharePoint 2013 User Profile Service
Introduction to the SharePoint 2013 User Profile ServiceRegroove
 
Adfs 2 & claims based identity
Adfs 2 & claims based identityAdfs 2 & claims based identity
Adfs 2 & claims based identityNathan Winters
 
Implementing Enterprise Search in SharePoint 2010
Implementing Enterprise Search in SharePoint 2010Implementing Enterprise Search in SharePoint 2010
Implementing Enterprise Search in SharePoint 2010Agnes Molnar
 
Users, Profiles, and MySites: Managing a Changing SharePoint User population
Users, Profiles, and MySites: Managing a Changing SharePoint User populationUsers, Profiles, and MySites: Managing a Changing SharePoint User population
Users, Profiles, and MySites: Managing a Changing SharePoint User populationPaul Stork (Microsoft MVP)
 
SPCSEA 2013 - Upgrading to SharePoint 2013
SPCSEA 2013 - Upgrading to SharePoint 2013SPCSEA 2013 - Upgrading to SharePoint 2013
SPCSEA 2013 - Upgrading to SharePoint 2013Michael Noel
 
Managing the SharePoint 2010 Application Lifecycle - Part 1
Managing the SharePoint 2010 Application Lifecycle - Part 1Managing the SharePoint 2010 Application Lifecycle - Part 1
Managing the SharePoint 2010 Application Lifecycle - Part 1Chris O'Brien
 
SharePoint 2010 User Profile Sync
SharePoint 2010 User Profile SyncSharePoint 2010 User Profile Sync
SharePoint 2010 User Profile SyncNilesh Mehta
 
Demonstrate profile synchronization in SharePoint Server 2013
Demonstrate profile synchronization in SharePoint Server 2013Demonstrate profile synchronization in SharePoint Server 2013
Demonstrate profile synchronization in SharePoint Server 2013Vinh Nguyen
 
SharePoint Taxonomy and Metadata 11-19-09
SharePoint Taxonomy and Metadata 11-19-09SharePoint Taxonomy and Metadata 11-19-09
SharePoint Taxonomy and Metadata 11-19-09Stephanie Lemieux
 
Enterprise Search in SharePoint 2010
Enterprise Search in SharePoint 2010Enterprise Search in SharePoint 2010
Enterprise Search in SharePoint 2010bgerman
 
Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Perficient, Inc.
 
Best Practices for Organizing Documents in SharePoint 2010
Best Practices for Organizing Documents in SharePoint 2010Best Practices for Organizing Documents in SharePoint 2010
Best Practices for Organizing Documents in SharePoint 2010Agnes Molnar
 
Access Services in SharePoint 2010 - All You Need to Know
Access Services in SharePoint 2010 - All You Need to KnowAccess Services in SharePoint 2010 - All You Need to Know
Access Services in SharePoint 2010 - All You Need to KnowNik Patel
 
Discover SharePoint 2013
Discover SharePoint 2013Discover SharePoint 2013
Discover SharePoint 2013Benjamin Niaulin
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAMRichard Harvey
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
SharePoint 2016 - What's New, What's Not
SharePoint 2016 - What's New, What's NotSharePoint 2016 - What's New, What's Not
SharePoint 2016 - What's New, What's NotRegroove
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservicesAlvaro Sanchez-Mariscal
 
Don't Suck at SharePoint - Avoid the common mistakes
Don't Suck at SharePoint - Avoid the common mistakesDon't Suck at SharePoint - Avoid the common mistakes
Don't Suck at SharePoint - Avoid the common mistakesBenjamin Niaulin
 
Learning analytics interventions should always be mediated by a human being
Learning analytics interventions should always be mediated by a human beingLearning analytics interventions should always be mediated by a human being
Learning analytics interventions should always be mediated by a human beingJisc
 
アイデンティティ管理の基礎~Fim adfsアーキテクチャ
アイデンティティ管理の基礎~Fim adfsアーキテクチャアイデンティティ管理の基礎~Fim adfsアーキテクチャ
アイデンティティ管理の基礎~Fim adfsアーキテクチャNaohiro Fujie
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options Microsoft TechNet - Belgium and Luxembourg
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechConDeep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechConSPTechCon
 
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...SPTechCon
 
“Managing Up” in Difficult Situations by Bill English - SPTechCon
“Managing Up” in Difficult Situations by Bill English - SPTechCon“Managing Up” in Difficult Situations by Bill English - SPTechCon
“Managing Up” in Difficult Situations by Bill English - SPTechConSPTechCon
 
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...SPTechCon
 
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...SPTechCon
 
Microsoft Keynote by Richard Riley - SPTechCon
Microsoft Keynote by Richard Riley - SPTechConMicrosoft Keynote by Richard Riley - SPTechCon
Microsoft Keynote by Richard Riley - SPTechConSPTechCon
 

Mais conteúdo relacionado

Destaque

Demonstrate profile synchronization in SharePoint Server 2013
Demonstrate profile synchronization in SharePoint Server 2013Demonstrate profile synchronization in SharePoint Server 2013
Demonstrate profile synchronization in SharePoint Server 2013Vinh Nguyen
 
SharePoint Taxonomy and Metadata 11-19-09
SharePoint Taxonomy and Metadata 11-19-09SharePoint Taxonomy and Metadata 11-19-09
SharePoint Taxonomy and Metadata 11-19-09Stephanie Lemieux
 
Enterprise Search in SharePoint 2010
Enterprise Search in SharePoint 2010Enterprise Search in SharePoint 2010
Enterprise Search in SharePoint 2010bgerman
 
Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Perficient, Inc.
 
Best Practices for Organizing Documents in SharePoint 2010
Best Practices for Organizing Documents in SharePoint 2010Best Practices for Organizing Documents in SharePoint 2010
Best Practices for Organizing Documents in SharePoint 2010Agnes Molnar
 
Access Services in SharePoint 2010 - All You Need to Know
Access Services in SharePoint 2010 - All You Need to KnowAccess Services in SharePoint 2010 - All You Need to Know
Access Services in SharePoint 2010 - All You Need to KnowNik Patel
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
SharePoint 2016 - What's New, What's Not
SharePoint 2016 - What's New, What's NotSharePoint 2016 - What's New, What's Not
SharePoint 2016 - What's New, What's NotRegroove
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservicesAlvaro Sanchez-Mariscal
 
Don't Suck at SharePoint - Avoid the common mistakes
Don't Suck at SharePoint - Avoid the common mistakesDon't Suck at SharePoint - Avoid the common mistakes
Don't Suck at SharePoint - Avoid the common mistakesBenjamin Niaulin
 
Learning analytics interventions should always be mediated by a human being
Learning analytics interventions should always be mediated by a human beingLearning analytics interventions should always be mediated by a human being
Learning analytics interventions should always be mediated by a human beingJisc
 
アイデンティティ管理の基礎~Fim adfsアーキテクチャ
アイデンティティ管理の基礎~Fim adfsアーキテクチャアイデンティティ管理の基礎~Fim adfsアーキテクチャ
アイデンティティ管理の基礎~Fim adfsアーキテクチャNaohiro Fujie
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 

Destaque (16)

Demonstrate profile synchronization in SharePoint Server 2013
Demonstrate profile synchronization in SharePoint Server 2013Demonstrate profile synchronization in SharePoint Server 2013
Demonstrate profile synchronization in SharePoint Server 2013
 
SharePoint Taxonomy and Metadata 11-19-09
SharePoint Taxonomy and Metadata 11-19-09SharePoint Taxonomy and Metadata 11-19-09
SharePoint Taxonomy and Metadata 11-19-09
 
Enterprise Search in SharePoint 2010
Enterprise Search in SharePoint 2010Enterprise Search in SharePoint 2010
Enterprise Search in SharePoint 2010
 
Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Understanding Identity Management with Office 365
Understanding Identity Management with Office 365
 
Best Practices for Organizing Documents in SharePoint 2010
Best Practices for Organizing Documents in SharePoint 2010Best Practices for Organizing Documents in SharePoint 2010
Best Practices for Organizing Documents in SharePoint 2010
 
Access Services in SharePoint 2010 - All You Need to Know
Access Services in SharePoint 2010 - All You Need to KnowAccess Services in SharePoint 2010 - All You Need to Know
Access Services in SharePoint 2010 - All You Need to Know
 
Discover SharePoint 2013
Discover SharePoint 2013Discover SharePoint 2013
Discover SharePoint 2013
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAM
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft Azure
 
SharePoint 2016 - What's New, What's Not
SharePoint 2016 - What's New, What's NotSharePoint 2016 - What's New, What's Not
SharePoint 2016 - What's New, What's Not
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservices
 
Don't Suck at SharePoint - Avoid the common mistakes
Don't Suck at SharePoint - Avoid the common mistakesDon't Suck at SharePoint - Avoid the common mistakes
Don't Suck at SharePoint - Avoid the common mistakes
 
Learning analytics interventions should always be mediated by a human being
Learning analytics interventions should always be mediated by a human beingLearning analytics interventions should always be mediated by a human being
Learning analytics interventions should always be mediated by a human being
 
アイデンティティ管理の基礎~Fim adfsアーキテクチャ
アイデンティティ管理の基礎~Fim adfsアーキテクチャアイデンティティ管理の基礎~Fim adfsアーキテクチャ
アイデンティティ管理の基礎~Fim adfsアーキテクチャ
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 

Mais de SPTechCon

Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechConDeep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechConSPTechCon
 
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...SPTechCon
 
“Managing Up” in Difficult Situations by Bill English - SPTechCon
“Managing Up” in Difficult Situations by Bill English - SPTechCon“Managing Up” in Difficult Situations by Bill English - SPTechCon
“Managing Up” in Difficult Situations by Bill English - SPTechConSPTechCon
 
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...SPTechCon
 
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...SPTechCon
 
Microsoft Keynote by Richard Riley - SPTechCon
Microsoft Keynote by Richard Riley - SPTechConMicrosoft Keynote by Richard Riley - SPTechCon
Microsoft Keynote by Richard Riley - SPTechConSPTechCon
 
Ten Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechCon
Ten Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechConTen Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechCon
Ten Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechConSPTechCon
 
Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...
Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...
Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...SPTechCon
 
Law & Order: Content Governance Strategies by Chrisitan Buckley - SPTechCon
Law & Order: Content Governance Strategies by Chrisitan Buckley - SPTechConLaw & Order: Content Governance Strategies by Chrisitan Buckley - SPTechCon
Law & Order: Content Governance Strategies by Chrisitan Buckley - SPTechConSPTechCon
 
What IS SharePoint Development? by Mark Rackley - SPTechCon
What IS SharePoint Development? by Mark Rackley - SPTechCon What IS SharePoint Development? by Mark Rackley - SPTechCon
What IS SharePoint Development? by Mark Rackley - SPTechConSPTechCon
 
The SharePoint and jQuery Guide by Mark Rackley - SPTechCon
The SharePoint and jQuery Guide by Mark Rackley - SPTechConThe SharePoint and jQuery Guide by Mark Rackley - SPTechCon
The SharePoint and jQuery Guide by Mark Rackley - SPTechConSPTechCon
 
Understanding and Implementing Governance for SharePoint 2010 by Bill English...
Understanding and Implementing Governance for SharePoint 2010 by Bill English...Understanding and Implementing Governance for SharePoint 2010 by Bill English...
Understanding and Implementing Governance for SharePoint 2010 by Bill English...SPTechCon
 
Integrate External Data with the Business Connectivity Services by Tom Resing...
Integrate External Data with the Business Connectivity Services by Tom Resing...Integrate External Data with the Business Connectivity Services by Tom Resing...
Integrate External Data with the Business Connectivity Services by Tom Resing...SPTechCon
 
Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...
Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...
Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...SPTechCon
 
Tutorial: Best Practices for Building a Records-Management Deployment in Shar...
Tutorial: Best Practices for Building a Records-Management Deployment in Shar...Tutorial: Best Practices for Building a Records-Management Deployment in Shar...
Tutorial: Best Practices for Building a Records-Management Deployment in Shar...SPTechCon
 
Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...
Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...
Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...SPTechCon
 
Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...
Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...
Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...SPTechCon
 
Sponsored Session: Better Document Management Using SharePoint by Roland Simo...
Sponsored Session: Better Document Management Using SharePoint by Roland Simo...Sponsored Session: Better Document Management Using SharePoint by Roland Simo...
Sponsored Session: Better Document Management Using SharePoint by Roland Simo...SPTechCon
 
Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...
Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...
Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...SPTechCon
 
Creating a Great User Experience in SharePoint by Marc Anderson - SPTechCon
Creating a Great User Experience in SharePoint by Marc Anderson - SPTechConCreating a Great User Experience in SharePoint by Marc Anderson - SPTechCon
Creating a Great User Experience in SharePoint by Marc Anderson - SPTechConSPTechCon
 

Mais de SPTechCon (20)

Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechConDeep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
Deep Dive into the Content Query Web Part by Christina Wheeler - SPTechCon
 
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
NOW I Get It... What SharePoint Is, and Why My Business Needs It by Mark Rack...
 
“Managing Up” in Difficult Situations by Bill English - SPTechCon
“Managing Up” in Difficult Situations by Bill English - SPTechCon“Managing Up” in Difficult Situations by Bill English - SPTechCon
“Managing Up” in Difficult Situations by Bill English - SPTechCon
 
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
Part I: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTec...
 
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
Part II: SharePoint 2013 Administration by Todd Klindt and Shane Young - SPTe...
 
Microsoft Keynote by Richard Riley - SPTechCon
Microsoft Keynote by Richard Riley - SPTechConMicrosoft Keynote by Richard Riley - SPTechCon
Microsoft Keynote by Richard Riley - SPTechCon
 
Ten Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechCon
Ten Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechConTen Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechCon
Ten Best SharePoint Features You’ve Never Used by Christian Buckley - SPTechCon
 
Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...
Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...
Looking Under the Hood: How Your Metadata Strategy Impacts Everything You Do ...
 
Law & Order: Content Governance Strategies by Chrisitan Buckley - SPTechCon
Law & Order: Content Governance Strategies by Chrisitan Buckley - SPTechConLaw & Order: Content Governance Strategies by Chrisitan Buckley - SPTechCon
Law & Order: Content Governance Strategies by Chrisitan Buckley - SPTechCon
 
What IS SharePoint Development? by Mark Rackley - SPTechCon
What IS SharePoint Development? by Mark Rackley - SPTechCon What IS SharePoint Development? by Mark Rackley - SPTechCon
What IS SharePoint Development? by Mark Rackley - SPTechCon
 
The SharePoint and jQuery Guide by Mark Rackley - SPTechCon
The SharePoint and jQuery Guide by Mark Rackley - SPTechConThe SharePoint and jQuery Guide by Mark Rackley - SPTechCon
The SharePoint and jQuery Guide by Mark Rackley - SPTechCon
 
Understanding and Implementing Governance for SharePoint 2010 by Bill English...
Understanding and Implementing Governance for SharePoint 2010 by Bill English...Understanding and Implementing Governance for SharePoint 2010 by Bill English...
Understanding and Implementing Governance for SharePoint 2010 by Bill English...
 
Integrate External Data with the Business Connectivity Services by Tom Resing...
Integrate External Data with the Business Connectivity Services by Tom Resing...Integrate External Data with the Business Connectivity Services by Tom Resing...
Integrate External Data with the Business Connectivity Services by Tom Resing...
 
Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...
Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...
Converting an E-mail Culture into a SharePoint Culture by Robert Bogue - SPTe...
 
Tutorial: Best Practices for Building a Records-Management Deployment in Shar...
Tutorial: Best Practices for Building a Records-Management Deployment in Shar...Tutorial: Best Practices for Building a Records-Management Deployment in Shar...
Tutorial: Best Practices for Building a Records-Management Deployment in Shar...
 
Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...
Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...
Tutorial: Building Business Solutions: InfoPath & Workflows by Jennifer Mason...
 
Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...
Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...
Creating Simple Dashboards Using Out-of-the-Box Web Parts by Jennifer Mason- ...
 
Sponsored Session: Better Document Management Using SharePoint by Roland Simo...
Sponsored Session: Better Document Management Using SharePoint by Roland Simo...Sponsored Session: Better Document Management Using SharePoint by Roland Simo...
Sponsored Session: Better Document Management Using SharePoint by Roland Simo...
 
Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...
Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...
Sponsored Session: The Missing Link: Content-Aware Integration to SharePoint ...
 
Creating a Great User Experience in SharePoint by Marc Anderson - SPTechCon
Creating a Great User Experience in SharePoint by Marc Anderson - SPTechConCreating a Great User Experience in SharePoint by Marc Anderson - SPTechCon
Creating a Great User Experience in SharePoint by Marc Anderson - SPTechCon
 

User Profile Synchronization Service: Tips and Troubleshooting by Paul Stork - SPTechCon

  • 2. Paul Papanek Stork • Principal SharePoint Architect for BlueChip Consulting Group • http://www.bluechip-llc.com • Contributing Author • Developer’s Guide to WSS 3.0 • MOSS 2007 Best Practices • Author • MCTS: WSS 3.0 Configuration Study Guide (70-631) • Pro SharePoint 2010 Development for Office 365 • Contact Information • Email: Paul.Stork@bluechip-llc.com • Blog: http://dontPaPanic.com/blog • Twitter: @PStork
  • 3. Agenda • User Profile Sync in 2010 • User Profile Sync Changes in 2013 • AD Profile Sync versus AD Import in 2013 • Preparation for User Profile Sync • Starting User Profile Sync & Troubleshooting • Importing Additional Information
  • 4. Profile Service Application Architecture Web Front End Profile Profile Service Synchronization Enterprise Metadata Instance Service Tagging and Profile Properties Instance WFE talks to the service and SQL, Mid-tier cache, optimized for most- maintains Front-end used profiles, 256 Mb default (good cache for 500k users on average)
  • 5. User Profile Service Databases • Profile database – used to store user profile information. • Synchronization database – used to store configuration and staging information for synchronizing profile data. • Social tagging database – used to store social tags and notes created by users. • User Information Table – Synchronized with User Profile (stores information like user display name for each site collection)
  • 6. User Profile Timer Jobs Name Description Timing Activity Feed Cleanup Cleans up pre-computed activities that are used in activity feeds that Daily at 3 AM are older than 14 days. This job does not affect the User Profile Change Log. Activity Feed Pre-computes activities to be shown in user activity feeds. Hourly Audience Compilation Computes memberships of defined audiences. Weekly, Sat at 1 AM My Site Suggestions Email Sends e-mail messages that contain colleague and keyword Monthly, 15th at 10 suggestions to people who do not update their profile often, prompting PM them to update their profiles. Social Data Maintenance Aggregates social tags and ratings and cleans the social data change Hourly, 30 min after log. Social Rating Synchronization Synchronize rating values between Social Database and Content database Change Cleanup Job Cleans up data that is 14 days old from User Profile Change Log. Daily at 10 PM Change Job Processes changes to user profiles Hourly, on the hour Incremental Synchronization Synchronizes user, group and group membership changes between the Daily at 1 AM User Profile Application and specified directory source Language Synchronization Job Looks for new language pack installations and makes sure that strings Every minute that related to the user profile service are localized correctly. SharePoint Full Synchronization Synchronizes user information from the user profile application to Hourly, on the hour SharePoint users and synchronizes site memberships from SharePoint to the user profile application. SharePoint Quick Synchronizes user information from the user profile application to Every 5 minutes Synchronization SharePoint users who were recently added to a site. My Site Cleanup Job When a user is deleted, sends an e-mail message to the manager Hourly, on the hour containing a request to the manager to move any documents or data that the manager wants to preserve, because the site might be deleted in the future. System Job to Manage User Manages provisioning, run steps and additional tasks related to User Every minute Profile Synchronization Profile Synchronization. (Note: Don’t Change Timing)
  • 7. Changes in SharePoint 2013 • Re-Introduction of AD Import • Faster Synchronization for Full Synch • Synchronization with multiple directory services • Active Directory Domain Services (AD DS) 2003 SP2 and above • Sun Java System Directory Server version 5.2 • Novell eDirectory version 8.7.3 • IBM Tivoli version 5.2
  • 8. Active Directory Import • Faster than user Profile Sync. • No bidirectional synchronization • Limited to a single Active Directory forest. • Allows only one farm-wide property mapping. • Fewer properties synced by default than AD Sync • FirstName, LastName, Department, SPS-JobTitle, Office, PreferredName, SPS-Department, Title, WorkEmail, WorkPhone
  • 9.
  • 10. Important CUs and SPs • Oct 2010 CU – fix for Central Admin SSL issue • Dec 2010 CU – breaks Netbios domain support • Feb 2011 CU – fix for Netbios domain support • Service Pack 1 – major improvements to User Profile Sync, but don’t use it without a later CU • June 2011 CU or August 2011 CU – should be installed after Service Pack 1 • Feb 2012 CU – improved stored procedures for maintenance of SyncDB
  • 11. Prestart Checklist • Don’t Run the Farm Config Wizard! • If SQL is an Instance or FQDN • Create a SQL Alias • Install SP1 and August 2011 Cumulative Update • Verify Account Permissions • See the Next Slide • Does AD Netbios Domain Name match FQDN? • Example Acme ≠ Acmeman.dev • Additional Permissions required • $upsa = Get-SPServiceApplication –Id User-Profile-App-GUID $upsa.NetBIOSDomainNamesEnabled=1 $upsa.Update()
  • 12. Security Rights for User Profile Sync • UPS Service Identity (Farm Account) • Must run as Farm Account • Local Admin during Provisioning • Log on Locally • Note: Reboot after changing Farm Account rights • Synchronization Connection Account • Replicating Directory Changes on the Domain • Netbios name ≠ FQDN name • Replicating Directory Changes on Configuration Partition • Member of Pre-Windows 2000 Compatible Access • For Export Only – Create Child Objects and Write Access to OUs
  • 13.
  • 14. Starting User Profile Sync • Provision the User Profile Service Application through Central Admin • Start the User Profile Service in Services on Server • Reboot the Server • Start the User Profile Sync in Services on Server
  • 15. Common Issues • SharePoint Farm account isn’t a Local Admin • Add the Farm Account to Local Admin and reboot • Creating User Profile Service App using Powershell • Sync DB schema is incorrect • Running Central Administration over SSL • Fixed in October 2010 CU • Timeouts when configuring Sync Connections • Use PowerShell to slowly increase timeouts until it works
  • 16. Troubleshooting 1. Re-Verify original Checklist 2. Watch provisioning with ULSViewer
  • 18. Troubleshooting 1. Re-Verify original Checklist 2. Watch provisioning with ULSViewer 3. View Sync run with Forefront Identity Manager C:Program FilesMicrosoft Office Servers14.0 Synchronization ServiceUIShellmiisclient.exe
  • 19. Watch Sync with MIISclient.exe
  • 20. Troubleshooting 1. Re-Verify original Checklist 2. Watch provisioning with ULSViewer 3. Check Event Viewer for Errors 4. View Sync run with Forefront Identity Manager C:Program FilesMicrosoft Office Servers14.0 Synchronization ServiceUIShellmiisclient.exe
  • 21. What Not to Do • Don’t modify the FIM service settings in Windows Services • Don’t try to use something other than the FARM account • Don’t modify FIM settings using MIISClient.exe • Don’t worry about the warning in Health Check about not running other services under the Farm Account
  • 22.
  • 23. Importing Groups • Used for Audiences and to calculate MySite Memberships List • Has no effect on which users are imported • Has no effect on which users are displayed in People Picker
  • 24. Importing Additional User Data • Must have a primary sync with a Directory service • Create a BCS external content type • ECT must use a Login identifier as Key • Configure a BCS sync Connection • Can Sync either a Single Valued or Multi Valued Property, but not Multiple records
  • 25.
  • 26. Additional Resources • Configure profile synchronization (SharePoint Server 2010) - Technet http://technet.microsoft.com/en-us/library/ee721049.aspx • Troubleshooting User Profile Sync Issues on SharePoint 2010 – Steve Chen http://blogs.technet.com/b/steve_chen/archive/2010/10/13/troubleshoot ing-user-profile-sync-issues-on-sharepoint-2010.aspx • Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization- Spence Harbar http://www.harbar.net/articles/sp2010ups.aspx
  • 27. Questions? Please Fill Out Your Evals!!! Paper in the Back of the room - OR - Use the Event Board “App” Contact Information Email: Paul.Stork@sharesquared.com Blog: http://dontPaPanic.com/blog Twitter: @PStork

Notas do Editor

  1. The User Profile Synchronization (UPS) service is perhaps the most used service application in SharePoint 2010. Unfortunately, it’s also one of the most difficult to configure. In this class, we’ll examine how UPS synchronizes user information with Active Directory and other data sources. We’ll also review the timer jobs that spread profile changes through the rest of the farm environment. We’ll explain the requirements for configuring the service successfully, and we’ll demonstrate how to recover from the common problems that occur during configuration of this service. If you are planning a SharePoint Server 2010 installation that uses User Profiles, then this class is for you.
  2. The User Profile Synchronization (UPS) service is perhaps the most used service application in SharePoint 2010. Unfortunately, it’s also one of the most difficult to configure. In this class, we’ll examine how UPS synchronizes user information with Active Directory and other data sources. We’ll also review the timer jobs that spread profile changes through the rest of the farm environment. We’ll explain the requirements for configuring the service successfully, and we’ll demonstrate how to recover from the common problems that occur during configuration of this service. If you are planning a SharePoint Server 2010 installation that uses User Profiles, then this class is for you.
  3. Firstly, the Populate Containers timeout, which by default is 30 seconds. We set this property on the User Profile Service Application Proxy:1$upaProxy = Get-SPServiceApplicationProxy -Id <GUID of User Profile Service Application Proxy>2$upaProxy.ImportConnAsyncTimeout = 453$upapProxy.Update()4# To get the GUID of the User Profile Service Application Proxy run Get-SPServiceApplicationProxyNext, the Save Synchronization Connection timeout, which by default is approximately 17 minutes. We can adjust this value (in milliseconds this time) on the Service Application:1$upsa = Get-SPServiceApplication –Id <GUID of User Profile Service Application>2$upsa.FIMWebClientTimeOut = 2400003$upsa.Update()4# To get the GUID of the User Profile Service Application run Get-SPServiceApplication.Lastly you may receive timeouts when simply connecting to the domain. By default the maximum time is 30 seconds. To alter this value, we must install the June Cumulative Update or later. Once we have done that we can modify the connection timeout on the Proxy:1$upaProxy = Get-SPServiceApplicationProxy -Id <GUID of User Profile Service Application Proxy>2$upaProxy.LdapConnectionTimeout = 453$upapProxy.Update()4# To get the GUID of the User Profile Service Application Proxy run Get-SPServiceApplicationProxy