User Profile Synch SharePoint 2010 – The Essential Mix

While I detailed my findings on initial pre-deploy Best Practices in my post Planning SharePoint 2010 User Profile Synchronization , I have since banged out a more organized reading list figured out through more hands-on. You may start UPS in SP 2010 as confident pro but but you’ll end with the thousand yard stare, UNLESS you follow the exact advice presented by the nice folks in the following list, in the order indicated:

1. Make sure you have the SharePoint 2010 August CU (build 14.0.5123.5000 ). Todd Klindt’s complete SharePoint 2010 build number list is here. I personally can’t vouch for newer CU’s as I haven’t tried yet but will post in the future when I learn more about the stablity of those CU’s.

2. Read Technet’s Configure profile synchronization (SharePoint Server 2010)   end-to-end. Do not do the worksheets component at the beginning yet – we will get to those when the basic synch service is up and running smoothly. Do not execute any of the config suggested in that article yet- just breeze through it, familliarize yourself with the config sections they are referring to, but just don’t set anything up yet.

3. Read and execute the steps described on Spencer Harbar’s guide at . As he indicates in his follow-up troubleshooting guide at you need to follow the instructions exactly:

I must stress that the number one reason people have problems is that
they do not follow the procedure! No really, I can’t count the number of
times steps have been missed or I get a response like “oh, I didn’t
think I needed to do that”. If you follow the procedure you will be
successful unless you are hitting an environmental or other known issue.

.. but wait! Not everyone is a super MVP like Spencer so a lot of the little details he refers to will actually be more complex for those who have perhaps have dived straight into SharePoint without a lot of Windows SysAdmin experience. So if you find gaps in your understanding of Spencers instructions, refer to the following article by Microsoft Support Escalation Engineer Steve Chen in point 4. Heck, read it regardless.

If you are at any point not clear on user accounts and rights, refer to Sean Wallbridge’s guidance on SharePoint 2010 Server User Accounts

Steve Chens User Profile Sync articleIn particular sections like detailing how to Grant Replicating Directory Permission in AD will help people who are new to the SysAdmin.

5. At this point you should have your two ForeFront Windows services up and started, and be able to access Central Administration > Synchronization Connections etc. normally. If not, or something else has blown out, do not pass go, do not collect $200 : return to Spencers troubleshooting article and be very sad because you very likely did not pay close enough attention to the steps involved.

6. Read Technet’s Plan for User Profile Synchronization

7. Grab theUser profile properties and profile synchronization planning worksheets for SharePoint Server 2010 , forget about being an environmentally friendly, paperless SharePoint zealot and print those suckers out. Post ‘em all over your cube, your bathroom, wherever. Make sure you run through them even if it’s not a mega enterprise deployment you are creating.

8. Deploy!

The preceding links are essential to avoid your first SharePoint 2010 User Profile Synchronization attempt turning into a headbanger where grown men stare anxiously at little service start status indicators.


Expand the SP 2010 User Profile Info by Default

Out of the box, the SharePoint 2010 User Profile page uses a bit of Javascript to truncate the user’s bio info like Email, School etc. with a “more information” hyperlink that can be clicked to show all the info.  The user’s bio/description text is also similarly semi-hidden on page load.

The following quick CSS hack can make both these detail areas fully visible by default, and also hide the “more information” / “hide information” hyperlink”:

1. Open the file in a plain text editor or CSS editor of choice.:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\1033\STYLES\mysitelayout.css 

2. Paste the following CSS into
the bottom of the file:

/* IT Groove -
 Added to keep the Show More Information/About Bio dialog in an opened state
initially */

 display:block !important;
 overflow:visible !important;
/*  */

3. Save file. Users will have to press Ctrl-F5 or go into their browser and manually delete the file cache
for the changes to take effect. Avoid deleting users browser cookies when clearing cache to avoid frustrations, just clear the file cache.

Just remember, you’re modifying core SharePoint CSS which is most definitely not a best practice, but can do the trick for you in some circumstances!

Incoming search terms:

Planning SharePoint 2010 User Profile Synchronization

A basic issue – the client has their Active Directory DisplayName populated in the style of “LastName, FirstName“. Legacy business requirements dictate that the DisplayName stays in that format – but the SharePoint champion comes along and indicates that it would be preferable to have the SharePoint 2010 UI show the users DisplayName in the standard “FirstName LastName” format.

After quickly toying with the idea of using Jquery or some other front-end patch to just reverse the names – complications arose – number one being the data in the DisplayName field in AD was inconsistent, with various flavours and styles of data that was mashed together over the years. Active Directory is aptly named-  people will mess up this data actively. Not to be trusted.  The solution:

1. Set up the SharePoint 2010 User Profile Synchronization and use custom field mapping.
2. Create a new profile property in AD called customDisplayName and give it the values Firstname Lastname
3. Map the new customDisplayName property to the SP  DisplayName property.

So, the end result should be that users would now see their DisplayName throughout the SP application populated with the AD field data “FirstName LastName
Getting User Profile Synchronization itself planned, configured and deployed is a big task. This post will let help you  plan out your first moves.

Authoritative initial references can be found at:

TechNet – Configure profile synchronization (SharePoint Server 2010):
Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization:
SharePoint 2010 – Provisioning User Profile Synchronization:

There are four Excel Worksheets available for download from TechNet which should be the best way to get things organized:

User Profile Properties Planning worksheet

( .xls download )
Should be used with the Plan user profiles, Plan for profile synchronization, and Configure profile synchronization topics on TechNet.

Connection Planning worksheet

( .xls download )
Specifies information that you will need to gather for each directory service with which you will synchronize profile information. It should be used with the Plan for profile synchronization and Configure profile synchronization topics on TechNet.

External Content Types Planning worksheet

( .xls download )
Should be used with the Plan for profile synchronization topic on TechNet if you need to synchronize user profiles with business systems.

Profile Synchronization Planning worksheet

( .xls download )
Profile sync worksheet tab of the specifies information that you might need to gather if you have not already configured the SharePoint Server infrastructure. It is used with the Configure profile synchronization topic on TechNet. The Property mapping worksheet tab is obsolete; it has been replaced by the User Profile Properties Planning worksheet.

NOTE: When performing the intital setup, it’s important to remember that MS best practice is to not have your Active Directory Domain Controller on the same server as SharePoint. So you need to follow a different path if you are using a dev server with AD and SQL all wrapped into the one server, than if you would be deploying to a production setup with AD DC on a separate server. Spence Harbar in particular notes this in a few places but it will confuse the hell out of you with the AD setup requirements unless you understand the distinct setup paths required for both scenarios.

Recent Comments

  • Keith Tuomi

    You can concatenate strings and numbers in a variety of ways:
    =CONCATENATE(Leave Description,” “,MAPI Contact)
    =(Leave Description & ” ” & MAPI Contact)
    =(Leave Description + ” ” + MAPI Contact)

Follow me on Twitter

Office 365 Service Health

There is a problem - it appears you are using categories and no feeds have been put into those categories.

SharePoint & Office Patches

There is a problem - it appears you are using categories and no feeds have been put into those categories. Service Health

There is a problem - it appears you are using categories and no feeds have been put into those categories.