locked
User Account Info not sync with AD when use UPN as a UserName Attribute RRS feed

  • Question

  • i have a Sharepoint 2019 Onpremise configured with Form Authentication, and added the below lines to the Web.config of WebApplication and SecurityTokenServices, i am able to autheication with my AD using UPN but the About me doesnot sync with the user profiles

    How to make the AD sync to same user profile to the FormAuthentication using UPN SecurityTokenServices- web.config

    <membership>
          <providers>
            <add name="membership" 
                 type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
                 server="MDTestDC.mdtestdomain.com" 
                 port="389" 
                 useSSL="false" 
                 userDNAttribute="distinguishedName" 
                 userNameAttribute="UserPrincipalName" 
                 userContainer="DC=mdtestdomain,DC=com" 
                 userObjectClass="person" 
                 userFilter="(ObjectClass=person)" 
                 scope="Subtree" 
                 otherRequiredUserAttributes="sn,givenname,cn" />
          </providers>
        </membership>
        <roleManager enabled="true" > 
          <providers>
            <add name="rolemanager" 
                 type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
                 server="MDTestDC.mdtestdomain.com" 
                 port="389"
                 useSSL="false"
                 groupContainer="DC=mdtestdomain,DC=com"
                 groupNameAttribute="cn"
                 groupNameAlternateSearchAttribute="sAMAccountName"
                 groupMemberAttribute="member"
                 userNameAttribute="UserPrincipalName"
                 dnAttribute="distinguishedName"
                 groupFilter="(ObjectClass=group)"
                 userFilter="(ObjectClass=person)"
                 scope="Subtree" />
          </providers>
        </roleManager>

    Port80WebApplication- web.Config


    <add name="membership" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="MDTestDC.mdtestdomain.com" 
    port="389" 
    useSSL="false" 
    userDNAttribute="distinguishedName" userNameAttribute="UserPrincipalName" userContainer="DC=mdtestdomain,DC=com" userObjectClass="person" userFilter="(&amp;(ObjectClass=person))" 
    scope="Subtree" 
    otherRequiredUserAttributes="sn,givenname,cn" />
    
    <add name="roleManager" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="MDTestDC.mdtestdomain.com" 
    port="389" 
    useSSL="false" 
    groupContainer="DC=mdtestdomain,DC=com" groupNameAttribute="cn" groupNameAlternateSearchAttribute="sAMAccountName" groupMemberAttribute="member" userNameAttribute="UserPrincipalName" dnAttribute="distinguishedName" 
    groupFilter="(&amp;(ObjectClass=group))" 
    userFilter="(&amp;(ObjectClass=person))" 
    scope="Subtree" />

    The Display Name after login to the sharepoint webapplication remains the User Pricipal Name (testanand@mdtestdomain.com)


    Sunday, October 18, 2020 7:40 AM