I have a client who uses WSS 3.0 w/ SP1, and does not want to move to MOSS 2007. The client will be migrating to Exchange 2007 soon, and part of this migration will include populating attributes for the user objects in Active Directory so that the phone numbers, addresses, departments, etc are all stored in AD. The problem is that the mojority of the user base has already used SharePoint, and when each user first used SharePoint, their info was imported from AD. Is there a way to force an import so that all the user info in SharePoint will be updated based on what is in Active Directory? Is it possible to do it in the reverse direction so that users can update their info in SharePoint, and have it write back to their AD user object?
Sr System Engineer
Might want to have a look at this:
I'm looking to re-synch contact info like phone numbers, addresses, etc. This utility only mentions importing the name and e-mail address. Do you know if it does more than that? I won't have time to test it until sometime this weekend, so I will know then, but I figured if you knew it didn't support the additional contact info, then there's no need in me investing time in it.
Hmmm This is something i've been looking around at. It should import all the data in the contact of that person in AD. You have verified that the AD user your adding has all their contact filled out in AD?
My information does pull over.... problem we run into is people don't update their ad info
When my client first started using SharePoint, contact info had not been populated in the user objects in AD. So when the users started using SharePoint, and their accounts were added to the SharePoint site, their info was imported, but there wasn't much to import at the time. Since then, we have provided the client with a web interface (inside SharePoint) for users to read and write to their AD user object (the interface reads attributes like phone number, department, branch, etc, and they can edit them via any browser, and it saves the changes in AD). The problem is that the user import function in SharePoint seems to be a one way, one time import. Ideally, I would like a real-time synch between the two, but I would settle for the ability to force a re-import to update user info. That way John Doe can login to SharePoint, update his AD contact info, and I can force that to be re-imported to SharePoint.
I know it can be done, as all the SharePoint user info is stored in SQL. If I can't find something pre-built, I will just write my own solution (either a VBScript or a .Net app) that will let me take the values from AD and copy them to the user info in the SharePoint SQL database. If I do have to go that route, please e-mail me at firstname.lastname@example.org, and if/when I get the custom import solution completed, I will share the wealth. Please note that this is not a high priority for me, so if I have to write something for it, I would expect it to be a few weeks out.
The client that needed this function ended up putting the project on hold when I estimated how long it would take to develop. I hope to eventually swing back around to this, but I don't expect to have a solution for another month or two (when they will revisit the situation).
Sr System Engineer
By default: In a Microsoft Office SharePoint Server 2007 deployment, a person defined in Windows SharePoint Services 3.0 and a person defined in Office SharePoint Server 2007 are the same. To deliver consistent objects across the deployment in both Windows SharePoint Services 3.0 and Office SharePoint Server 2007, both implement person synchronization.
Person synchronization is bidirectional. In the up direction, the Windows SharePoint Services site collection membership list is pulled into the Office SharePoint Server 2007 user profile database to inform Office SharePoint Server 2007 about which users are a member of which sites and allow incremental synchronization. In the down direction, the Office SharePoint Server 2007 user profile database sends down replicable user profile information for all members in the site collection.
Synchronization actions are either full or incremental. On first synchronization or restore, Office SharePoint Server 2007 may not have previous synchronization or site collection membership information, so a full synchronization takes place. If previous synchronization information is found, an incremental synchronization is performed instead.
If a user is removed from the Windows SharePoint Services site collection membership list, that user is no longer recognized as a member of the site collection, and Office SharePoint Server 2007 no longer synchronizes profile information for that user.
If a user leaves the environment (is no longer in the Office SharePoint Server 2007 user profile store or in Active Directory), that user remains in the Windows SharePoint Services membership list for that site collection until he or she is removed from the list. Office SharePoint Server 2007 flags the user and ceases to synchronize any information for that user. However, Office SharePoint Server 2007 does not alter the Windows SharePoint Services site collection membership list in response to a user who is no longer in the Office SharePoint Server 2007 user profile store.
stsadm -o sync sets the timing, deletes old sync info from the db and allows you to control the sync process.
There are third party tools UserProfile Sync on Codeplex http://userprofilesync.codeplex.com/releases/view/13227 and there are a couple of tools from bamboo Solutions: User Profile to Active Directory Export for SharePoint sites syncs from SharePoint to AD, there are five sync types offered with User Profile Sync.
- MOSS 2007 User Profile database to Active Directory.
- Active Directory to a WSS 3.0 User Information List.
- WSS 3.0 User Information List to a WSS 3.0 User Information List(s).
- Active Directory to a Contacts List in WSS 3.0 or MOSS 2007.
- A Contacts List in WSS 3.0 to a WSS 3.0 User Information List(s).
I hope this helps your understanding of UserProfile Syncronization with WSS, MOSS, and AD...
Ivan Sanders My LinkedIn Profile, My Blog, @iasanders.
my sync with AD is working fine except it is not pulling the pictures in the AD.
Here is my issue, we have photos of all employees stored as xyz.jpg in the custom attribute (emp_pics_2001) with type string, but the picture url type is url (is this the culprit type change), I am using the custom attribute to map the field in the Sharepoint 2010 miis client.
I am using the below url to do the set up: http://goodbadtechnology.blogspot.com/2010/05/setting-up-pictureurl-user-profile.html
i did check the profile db picture url field is NULL, i have all the other values for person except the picture.. , I have already wasted more than 2 days in figuring this out
If i just get xyz.jpg pulled to sharepoint, then i can prefix a url in front of it using powershell
I am using a full trusted service account with full permissions to the domain
please help me out..
- Proposed as answer by Neel0 Friday, September 17, 2010 2:33 PM
Hi Ivan, I read your post and it show me some light, but I want to ask you something that maybe is symple to solve.
I don't know nothing about sharepoint, my strongness are with AD and Exchaneg related, but recently I have an issue related with this post and with your answer.
The problem is that everytime that one user is changed on the AD, the Sharepoint 2007 don't catch the changes, so the user cannot enter anymore to the Sharepoint sites until 24hr later.
I try to review the behaviour of this and I was able to found that the Sharepoint is consulting the Alias that the Global Address List on Exchange shows. When I found that, I thought "that is the problem, I only need to do a refresh on Exchange of my Global Address List and that's it", but I realice then that despite of I'am able to se the changes on the Exchange GAL, Sharepoint isn't seeing the new Alias and LogonID of the user.
You surely are thinking in that maybe why I'm looking a solution for that problem if I don't know much about sharepoint, unfortunatelly the answer is because actually I dont have a Sharepoint admin, so until that I want to find a solution.
So my question is related with in some place of the Sharepoint Administration Site is a some configuration that look for the alias of the users instead of LogonID or someting else. My question is if it's possible to change the way in that sharepoint find the users on the AD and if whe can force an update of the user LogonID and alias information, because it seems that the Sharepoint is using some kind of cache that is updated only during some squeduled time. Can I do this in a some way?
Thanks for your help.
Did you try to force the synchronization?
stsadm -o sync
stsadm -o sync -listolddatabases <x number of days>
stsadm -o sync -deleteolddatabases <x number of days>
See this blog article:
Surendra Singh, MCITP: SharePoint Administrator 2010
In SharePoint 2007, you can only import user properties from AD. You cannot add/edit properties in SharePoint and send them to AD. You might be able to edit some properties in SharePoint, but soon user import runs, whatever was in AD will overwrite what you had change in SharePoint.
This was changed in SharePoint 2010, i.e you can import from AD and also send to AD from SharePoint. This created a lot of chaos with user profile in 2010.
In SharePoint 2013, we have options of configuring user profile to use either SharePoint 2007 user profile setup or SharePoint 2010 user profile setup.
- Proposed as answer by mykirii Thursday, November 01, 2012 2:03 AM
Today we migrated some of our test users with a new domain, then we ran the search with full crawl. The user profiles are migrated successfully, but are not displayed in sharepoint search.
We can add those migrated users to a group, etc, with the help of people picker, but those users do not show up in sharepoint search like the other users.
Pls help !!!!!!!!!!!!!!!
thanks in advance……….