On step configure User Profile Service SharePoint2010.
Before setup user profile service in sharepoint 2010 , Please check account permission on active directory for Synchronization .
If you have member domain user(spadmin) , Follow this below but your account is member domain admin it skip for this step.
To grant Replicate Directory Changes permission on a domain
1. On the domain controller, click Start, click Administrative Tools, and then click Active Directory Users and Computers.
2. In Active Directory Users and Computers, right-click the domain, and then click Delegate Control.
1. On the domain controller, click Start, click Administrative Tools, and then click Active Directory Users and Computers.
2. In Active Directory Users and Computers, right-click the domain, and then click Delegate Control.
3. On the first page of the Delegation of Control Wizard, click Next.
4. On the Users or Groups page, click Add.
5. Type the name of the synchronization account (contoso\spadmin), and then click OK.
6. Click Next.
7. On the Tasks to Delegate page, select create a custom task to delegate, and then click Next.
7. On the Tasks to Delegate page, select create a custom task to delegate, and then click Next.
8. On the Active Directory Object Type page, select This folder, existing objects in this folder, and creation of new objects in this folder, and then click Next.
9. On the Permissions page, in the Permissions box, Select Replicating Directory Changes (select Replicate Directory Changes on Windows Server 2003), and then click Next.
10. Click Finish.
Done grant permission .
1. Go to Central Administration > Application Management > Manage Service Applications.
Click New on left menu and select “User Profile Service Application”
2. Name: User Profile Service Application
Create new application pool: User Profile Service Application Pool
Configurable account: contoso\spadmin
When you create a User Profile service application, SharePoint Server creates three databases for storing user profile information and associated data:
Profile database – used to store user profile information.
Synchronization database – used to store configuration and staging information for synchronizing profile data from external sources such as the Active Directory Domain Services (AD DS).
Social tagging database – used to store social tags and notes created by users. Each social tag and note is associated with a profile ID.
On database :
Profile database : Profile DB
Synchronization database: Sync DB
Social tagging database : Socail DB
Server database is detect on SQL Server install SharePoint2010.
Click OK and wait for create services successful .
3. Central Administration >Manage service on server.
Click Start services User profile Synchronization services and page redirect to step(4.)
4. Select the user profile application : choose your name it create on (1) ” User Profile Service Application” and select on your account on register (2) it show contoso\spadmin and fill your password.
5. Open services.msc windows server and monitor service name waiting for service to start
Note : You don’t have click start on manual this service below is service automatic start.
1. Forefront Identity Manager service
2. Forefront Identity Manager Synchronization services
check two services it started.
and monitor service on sharepoint manage service.
Check services User profile Synchronization services is started. (F5 for refresh webpage )
Wait ten minute for User profile Synchronization services start .
In fact ; User profile Synchronization services on SharePoint it first started and then Forefront Identity Manager service / Forefront Identity Manager Synchronization services is started .
6. Come back to Central Administration > Application Management > Manage Service Applications > Click on service User Profile Service Application
7. Now you have centraladmin page setup User Profile Service Application
8. Click on Configure Synchronization connection > create new
Connection name : Synchronization domain contoso for SharePoint2010
Type : Active Directory
Connection Settings :
Forrest name : contoso.com
Authentication Provider Type: Windows Authentication
Account name : contoso\spadmin
Password : password your account spadmin
Port : 389 it port default LDAP it not change
Click on Populate Containers
It show structure on active directory , Check box on OU will Synchronization user . > OK
9. Click on link Start Profile Synchronization
10. Waiting for Synchronization .
You can monitor to import user form Active Directory to SharePoint in UNC path
C:\Program Files\Microsoft Office Servers\14.0\Synchronization Service\UIShell\miisclient.exe
If you have many user on active directory Please wait for Synchronization .
In my case : Synchronization 7000 people it have time start to end I waiting 30-40 minute ,
11. Check on status on your right hand . If show idle is that mean finish.
12. You can check account and data in sharepoint . Go to Manage User Profile
Fill you name account test : contoso\spadmin
Click dop-down on account and edit
You have information such as e-mail , First name , Last name , Full name or another property is one-way data Synchronization form Active directory to SharePoint .
13. Default Synchronization Time job setup scheduled 1 am for Incremental Synchronization .
14. Done
No comments:
Post a Comment