TechBubbles Microsoft Technology BLOG

User Profile Service Application changes in SharePoint 2013

 

This post discusses about User Profile Service Application changes in SharePoint 2013. One of the key change is better performance in Active Directory Profile Synchronization. It reduced the import time from up to 2 weeks down to 60 hours for extremely large organisations having 200K users. This has been tricky in earlier versions. Several optimizations are already been added in SharePoint 2010 like Adding indexes to certain user properties and importing data from BDC in batches. image

User Profile Import options in SharePoint 2013

image

You have the classic import Forefront Identity Management import option and you can also connect external system using BCS and import their data into UPS. New option available in SharePoint 2013 which is Direct Import from Active Directory which is designed to import the AD profile as quickly as possible.

Key Capabilities are

  • Direct AD Forest Import (one connection per domain)
  • You can specify OU’s , users and groups and LDAP filters for incremental imports

There are some limitations in AD import option

  • Mapping to system SharePoint properties is not supported.
  • Mapping two different AD attributes to the same SharePoint property is not supported

Filtering AD Import

Filtering uses a simple LDAP query when you create a Active Directory connection during the import as shown below

image

After a full import the UPA admin must purge the items that no longer belong in the profile database.

Set-SPProfileServiceApplication -Identity $upa – PurgeNonImportedObjects $true

Switching between FIM and AD Direct

There is no automatic migration from FIM to AD Direct or property mappings as FIM configuration connection is in the Sync DB and AD Direct connection in the Profile DB. So the option is Run a Full Import and use PurgeNonImportedObjects option if you want to remove the items that should not be there

User Profile Replication Engine(UPRE)

User Profile Replication Engine in SharePoint 2010 is a separate download and now it is coming as out of box feature. UPRE is a tool where we can replicate user profile information and some social information between multiple farms.

The below are the steps to for configuration of direct AD Import

Open user profile service application from SharePoint central admin and click configure synchronization settings

image

 

image

Select use SharePoint Active Directory Import option as shown above

Next step is to create a Synchronization Connection

image

give the desired values in the connection settings screen as shown below

image

specify the service account that you want to use to import the users from AD. After creating the synchronization connection then you start the profile synchronization from user profile service application main screen

image

At very first time you can choose the Start Full Synchronization option, you can see the results in User Profile Service Application main screen

image

The AD Direct import option is much more faster than earlier versions!

Reference: http://technet.microsoft.com/en-us/sharepoint/fp142366

Share this post :

About the author

Kalyan Bandarupalli

My name is kalyan, I am a software architect and builds the applications using Microsoft .NET technologies. Here I am trying to share what I feel and what I think with whoever comes along wandering to Internet home of mine.I hope that this page and its contents will speak for me and that is the reason I am not going to say anything specially about my self here.

1 Comment

  • Thank you for the post!
    I get “Cannot open database “dbname”” when trying to run purge script. Any suggestions? thanks!

By Kalyan Bandarupalli
TechBubbles Microsoft Technology BLOG

Follow me

Archives

Tag Cloud