Presentation is loading. Please wait.

Presentation is loading. Please wait.

Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.

Published byKeven Leavens Modified over 9 years ago

Similar presentations

Presentation on theme: "Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core."— Presentation transcript:

1

2

3

4

5

6 Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core functionality App AuthZ, S2S, etc Primarily a political endeavor, NOT a technical one No toolset from any vendor will change this

7

8 Especially when Active Directory is externally managed e.g. Reboot of domain controllers, Windows Update Large and/or bulk updates Replicating Directory Changes Additional rights for property export

9

10 One of the most common causes of weak deployments, limited functionality and upgrade pain Federate or replicate? Central farms, regional farms, both? Relationship with other services

11 Security Privacy Policy Operations SQL Server Distributed Cache SharePoint Server Search Managed Metadata Business Data Connectivity

12 Large organizations should be able to perform a full sync of AD and SharePoint data over a weekend IT Pros should be able to monitor the performance and stability of profile sync and have access to the information that they need to take corrective action when problems occur Common Directory Service configurations should be supported, including Forefront Identity Manager and LDAP

13 Lightweight LDAP approach internal to SharePoint a.k.a Direct AD Import Embedded Forefront Identity Manager Same approach as SP2010 with improvements “under the hood” External Forefront Identity Manager using the SharePoint Connector Custom Code: User Profiles Web Services and Object Model

14 SharePoint User Profile Service Application UPS (SharePoint FIM) BCS External System Active Directory ADI (User Profile Service Instance) EIM (External FIM) EIM (Custom Code) Directory

15

16 Farm Configuration Wizard (just kidding ) Via Manage Service Applications The default schema issue

17 Farm Account default schema set incorrectly in Sync DB We will never be able to start the UPS service instance Log on as the Farm Account and execute the PowerShell Fix the schema manually – an unsupported change

18 Non UAC environmentsUAC Environments Just use this one! Both simulate interactive logon as the Farm account (Log on Locally) Both require Local Machine Administrator

19

20

21

22 For the most common scenario (AD forest) Import Only! Container selection LDAP filters Inclusion Based One connection per domain That could be a lot of connections!

23 a.k.a Shadow AccountsFor simple data typesAs SharePoint 2010

24 Leverages a change log to drive import efficiency DirSyncRequestControl is scoped at the domain level Implement immediately after creating the UPA! Replicating Directory Changes also required on the Configuration partition

25 You can modify the properties of the UPA to configure Active Directory Import via Windows PowerShell

26 Central Administration UI can be misleading when creating connections after changing the mode. You don’t need to worry about BCM for the Sync DB! It must exist, but it IS supported to mirror/log ship an empty database

27 For AD Import only, these cmdlets are NOT supported for UPS Known Issues with Remove-SPProfileSyncConnection only removes the organizational unit (OU) from the profile synchronization connection Fix:

28 Those that begin with SPS-

29

30 Maximum flexibility With great power comes great responsibility Sweet UI! As opposed to exclusion based with UPS Validate your filters with ADSIEdit Just because you can, doesn’t mean you should

31 Adding or removing OUs Filter changes Property mappings To clean up profiles which are not created as part of the import Profiles are marked for deletion

32

33

34

35

36

37

38 Adding or removing OUs Filter changes Property mappings To clean up profiles which are not created as part of the import Profiles are marked for deletion

39

40

41

42 Manual recreation required Or use an XML based provisioning approach

43 Understand the design constraints Document the configuration!!! Run PurgeNonImportedObjects after a full import to remove items that should not be there

44

45

46

47 Ships as external download Support for SharePoint Server 2013 now Support for SharePoint Server 2010 in testing Requires FIM 2010 R2 SP1 You need to create and use a metaverse rules extension You may not be able to migrate your existing data Only FIM Sync Service needed

48 HR SQL Database

49

50

51

52

53 Impacts pretty much every product feature e.g. organic growth of domains and/or forests

54

55 Sponsored by

56

Download ppt "Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core."

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.

©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
SP 2013 User Profile Service Overview Connecting your Profile to the Portal.

SP 2013 User Profile Service Overview Connecting your Profile to the Portal.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.

DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Welcome to the Minnesota SharePoint User Group November 11 th, 2009 SharePoint 2010 Administration Wes Preston, Brian Caauwe.

Welcome to the Minnesota SharePoint User Group November 11 th, 2009 SharePoint 2010 Administration Wes Preston, Brian Caauwe.
Internet, 16 July 2014 Predica bag of (FIM)tricks Tomasz Onyszko

Internet, 16 July 2014 Predica bag of (FIM)tricks Tomasz Onyszko
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
©2012 Microsoft Corporation. All rights reserved..

©2012 Microsoft Corporation. All rights reserved..
Understanding Active Directory

Understanding Active Directory
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.
TechEd 2013 4/20/2017 2:02 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

TechEd /20/2017 2:02 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.

Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.
Microsoft ® Official Course Module 9 Configuring Applications.

Microsoft ® Official Course Module 9 Configuring Applications.
Windows Server 2008 Chapter 4 Last Update 2012.05.01 1.0.0.

Windows Server 2008 Chapter 4 Last Update
© 2011 PLANET TECHNOLOGIES, INC. Augmenting User Profiles with Line of Business Data Patrick Curran, MCT APRIL 28, 2012.

© 2011 PLANET TECHNOLOGIES, INC. Augmenting User Profiles with Line of Business Data Patrick Curran, MCT APRIL 28, 2012.

Similar presentations

Ads by Google