How to Configuration the User Profile Service in SharePoint 2010

Step by step guide in setting up the User Profile Service application, focusing on its configuration and administration and how we can enable the creation of user profiles via an Active Directory import .

SharePoint 2010 introduces the notion of "Service Applications" which build's upon the "Shared Services Provider (SSP)" which was introduced in SharePoint 2007.  Service Applications are individual services that can be configured independently and can be shared across other sites within your farm with some service applications that can also be configured across farms.

The individual service applications provided with SharePoint 2010 are listed as follows;

  • Access Services
  • Business Data Connectivity
  • Document Conversion
  • Excel Services
  • Managed Metadata Service
  • PerformancePoint
  • Search Service
  • Secure Store
  • State Service
  • Visio Graphics Service
  • User Profile Service

This article will build upon our initial SharePoint 2010 install utilizing the least privilege model which I have documented How to Install SharePoint 2010 using Least Privilege Service Accounts, so check it out if you haven't already done so.

Managed Metadata Service

The User Profile service requires that the Managed Metadata Service is setup and configured first before attempting setting up our first User Profile Service.  The Managed Metadata service allows you to utilize managed metadata and provides you with the ability to share content types across sites.  You can read more about Managed Metadata here.

To setup our Managed Metadata Service, navigate to Central Administration / Application Management / Manage Service Applications.

Click New and select "Managed Metadata Service"

Enter the follow details;

Name: Managed Metadata Service

Database Server: <server_name>

Database Name: Managed Metadata DB

I will utilize the sp_farm account for the Application Pool Identity.

Click Create.

Lastly, navigate to Central Administration / System Settings / Manage services on server and start the Managed Metadata Web Service.

User Profile Service

Now that we have successfully configured our Managed Metadata service we can now focus our attention on the User Profile Service.  The User Profile Service provides our SharePoint farm with all the social networking features that we have come to love in SharePoint 2007, plus more.  It forms the basis of My Site support, User profile pages, Audiences and some of the newer features in SharePoint 2010 social computing such as social tagging.

Before we begin, we need to ensure that our Farm account (DOMAIN\sp_farm) is listed as a member of the Local Administrator's group where the User Profile Synchronization (UPS) service will be deployed.  Please make a note to remove the DOMAIN\sp_farm account from the Local Administrator's group after provisioning the User Profile Synchronization service.  Please also note, that if you ever have to re-provision the UPS service at a later date, that you will need to ensure the DOMAIN\sp_farm account is added back to the Local Administrator's group.

Let's now navigate to Central Administration / Application Management / Manage Service Applications.

Click New and select "User Profile Service Application"

The "Create New User Profile Service Application" window pops up in which you will enter the following details; (you will obviously enter in the details based on your environment setup)

Name: User Profiles

Create new application pool: SharePoint – User Profiles

Register a new managed account: e.g. DOMAIN\sp_userprofiles (nb: this account will need to be provisioned in Active Directory first)

Enter your Profile Database server details and database authentication.  You will notice that SharePoint 2010 introduces the ability to configure Failover Server which allows you to associate your SharePoint databases with another SQL server for failover purposes utilising SQL Server database mirroring.   We will not specify a Failover Database server for any of our databases at this present time.

Specify your Synchronization Database which is used to store configuration and staging data for synchronization of profile data such as that from Active Directory.

Next, specify your Social Tagging Database which is used to store tags and notes that are created by users.  Social Tagging is a new feature in SharePoint 2010 which is not only displayed against the items that user's are tagging, but are also displayed in the user's activity feed.

Next, select your Profile Synchronization Instance Server.

In the proceeding section, we will not create a My Site Host URL and will leave this for part two of this series.

Click Create.

You should now have the User Profiles service application listed and  started.

We will now venture back into Central Administration / System Settings / Manage services on server.

Scroll down to the User Profile Service and User Profile Synchronisation Service and start both.  The User Profile Service should start without any further user interaction, however the User Profile Synchronization Service will ask for your SharePoint Farm credentials.

Click Ok.

Both services should now be listed as started.

This in turn, will correctly configure and start our ForeFront Identity Manager Windows Services (FIM).

At this point, it is imperative you run an IIS reset.  Even better, just reboot the machine

We will now configure our User Profile Connection to our Active Directory Domain.

Navigate to Central Administration / Application Management / Manage Service Applications.

Click on User Profiles / Manage.

Click on Configure Synchronizations connections / Create New Connection.

Enter the follow details;

Connection Name:

Type: Active Directory

Auto discover domain controller or specify a domain controller

Authentication Provider Type: Windows Authentication

Account Name / Password:

Port: 389

Click on Populate Containers

Click OK.

Your connection should now be listed as follows upon successful creation.

We can now easily setup connection filters against our Active Directory User Profile connection by clicking on the connection that was just created and selecting "Edit Connection Filters".

Specify and Add any User or Group exclusions and then click OK.

Next we will Configure a Synchronization Timer Job via Central Administration / Application Management / Manage Service Applications / User Profiles.

Click Enable

We will finish off by initiating a full synchronization via Central Administration / Application Management / Manage Service Applications / User Profiles / Start Profile Synchronization.

In order to confirm that the import was a success, the Number of User Profiles should now be set to the number of users in your organization, in my case I have 269 dummy users in my Active Directory domain.  Word of note; this will take some time and is considerably slower than an Active Directory User Profile import in SharePoint 2007.

You can also venture into Manage User Profiles and search for users (please take note that SharePoint 2010 does not display any users by default and that you will have to search for them).

Edit a User Profile to ensure that all the necessary Active Directory attributes were successfully imported.

We have now successfully completed a User Profile Synchronization which will form as a basis for User's My Sites in my next article.  Until then, happy SharePointing!!

References

User Profile Service administration (SharePoint Server 2010) http://technet.microsoft.com/en-us/library/ee721050.aspx

Configure profile synchronization (SharePoint Server 2010) http://technet.microsoft.com/en-us/library/ee721049.aspx

Related Posts



How to Configuration outgoing email in SharePoint 2010 with Exchange 2010 – Step by Step Guide

In my How to Configuration incoming email in SharePoint 2010 with Exchange – Step by Step Guide I provided you with a guide in setting up your SharePoint 2010 farm providing it with the capabilities in receiving incoming email which can then be delivered directly to your SharePoint libraries and or lists.  Today we wrap up our 2 part series on email flow in SharePoint 2010 in which I will provide you with another step by step guide in configuring your SharePoint Farm in order for it to send outgoing emails through your Microsoft Exchange server.

The environment

This article builds on the SharePoint Farm setup that I have documented here. It consists of the following servers which would form a common basis in most large organizations.

  • Windows 2008 R2 server running Active Directory Domain Services
  • Windows 2008 R2 server running SQL 2008 R2
  • Windows 2008 R2 server running SharePoint 2010 RTM
  • Windows 2008 R2 server running Exchange 2010 RTM
  • Windows 7 client running Office 2010 RTM

SharePoint 2010 allows you to configure any SMTP service including the one which I had setup in my previous article to send outgoing email, however we will utilise Exchange 2010 (same instructions apply for Exchange 2007) to provide email delivery to our end users.  Instructions on configuring the SMTP service (i.e. you are not using Microsoft Exchange in your environment) can be found on TechNet.

Creating a Receive Connector in Exchange 2010 

If you recall from my previous article  How to Configuration incoming email in SharePoint 2010 with Exchange – Step by Step Guide, we created a "Send Connector" in Exchange to forward the messages to the SMTP service that we had configured and installed.  This time round we will create a "Receive Connector" in Exchange 2010.

Launch the Exchange Management Console and navigate to Server Configuration / Hub Transport / New Receive Connector.  The New Receive Connector wizard is invoked.

Enter a descriptive name and ensure "Custom" is selected as the intended use.

Click Next

Leave "All Available IPv4" in your Local Network settings unless you have specific Exchange IP requirements.

Click Next

Edit the IP address of your SharePoint 2010 server.

Click Next

Click New

You will now notice that our SharePoint 2010 Outgoing mail connector is listed with our default Exchange 2010 Receive Connectors..

We will now venture into its properties and make a minor permission change.  Click on the "Permission Groups" tab and select Anonymous users.

Click Apply.

Configuring outgoing email in SharePoint 2010 Central Administration

Launch Central Administration and navigate to System Settings / E-Mail and Test Messages / Configure outgoing e-mail settings.

Enter your Outbound SMTP server, i.e. your Exchange server where we created our receive connector and specify a From and Reply-to address.

Click OK

Testing our configuration

Lets navigate to our SharePoint 2010 web application and create an Alert .  In my example I will create an immediate alert for Announcements.

Navigate to your Announcement List and click on List Tools/List and then click on "Alert Me" located in the ribbon interface.

Select "Set alert on this list" and select your Alert options.  Ensure that you have "send notifications immediately" selected for testing purposes.

Click OK

You should receive your notification email that you have successfully subscribed soon after creating your alert.

I will now create a Test Announcement to ensure that the actual alert is delivered.

Alas! 5 minutes later (based on the immediate timer job definition schedule) we have received our email alert confirming that our SharePoint configuration with Exchange was successful.

Did you know that you can also configure outgoing email for a specific Web application?  You might want to do this if you have multiple SharePoint Web Applications hosting specific site collections and would want a different From and or Reply Address setup.

Even though we are now going to configure outgoing email for a specific Web application, you are still required to setup the default farm outgoing email settings as per the above.

Configuring outgoing email for a specific Web application in SharePoint 2010 Central Administration

Launch Central Administration / Application Management / Manage Web Applications.

Select one of your Web Applications and then select "General Settings" from the Ribbon.

Select "Outgoing E-Mail" from the drop down.

It will pick up your default farm settings that we entered in earlier in which you can now change the From and Reply-to address to something more specific for the selected Web application.

Click OK

We are done!  I hope you have found this step by step guide in configuring outgoing email in SharePoint 2010 with Exchange useful, and stay tuned as we continue our journey in configuring our SharePoint 2010 Farm.

Articles in this series 

 

Related Posts