.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Filtering some user in AD Import for MySites?

Posted By:      Posted Date: October 11, 2010    Points: 0   Category :SharePoint

My AD import is working correctly for MySites.  I've edited the connection by unchecking some OUs (sheesh that's a slow process!) from my AD so my service accounts aren't imported as well. But I have some test and administrative user accounts littered about my AD that I don't want to import.

I already have a Connection Filter set to exclude userAccountControl=2 to prevent importing disabled users.

When I add these individual accounts to the Connection Filter (either with AND or OR) and run the AD sync job, the users still show up.  I'm using sAMAccountName Equals <username>.

What's the best way to exclude the administrative, template and test accounts? 


View Complete Post

More Related Resource Links

stsadm Import command + include user security



When I move sites from test to staging to production, I am using the stsadm –o export command with the –includeusersecurity option in the staging environment.  In production environment, I then use the stsadm –o import command with the –includeusersecurity option.  I was assuming that this option was bringing over the security on the exported site only.  This does not seem to be the case.

Last night I exported one sub site to produtction.  Today, I was notified that the security groups on other sub sites have been altered.  


So why is it when using the –includeusersecurity option effect all sub sites and not just the one sub site being moved from staging to production

User Profiles Service Application and Import of SharePoint 2007 SSP data

I have setup a test SharePoint 2010 Farm. I will be using this as a test upgrade of a current live SharePoint 2007 Farm. The database attach method will be used. I have replicated the web application and AAM settings of the SharePoint 2007 Farm to the SharePoint 2010 Farm and have made the 2010 Farm a DC in a new Forest. I don't want to join this to the current domain at the moment. It also has SQL server 2005 with SP3 and cumulative update 3 installed. I have just setup the User Profiles Serice Application and when I go to Manage it, I get this. Error An unexpected error has occurred.   Troubleshoot issues with Microsoft SharePoint Foundation. Correlation ID: a1760e87-372f-4711-afac-3ceba34bc599 Date and Time: 8/31/2010 4:22:56 PM I have verified and configured the following. Created the Managed Metadata Service. The status is started via Service Applications and Services on Server. Created the User Profiles Service Application and ensured status is started via Service Applications. I started the User Profile Service and User Profile Synchronisation Service via Manage Services on Server.      

BDC Import for user profile picture

I am attempting to populate the user profile property 'Picture' with data from a BDC connection. My column from the BDC contains urls but SharePoint will not allow me to map Picture to the column. I"m guessing this is because the property is expecting a strongly typed Url type. That doesn't help me though. So, has anyone successfully mapped the Picture property to a field from a BDC connection. (-SN: I know the field can be mapped to AD but I need it mapped to a BDC) Thanks in advance.

Import user profile from another domain active directory

Hi, I have SharePoint 2010 running on DomainB andwe have corporate users on DomainA. i need to import users from both domainA and DomainB. I am able to import users from domainB and not able to import users from DomainA. I made a successful connection to both Domain A Ad and DomainB AD in SharePoint 2010 user profile synchronize connections. I am able to sync users only from DomainB (SharePoint 2010 running on domainB) and not able to synchronize profiles from DomainA (outside domain). Is there any additional configuration I need to do. Please help me on this issue. Thanks, Ratna

Automatic deletion of "missing from import" user profiles ?

Hi everybody!Can someone help me about his subject.When I delete a user in AD, he is marked as "missing from import" in MOSS user profile database after a full import.I read that for SPS2003, after the 3rd full import, if the user is still missing, he is automatically deleted from MOSS user profile database.I tried with MOSS2007, but the automatic deletion does not seem to work.Is there something to configure in order to make it work, or how to make the deletion automatic ?Thanks a lot for your answers.jerome

Unable to see Active Directory Groups in the User Profile Database after Profile Import

SharePoint Server 2010 Enterprise RTM. W2K8R2 w/multi-server setup: AD/DNS SQL 2008 WFE APP Claims Mode Web App only using Windows Integrated Auth So, this was never a problem in 2007, and I didn't even realize it was a problem in 2010 until I started to build a solution that utilized my blog article: InfoPath - User Roles in Browser-Enabled Forms Using AD Groups.  I went to utilize the same web method of the same web service, but I noticed that no data was showing up at all.  Typically, the GetUserMembership/GetCommonMembership methods return the specified user's memberships: AD Security Groups, AD Distribution Lists, and SharePoint Sites (not SharePoint Groups, though). My user profile sync is working.  All AD users are pulled in with the proper profile data. "Users and Groups" is selected in the Synchronization Entities section of my Sync Settings. Security groups are working for permissions and audience targeting.  Confirmed my users are affected properly by the use of Security Groups. My query to the GetUserMemberships web method (and GetCommonMemberships) is running (not failing), but it's not returning anything even though my user is in some Security Groups and has explicit membership to multiple sites. The GetUserProfileByName method of the same UserProfileService.asmx web service returns all the regular profile data

Import from web service into MOSS user profiles



We have a problem which is kinda explained in this article: 

We have company portal MOSS 2007 based, and a HR database (not sql server based) which has all employee data. Right now this data is manually typed into Active directory when new employee is hired, then it gets imported into MOSS (automatical import). 

We would like, for example, to import birth date, which has no field for in AD, directly from HR, and we also would like to import other fields from HR database. I can write custom web services in the HR base to give out this data.

I tried to read the article above but i understood nothing. Author tells to write some xml but i dont understand where do i put that xml. And it seems that he is importing from SQL server database but in my case it will be an xml output of a web service!

There is also an article by the author about writing custom code  here


Moved MySites. Now suddenly while Search finds the user profile pictures, user profile pictures don'


We did an architectural change and moved MySites by creating a new MySite host, assigning it to the User Profile Service application and then deleting the old MySite host.

I'd like to avoid recreating the User Profile Service application. Is it possible to fix this UPS issue (I assume it's an UPS issue), without recreating UPS?

Newbie User Import Question re: One way external trust & Security



There is a business initiative to install a Dev Sharepoint 2007 server in our Trusting Domain. My internal corp network will be Corp.COM. The 3rd party network will be 3rd.COM.  Currently 3rd.COM has a Oneway External Trust pointing inward to Corp.com.  Corp.COM Domain and Forest levels are WIndows 2003. 3rd.com Domain level is Windows 2000 Mixed and the Forest is Windows 2000.

The Dev sharepoint server is located in 3rd.Com domain and the consultant is trying to import Corp.com users by pointing the user profile connection to Corp.com active directory. Needless to say this will fail because there is a one way trust in place so 3rd.com users are allowed to read Corp.Com active directory. Not to mention there are no firewall ports open for this anyway. My questions are...

How can we securely allow this sharepoint server to import in 3rd.com to import users from Corp.com?

Ideally we would like to use a service account from Corp.com to import the accounts. We would also like to either

(A) encrypt the sharepoint servers communication to our Corp.com active directory. because there are Two firewalls between the trust ports would be specifically opened from Sharepoint server <-> Corp.com DC

(b) some how use the existing trust to facilitate this procedures. no additional ports opened on the firewalls.

Any ass

how to import user Profile Picture already stored in AD as thumbnailphoto or jpegphoto


We already store out photos in AD using both the thumbnailsphoto and jpegphoto properties. Outlook2010 shows the user profile correctly. Now we want to sync sharepoint 2010 with AD and retreive the photo. I currenrlt have it setup as mentioned in this MSDN post to Export.


Is it odd that the thumbnailphoto and jpeg photo have been in AD since at least 2007( I think they were even in 2003 schema) but that this user profile syncing to those two atributes isn't the default behavour? Outlook 2010 used those photos instantly, yet sharepoint can't out of the box?


I've opened a Case with MS about this. I'll post findings here.

**Edit 2**

Also the previous method used in Moss 2007 doesn't work wither. Setting the URL to the photo in an AD ExtensionAttribute1 and having sharepoint import it.

import user in .net membership


I am tring to import data in .net membership database, i have written some code below that import the user profile that includes






My code works and does imports all the records in membership aspnet_user table but aspnet_Profile table remain empty, and i think that all the profile information should be copied in aspnet_profile.

Below is my code would really appreciate if some one could help...

<?xml version="1.0"?>
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
      <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=, Culture=neutral, PublicKe

How do we create new User Profile Synchronization connection so that we can import profiles from AD

We have a requirement to authenticate users against Active Directory LDS in our SP 2010 farm and also import their profiles in user profile store. We are able to setup FBA using AD membership provider to authenticate against AD LDS.

I am interested in importing the users in AD LDS to SharePoint user profile store. 

When I try to create a new connection the options that I am provided are 
1. Active Directory
2. Active Directory Logon Data
3. Active Directory Resource.
4.SunOne (LDAP) 5.2
5.Novell eDirectory (LDAP) 8.7.3
6.IBM Tivoli (LDAP) 6.2

If I select any of the options 1/2/3 I am asked to provide Forest Name and Domain Controller name. Since this is AD LDS there is no Forest or Domain Controller. It’s just a generic LDAP server.  

So the question I am struggling with  is: what are the steps required to create a User Profile Synchronization connection to import users from AD LDS and not from AD DS? 

We are not able to find any information how to do that in SP2010… From other blog entries I am assuming it was supported and documented for MOSS2007.

There is NO “LDAP Directory” connection type in SP2010.

I am wondering if this is supported in SP2010.


Could not import user profiles from AD


I set up a new MSS2010 farm. I struggled with some errors such as User profile synchronization service stuck at "starting" etc., and set everything I know about. The user profile application works, I have My site host set, the user profile sync connection established, BUT...when I try syncing the profiles, only 2 profiles are imported, out of 70 in the domain.

I dont have any clue where to look. Help would be greatly appreciated.

Filtering Page contents by User's City

I have set a profile column for WorkCity and would like to display news and weather specific to that user's home location no matter where he or she logs in.  I am doing this in SharePoint 2010 Standard and do not have Profile synchronization set up.  Is there any way to do this?

User Profile -- filtering the AD connection



I have created an AD connection to sync the user profile. Is there a way in SP that I can filter what is being imported from AD to SP? Specifically, those disabled accounts in AD. Is there a way to add this filter in SP (e.g don't import disable account). Or do I have to do it from AD (specially, delete the account)?

Please advice. Your help would be greatly appreciated.

User Profile Import using ADFS 2.0



I've set up a lab environment with SharePoint 2010 using ADFS 2.0 as identity provider. Thanks to harbar's highly recommended blog everything works fine (though it took me some time ;-)).

My next goal is to configure User Profile Import. I've read Mark van Eijk's very helpful post and the thread on this forum. But still keep wondering how to configure this. My problem is that in the Edit synchroniztation connection dialog (section Connection Settings) there is no Authentication Provider Instance available after I chose Trusted Claims Provider Authentication. Any hint what's going wrong is very appreciated.

I've tried this as pre-step for my actual goal: I have some users from another domain who will log on my sharepoint. These users are organized in a foreign domain and there is no trust between "my" domain and the users' domain. I need to import the user profiles of these external users though. I had in mind to do this by using the ADFS claims as source for the user profile synchronization app

Automatic Filtering Based on User Profile


I need to filter the tables in my Dynamic Data based information from my user's profile (which I'm already using to security the tables - based on roles). 

Example: I have a profile object with a username, role and region(s) associated with each user.

I'm using the username (windows) to authenticate the user, the role (using a httpModule) to grant/deny access to each table in the dynamic data site. 

Now what I'm trying to do is to use the user's region(s) to automatically filter the table results (and the corresponding DropDownLists) to just that user's region(s). 

My questions is this: How or where do I override the built in filters (presumably the enum) - but only on the applicable tables that have a region component? 

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend