Post on 18-Jul-2015
SharePoint is the center of the universe
3 internalDeploying the SharePoint User Profile Service
SharePoint is the center of the universe
The User Profile Service provides a full set of
social features for SharePoint Server 2010
• Social tagging and commenting
• extensible activity feed
• maintains current user information
• multiple sources
• sets user context:
• organization Browser
• status
• recent activity
• common relationships
• expertise, ask me about.
4 internalDeploying the SharePoint User Profile Service
COMMUNITIES
SITES
CONTENTINSIGHTS
SEARCH
COMPOSITES
But deploying the User Profile Service can be a
bit cumbersome to say the least
• The User Profile Service (UPA) is a complex part of SharePoint with
many subcomponents and (internal) references and dependencies
• the amount of deployment pitfalls may drive you crazy
• customers want it really bad, because it’s the “Social” component
• so there’s no way to run or hide!
5 internalDeploying the SharePoint User Profile Service
Let’s take a deep dive and explore the UPA step
by step
6 internalDeploying the SharePoint User Profile Service
Let’s take a deep dive and
explore the UPA step by step
Agenda
Architecture & components
Some interesting anomalies
Common deployment pitfalls
Putting it all into practice
A final word of advice
Some practical references
7 internalDeploying the SharePoint User Profile Service
The architecture for the UPA is a bit different
from other SharePoint Server 2010 components
8 internalDeploying the SharePoint User Profile Service
Profile DB Sync DBSocial DB
Related Service Applications
Search
Managed Metadata
User Profile ServiceSharePoint Service Instance
.Net Assemblies
SharePoint ContentApplication Pool DOMAIN\SPContentAppPool
http://portal (Web application)
User Profile Service Application Proxy
SharePoint Web Services DefaultApplication Pool DOMAIN\SPWebServicesAppPool
User ProfileServiceApplication
User Profile Synchronisation ServiceSharePoint Service Instance
Windows ServicesDOMAIN\SPFarmAccount
Forefront Identity Manager Synchronisation
Forefront Identity Manager
DirectoryService
Some interesting anomalies might indicate that
the UPA suffered from release pressure
Naming just a few to get you all warmed up:
• Some parts of the UP have direct Profile database access
• FIM is only required for writing back to AD
(issue for import-only scenarios solved in “15)
• SharePoint Server 2010 RTM was bundled with a FIM version
lower then Release Candidate 1 (fixed in CU June 2011)
• database schema bugs during service application creation
• alternate service account permissions during provisioning
• re-provisioning of the UPA after deploying updates
• after a server restart, the UPS service instance is stopped.
9 internalDeploying the SharePoint User Profile Service
Some common deployment pitfalls:
It’s SharePoint! What could go wrong?
With incorrect settings, provisioning will still start
(up to 15 times), but will always fail:
• the service account (Farm account) needs Local Administrator
permissions, but only during provisioning
• the Active Directory synchronization account requires “Replicate
directory Changes” permissions in the domain in order to
successfully import user profile data
• database bugs when using PowerShell: the default schema for the
Farm Account in the Synchronization database is set incorrectly
• import performance is slow (fixed in CU June 2011)
• co-existence with .Net Framework 4.0 (manual fixes).
10 internalDeploying the SharePoint User Profile Service
Putting it all into practice to successfully
perform the User Profile Service deployment
We’ll take a step-by-step approach:
• setting the correct permissions upfront
• using Windows PowerShell magic to create the Service Application
and sync connections
• monitoring UPA provisioning using the ULS viewer and checking
that FIM services are properly configured and started
• reviewing active directory import activities through the FIM client.
11 internalDeploying the SharePoint User Profile Service
Een beheersingsplan voorziet in de juiste
spelregels en richtlijnen
12 internalDeploying the SharePoint User Profile Service
A final word of advice:Never use the Farm Configuration Wizard!
Some practical references that will help you on
the road to success and infinite glory
Configure profile synchronization (SharePoint Server 2010)http://technet.microsoft.com/en-us/library/ee721049.aspx
ULS Viewerhttp://www.microsoft.com/en-us/download/details.aspx?id=21101
Spencer Harbar’s rational Guidehttp://www.harbar.net/articles/sp2010ups.aspx
“Stuck on Starting”http://www.harbar.net/articles/sp2010ups2.aspx
13 internalDeploying the SharePoint User Profile Service