Configure User Profile Service and My Site in SharePoint 2013: Part II

Before reading this article, please go through the following article

  1. How to configure User Profile Service and My site in SharePoint 2013: Part I

In this article we learn how to configure a user Profile and My site configuration in SharePoint 2013. In earlier versions of SharePoint, each user had a profile and a personal site (e.g., My Site). The 2013 version of SharePoint splits My Site into three sections: Newsfeed, SkyDrive, and Sites. A global navigation bar provides access to each section. These social features are tightly integrated into SharePoint 2013, so you no longer need to launch a Web browser to access them.

How enable NetBIOS domain names for user profile synchronization

If the NetBIOS name of any domain with which you are synchronizing differs from its fully-qualified domain name, you must enable NetBIOS domain names on the User Profile service application. If all NetBIOS names are the same as the domain names, you may skip this procedure.
 
To enable NetBIOS domain names for user profile synchronization by using Windows PowerShell:

  1. Verify that you have the following memberships:

    • securityadmin fixed server role on the SQL Server instance.
    • db_owner fixed database role on all databases that are to be updated.
    • Administrators group on the server on which you are running Windows PowerShell cmdlets.
     
  2. An administrator can use the Add-SPShellAdmin cmdlet to grant permissions to use SharePoint 2013 cmdlets.
  3. Paste the following code into a text editor, such as Notepad:

    $ServiceApps = Get-SPServiceApplication
    $UserProfileServiceApp = ""
    foreach ($sa in $ServiceApps)
    {if ($sa.DisplayName -eq "<UPSA Name>")
    {$UserProfileServiceApp = $sa}
    }
    $UserProfileServiceApp.NetBIOSDomainNamesEnabled = 1
    $UserProfileServiceApp.Update()
     
  4. Replace <UPSA Name> with the name of the User Profile service application.
  5. Save the file and add the .ps1 extension, such as UPSA.ps1.
     
  6. Start the SharePoint 2013 Management Shell.

    • For Windows Server 2008 R2:

      On the Start menu, click All Programs, click Microsoft SharePoint 2013 Products, and then click SharePoint 2013Management Shell.

    • For Windows Server 2012:

      On the Start Screen, click SharePoint 2013 Management Shell.

    If SharePoint 2013 Management Shell is not on the Start Screen:
     
  7. Right-click Computer, clicks all apps, and then click SharePoint 2013 Management Shell.
  8. Run the following PowerShell script.
  9. Change to the directory where you saved the file.
  10. At the Windows PowerShell command prompt, type the following command:
    ./EnableNetBIOS.ps1

    Image 1.jpg

Start the User Profile service

Use the followng procedure to start the User Profile service:

  1. Verify that the user account that is performing this procedure has the following credentials:

    • The user account that performs this procedure is a farm administrator
    • The user account that performs this procedure is a member of the Administrators group on the computer that is running SharePoint Server.

  2. On Central Administration, in the System Settings section, click Manage services on server.
  3. On the Services on Server page, in the Server box, select the synchronization server.
  4. Find the row whose Service column value is User Profile Service. If the value in the Status column is stopped, click Start in the Action column.

    Image 2.jpg

Start the User Profile synchronization service

During this phase, you start the User Profile synchronization service.

This phase involves the following tasks:

  1. Start the User Profile synchronization service
  2. Remove unnecessary permissions
  3. Reset IIS

To perform the tasks in this phase, you must be a member of the Farm Administrators SharePoint group and a member of the Administrators group on the computer that is running SharePoint Server.

Start the User Profile synchronization service
 

  1. Verify that the user account that is performing this procedure has the following credentials:

    • The user account that performs this procedure is a farm administrator
    • The user account that performs this procedure is a member of the Administrators group on the computer that is running SharePoint Server.

  2. On Central Administration, in the System Settings section, click Manage services on server.
  3. On the Services on Server page, in the Server box, select the synchronization server.
     
  4. Find the row whose Service column value is User Profile Synchronization Service. If the value in the Status column is stopped, click Start in the Action column.
  5. On the User Profile Synchronization Service page, in the Select the User Profile Application section, select the User Profile service application.
     
  6. In the Service Account Name and Password section, the farm account is already selected. Enter the password for the farm account in the Password box, and enter it again in the Confirm Password box.

    Image 3.jpg

     
  7. Click OK.

The Services on the Server page shows that the User Profile synchronization service has a status of Starting. When you start the User Profile synchronization service, SharePoint Server provisions FIM to participate in synchronization. This may take 10 minutes. To determine whether the User Profile synchronization service has started, refresh the Services on the Server page.

Image 4.jpg

Remove unnecessary permissions

After you start the User Profile synchronization service, for day to day operations, the farm account is not required to be a member of the Administrators group on the computer that is running the synchronization service. To improve the security of your SharePoint Server installation, remove the farm account from the Administrators group on the computer that is running the synchronization service. However, when you perform a backup of the User Profile application, the synchronization service provisions the User Profile application again. During the course of provisioning the User Profile application, the farm account must stop and start the synchronization service. To do this, the farm account must be a member of the Administrators group on the computer that is running the synchronization service. So, before you perform a backup, add the farm account to the Administrators group on the computer that is running the synchronization service. After the backup has finished running, you can remove the farm account from the Administrators group.

RESET IIS

  1. Verify that the user account that is performing this procedure has the following credentials:

    • The user account that performs this procedure is a farm administrator
    • The user account that performs this procedure is a member of the Administrators group on the computer that is running SharePoint Server.

  2. Start a Command Prompt with elevated privileges.
    • For Windows Server 2008 R2:

      • On the synchronization server, click Start, click All Programs, expand Accessories, right-click Command Prompt, and then click Run as administrator.

    • For Windows Server 2012:

      • On the synchronization server, on the Start Screen, right-click Command Prompt, and then click Run as administrator.

    If Command Prompt is not on the Start Screen:

    • Right-click Computer, click All apps, right-click Command Prompt, and then click Run as administrator.

  3. In the User Account Control dialog box, click Yes.
  4. In the Administrator: Command Prompt window, type iisreset and then press ENTER.
  5. When the message Internet services successfully restarted is displayed, close the Administrator: Command Prompt window.

Configure connections and import data from directory services

To import profiles, you must have at least one synchronization connection to a directory service. During this phase, you create a synchronization connection to each directory service that you want to import profiles from. You can synchronize after you create each connection, or you can synchronize one time, after you have created all of the connections. Synchronizing after each connection will take longer, but doing this makes it easier to troubleshoot any problems that you might encounter. You must be a farm administrator or an administrator of the User Profile service application to perform these procedures. If you are not a farm administrator, start each procedure by using the Manage Profile Service page.

This phase involves the following tasks:

  1. Create a synchronization connection to a directory service
  2. Define exclusion filters for a synchronization connection
  3. Map user profile properties
  4. Start profile synchronization

Create a Profile synchronization connection to a directory service

Verify that the user account that is performing this procedure has the following credentials:

  • The user account that performs this procedure is a farm administrator or an administrator of the User Profile service application.
  • The user account that performs this procedure is a member of the Administrators group on the computer that is running SharePoint Server.
  1. If the user account that is performing this procedure is a farm administrator, complete these steps.
  2. On Central Administration, in the Application Management section, click Manage service applications.
  3. On the Manage Service Applications page, select the User Profile service application.

    Image 5.jpg
     
  4. On Central Administration, on the Manage Profile Service page, in the Synchronization section, click Configure Synchronization Connections.
  5. On the Synchronizations Connections page, click Create New Connection.

    Image 6.jpg
     
  6. On the Add new synchronization connection page, type the synchronization connection name in the Connection Name box.

    Image 7.jpg
     
  7. From the Type list, select the type of directory service to which you want to connect.
     
  8. Fill in the Connection Settings section according to the directory service to which you are creating a connection.
  9. In the Account name box, type the synchronization account.
  10. In the Password box, type the password for the synchronization account.
  11. In the Confirm Password box, type the password for the synchronization account again.
  12. In the Port box, enter the connection port.

    Image 8.jpg

To start profile synchronization

Verify that the user account that is performing this procedure has the following credentials:

  • The user account that performs this procedure is a farm administrator or an administrator of the User Profile service application.
  • The user account that performs this procedure is a member of the Administrators group on the computer that is running SharePoint Server.
  1. If you have already imported users or created My Sites, and you have enabled NetBIOS domain names, you must disable the My Site cleanup timer job before you start profile synchronization. For information about this timer job, see the Timer job reference (SharePoint Server 2010). For information about the Windows PowerShell cmdlets that you use to enable and disable this timer job, see Use Windows PowerShell cmdlets to manage timer jobs in SharePoint 2013.
     
  2. If the user account that is performing this procedure is a farm administrator, complete these steps.
  3. On Central Administration, in the Application Management section, click Manage service applications.
  4. On the Manage Service Applications page, select the User Profile service application.
     
  5. On Central Administration, on the Manage Profile Service page, in the Synchronization section, click Start Profile Synchronization.

    Image 9.jpg
     
  6. On the Start Profile Synchronization page, select Start Full Synchronization if this is the first time that you are synchronizing or if you have added or changed any synchronization connections or property mappings since the last time that you synchronized. Select Start Incremental Synchronization to synchronize only information that has changed since the last time that you synchronized.

    Image 10.jpg
     
  7. Click OK.
     
  8. The Manage Profile Service page is displayed
  9. You can wait for some time it will take some time to complete the synchronization.
  10. Once done, you will see on the right hand side the number of user profiles increasing.

    Image 11.jpg