• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1018
  • Last Modified:

Sharepoint 2010 understanding profiles and sync

I need to get some clarification on the process for users getting created in Sharepoint 2010 and their data when a one way trust is in place. I have read numerous articles on this but none to a low clear level.

Please feel free to correct any of these steps, I have put my understanding of each step in brackets

1.I created a user on the remote domain and assigned SP permissions using people picker(user at this point is marked as 0 on the isactive attribute field in the database)
2.User logged onto sharepoint (user gets marked as 1 on the isactive attribute field on the database)
3.User does not show up on user profile search or user information list
4.User is showing domain\username in the top right hand corner
5.User goes to "my profile" they now appear in the user profile search (not sure why they had to go here to appear in the user profile list but I presume the user profile sync is involved somewhere)
6.A few minutes later the user appears in the user information list also

From my research the user profile to sharepoint full sync will run and then update all settings for the user so when they go to mysettings they will see all their data and their display name in the top right will also display:::: This all seems straight forward so far apart from having to go to the profile BUT in the users mysettings I can see some AD details like title and department but not display name etc..although this data may update after the full sync it doesn't explain how title and department got here without the full sync running..

Thanks!
0
Sid_F
Asked:
Sid_F
  • 5
  • 4
1 Solution
 
Justin SmithSr. System EngineerCommented:
1. You create a new AD user
2. You grant this user permission by adding them DIRECTLY to the site or SharePoint group
3. At this point, no AD information exists for the user outside of account name (domain\user).  This is because you haven't ran a Profile Sync to import the user's data from AD.
4. If you go to "My Settings", you are looking at a copy of the user's information at the SITE level.  Since there is nothing yet in the profile database for the user, there is nothing to push to the site level. So you won't see anything.
5. Once the user is "active" on the site, information will start to get pushed from the Profile Database to the site through the User Profile to SharePoint timer job.  However, since you haven't ran a Profile Sync, there is nothing in the database for the user, and is still nothing to push to the site.
6. Once the Profile Sync runs, the new user will have their AD info in the Profile Database.  You can confirm in your User Profile Service Application - User Profiles - Search for the User and you will be able to Edit their Profile and look at the information.
7. Now, since there is info in the profile database, and since the user is active on the site, when the User Profile to SharePoint timer job runs, SOME information will get pushed to the site.  What gets pushed to the site is up to you.  You configure each User Profile Property to replicate or not replicate to sites.
8. After the timer job runs, the user can log into the site, go to My Settings and they will see AD information that is pushed to the site depending on what you have configured to get pushed.

I should blog about this.
0
 
kukdaiCommented:
we always add users to the SharePoint portal so it doesn't create users but it will create roles for the particular user and assigns them to the user.
when you have a full sync of the user profile with your ad controller then all the users are available  for you to assign them the roles or permission with in the SharePoint user.

There is a list called User Information list in SharePoint in every site that is used to store the user information. The information in the user information list is stored in the UserInfo table in the content database of the site. A user gets added to the user information list  when he or she has accesses the site for the first time. In the user information list a user's email address, login name and name are stored. MOSS will make sure that user profile property information for those fields for users that are added to the user information list is sent to the user information list.

But this list gets active once the user access the site.
So that's why i believe you can add users and search them from people picker but their information is stored in this list in SharePoint and it gets active unless they access the site.

This is what i believe wait for other experts to say their words..........
0
 
Justin SmithSr. System EngineerCommented:
Also, forgot to mention, no user is going to show up in PeopleSearch until a crawl runs.

Also, keep in mind that My Profile and My Settings are two completely different things.  My Profile is looking at information directly from the Profile Database.  My Settings is site specific, and is looking at information at the current site.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Sid_FAuthor Commented:
Thanks excellent information. I have thing that is not making sense. When the user logged in initially when they went to their mysettings they obviously had the usual domain\username and no display name BUT they had title and department! I completely follow the steps but this would seem to contradict the steps I also confirm that when a full sync and the timer job was kicked off all info was pulled in and it worked as mentioned... but the title and department how have they been pulled in.
0
 
Justin SmithSr. System EngineerCommented:
Not sure man, that doesn't make much sense to me, if it's truly as you describe it.  Is it causing a business problem?
0
 
Sid_FAuthor Commented:
I thought it was strange unless someone has some how manually entered these details. No major problem just wanted to be sure I understood the process. Should I take it this process is the same for the local domain as for the remote and I need a user profile synchronization connection as well. Lastly the job that runs to update my settings, is this called the timer job, the user profile to sharepoint quick sync or the sharepoint incremental sync as seems to vary from site to site. thanks
0
 
Justin SmithSr. System EngineerCommented:
Two way trusted domains are only different in that upon first sign in by the new user, the correct Display Name will be shown, and the user will immediately be considered active (they don't have to actually perform an action on the site).  Everything else is the same.
0
 
Sid_FAuthor Commented:
I am referring to the local domain not a two way trusted domain but its good to know as well. Does the local domain require a UPS connection or is this something that automatically happens if Sharepoint is running on a member server on the LAN
0
 
Justin SmithSr. System EngineerCommented:
Local Domain = 2 way trusted domain

Every domain requires a UPS connection, none are made by default.
0
 
Sid_FAuthor Commented:
Thank you. You should create that Blog!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now