Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Sharepoint synchronisation to Active Directory

Posted on 2013-06-07
5
Medium Priority
?
503 Views
Last Modified: 2013-06-23
Hi all,

I have a sharepoint 2013 server setup, and we want user's photo to sync from sharepoint into active directory.

We have setup an AD connection and everything seems to sync fine apart from the photos. When looking in the event viewer we are getting event ID 6100, and in the miis client, we are getting "permissions issue - insufficient rights to perform the operation"

The synchronisation account has the following permission on the domain:

Read
Replication Synchronisation
Relicating Directory Changes
Create all child objects
Read thumbnailPhoto
Write thumbnailPhoto

Any ideas?

Thanks.
0
Comment
Question by:gmbaxter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 35

Accepted Solution

by:
Bembi earned 2000 total points
ID: 39230854
I assume you mean the account, you defined in the AD connection definition, right?

Have you checked for a example user, if the permission is propagated to the user?
Keep in mind, that membership of Domain or Org-Admin group braks the inheritage of permissions in AD.
0
 
LVL 11

Author Comment

by:gmbaxter
ID: 39236823
Yes the account defined in the AD connection. Oh you may be onto something there. Do I simply just add the permissions on the security tab of the admin privileged user?
0
 
LVL 35

Expert Comment

by:Bembi
ID: 39237992
The replicate permissions are set on the AD root folder as well as possibly on the configuration folder.

The other permissions are set on the container, where your users reside (to be inherited)
And be sure, the permissions are inherited... (see the security properties of an example user)
0
 
LVL 11

Author Comment

by:gmbaxter
ID: 39250967
Some of the privileged users were indeed not inheriting permissions. I have enabled inheritance on these and they seem to be working. There are a few accounts however which are not synching the pictures back to AD and they have permission inheritance enabled.
0
 
LVL 11

Author Closing Comment

by:gmbaxter
ID: 39269640
Thanks.

Could do with a bit more help on one or two users which aren't working, but I'll open another topic for that one.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A while back, I ran into a situation where I was trying to use the calculated columns feature in SharePoint 2013 to do some simple math using values in two lists. Between certain data types not being accessible, and also with trying to make a one to…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question