SharePoint 2013 User Profile synchronization versus import

-
Reference is : 2013 advanced Training
User Profile Service administrators in SharePoint 2013 can use profile synchronization to manage and synchronize the user and group profile data stored in the SharePoint 2013 profile store with profile data stored in directory services and BDC systems.
There are two distinct forms of profile import and synchronization available in SharePoint 2013:
·         One-way profile import. This is a new implementation of a simple import process that was first provided in SharePoint Server 2007. It uses the SharePoint Active Directory Import option to import user profile data from Active Directory Domain Services (AD DS).

Note: One-way profile import only works with Active Directory and does not support other directory services.
·         Two-way profile synchronization. This uses the SharePoint Server 2013 profile synchronization method that was first introduced in SharePoint Server 2010. It uses Microsoft Forefront Identity Manager (FIM) to synchronize profile data with external directory services and BDC systems.

Note: Important: The term two-way synchronization can be a little misleading. Although the mapping direction of profile properties can be either an import or export mapping, you cannot set both types of mapping on an individual property; for each property, it is one or the other, not both.


The one-way profile import method is considered to be a simpler approach to importing profile data in SharePoint 2013 compared to the two-way profile import. It uses the SharePoint Active Directory Import option to import user profile properties from Active Directory into SharePoint 2013 user profiles.
Advantages of this import method
One-way profile import is the ideal solution for environments where a simple import method is needed with no requirements to write back to the source. This method is an import-only method and only supports Active Directory. It is very simple to set up and has minimal requirements to make it work.
Other key benefits of this method include:
·         The User Profile Synchronization Service does not need to be deployed because one-way profile import runs under the User Profile Service instance.
·         It is faster than the FIM-based two-way profile synchronization method.
·         It runs incremental imports automatically every five minutes.
·         It is much easier to configure than two-way profile import.
Configuring SharePoint Active Directory Import
There are only a few steps to configuring the Active Directory Import method in SharePoint 2013.
You must begin by selecting the SharePoint Active Directory Import option in Central Administration. Note that this is a unidirectional process and that any changes you make to user profiles in SharePoint 2013 are not synchronized back to Active Directory.
Perform the following steps to select the SharePoint Active Directory Import option:
1.       Log on with a user account that is a member of the Farm Administrators group.
2.       In Central Administration, under System Settings, open the Manage services on server page, and ensure that the User Profile Service is started.
3.       In Central Administration, open the Manage service applications page.
4.       Click on the name of the User Profile service application.
5.       On the Manage Profile Service page, click Configure Synchronization Settings.
6.       On the Configure Synchronization Settings page, in the Synchronization Options section, select the Use SharePoint Active Directory Import option.
Next, you need to create a connection to the directory service. In this step, you create a connection the relevant directory service. When you do this, you specify the items that you want to synchronize, and the credentials used to make the connection to the directory service.
Perform the following steps to create a connection to the directory service:
1.       On the Manage Profile Service page, in the Synchronization section, click Configure Synchronization Connections.
2.       On the Synchronizations Connections page, click Create New Connection.
3.       On the Add new synchronization connection page:
a.       Provide a name for the synchronization connection.
b.       Select Active Directory Import as the synchronization type.
c.        Specify the settings contained in the Connection Settings section. These include the name of the domain, the authentication method to use, the synchronization account credentials, port settings and any require import filters.
d.       In the Containers section, click Populate Containers.
e.       Select the containers from the directory service that you want to synchronize.
Next, you need to map user profile properties. In this step, you define the mappings for SharePoint user profiles to user attributes retrieved from the directory service.
Perform the following steps to map user profile properties to user attributes:
1.       On the Manage Profile Service page, in the People section, click Manage User Properties.
2.       On the Manage User Properties page, click the name of the property that you want to map to a directory service attribute, and then click Edit.
3.       To remove an existing mapping:
a.       In the Property Mapping for Synchronization section, select the mapping that you want to remove, and then click Remove.
4.       To add a new mapping:
a.       In the Add New Mapping section, in the Source Data Connection list, select the data connection that represents the directory service to which you want to map the user profile property.
b.       Type the name of the directory service attribute to which you want to map the property.
c.        Add the import mapping.
d.       Repeat this process to map additional user profile properties.

Note: You cannot edit an existing mapping; to change mapping settings for a property, remove the existing mapping first and then create a new mapping.
Finally, you can either wait for the five minutes to elapse when the scheduled synchronization job will run, or you can start the profile synchronization process manually. For this step, you need to have configured at least one synchronization connection to a directory service. If you have configured multiple connections, you can either choose to synchronize after you create each connection, or you can synchronize them all at one time after you create all of your connections. If you synchronize each connection independently, it does take longer to do, but it is makes troubleshooting any issues that occur much easier.
Perform the following steps to start the profile synchronization process manually:
1.       On the Manage Profile Service page, in the Synchronization section, click Start Profile Synchronization.
2.       On the Start Profile Synchronization page, do one of the following:
·         Select Start Incremental Synchronization to synchronize only the changes to information that have occurred since you last synchronized; this include new connections that you added or existing ones that you modified.
·         Select Start Full Synchronization if this is the first time that you are synchronizing, or you want to reset the user profile data store.

Additional Reading: For more information about using the SharePoint Active Directory Import method, see Configure profile synchronization by using SharePoint Active Directory Import in SharePoint Server 2013 at http://go.microsoft.com/fwlink/?Linkid=302082

The two-way profile synchronization method is considered to be a more complex approach to synchronizing user profile information with SharePoint 2013. It relies on Forefront Identity Manager (FIM) to import and export user profile property mappings between SharePoint 2013 and directory services and to import user profile property data from BDC systems.
Advantages of this synchronization method
This solution is required in SharePoint 2013 environments where changes made to user profiles must be written back to the directory services source. For example, if a user updates his or her email address or phone number in SharePoint 2013, those changes can be synched back to the directory service. This is possible because you can configure each property mapping to have a direction, which must be either import or export; it cannot be both.
Two-way profile synchronization offers other additional benefits over a one-way import. For example:
·         It can be used with directory services other than Active Directory.
·         It enables you to define exclusion filters for synchronization connections.
·         It enables you to import user profile data from BDC systems.
The two-way profile synchronization approach will be familiar to SharePoint 2010 administrators, because the process remains largely unchanged.
Configuring SharePoint profile synchronization
There are several key steps that need to be performed when using the SharePoint profile synchronization method in SharePoint 2013, and these can be broken into five main phases. You may need to perform all of the steps in each of these phases, or you may only need to perform some of them, depending on your particular environment and situation.
Phase one Configure farm prerequisites
This phase involves the following high-level steps:
1.       Create a web application to host My Sites.
2.       Create a managed path for My Site.
3.       Create a My Site Host site collection.
4.       Create a User Profile service application.
5.       Enable NetBIOS domain names for user profile synchronization by using Windows PowerShell.
Phase two Start the User Profile Service and the User Profile Synchronization Service
This phase involves the following high-level steps:
1.       Start the User Profile Service.
2.       Make the SharePoint farm account a member of the local Administrators group on the server that runs the User Profile Synchronization service.
3.       Start the User Profile Synchronization Service.
4.       Remove the SharePoint farm account from the local Administrators group.
5.       If the User Profile Synchronization Service is running on the same server as the Central Administration website, reset IIS.
Phase three Configure a connection to the directory service and import data
This phase involves the following high-level steps:
1.       Create a synchronization connection to a directory service.
2.       Define exclusion filters for a synchronization connection.
3.       Map user profile properties.
4.       Start profile synchronization.

Additional Reading: To watch a video demonstration of the tasks in this phase, see Configure a profile synchronization connection in SharePoint Server 2010 (video) at http://go.microsoft.com/fwlink/?Linkid=302083
Phase four (optional) Configure connections to line-of-business systems and import data
If you want to augment your user profiles with data from line-of-business (LOB) systems, you can use SharePoint Business Connectivity Services (BCS) to do this. This phase involves the following high-level steps:
1.       Grant the User Profile service application permission to use the external content type in the BCS.
2.       Configure a Business Data Connectivity synchronization connection.
3.       Add or edit user profile properties.
4.       Import data by selecting full synchronization.

Additional Reading: To watch a video demonstration of the tasks in this phase, see Configure a synchronization connection to a SQL Server database in SharePoint Server 2010 (video) at http://go.microsoft.com/fwlink/?Linkid=302085
Phase five (optional) Configure connections to export data to a directory service
If you want to export profile data from SharePoint to your directory service, you must perform these high-level steps:
1.       Map user profile properties by using the export mapping direction.
2.       Start profile synchronization by selecting incremental synchronization.
The next time that profile synchronization occurs, the user profile properties will either be exported or imported, depending on the property mapping directions you specified in the synchronization connection. When configuring the export of user profile data to a directory service, you cannot create new synchronization connections explicitly for the purpose of exporting the data; you must use the existing synchronization connections and modify the mapping direction for the relevant properties to export.

Note: You cannot export user profile data back to business systems using BDC connections.

Additional Reading: For detailed information about all the phases and all the procedural steps to configure and synchronize user profiles using the SharePoint Profile Synchronization method, see Synchronize user and group profiles in SharePoint Server 2013 at http://go.microsoft.com/fwlink/?Linkid=302086


Comments

Post a Comment

Popular posts from this blog

PowerShell scripts to Create personal site

-
$site=Get-SPSite "https://mysitesp2013.x.com"; $serviceContext = Get-SPServiceContext -Site $site $userProfileConfigManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($serviceContext) $testuser = $userProfileConfigManager.GetUserProfile("domain\user") $testuser.PersonalSiteInstantiationState $testuser.CreatePersonalSite()
Read more

Adjust the Search SharePoint Performance level

-
-Set-SPEnterpriseSearchService -PerformanceLevel PartlyReduced On all search app servers -Open NodeRunner process configuration file below in Notepad C:\Program Files\Microsoft Office Servers\15.0\Search\Runtime\1.0\noderunner.exe.config. Update  <nodeRunnerSettings memoryLimitMegabytes=”0 ″ /> . This is the configuration to limit NodeRunner process memory usage, replace  0  to 500 or 1000 -Restart  SharePoint Search Host Controller  service
Read more