Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

(827754) - This article describes how to import user profile information of enabled user accounts from Active Directory directory services to Microsoft Office SharePoint Portal Server 2003. You configure import settings for user profiles that you want to import...

Search KbAlertz

Advanced Search

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]











Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks
Article ID: 827754 - Last Review: April 30, 2012 - Revision: 8.0

How to import user profile information of enabled user accounts from Active Directory to SharePoint

View products that this article applies to.
If you are a Small Business customer, find additional troubleshooting and learning resources at the Support for Small Business (http://smallbusiness.support.microsoft.com) site.

On This Page

SUMMARY

This article describes how to import user profile information of enabled user accounts from Active Directory directory services to Microsoft Office SharePoint Portal Server 2003, Microsoft Office SharePoint Server 2007, and Microsoft SharePoint Server 2010.

You configure import settings for user profiles that you want to import on the Configure Profile Import page of SharePoint Central Administration. SharePoint uses the  (&(objectCategory=person)(objectClass=user)) LDAP search filter and user profile information of all user accounts in Active Directory are imported to SharePoint. This filter imports all enabled and disabled user accounts to SharePoint. 

You can filter the user profile information that you want to import from Active Directory by adding query clauses to the LDAP search filter in the User filter box in the Search Settings area of the Configure Profile Import page. To import user profile information of only user accounts that are enabled, use the (&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2))) LDAP search filter.
Back to the top

 Import User Profile Information of Enabled User Accounts from Active Directory to SharePoint Portal Server 2003

To import user profile information of user accounts that are enabled in Active Directory to SharePoint Portal Server, follow these steps:
  1. On the Site Settings page of the portal site, on the User Profile, Audiences, and Personal Sites page, click Manage profile database.
  2. On the Manage Profile Database page, click Configure profile import.
  3. On the Configure Profile Import page, in the Source area, click Custom source.
  4. In the Access Account area, type the user account name and password of the user account that has appropriate permissions to access Active Directory.
  5. In the Full Import Schedule area, click to select the Schedule full import check box, and then specify the full import schedule that you want.
  6. In the Incremental Import Schedule area, click to select the Schedule incremental import check box, and then specify the incremental import schedule that you want.

    Note If the Schedule incremental import option is not available (appears dimmed), click to select the Import from Active Directory by using the incremental method check box in the Source area.

    Important To perform incremental imports for Microsoft Windows 2000 Server Active Directory, the user account that you use to perform the import operation must have the Replicating Directory Changes permission. This permission is not required to perform incremental imports for Microsoft Windows Server 2003 Active Directory. To assign the Replicating Directory Changes permission to the user account that you use to perform the import operation, follow these steps:
    1. Start Active Directory Users and Computers.
    2. On the View menu, click Advanced Features.
    3. Right-click the domain object, and then click Properties.
    4. Click the Security tab.
    5. In the Group or user names list, click the user account that you want to use to perform the import operation.

      If the user account is not displayed in the list, click Add, type the name of the user who you want to add, and then click OK.
    6. In the Permissions for UserName list, click to select the Allow check box next to the Replicating Directory Changes permission, and then click OK.
  7. Click OK.
  8. On the Manage Connections page, do one of the following as appropriate to your situation:
    • Click the name of the domain that you want to edit, and then click Edit.

      -or-
    • Click New connection to add a new domain controller that contains the user profiles that you want to import.
    .
  9. On the Edit Connection or Add Connection page (as appropriate to your situation), in the Search Settings area, do the following:
    1. In the Search base box, type the distinguished name (DN) of the Active Directory object from where you want to import the user profiles.

      The DN of the search base object defines the location in Active Directory where you want to start your search. The following are examples of DNs:
      • DC=DomainName, DC=com
      • CN=Users, DC=DomainName, DC=com
      • OU=OrganizationalUnit, DC=DomainName, DC=com
    2. In the User filter box, type the following LDAP search filter:
      (&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2)))
    3. Under Scope, specify the scope level, page size, and page time-out options that you want.
  10. Click OK.
Back to the top

Import User Profile Information of Enabled User Accounts from Active Directory to Office SharePoint Server 2007

To import user profile information of user accounts that are enabled in Active Directory to Office SharePoint Server 2007, follow these steps:
  1. On the Shared Services Administration page, click User profiles and Properties.
  2. On the User Profiles and Properties page, click View import connections.
  3. On the View import connections page, follow one of these steps as appropriate to your situation:
    • Click the Active Directory import connection that you want to edit, and then click Edit.
    • Click New connection to add a new domain controller that contains the user profiles that you want to import.
  4. On the Edit Connection page or on the Add Connection page, following these steps:
    1. In the User filter box, type the following LDAP search filter:
      (&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2)))
    2. Follow instructions on the left side of the page to perform other settings as appropriate to your situation.
  5. Click OK.

Back to the top

Import User Profile Information of Enabled User Accounts from Active Directory to SharePoint Server 2010


To import user profile information of user accounts that are enabled in Active Directory to SharePoint Server 2010, follow these steps:
  1. On the Manage Profile Service page, click Configure Synchronization Connections.
  2. On the Synchronization Connections page, click the Active Directory connection that you want to edit, and then click Edit Connection Filters.
  3. On the Edit Connection Filters page, follow these steps:
    1. In Exclusion Filter for Users, change the Attribute drop-down to userAccountControl.
    2. In Exclusion Filter for Users, change the Operator drop-down to Bit on equals.
    3. In the Exclusion Filter for Users, select Filter box typeto 2.
    4. Click Add.
  4. Click OK.
Back to the top

REFERENCES

For more information about how to write LDAP search filters, visit the following Microsoft Web site:
http://msdn2.microsoft.com/en-us/library/ms180883(vs.80).aspx (http://msdn2.microsoft.com/en-us/library/ms180883(vs.80).aspx)
For more information about LDAP search filters, see Request for Comments (RFC) 2254. To do so, visit the following Internet Engineering Task Force (IETF) Web site:
http://www.ietf.org/rfc/rfc2254.txt?number=2254 (http://www.ietf.org/rfc/rfc2254.txt?number=2254)
For more information about how to import user profiles in SharePoint Portal Server, see the "Managing User Profiles from Active Directory" topic in the "Administration" section of the Microsoft Office SharePoint Portal Server 2003 Administration Guide. The Microsoft Office SharePoint Portal Server 2003 Administration Guide (Administrator's Help.chm) is located in the Docs folder in the root of the SharePoint Portal Server 2003 CD.

For more information about SharePoint Portal Server, visit the following Microsoft Web site:
http://office.microsoft.com/en-us/sharepointserver/FX101494611033.aspx (http://office.microsoft.com/en-us/sharepointserver/FX101494611033.aspx)
Back to the top
APPLIES TO
  • Microsoft SharePoint Server 2010
  • Microsoft Office SharePoint Server 2007
  • Microsoft Office SharePoint Portal Server 2003
Back to the top
Keywords: 
kbinfo kbpending kbbug KB827754
Back to the top
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting