SharePoint User Profile Sync join attribute?

Hi,

When setting up SharePoint User Profile Sync, the default Join attribute is:

User profile property

AD DS attribute

SPS-DistinguishedName

dn

Can we change this using the MIISClient to something like "employeeID" or "samaccountname"?

Or will SharePoint override our settings and revert it to the original Join criteria?

Thanks,

SK


July 16th, 2015 6:36pm

Shim,

You are right to be cautious. In general when FIM is packaged up for Dirsync or for SharePoint UPS it is configured through the wizard and any changes made through the MIISClient are subject to be overwritten the next time the wizard is run or an upgrade is performed. For dirsync there are a few supported exceptions.

AFAIK, SharePoint won't overwrite your settings until the Wizard is run again or you patch SharePoint UPS.

What is your goal?

In FIM once records are joined they don't get un joined if you change the Join criteria (it isn't like a SQL View where changing the Join clause alters which records show up) it will change how things are joined going forward.

So if this is just a need to get over some initial hurdle then it would be safe to add a join rule using that criteria rather than changing the existing join rule and then run some imports and syncs (manually) to get the joins you want and deal with any duplicate join attempts. Then you could delete your new join rule.

Free Windows Admin Tool Kit Click here and download it now
July 16th, 2015 8:16pm

Thanks David.

During a recent migration, OU's were consolidated into one, which meant users' DN had to change from CN=firstname lastname to CN=samaccountname (as samaccountname is unique).

This means SPS deletes and recreates the user profile, since the Join is on the DN.

We are testing to avoid this recreation, and thought a different Join (like on samaccountname) would avoid this.

cheers.

July 17th, 2015 1:39am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics