Configuring SharePoint User Profile Service Synchronization on « InetOrgPerson » object

  • Article

This is the first post of a series regarding all my interests, and the big thing here will be the User Profile Services and especially how you can configure the existing service in order to synchronize InetOrgPerson object in the existing Active Directory. Basically it was a customer need.

Context Overview :

So here is a set of InetOrgPerson object in the Active Directory:

SharePoint Synchronization process is based upon FIM (Forefront Identity Manager), and moreover you have a tool in order to configure the process here:

C:\Program Files\Microsoft Office Servers\14.0\Synchronization Service\UIShell\msiisclient.exe

Operations tab allows you to see all past and running processes, while Management Agents allows you to see FIM agents (that’s here where you can customize synchronization flow).

In order to configure InetOrgPerson, we need to configure:

-          Active Directory Domain Services Agent

-          Extensible Connectivity Agent (MOSS-<GUID>)

Configuring Active Directory Domain Services Management Agent :

In order to configure Active Directory Domain Services Agent, the first step is to go to properties window (Right click, then Properties).

-          In Select Object Types area, make sure InetOrgPerson is selected

-          In « Select Attributes » section: Make sure « cn » attribute is selected if you want a nice display name on SharePoint.

-          In « Configure Join and Projection Rules » section: Add a declared Projection rule on « person » Metaverse object type.

-           In « Configure Attribute Flow » section: Copy the properties from the «Object Type: User» to the « Object Type: inetOrgPerson » including the setting for the Type (Direct | Rules Extension | Constant) (but map « cn » to « displayname »)

That’s all for the Active Directory Agent, now we just need to configure the « Extensible Connectivity Agent ».

Configuring Extensible Connectivity Agent (MOSS<Guid>) Agent :

-          Same step as the Active Directory Agent, we need to go to the properties (Right click, properties)

-          In «Map Object Types» section, add a new Object type for «inetOrgPerson» of Object type «inetOrgPerson» to the Map Object Types list.

-          «Define Object Types» : Mirror the settings for "user" to the «inetOrgPerson» Object type

-          «Configure Join and Projection Rules» : Mirror the settings for «user» to the «inetOrgPerson» Object type

-          «Configure Attribute Flow» : Mirror the settings for "user» to the «inetOrgPerson» Object type

Running Full Import from SharePoint Central Administration:

-          Make sure the selected folder is included for synchronization («Configure Synchronization Connections»)

-          Go ahead and re-run a Full import from SharePoint Central Administration.

-          Now we can see those test «inetOrgPerson» objects in the search.