SharePoint 2016 User Profile Active Directory Import

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/215205

Question

In our SP2016 farm,we have configured User profile service with Active Directory Import. We are using ADFS claims for authentication. While mapping AD attributes to User Properties, I'm not sure which attribute has to be mapped for "Claim Provider Type".

enter image description here

Actually,I configured User property mapping with reference from our SP2013 farm.In our SP2013 farm,"Claim Provider Type" is mapped as "Trusted" and if I do the same for SP2016,Active Directory Import connection gets broken.

Can someone help me what should be the AD attribute for "Claim Provider Type" in SP2016 user profile service?

Was it helpful?

Solution 2

After selecting "User SharePoint Active Directory Import",I created a new "User Profile Synchronization Connection" and then I ran the below script to map User Profile properties and then ran a Full User Profile Synchronization:

$site = New-Object Microsoft.SharePoint.SPSite "http://CentralAdminURL"
$context = [Microsoft.SharePoint.SPServiceContext]::GetContext($site)  
$configManager = New-Object 
Microsoft.Office.Server.UserProfiles.UserProfileConfigManager $context  
$UPAConnMgr = $configManager.ConnectionManager  
$Connection = ($UPAConnMgr | select -First 1)  
if ($Connection.Type -eq "ActiveDirectoryImport"){ 
$Connection.AddPropertyMapping("mail","WorkEmail")
$Connection.AddPropertyMapping("userPrincipalName","SPS-UserPrincipalName")
$Connection.AddPropertyMapping("objectSid","SID")
$Connection.AddPropertyMapping("givenName","FirstName")
$Connection.AddPropertyMapping("msDS-PhoneticFirstName","SPS-PhoneticFirstName")
$Connection.AddPropertyMapping("sn","LastName")
$Connection.AddPropertyMapping("msDS-PhoneticLastName","SPS-PhoneticLastName")
$Connection.AddPropertyMapping("displayName","PreferredName")
$Connection.AddPropertyMapping("msDS-PhoneticDisplayName","SPS-PhoneticDisplayName")
$Connection.AddPropertyMapping("telephoneNumber","WorkPhone")
$Connection.AddPropertyMapping("title","SPS-JobTitle")
$Connection.AddPropertyMapping("department","Department")
$Connection.AddPropertyMapping("title","Title")
$Connection.AddPropertyMapping("department","SPS-Department")
$Connection.AddPropertyMapping("sAMAccountName","UserName")
$Connection.AddPropertyMapping("wWWHomePage","PublicSiteRedirect")
$Connection.AddPropertyMapping("proxyAddresses","SPS-SipAddress")
$Connection.AddPropertyMapping("mail","SPS-ClaimID")
$Connection.AddPropertyMapping("dn","SPS-DistinguishedName")
$Connection.AddPropertyMapping("msDS-SourceObjectDN","SPS-SourceObjectDN")
$Connection.AddPropertyMapping("physicalDeliveryOfficeName","Office")
$Connection.AddPropertyMapping("manager","Manager")
$Connection.Update()  
}

OTHER TIPS

When you configure the ADI with ADFS then Claim Provider Identifier and Claim Provider Type are set automatically, you dont need to manually set it. you just have to map the "Claim user identifier" property as "mail".

Are you seeing any issue without mapping?

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top