Syncing WSS and MOSS User profile properties with Active Directory
Posted by Christian Dam on May 5, 2008
Have you ever experienced that the properties from the Shared Services User Import are not correctly replicated to your existing sites?
Let me illustrate! From a “clean” MOSS installation with user profile import correctly configured, when you from the Welcome drop down list choose My Settings all you see is this:
If you look at the same account in the Shared Services Provider, it also has no properties:
This is expected at the user account in Active Directory also has no properties set. Let’s enter some:
After having run a full import the MOSS profile is populated with the properties from Active Directory:
So far so good, right? Almost! The My Settings information is still not reflecting the changes.
Rachel explained this in the MSDN forum:
“There are actually 2 user profiles – one is a WSS profile and one is a MOSS profile. The WSS profile you access from Welcome user > My Settings page. The MOSS profiles are created when users are imported into the system from AD or LDAP. They are access from People Search or from a link off of your MySite.
The reason there are 2 is that you can install WSS without MOSS and they wanted a basic user profile. If you installed WSS without MOSS, you would see the profile (again, accessed through Welcome user > My Settings page) with about 3 properties.
If you install MOSS, do an import, and go to the WSS profile, you’ll see a bunch of properties added that MOSS adds. We now depricate the WSS profile. If you want to add property values to your profile, you need to go to your MOSS profile from your MySite (MySite > Details). You’ll be on the editprofile.aspx page. Add your properties. We then sync your properties to the WSS user list. You will see the values show up on the WSS profile after the sync happens.”
So the question is how to to force the replication?
Well, two MOSS Timer jobs per Web Application apparently control the replication. If you take a look at the Timer Job definitions (Central Administration -> Operations -> Timer Job definitions), you’ll find jobs called Profile Synchronization and Quick Profile Synchronization. These jobs should sync the changes to the WSS profiles. Unfortunately simply wait for the jobs to run aren’t good enough. However, a server reboot will make the synchronization happen. It is a bit drastic to reboot the server simply just to force MOSS/WSS to update a property update!
To make a long story short, use stsadm -o sync to force the property sync:
- -o -synctiming changes the Profile Sync job
- -o -sweeptiming changes the Quick Profile Sync job
I have gotten the best results by changing the schedule for the Profile Sync job to run every couple of minutes (stsadm -o sync -synctiming m:2). This may not be appropriate in a production environment with a large user population, though.
As stated by a few people in the comments, the trick with changing the synctiming and sweeptiming settings does not always work. I had the same issue at a customer site recently where not matter what I did, the profiles wouldn’t sync. I event tried to restart the Timer Job Service and the entire server farm, as I seen it work in other situations. Unfortunately, it didn’t work either.
However, the problem was solved using the stsadm -o sync -listolddatabases <n> and stsadm -o sync -deleteolddatabases <n> commands. The listolddatabases <n>option will list the databases that have not been successfully syncronized the last <n> days, and the deleteolddatabases <n>option will delete the syncronization information from the databases that are not successfully syncronized the last <n> days. Have no fear, using the deleteolddatabases option will not delete the content databases.
Afted having deleted the old sync information I forced the timer jobs to run as described above, and the syncronization completed successfully.
If you are having sync issues, chances are that error messages are showing up in the event log. Rodney Langley has a great post we he talks about similar issues as described in this Update here.
87 Responses to “Syncing WSS and MOSS User profile properties with Active Directory”
Sorry, the comment form is closed at this time.