To ensure that the User Profile Synchronization Service starts and your SharePoint servers be able to import and synchronize correctly with your AD services the above action should be performed before starting the configuration process of this service.
- The farm service account should be member of the local administrator group of the SharePoint server hosting the User Profile Synchronization Service.
- The service account of the User Profile Synchronization Service should have the permission of Replicate Directory Changes on the configuration partition of your AD.
| 1 | Start ADSI Edit |
 | |
| 2 | Right click ADSI Edit and then click Connect to… |
 | |
| 3 | Check Select a well known Naming Context , select Configuration from the dropdown list and the click Ok |
 | |
| 4 | Right click the Configuration entry and click Properties on the context menu |
 | |
| 5 | On the Security tab add the User Profile Synchronization Service account and give him the permission Replicating Directory Changes |
 |
- The User Profile Synchronization Service account should be delegated the Replicating Directory Changes on the domain :
| 1 | From ADUC console, right click the domain name and then click Delegate Control… |
 | |
| 2 | Click Next |
 | |
| 3 | Add the User Profile Synchronization Service Account and then click Next |
 | |
| 4 | Check Create a custom task to delegate and then click Next |
 | |
| 5 | Click Next |
 | |
| 6 | Check Replicating Directory Changes in permissions list and then click Next |
 | |
| 7 | Click Finish |
 |
0 commentaires
Post a Comment