For Configuring Enterprise People Search, I need to Pull Users from Active Directory by using User Profile Service Application.
So Before Creating and Configuring User Profile Service Application, Let’s Understand My SharePoint Environment.
In Active Directory I have one organizational Unit named as “SharePoint” where users are created.
As Shown in Red mark
a) SharePoint_Admin User Is an Administrator of SharePoint Server 2010.b) SharePoint _Farm User Is a SharePoint Farm Administrator.c) SharePoint_Service Is a Service Account to handle various Service Applications in SharePoint (such as Search Service Application)
Before Creating User Profile Service Application, ensure.
- SharePoint_Admin and SharePoint _Farm User are in local administrator group on computer NDJ(SharePoint Server 2010)
- Go to Administrative Tools and Select Services and under services ensure that Startup Type of “Forefront Identity Manager Service” and “Forefront Identity Manager Synchronization Service” is automatic (It Should not be disabled). Note: Do not start manually. It will start automatically.
- Go to Administrative tools and select IIS Manager and under Application Pools ensures that “SharePoint Web Services Root “has started. If not, start it.
User Profile Service Application
User Profile Service Application is a shared Application of SharePoint 2010 used to manage user’s profiles of organization, synchronizing profiles with active directory and crating My Sites for users.
So let’s create User Profile Service Application.
1) Open SharePoint 2010 Central Administration
2) On Quick Launch, Click on Application Management and then click “Manage Service Applications” Under Service Applications Section.
3) On Manage Service Application Page click on “New” and select User Profile Service Application.
4) On Create New User Profile Service Application window type
a) Name : User Profile Service Application1
b) Application Pool Name : UserProfileServicePool
c) Configurable : POINT\Sharepoint_Farm User
After typing these values click on “Create” Button at down.
Service Application will create. After Creating Service Application, we will start necessary services for service application
5) On Quick Launch menu of central Administration site click on “System Settings” then click on “Manage Services on Server” Under servers Section.
6) On Services on Server window find out
a) User Profile Service and click on start.
b) User Profile Synchronization Services and click start.
As soon we click on start we will have User Profile Synchronization Service Window.
On that window ensure that
a) “Select the User Profile Application” Is “User Profile Service Application1”
b) “Service Account” Is “POINT\SharePoint_Farm” and type Password, click on ok.
c) Now a timer job called “ProfileSynchronizationSetupJob” is created. When that job gets completed, a service “User Profile Synchronization Services” will also get started.
7) To see timer job, on Quick Launch of central Administration site , click on Monitoring and then click on check job status under timer jobs section.
Under Running Jobs We Must have “ProfileSynchronizationSetupJob”
NOTE: SharePoint server May take some Minute (up to 5) to start that job and get appear in Running Job List.
If Your Job does not start then Restart “SharePoint 2010 Timer” Service (Go to Administrative tools then select services) and again follow step 6.
NOTE: 5 to 15 Minute is required to complete this job. Press F5 to monitor status of this job once it disappears, means job has completed.
8) Ensure that both the services have started.
a) User Profile Service.
b) User Profile Synchronization Services.
On Quick Launch menu of central Administration click on “System Settings” then “Manage Services on Server” Under servers Section and check it.
9) Also ensure that Forefront Identity Manager Service and Forefront Identity Manager Synchronization Service Has started.
Go to Administrative Tools then click on Services and check it.
10) Restart IIS Server.
a) Go to start, right click on command prompt, then click run as administrator.
b) Type IISRESET
11) Now open our service application
On Quick Launch of central Administration site, click Application Management then “Manage Service Applications”, then “User Profile Service Application1” Link. We will have following page, where we can manage user profiles, synchronization with Active Directory, setup My Sites etc.
12) Now we have created User Profile Service Application, now it’s time to pull our active directory users from AD/DNS server.
NOTE: To do User Profile Synchronization with Active Directory, User SharePoint_Farm (who is Managing User Profile Service Application1) must have Permission to do synchronization. To assign permission use following snapshot
NOTE: We are working from SharePoint Server Machine Named as NDJ.
Assign Permission to user Sharepoint_Farm for synchronization1) Click on Administrative tools, Hold down shift key of keyboard and then right click on “Active Directory Users and Computers” and then click “Run as different Users”.
2) Login as Domain Administrator
3) Right Click on POINT.COM and then click delegate control.
4) Click next on “welcome to the delegation control wizard” window and add user “POINT\SharePoint_Farm” to delegate permission and click on next.
5) On “ task to delegate window” choose ‘create a custom task to delegate’
6) On Active Directory object type select “This Folder………”
7) On Permissions window select “Replicating Directory Changes” and click on next.
8) Click on finish button.
Here we have assign permission for synchronization with active directory.
Now Next step is to establish connection with Active Directory.
Creating connection with Active Directory1) On Quick Launch of central Administration Site, click Application Management then “Manage Service Applications”, then “User Profile Service Application1” Link.
Note on right corner: number of user Profiles are 0.
this Page click on “Configure Synchronization Connections”
2) On Synchronization Connections page click on “Create New Connection”
3) On add new synchronization connection page use following values.
a) Connection Name: POINT Active Directory Users.
b) Type : Active directory
c) Forest Name : POINT.COM
d) Account Name : POINT\SharePoint_Farm
Click on Populate Containers and choose SharePoint and Users organizational unit where users are available. And click on ok.
4) On Quick Launch of central Administration, click Application Management then “Manage Service Applications”, then “User Profile Service Application1” Link.
And click on “Start Profile Synchronization”. Synchronization Process will start; look at right side on page we have status “Synchronizing”
It will take 10 to 15 to finish this process. Press F5 until Synchronization status is Idle
Look above result, we have number of user profiles = 21 and profile synchronization status is Idle.
Here we have finished synchronization process now it’s time to create search center web application
Creating Enterprise Search Center1) On Quick Launch of central Administration Site, click Application Management then click Manage web applications Under web applications section and click New on ribbon, to create new web application.
2) On Create New Web Application window, type port = 111 and click on ok.
3) On Application Created window click on “Create Site Collection” under our web Application.
4) On create site collection window type
a. Title : My Search Center
b. Template: Enterprise Search Center.
c. Site Administrator : SharePoint_Admin
And click on ok button.
5) Now open our Search center web application , and from site Actions select “Site Permissions”
Click on Grant Permissions Button on Ribbon and assign read permission to all domain users and click on ok.
Now it’s time to work with Search Service Application
Configuring search service Application
1) On Quick Launch of central Administration, click Application Management then click “Manage Service Applications”, then click on “Search Service Application” Link.
“Default Content Access Account” for our Search Service Application is “POINT\SharePoint_Service”
2) To this account we need to assign “Retrieve People Data for SharePoint Crawlers” Permission.
To do this, on Quick Launch of central Administration Site, click Application Management then click “Manage Service Applications”, then select “user Profile Service Application 1” Do not open that application. (Select by clicking on right side)
Select User Profile Service Application as shown here and click “Administrators” on Ribbon.
3) In “Administrators for users profile service Application1” page add “POINT\Sharepoint_Service” user account and assign “Retrieve People Data for SharePoint Crawlers” Permission.
4) Now move to Search Service Application Again
On Quick Launch of central Administration, click Application Management then click “Manage Service Applications”, then click on “Search Service Application” Link.
Under crawling section click on Content Sources.
By default we have one content Source named as “Local SharePoint Sites”.
Click on arrow beside “Local SharePoint Sites” and click on Edit.
This page contains address of our web application on which we can do indexing or crawling.
Address of My Search Center web application is “http://ndj:111” other is default web site address.
On this Page delete address “http://ndj:111” and click on OK.
5) Now click on New Content Sources
6) On New Content source window type following
a) Name : MySC
b) Start Address : http://ndj:111 (Address of Search center)
And click on ok.
7) On Manage content Sources Page, click on arrow beside MySC and select “Start Full Crawl” And wait for few minutes, our web site and users profile contents are now indexing.
Click on Refresh Button until status of content Source is Idle
8) On Manage content Sources Page, click on arrow beside MySC and select “View Crawl Log”
On crawl log window ensure that there are no errors for Content source “MySC”
9) Before checking Result go to central Administration site
a) On quick Launch, click on Application Management
b) Click on manage web application
c) Select Our Enterprise search Center web application (“http://ndj:111”)
d) On Ribbon, Click on User Policy and ensure that “POINT\SharePoint_Service” user is having Full read permission.
e) If it is not assign it.
10) WOW ……Now Open our Enterprise Search center web Application “http://ndj:111”
On People Tab Type any Name available in Active Directory and see result………………………