SharePoint 2007 has the ability to synchronize the user profiles from an Active Directory. I mean, we can create a connection with an active directory to import all users and groups saved there. In bigger organizations is impossible to know the persons that work there then we could create a search advanced people, using the metadata imported from active directory. The problem in SharePoint 2007 is that this synchronization only supports the importations of the data.
SharePoint 2010 has the same ability to synchronize users from an Active Directory and also can export the data saved for the user in SharePoint in the Active Directory, I mean, that in SharePoint 2010 could be synchronized the metadata of the user from his personal site or profile page to the Active Directory.
When we are working with bigger organizations where there are miles of users working there is very hard to have the active directory with all data of these users. In some case these organization have done custom applications for handle the information stored in the active directory or have a lot of administrators working in the user’s profile.
With this new feature of SharePoint 2010 the user could handle her personal information from her personal site or profile in SharePoint 2010 and the information modified by the user will be saved in the active directory automatically.
Once the farm and personal sites was configured on SharePoint 2010 the next step is to create a new connection with our domain. In image 1 we can see the home page of Service Application to handle the user profiles.
As we say before, the first thing that we need to create is a connection with our repository of user, for this example I’m using an Active directory installed in the machine where I had installed SharePoint 2010.
In image 2 we can see the section to create a new connection in SharePoint 2010. Is important to know that I’m using the default service application created by SharePoint but If you want to have a special configuration or granular configuration you can create a new service application in SharePoint 2010 and after associate it to the web where you want use it.
Well, in the page we will go to create a new connection with our active directory using the information needed to get a connection with the repository of users. When we got the connection configured, the next step is start a full synchronization with the Active Directory configured because is needed to have all information from our repository. To start the synchronization we are going to the section “Start Profile Synchronization” as we can see in image 3.
When the process have finished we can start to configure the properties of the user profiles synchronized. To do that we are going to the section “Manage User Properties” in the “People” section of the user service application. In image 4 we can see all properties created by SharePoint during the installation, the default properties.
As you can see this page have the default properties but you can create new, delete or edit properties. For this example we are going to edit the property “Name”, this property is used to show the property “Display Name” from the Active Directory. In Image 5 we can see the edition page of this property and to access it we selected the option “Edit” from the contextual menu.
The first thing to do is remove the configuration (Import configuration) that we have in the section “Property Mapping for Synchronization”. Now we are going to add a new configuration mapping”, then in the section “Add New Mapping” we are going to select the property from the active directory that we want configure, in our example we are going to select “Display Name” in the second DropDownList and in the last DropDownList we are going to select the option “Export” and press the button Add. In image 6 we can see how the new configuration will been created.
Ok, once our configuration is done and is ready, we will change the name of the user using personal site and save the change. To impact this change in the Active Directory the synchronization job must start running, then we have 2 options, the first option is wait to the synchronization of SharePoint, I mean, that the job finishes and the second option is start the synchronization manually. In image 7 we can see how we can change the property in our personal site and the image 8 we can see that the value loaded in SharePoint was saved in our active directory once the synchronization ended.
This procedure could be used for all properties in SharePoint or we could add new property from our active directory.