Configure user profile service application in SharePoint 2016 step by step tutorial

This SharePoint 2016 tutorial, we will discuss how to configure user profile service application in sharepoint 2016. The same steps we can follow to configure user profile service application (UPSA) sharepoint 2013.

We will also see, My Site configuration in SharePoint 2016/2013.

User profile service application SharePoint 2016

User Profile service application stores information about users in a central location. UPSA provides a central location where SharePoint administrators can configure and administer various features like:

• User Profiles: This provides information and various properties of people in the organization.
• My Site Host: This is a Site Collection for hosting My Sites
• My Sites: These are subsites can be personalized and maintained by individual users. Users can upload their project/event documents, photos, and links.
• Profile Synchronization: This will import/synchronize the detailed information about users and groups stored in directory services throughout the organization.

In SharePoint 2016 USPA can be configured through 2 ways:

• Active Directory(AD) Import
• Microsoft Identity Manager (MIM)

Active Directory (AD) Import
Through this approach we can import the user information/profiles from AD this is one-way synchronization.

Limitations:

• We can’t push back the changes made in SharePoint to Active Directory
  Ex: Updating profile picture in my Site, user Phone number, etc
• We can import user details only from Microsoft AD we can’t import user information from any other providers.
• This doesn’t import user photos from Active Directory
• Doesn’t support BCS import

Microsoft Identity Manager (MIM)

Through this approach we can import the user information from AD or any other provider, we can also post back our changes to AD.

Configure user profile service application in SharePoint 2016

By the end of this article, you will learn how to configure user profile service application (USPA) and My Site host through AD Import in SharePoint 2016.

Step-1:
We need to create My Site Host, this site collection host all user individual my sites. You might be wondering why do we need to create My Site Host to configure UPSA? Along the way, you will see the answer to this question

• Log-on to Front End Server with a FARM ADMIN account
• Open SharePoint Central Administration
• Click on Manage Web Application

• Create a new Web Application for My Site in SharePoint

• Name the web Application as “My Site Host Web” for easy identification
• Once the Web Application create top-level Site Collection in “My Site Host Web” Application

• Ensure that you selected the right web application
• Enter the name of the Site Collection as “MY Site Host” and description
• Select “My Site Host” template under “Enterprise” tab

• Enter Primary and Secondary Site Collection administrators like as any other site collection
• Once the site collection is created check the site collection from “View All Site Collections”
  Central Administration -> Application Management -> Site Collections -> View All Site Collections

• Copy the URL of My Site Host which we need it while creating UPSA. In my case it is http://sharepoint2016:9999

Step 2:
Now that we have created the My Site Host, we need to create a User Profile Service Application (USPA).

• Click on Manage Service Applications
• Central Administration -> Application Management -> Service Applications -> Manage Service Applications

• Click on “User Profile Service Application” under “New”

• This will open a new popup window to create “User Profile Service Application”
• Name the Application and Application as shown below:

• Provide the My Site Host URL which we have copied in Step1

• Do not change any other values and click on create
• Once the application pool is created refresh the page and you should be able to see as below

• Click on User Profile Service Application created just before, it will take you to Manage Profile Service page. Please notice the number of User Profiles as “0”

• With this, we have successfully created the user profile service application in SharePoint.

Step 3:
In this step, we will create Connection to AD and import the user profiles.

• Click on Configure Synchronization Connections in Manage ProfileServices

• This will take you to the Synchronization Connections page and click on “Create New Connection”.

• Provide all the information “Domain Name” should be accurate one IT team should be able to provide you that

• Click on “Populate containers” that will create a connection to Ad and pulls all the various groups and users information as below:

• If you want to filter any of the groups / users to excluded you can select at this level.
• Click OK will create the connection.

• Now that the Connection has been established we can import the user details from AD

Step 4:
Adding SharePoint FARM account in Active Directory Domain Controller.

Granting access to FARM Admin account in Active Directory

Note: This has to be performed in Domain controller

• Log-on to Domain controller
• Open Active Directory Users and Computers
• Select your domain
• Right-click and choose “Delegate Control”

Then it will open a wizard to add the delegation permissions

Follow the below screens:

Click on Next

Click Add and provide the FARM Account details.

Select “Create a custom task to Delegate” and click next.

Ensure that First radio button is selected and click next

Scroll down in list box and select “Replicating Directory Changes” checkbox and click next.

Finish the wizard

This will provide the required access to import user profiles from AD to SharePoint 2016

Step 5:
In this last step, we will schedule/perform the user profiles.

User profile import can be 2 ways:

• Full Import
• Incremental Import

• Log-on to Front end server with FARM Admin account
• Open SharePoint 2016 central admin
• Go to “Manage Profile Service: User Profile Service Application”
• Central administration -> Application Management -> Service Applications -> Manage Service Applications -> Select the desired “User Profile Service Application”
• Click on “Start Profile Synchronization” under Synchronizations
• Select the required Synchronization and click on as shown in the below screen:

Once the synchronization is completed you should be able to see the below screen.

Click on Manage user Profile and type your domain name and you will be able to see all the user details.

That’s all your user profiles are synchronized successfully.

User profile synchronization service stuck on starting SharePoint

Let us see, how to fix error user profile synchronization service stuck on starting sharepoint 2013 or user profile synchronization service is not starting in sharepoint 2013/2016.

As part of the User Profile configuration, we need to start “User Profile Synchronization Service” under services on the server. But when I try to start this service the status is kept showing as “Starting” as below.

user profile synchronization service stuck on starting SharePoint 2013

To fix this issue follow the below steps.

Log on to application server as FARM administrator

Open SharePoint PowerShell command window

Get all the services running in server with the below stsadm command

stsadm -o enumservices > C:\services.txt

The output will be as follows:

Once you get the output to execute the below script to stop the service provisioning.

stsadm -o provisionservice -action stop -servicetype "Microsoft.Office.Server.Administration.ProfileSynchronizationService, Microsoft.Office.Server.UserProfiles, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" -servicename FIMSynchronizationService

The output will be as follows:

As advised in the output these changes will be effected after IISRESET and server restart.

After you restart the server stop the below 2 services and disable them

Now open the folder “S:\Windows\System32\WindowsPowerShell\v1.0” and delete the auto-generated PowerShell files “Microsoft.PowerShell_profile.ps1” and “Microsoft.PowerShellISE_profile.ps1”

Now restart the “User Profile Synchronization Service” in Service on a server in central admin.

This will start both the services listed in step 6 and starts the “User Profile Synchronization Service”

The output is as follows:

start user profile synchronization service PowerShell

If you are getting user profile synchronization service stuck on starting 2013 error, then we can also start user profile synchronization service using PowerShell in SharePoint 2013/2016.

You can use the below PowerShell script to solve the error user profile synchronization service stuck on starting 2013 error.

#Stop hangged User Profile Synchronization service
$userprof=Get-SPServiceInstance |?{$_.TypeName -match "User Profile Synchronization*"}
Stop-SPServiceInstance $userprof

#UnProvisioned and then Provisioned Sync DB
$syncdb=Get-SPDatabase |?{$_.Name -match "Sync DB*"}
$syncdb.Unprovision()
$syncdb.Status='Offline'
$upa=Get-SPServiceApplication -Id |?{$_.Name -match "User Profile*"}
$upa.ResetSynchronizationMachine()
$upa.ResetSynchronizationDatabase()
$syncdb.Provision()

You may like the following SharePoint tutorials:

• Create and use image mapping in SharePoint Online
• SharePoint cannot complete this action as the Secure Store Shared Service is not responding
• How to create a custom master page in SharePoint using design manager
• Customize access denied page in SharePoint
• Follow/Unfollow SharePoint Online Site
• How to make SharePoint site read only?
• SharePoint bcs step by step
• How to enable wireless in Windows server 2012 R2?

In this SharePoint tutorial, we learned how to configure user profile service application in SharePoint 2016/2013.