Monday, March 24, 2014

SharePoint 2013: Configure user profile synchronization service

On the default SharePoint 2013 configuration, the User Profile Synchronization Service (UPSS) is not enabled, so alerts are created but don't work because users don't have a valid e-mail address. Supposing user e-mails are somehow already loaded on AD, here what's you gonna do to configure user profile synchronization:
  1. Follow the article "Synchronize user and group profiles in SharePoint Server 2013" ( Notice that the synchronization account must be Farm Admin, and local admin on the box running the UPSS instance.
  2. Use ADSI Edit on the DC to give "Replicate Directory Changes" permission to the synchronization account on the container where your users are.
  3. My test domain had no Exchange or other similar mail server program, so the AD attribute "proxyAddress" was blank. By default SharePoint loads an user e-mail address from this attribute, so I had to remap SharePoint "Work E-Mail" property to the "mail" attribute on AD (which I already had filled). Then run a full synchronization (an incremental one did not load the values).