SharePoint 2010: User Profiles - Steps to Partition the User Profiles Service Application
Moved from https://blogs.msdn.com/vijgang
Pre-requisite:
These are few steps to be done prior to getting the User Profiles provisioned.
- Understand the new User Profiles architecture in SharePoint 2010. Few good articles are https://technet.microsoft.com/en-us/library/ee721049(office.14).aspx and https://blogs.msdn.com/spses/archive/2010/04/01/sharepoint-2010-provisioning-user-profile-synchronization.aspx
- Before running through the steps in the blog, have the following ready:
- Full functional SharePoint 2010 version
- Two web applications to participate as the tenant sites - https://sharepoint:91 and https://sharepoint:92
- My DC has 2 Organization Units (OUs) created,
- UsersSet1 - with 2 users - user11 & user12.
- UsersSet2 - with 2 users - user21 & user22.
- The SQL Server for our setup is called mydatabaseserver
- Note that many of the steps here related to partitioning are not reversible. You might have to delete the object and recreate it, if you need to rollback for any reason.
- Do not close the Powershell window as we might be referencing the same objects throughout the script.
Steps to partition the User Profiles Service Application:
- Under Central Administration –>Manage Services on Server, start the "User Profile Service".
- Run each of these steps at a time as the output of one may have to be used as the input for another step.
#######################################################################
# Steps to create the subscriptions and assigning the subscriptions to the sites
#######################################################################
# Get the list of Sites in SharePoint - verify the above Web application URLs are listed.
Get-SPSite
# Get a reference to the first site
$site1 = Get-SPSite | where {$_.url -eq "https://sharepoint:91"}
$site1
# Get a reference to the second site
$site2 = Get-SPSite | where {$_.url -eq "https://sharepoint:92"}
$site2
# Creating 2 subscription objects, one for each site.
$sub1 = New-SPSiteSubscription
$sub1
$sub2 = New-SPSiteSubscription
$sub2
# Assign the subscription 1 and 2 to respective Sites [When prompted, press Enter to select the default option of "Y"].
Set-SPSite -Identity $site1 -SiteSubscription $sub1
Set-SPSite -Identity $site2 -SiteSubscription $sub2
# verify that the subscriptions are created and assigned correctly.
Get-SPSiteSubscription
#######################################################################
# Create the User Profile Service Application in Partition Mode.
#######################################################################
$userProfileSyncName = "Partitioned UP Synchronization Service"
# Replace mydatabaseserver with the name of your database server
$dbServerName = "mydatabaseserver"
# List all SharePoint application pools, chose an existing app pool for use by this User Profile Service Application. You may also chose to
# create a new Application pool if required.
Get-SPServiceApplicationPool
# I am going with using an existing application pool which shown as 'SharePointAppPool' in the list displayed by the above command
$AppPoolName = "SharePointAppPool"
$AppPool = Get-SPServiceApplicationPool -Identity $AppPoolName
# Create the new User Profiles Service Application, the DB names used are 'pProfileDB', 'pSocialDB' & 'pSyncDB'
$userProfileService = New-SPProfileServiceApplication -Name $userProfileSyncName -ApplicationPool $AppPool -ProfileDBServer $dbServerName -ProfileDBName "pProfileDB" -SocialDBServer $dbServerName -SocialDBName "pSocialDB" -ProfileSyncDBServer $dbServerName -ProfileSyncDBName "pSyncDB" -PartitionMode
# Create a User Profiles Service Application Proxy
New-SPProfileServiceApplicationProxy -Name "$userProfileSyncName Proxy" -ServiceApplication $userProfileService -DefaultProxyGroup -PartitionMode
#######################################################################
- Now, under Central Administration –>Manage Services on Server, start the "User Profile Synchronization Service". Here you need to select the “Partitioned UP Synchronization Service” under the “Select the User Profile Application” option. Enter the credentials and select OK. This takes a while to start up - the status is shown as 'Starting'. On completion it changes to 'Started'.
- Under Central Administration-> Manage Service Applications, click on "Partitioned UP Synchronization Service" to visit the Manage User Profiles page.
- Since this User Profile Service Application is Partitioned, the page is slightly different from the regular User Profiles screen.
Non-Partitioned User Profiles Management Page
![clip_image001[4]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/01/28/88/metablogapi/1425.clip_image0014_677F0FF6.png "clip_image001[4]")
Partitioned User Profiles Management Page
![clip_image002[4]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/01/28/88/metablogapi/5810.clip_image0024_258804DB.png "clip_image002[4]")
Note: The number of tenants is shown as 0. This means no subscriptions are assigned to this Service Application and that is what we need to do before attempting the Profile Import.
#######################################################################
# Assign the 2 Subscriptions to the Partitioned User Profiles Service Application Proxy
#######################################################################
#List all the Application Proxies
Get-SPServiceApplicationProxy
#Now from here pass the name of the "Partitioned" User Profile Service Application Proxy and store it in a variable
$pUPSP = Get-SPServiceApplicationProxy | ? {$_.DisplayName.Contains("Partitioned UP Synchronization Service Proxy")}
#Verify the object is correctly retrieved
$pUPSP
#Now add the two subscriptions ($sub1 & $sub2) created earlier to the User Profile Proxy object
Add-SPSiteSubscriptionProfileConfig -Identity $sub1 -ProfileServiceApplicationProxy $pUPSP
Add-SPSiteSubscriptionProfileConfig -Identity $sub2 -ProfileServiceApplicationProxy $pUPSP
#######################################################################
- Now refreshing the Manage User Profiles page displays the 2 Tenants added to this User Profile Service Application.
![clip_image003[4]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/01/28/88/metablogapi/2086.clip_image0034_4ECF270C.png "clip_image003[4]")
- Now browse to "Configure Synchronization Connections", select “Create New Connection” and configure a Active Directory connection to your DC. We should include OUs - "UsersSet1" and "UsersSet2" in the import.
- We still have one more step left before attempting the import, we need to assign the Organization Unit (OU) that these subscriptions are going to need from the Profile store.
#######################################################################
#Assign the OUs for each subscription [Select the default value of “Y” when prompted].
#######################################################################
Set-SPSiteSubscriptionProfileConfig -Identity $sub1 -ProfileServiceApplicationProxy $pUPSP -SynchronizationOU "UsersSet1"
Set-SPSiteSubscriptionProfileConfig -Identity $sub2 -ProfileServiceApplicationProxy $pUPSP -SynchronizationOU "UsersSet2"
#######################################################################
- Now in the Manage Profile Service page, click on "Start Profile Synchronization” and select " Start Full Synchronization". Note only OU’s that match the Tenant requirements are imported.
- This should take a while and then we should be greeted with the following screen (assuming successful completion of the sync).
![clip_image004[4]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/01/28/88/metablogapi/3731.clip_image0044_02D3A093.png "clip_image004[4]")
- Here we see that 4 user profiles have been imported, according to our initial setup, we have 2 users each for each Site. Now we need to verify if the users are correctly assigned and the partitioning is really working. To do that, we need the Tenant Administration site to actually administer this further. Let's go ahead and create them.
#######################################################################
# Create the Tenant Administration Sites for both the web applications
#######################################################################
$tasite1 = new-spsite –url “https://sharepoint:91/sites/admin” –template “tenantadmin#0” –owneralias domain\user –sitesubscription $sub1 -AdministrationSiteType tenantadministration
$tasite2 = new-spsite –url “https://sharepoint:92/sites/admin” –template “tenantadmin#0” –owneralias domain\user –sitesubscription $sub2 -AdministrationSiteType tenantadministration
#######################################################################
- If you have more than one User Profile Service Application in your farm, then you will need to go to Central Administration->Application Management->Configure Service Application Associations, click on the "Application Proxy Group" associated with your web application and set "Partitioned UP Synchronization Service Proxy" as the default service application.
- The last step finally is to verify that the user profiles are imported correctly for each subscription. To validate that, browse to each of the Tenant Administration sites - https://sharepoint:91/sites/admin & https://sharepoint:92/sites/admin and select "Manage User Profile Application" . You should see 2 user profiles under each Tenant administration site.
![clip_image005[4]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/01/28/88/metablogapi/5633.clip_image0054_5B893190.png "clip_image005[4]")
- Selecting "Manage User Profiles" will allow you to manage the actual user profiles allocated to this specific subscription.
This concludes the partitioning steps for User Profiles Service Application.