In Microsoft Office SharePoint Server 2007, we often run into situations where some attributes of a user are updated in Active Directory however the changes do not reflect in SharePoint Sites even after a Profile Import. This KB is intended to aid in troubleshooting some of the most common issue with the Profile Synchronization Timer Job.
Lets take an example of a user "Susan Burk" who gets married and her last name changes to Johnson so her name becomes "Susan Johnson".
Active Directory (AD) is updated for the Last Name and Display Name of the user.
SharePoint Admin does a full / incremental profile import and we see that the changes have reflected in her User Profile.
However, within the SharePoint sites she is still listed as "Susan Burk" and it has not changed to "Susan Johnson".
The Profile Synchronization Timer Job is responsible for keeping the MOSS Profiles (SSP) in sync with the WSS profiles (Content Database). By default, the Profile Synchronization Job run once every hour.
CAUSE
There are quite a few things which can cause the users name to not update properly in the SharePoint sites
· Database is marked as read-only in SQL Server
· Database status set to ‘Offline’
· Site Collection is set to read-only
· Profile Import is running
· Content Database is in a ‘Moving’ state (stsadm -o preparetomovecommand was previously ran).
· User is not active in SharePoint
· Web Application is excluded from sync
· The Office Server Web Services web application has a bad SSL certificate.
RESOLUTION
Database is marked as read-only in SQL Server
· Remove read-only setting on database in SQL
Database status set to ‘Offline’
· Set the database to ‘Ready’ in Central Administration > Application Management > Manage Content Databases
Site Collection is set to read-only
· Remove read only lock in Central Administration > Application Management > Site collection quotas and locks
Profile Import is running
· Allow the user profile import crawl to complete
Content Database is in a ‘Moving’ state (stsadm -o preparetomovecommand was previously ran).
· Run the following query to determine which databases are in the moving state.
· Replace SharePoint_Config with your configuration database name
· Replace SharedService1_DB with your Shared Service database name
Select Name from Sharepoint_Config.dbo.Objects with (nolock)
where id in
(Select Distinct ContentDBId from SharedServices1_DB.dbo.SiteSynch with (nolock) where Moving = 1)
· Run the following stsadm command to unset the moving flag for each database returned in the query
· Stsadm -o preparetomove -contentdb <SQL Server Name:Database Name> -undo
User is not active in SharePoint
Run the following stsadm commands to sync inactive users. This will increase the amount of time that the sync job takes to complete on the next run.
· Stsadm -o sync -ignoreisactive 1
· Stsadm -o sync -deleteolddatabases 0
Web Application is excluded from sync
Run stsadm -o sync -excludewebapps to get a list of excluded web applications.
Remove the web application URL from the output of the previous command. Then run the following to update the excludewebapps property.
· Stsadm –o sync excludewebapps “List from previous command minus URL of web that is not syncing “
· See Sync: Stsadm operation at http://technet.microsoft.com/en-us/library/cc263196(office.12).aspx
The Office Server Web Services web application has a bad SSL certificate.
· See resolution section of KB 962928 http://support.microsoft.com/kb/962928
