Category: SharePoint 2013

Many times we end up battling “SharePoint Profile Synchronization” (aka: “FIM Sync”) for a while before we realize that “SharePoint Active Directory Import” (aka: “AD Import”, aka: “ADI”) was a better fit all along. Why switch?  Or for new farms, why go with AD Import? “SharePoint Active Directory Import” (“AD Import” from here on) is

Update 11/24/19: Although the “Background” section below applies to all SharePoint versions and authentication types, this post is specific to Windows Authentication (NLTM or Kerberos) within SharePoint 2013. For SharePoint 2016, see this post: https://joshroark.com/sharepoint-2016-check-permissions-windows-auth/ For Forms-based authentication see this: https://joshroark.com/sharepoint-check-permissions-and-external-tokens-fba/ And for Trusted Provider (SAML) auth, see this: https://joshroark.com/sharepoint-check-permissions-and-external-tokens-adfs-saml-auth/ Why should you care? Having “Check

In certain domain configurations, User Profiles can be imported with the incorrect domain name.For example: account names are supposed to shown as CORP\User1, but profiles are imported as contoso\user1 Note: This applies to both SharePoint Profile Synchronization (aka: FIM Sync) and Active Directory Import (aka: AD Import).     What’s the impact? There are a few problems

Overview: This is a fairly visible problem within SharePoint.  It can cause the organization chart to show old manager info, or not work at all.So what to do if your user profiles show no manager value, or maybe a user has changed managers, and it’s not being updated? This is a complicated topic for a

Important: This little quirk only occurs with the “SharePoint Profile Synchronization” (aka: FIM Sync) option in SharePoint 2010 and 2013.  It does not occur with the “Active Directory Import” (aka: AD Import) option available in SharePoint 2013 and 2016.  If possible, I recommend switching to AD Import.  You can read through switch considerations in my

Consider the following scenario: You have a fairly large and / or complex Active Directory (AD) infrastructure.When using People Picker in a SharePoint 2013 or 2016 site, you are unable to find users from certain domains, and eventually the People Picker control displays an error: “Sorry, we’re having trouble reaching the server”. You do some

Consider the following scenario: You have a SharePoint list with a Person or Group column.This column is limited to choose from a SharePoint group called (for example) Approvers.     Within this SharePoint group, you have three users with (for example) first name Jeff, and one user with last name Jefferson. Within the person or