SharePoint: Issues with profile pictures when MySite uses SAML auth

  There are a couple known issues with user profile pictures when your Mysite web application uses Trusted Provider (ADFS / SAML) authentication. Symptoms There are two different known symptoms with the same cause and solution: #1When running User Profile Synchronization, nothing is imported or exported. In the Forefront Identity Manager (FIM) client, we see

SharePoint 2016: Import profile pictures with MIM 2016 – walkthrough

In this post, I’ll walk through importing user profile pictures to SharePoint 2016 using Microsoft Identity Manager (MIM) 2016 using a ton of screenshots.  The idea is to show how the process works so you know how to configure it and where to go looking when something goes wrong. After completing the basic SharePoint 2016/

SharePoint: Considerations when switching from FIM Sync to AD Import

Many times we end up battling “SharePoint Profile Synchronization” (aka: “FIM Sync”) for a while before we realize that “SharePoint Active Directory Import” (aka: “AD Import”, aka: “ADI”) was a better fit all along. Why switch?  Or for new farms, why go with AD Import? “SharePoint Active Directory Import” (“AD Import” from here on) is

SharePoint 2013: Troubleshooting Check Permissions – Windows auth

Update 11/24/19: This post is specific to Windows Authentication (NLTM or Kerberos) within SharePoint 2013. For SharePoint 2016, see this post: https://joshroark.com/sharepoint-2016-check-permissions-windows-auth/ For Forms-based authentication see this: https://joshroark.com/sharepoint-check-permissions-and-external-tokens-fba/ And for Trusted Provider (SAML) auth, see this: https://joshroark.com/sharepoint-check-permissions-and-external-tokens-adfs-saml-auth/ Why should you care? Having “Check Permissions” fail to give you an accurate representation of user permissions can be

SharePoint: User profiles are imported with wrong domain name – NetBiosDomainNamesEnabled

In certain domain configurations, User Profiles can be imported with the incorrect domain name.For example: account names are supposed to shown as CORP\User1, but profiles are imported as contoso\user1 Note: This applies to both SharePoint Profile Synchronization (aka: FIM Sync) and Active Directory Import (aka: AD Import).     What’s the impact? There are a few problems

SharePoint: Importing Manager property with AD Import: A Troubleshooter

Overview: This is a fairly visible problem within SharePoint.  It can cause the organization chart to show old manager info, or not work at all.So what to do if your user profiles show no manager value, or maybe a user has changed managers, and it’s not being updated? This is a complicated topic for a

SharePoint: Profile Synchronization – some users are missing their manager

Important: This little quirk only occurs with the “SharePoint Profile Synchronization” (aka: FIM Sync) option in SharePoint 2010 and 2013.  It does not occur with the “Active Directory Import” (aka: AD Import) option available in SharePoint 2013 and 2016.  If possible, I recommend switching to AD Import.  You can read through switch considerations in my