Updates in AD not reflecting in SharePoint

  • Article

 

Whenever user properties are updated in Active Directory, following needs to be done to have them reflected in SharePoint

1. Run User Profile Synchronization

Go to Central Admin –> Navigate to Manage Applications Service –> Find User Profile Synchronisation and run full sync

image

 

image

image

image

Click Start Full Synchronization

Notice the status of synchronization in the Manage Profile Service screen

image

Once done to verify user values have changed in profile click on Manage User Profile on the same screen

image

Find the user and click the Account name to check the profile

image

image

Notice the changes are reflected here.  I changed the display name, first name and last name and they have changed.  Do not update anything here, this is to just see if changes are reflected from AD

image

 

Now if you navigate to the site collection and search for the user I do not see the reflected name yet.

This is because the user is not synchronizing correctly to a Site Collection.

To do this, note what permission the user has.

Navigate to Site Setting of the site collection in question

Click on Site Permissions

image

Click on Check Permissions

image

Give user name here and note the groups and permissions of the user.

So navigate to this page <Site URL>/_layouts/people.aspx?MembershipGroupId=0

Delete the user from this list.

Important If you remove the user from the All People group, all the user's permissions to this Site Collection are removed. Before you remove the user's permissions and re-add them, note the user's permissions. To do this, on the Site Actions menu, click Site Permissions, and then click Check Permissions.
The All People group is hidden in SharePoint 2010. However, to access this group, you can modify the following URL in the browser:

< Site URL>/_layouts/people.aspx?MembershipGroupId=0

Having done this re-add the users to the groups it belonged to and give it the permission it had.

Once done the user’s properties are now synced with site collection and update properties started getting reflected.

Comments

  • Anonymous
    April 02, 2015
    That's helpful. It would be great if there was a powershell script to detect this for all users and that could be run as needed. Or better yet, this should be incorporated as part of the user profile cleanup or such timer job.

  • Anonymous
    April 03, 2015
    @Ransher - We updated properties of all users, and then after running the profile sync, I checked it for one of the users.  If one of the user's properties are updated, it would be updated for others too.  Further I deleted all users from the All People's group.  and then added gave them permission back.

  • Anonymous
    April 22, 2015
    If after running sync properties are not getting updated you can forcefully try deleting UPS database by running these commands stsadm -o sync -listolddatabases 0 stsadm -o sync -deleteolddatabases 0 It deletes UPS database and then running sync will create it again so don't be hesitant in running these.