Plan user profiles (SharePoint Server 2010)
Applies to: SharePoint Server 2010
This article describes the Microsoft SharePoint Server 2010 user profiles feature and gives guidance on planning user profiles.
In this article:
What are user profiles?
About user profile properties
About property policies
Planning user profiles
Note
Profile synchronization is the process of synchronizing data from directory services and business systems with user profiles. Along with understanding the concepts and activities described in this article, you should read the related article Profile synchronization overview (SharePoint Server 2010).
What are user profiles?
A user profile is a collection of properties that describes a single user, along with the policies and other settings associated with each property. The user that a profile describes is represented by a unique identifier in the profile, and the remaining properties provide information about that user, such as the user's phone numbers, manager, office number, job title, and so forth. The set of user profiles for a SharePoint deployment are stored in the profiles database associated with a User Profile Service application.
User profiles help identify connections between users in an enterprise, such as their common managers, workgroups, group membership, and common Web sites. They can also contain critical information about a user, such as the products the user works on, the user's interests or areas of expertise, and the user's place in the organization's structure. By exposing this information in features such as My Sites, user profiles provide the basis for enterprise social networking in SharePoint Server. Some of the enterprise social networking features that user profiles support are:
My Sites
Profile pages
People searching
Organizational charts
Expertise search
Social tagging
Audiences
As shown in the following illustration, user profiles can be composed of properties that are imported from a directory service, imported from business systems, and supplied by users.
For example, a directory service could supply essential information needed across the organization, such as users' account names, work telephone numbers, titles, and work e-mail addresses. Business systems could supply business-related critical information, such as the customer accounts or product lines managed by each team member. Users could supply supplemental information about themselves, such as their areas of expertise or hobbies.
New user profiles are created in the following ways:
If an authenticated user does not have a user profile, a new one is created using properties taken from the appropriate directory service when that user initially accesses his or her My Site.
One or more new user profiles can be created using profile synchronization. For details, see Plan for profile synchronization (SharePoint Server 2010).
A custom solution can be developed to create user profiles. For more information, see How to: Create User Profiles and Organization Profiles.
Note
User profiles are distinct from SharePoint Server user accounts and exist in their own data store. User accounts provide security and access rights to objects in SharePoint Server. User profiles are used to organize information about users and about the relationships among users. Updating a user's profile has no effect on that user's user account.
About user profile properties
A user profile is composed of a set of user properties. Each user property provides an item of information related to a user. User property values can come from directory services, business systems, or user input. You can configure some properties so that they can be exported to a directory service. Many of the decisions you make in planning user profiles are about which user properties to include and how their values are set.
A rich set of data types is available for user properties. For a list of the supported data types and their definitions, see PropertyDataType Fields.
User profiles include a set of default user profile properties. Many of these properties are included because they are used by SharePoint Server social networking or personalization features, and a subset of the properties are mapped automatically to their corresponding directory service attributes after you run profile synchronization. For a list of default user properties, see Default user profile properties (SharePoint Server 2010).
SharePoint Server includes a managed metadata feature. Managed metadata is a hierarchical collection of centrally managed terms that you can define and then use as attributes for items in SharePoint Server. A set of managed terms is a term set. You can associate a term set with an editable user profile property. By doing this, you can govern the values associated with that property and make it easier for users to enter appropriate values for it. For example, by associating a term set that defines the job titles in an enterprise, you can help promote consistent use of those titles in user profiles. For information on planning managed metadata, see Plan managed metadata (SharePoint Server 2010).
About property policies
As described above, user profiles are used in many SharePoint Server 2010 social networking features. You can set policies on each user property in a user profile to help govern how the information in that property can be used. You can specify:
Whether or not a property is included in user profiles
Whether or not it is required
Whether or not users can change the default privacy setting of a property
Who the property is visible to, based on their role in the organization
The following table describes each policy setting option.
Policy setting option | Description |
---|---|
Enabled or Disabled |
You can configure a property to be available for use in features that incorporate it, or you can disable the use of that property. |
Required |
You can specify that a property must contain information. |
Optional |
You can specify that a property is not required to have a value. Each user can provide values for the property or leave the property empty. |
Default privacy setting |
This determines who can see information for a property, as follows:
Note User Profile service administrators can always view the information in a user profile regardless of its default privacy setting. |
Users Can Override |
When this option is selected, users can change the property's default privacy setting. When this option is not selected, only administrators of the User Profile Service can change default privacy settings. |
Replicable |
The property's value will be replicated to user information lists in other sites when its value changes. For a property to be replicable, its default privacy setting must be set to Everyone and the User can override policy must not be selected. |
Along with setting policies on each user profile property, you can set similar policies on some SharePoint Server features that provide profile-related information in lists, Web parts, or Web sites. The personalization feature settings that you can set policies on include:
The display of SharePoint site memberships
The display of distribution list memberships
The display of colleagues on My Sites
Auto-population of colleagues based on organizational hierarchy
The display of colleague recommendations
The display of links on My Sites
Other sites pinned to My Sites
For example, if the display of distribution list memberships is enabled with a privacy setting of "My Team," then only members of a user's team will be able to view which distribution lists that user belongs to.
The following considerations can help you determine which policies are appropriate for your organization:
Which properties should be required? Some properties are required by default and can be configured so that they cannot be overridden or changed by users. In most organizations, these properties are key ways to enable collaboration and develop relationships across the organization. SharePoint Server 2010 also uses many of them to enable other features, such as colleagues and audiences. For more information, see Audience and content targeting planning (SharePoint Server 2010) and Default user profile properties (SharePoint Server 2010).
Which properties should be visible to everyone? By default, most properties are visible to everyone, but sensitive information can be configured to have limited visibility. For example, a company that has many employees in the field might decide that mobile phone information is important for everyone to see. Other organizations might choose to keep all non-work telephone numbers private.
Which properties policies can be changed by users? Some property policies have settings that can be changed by users. For example, some users might not want automatic population of colleague lists. Other users might want to change the default visibility setting for a property.
When planning the policy setting for a property or personalization feature, consider the factors shown in the following table.
Condition | Disable the property | Make the property optional | Make the property required |
---|---|---|---|
The property is used by key user features. |
X |
||
The property is associated with key business data for applications in the Microsoft Business Connectivity Services. |
X |
||
The property is used when you create audiences. |
X |
||
User Profile Service administrators expect consistent and meaningful values for the property. |
X |
||
The property will rarely be used. |
X |
||
The property will distract from more important properties. Note You can change the display settings for properties to hide them. |
X |
||
You decide to provide default values for properties, but want users to be able to change or remove those values. |
X |
When you plan the default visibility settings for properties, consider the factors shown in the following table.
Condition | Action |
---|---|
You want to use the property in search so that users can be found by searches for the property. |
Set the default access policy to Everyone. Note Only properties that have a privacy setting of Everyone will be used by search. |
The property is useful across workgroups and other divisions in your organization and does not contain sensitive information. |
Make the property visible to everyone. |
The property is mostly useful for collaboration inside an immediate workgroup or with a specific group of individually selected colleagues. |
Make the property visible only to colleagues. |
The property is of a private or sensitive nature. Note What is considered private information can vary from organization to organization. |
Make the property visible only to the immediate manager, or in some cases, only the individual user. |
Planning user profiles
This section provides guidance to help in planning user profiles. It is recommended that your planning tasks are done in the following order:
Identify stakeholders
Identify how the profile information will be used
Identify directory services and business systems
Determine which properties to include
Determine property details
Determine personalization settings policies
Plan for capacity
Some sections below refer to the User Profile Properties Planning worksheet (https://go.microsoft.com/fwlink/p/?LinkId=202832). Use this workbook to record your user profile properties configuration decisions along with personalization feature settings. The workbook also has a place to record contact information for the profiles stakeholders in your enterprise and for members of the governing body that oversees profile properties decisions.
Identify stakeholders
User profiles are part of an enterprise's information architecture and must meet the needs of workgroups that depend on the profile information. Decisions about which properties to include in profiles should be based on input from stakeholders representing the workgroups that use My Sites and other social computing features.
Decisions about user profiles must strike a balance between meeting the social computing needs of the organization and its security, privacy, and regulatory responsibilities. Therefore, decisions about which information to expose in user profiles and which properties to include should be made with the participation of executive sponsors, legal advisors, and human resources team members. This helps to ensure that the use of profile information is compliant with enterprise policies and legal requirements. If your solution spans multiple locales, it is a recommended practice to include represents from the various locales in making these decisions.
Use the Stakeholders tab on the User Profile Properties Planning worksheet to record the contact information for the members of your profiles stakeholders.
Identify how profile information will be used
How user profile information is intended to be used in your SharePoint solution is the key determinant in planning user profile properties. Your functional specifications and architectural documents should provide this information and should help guide you in designing effective user profiles to meet your users' needs. As with any SharePoint Server solution, it is recommended that you develop your solutions using standard best practices such as functional specifications, software development and configuration management tools, pilot projects, and other standard techniques. Your development team's functional specification, architecture diagrams, and other artifacts will be key resources in determining requirements for user profile properties.
Identify directory services and business systems
User profiles contain data from directory services and business systems. Directory services can supply the members of your user community and provide data about those users. Additional user information can be imported from business systems such as external databases or Web services. The particular directory services and business systems to use depend on your enterprise's environment.
For more information about integrating user profiles with directory services and business systems, see Plan for profile synchronization (SharePoint Server 2010). That article includes information on planning directory service and business system integration and includes a Connection Planning worksheet in which you should list the directory services and business systems required by your solution.
Determine which properties to include
Review the article Default user profile properties (SharePoint Server 2010). Those properties that are mapped by default support basic SharePoint Server social computing and personalization features.
Also, determine which additional custom properties to include based on your social computing solution goals, your solution's functional requirements, and the data available from directory services and business systems.
In the Property column of the User Profile Properties Planning worksheet, list each property to include. Information about filling in the rest of the worksheet is provided in the following section.
Determine property details
Use the User Profile Properties Planning worksheet to record the set of properties to include in user profiles, as shown in the following table.
Property | Information to provide |
---|---|
Source |
Indicate the source for the property: a directory service, business system, or "user input" for a write-in field. For business systems, it is recommended that you enter the particular business system, such as "HR system". |
Type |
Indicate the property's type. A list of the supported data types and their definitions is available at PropertyDataType Fields. |
Description |
Define the property and describe its intended use. |
Enable |
Indicate if this property should be enabled. Enabling a property makes it available for use in features such as My Sites. Disabled properties are only visible to administrators of the User Profile service. |
Require |
Indicate if the property is required to have a value. |
Editable |
Indicate if users can edit this property's value. |
Term set |
If this is an editable property, you can optionally supply the name of a term set containing acceptable values for the property. |
Default privacy setting |
Indicate who can see information for the property: everyone, colleagues, team members, manager, or only the user. |
Privacy setting override |
Indicate if users can change the property's default privacy setting. |
Display options |
Indicate if this property's value should appear in the following places:
|
Replication |
Indicate if the property can be configured to be replicated to user information lists on other sites when a user changes its value. This requires that the property's default privacy setting is Everyone and that users cannot override the property's default privacy setting. |
Search-related attributes |
There are two search-related attributes:
For tips on designing user profiles that are searchable, see Build a My Site profile to help people find you. |
Connection attributes |
There are three connection-related attributes: Connection name, Direction, and Attribute name. For descriptions, see Plan for profile synchronization (SharePoint Server 2010). |
Determine personalization settings policies
Along with setting policies on each user profile property in the User Profile service application, you can set similar policies on SharePoint Server features that provide profile-related information in lists, Web parts, or Web sites. You do this on the Manage Policies page of the User Profile service application.
Use the Personalization tab of the User Profile Properties Planning worksheet to record the set of policies related to personalization features. You can set policies to give users the capabilities show in the following table.
Feature | Information to provide |
---|---|
SharePoint site memberships |
Enable this capability if users' SharePoint site memberships should be displayed in My Sites, lists, and Web parts. |
Distribution list memberships |
Enable this capability if distribution list memberships should be displayed in My Sites, lists, and Web parts. |
Colleagues |
Enable this capability if users' colleagues should be displayed in My Sites. |
Auto-population of colleagues from organizations |
Indicates if the user's colleagues list should be auto-populated based on organizational hierarchy. |
Display colleagues recommendations |
Indicates if the list of colleague recommendations (based on email usage and other factors) should be displayed in My Sites, lists, and Web parts. |
Display links on My Sites |
Enable this capability if links to users' frequently visited Web sites should be displayed in My Sites. |
Display other sites pinned to My Sites |
Indicates if the sites that users have pinned to their My Sites can be viewed by other users. |
You can enable or disable personalization features, and you can configure privacy settings on them. In the User Profile Properties Planning worksheet, record your privacy policy preferences for each personalization features, as shown in the following table.
Setting | Information to provide |
---|---|
Enable |
Indicate if this personalization feature should be enabled. Enabling a capability makes it available for use in features such as My Sites. |
Default privacy setting |
Indicate who can see information provided by the feature: everyone, colleagues, team members, manager, or only the user. |
Privacy setting override |
Indicate if users can change the feature's default privacy setting. |
Plan for capacity
The number and types of properties in your user profiles can affect your system's performance during profile synchronization and other operations. It is beyond the scope of this article to provide guidance about how to plan user profile properties with capacity and performance in mind. The white paper "Capacity Planning for Microsoft SharePoint 2010 My Sites and Social Computing features (MySitesSocialComputingCapacityPlanningDoc.docx)," available from the Microsoft Download Center, uses test data to describe the performance and capacity impact of a range of choices in configuring user profiles and other social computing features in SharePoint Server. Read this white paper to help determine the best way to design your user profile properties to achieve your performance and capacity planning goals.
See Also
Concepts
Plan for social computing and collaboration (SharePoint Server 2010)
Configure a profile synchronization connection in SharePoint Server 2010 (video)
Configure a synchronization connection to a SQL Server database in SharePoint Server 2010 (video)
Other Resources
User profile properties and profile synchronization planning worksheets
Understanding Forefront Identity Manager 2010
Resource Center: Enterprise Collaboration in SharePoint Server 2010
Resource Center: Social Computing in SharePoint Server 2010