User Profile Synchronization Topology

The User Profile Synchronization  Service Application allows us to synchronize profile information from the Active Directory, as well as other sources, into SharePoint.

For example we can  synchronize information from an external database and present or use it in SharePoint.

a big change in SharePoint 2016 is that Forefront identity manage which was part of the User Profile Service  in SharePoint 2013 is no longer supported, and as an alternative we can use Active Directory Import, or an external identity manager such as Microsoft Identity Manager.

SharePoint 2013 provided three options to implement  the Profile Synchronization Service:
SharePoint Profile Synchronization
SharePoint Active Directory Import
External Identity Manager

SharePoint Server 2016  only offers :
SharePoint Active Directory Import
External Identity Manager ( recommended is MS built-in Microsoft Identity Manager)

One of the reasons the SharePoint Profile Synchronization is no longer supported is that users from different domains couldn’t be part of the same audience. The second reason is that ForeFront identity manager is not supported by windows server 2016, which is the recommended OS for SharePoint 2016.

Active Directory Import is what Microsoft uses in Office 365, though it is stable it lacks some of the functionalities available in Identity Manager, for example:
You can only synchronize a single forest.
You can not create custom mappings
it is one-way sync; you cannot sync stuff back from SharePoint to the Active Directory.

Microsoft Identity Manager is a standalone product, released in 2015 with no relation to SharePoint. it supports  multiple forests, it allows you to create custom mappings, and it allows you to configure two-way sync

Microsoft Identity Manager requires an extra server,

When installing Microsoft Identity Manager for SharePoint, we do not install the full Microsoft Identity Manager suite; we only install the Synchronization Service.  This type of installation does not require an additional license because it’s already included with your Windows Server licenses.

Microsoft Identity Manager requires a database to store information; it can use the same SQL server as your SharePoint farm. If you want to save some servers, you could run Microsoft Identity Manager on the app server, but it is not recommended from a performances prospective.

Social features that depend on synchronization:
My Sites – allow users to modify their profile contains the following features
Company Newsfeed
Sites
MySites should have its separate web application with its content databases

Leave a Reply

Your email address will not be published. Required fields are marked *