User Profile Synchronization

User Profile Synchronization

Synch.jpgTo sync Active Directory changes to the MOSS user profile database, select the Push changes in AD to MOSS User Profile check box, and then enter SharePoint account information that has the “Manage User Profile” permission in order to read and update user profile information.

For detailed insight into Active Directory Domain Services, see this TechNet article from Microsoft.

User Directory Display Options

User Directory Display Options

Return to User Directory Configuration

ControllingWhatUsersSee.jpgWhat a user sees on the web part is dependent on how you configure the web part. The display options will allow your end users to see the organization or alphabetical buttons; you do have the choice to hide them by clicking on the checkbox. Below is a table containing the list of columns that appear in this section of the tool pane configuration that lets you control what users see or do not see based on your configuration choices here.

Column Description
Hide the Organization Option from the left Panel. To hide the Organization option from the tree pane, select or de-select the respective check box.
Hide the Alphabetical Option from the left Panel. To hide the Alphabetical option from the tree pane, select or de-select the respective check box.
Hide Disabled Active Directory User Objects. For Active Directory mode, the check box is available to hide or show Disabled Active Directory user objects.
Display My Profile First. This is the default but if you choose to unclick the box, then the users will see their own profile either alphabetized or in the organizational hierarchy as selected above.
Show My Profile Link. You can opt to hide or show the link to the user’s My Profile page.
Always display this text when user profile fields have no data. To display static text in any field in the user’s profile that does not have data, enter your preferred verbiage in the text box provided. If you do not want to display any text, then simply leave this text box blank.
Tree Paging Size To set the number of items that display in the tree pane, enter a number in the Tree Paging Size text box. If you do not enter a number, then the web part will show all users. If you have hundreds of users, this may take some time to show in the web part. Entering a number below 50 keeps the response time reasonable as well as the
Set Display Size for Profile Image: Enter in the height and width in pixels to display profile images when available.

User Directory Configuration

User Directory Configuration

hw08004.gifUser Directory provides an easy to use, SharePoint-based, self-service directory that allows users to maintain user information in the SharePoint user profile database or Active Directory.
User Directory reads and updates user profile data from SharePoint Portal Server’s User Profile database or an Active Directory database. The diagram here depicts how each of these components fits together as part of the solution.

To configure User Directory, edit the web part from the menu accessed at the upper right corner of the Web Part. This menu is only accessible by users with authority to modify the page.

The configuration tool pane for User Directory is displayed below. You have two choices whether to read user profiles from SharePoint Portal Server or from Active Directory Services.

NOTE: If you are installing this Web Part on a Windows SharePoint Services (WSS), you must select Active Directory.

HW08_Toolpane_sm.jpgEach section of the tool pane is organized into sections below to make it simpler to find what you need to configure. Some options are required while others are optional:

  1. Read User Profile FromRequired: in this section of the tool pane, you make a choice as to which data source from which your web part will read user profiles. Domain name, account name and password must not empty or an error will occur.

  2. Site Group(s) Permitted to Update User Profiles – This section only appears if you select to read from Active Directory Services.

  3. Organizational Unit Path – This section of the tool pane appears when you select to read user profiles from Active Directory Services; enter the directory path to the Organizational Unit containing the users you want to display in the Web Part. You can enter multiple OU paths separated by semicolon.

  4. Picture Library for User Profile Images – If you select to read ADS user profiles, you can store images of users in a picture library rather than in AD by including the URL here.

  5. User Profile Synchronization – By reading ADS user profile data, you can push changes in AD to MOSS User Profile to keep everything in synch, but keep in mind this needs to be an account in SharePoint that can update user profiles.

  6. Advanced Search Columns – Whether you select data from ADS or from SharePoint Portal Server, you use this option to display one or more columns when searching in the web part.

  7. Display Options – These options are available regardless of your data source for user profiles; users will or will not see these items on the web part interfaced depending on your configuration choices here.

  8. Language Section – Follow the standard protocol for selecting a language for a Bamboo web part.

    UserDirToolPane.jpg

    There are fewer configuration choices when SharePoint Server is selected.

User Directory Complementary Products

User Directory Complementary Products

sharepointsolutions.pngYou will find many of our products complement each other quite nicely saving you the time and trouble to write custom code. With Bamboo at the heart of your SharePoint investment, you gain access to a huge catalog of enhancements, components, and accessories that add the critical functionality your business requires.

The same components can be easily used in future applications and they all come from a single, trusted vendor, ensuring an easy purchase process and support you can count on. That’s the Bamboo Way!


Read User Profile From…

Read User Profile From…

Return to User Directory Configuration

SharePoint Portal Server configuration

SPS.jpgIf you are using the SharePoint Portal Server option, you must enter a SharePoint account that must have the “Manage User Profile” permission in order to be able to read and update user profile information. You must also select whether you want to use the search available from User Directory to search user profiles or the MOSS people search, if it is configured.

Active Directory Services configuration

ReadUserProfiles.jpgIf you are using Active Directory Services (ADS), you must enter a domain administrator account that has Read and Write permissions to the ADS database.

NOTE: The domain administrator account is required to connect to Active Directory.

Allow Users To Edit Profile

If you select to read user profiles from Active Directory Services, then you have the option of allowing users to edit their own profiles. If this check box is enabled, a user can edit their profile without the required administrative account rights.

Understand Who Can Modify a User Profile for Active Directory Profiles: All users can view other user profiles.
Only domain users who have Read and Write permissions can edit another user’s profile. The Domain Administrator group has this right by default.

Site Group(s) Permitted to Update User Profiles

Site Group(s) Permitted to Update User Profiles

Return to User Directory Configuration

User Group Permission

SiteGroups.jpgIf you selected to read user profiles from Active Directory earlier in this configuration, then you have the option of selecting the user groups allowed to update to user profiles. The Web Part displays the site groups on SPS 2003 and SharePoint Groups on MOSS 2007 on the site where the Web Part is installed. You can choose from the default groups as well as any custom groups you may have created. Select a group that has permission to UPDATE the user accounts. Only the users in this site group can modify user profile information. Please read the Security Considerations section for additional information.

Security Considerations

User Directory requires you to provide credentials for accounts that have read and write access to either the Active Directory or the SharePoint User Profile. In order to ensure User Directory is being used without compromising security in your domain, the following must be considered:

Active Directory (AD) Access Domain Account

This domain account is used to read and update the Active Directory profile data. This account must belong to a group that has Read and Write permission to the Active Directory user profile. To check if the account has the appropriate permissions, do the following steps:

Step Action Result
1. Open the Active Directory Users and Computer console application. hw08024.jpg
2. Select View and check the Advanced Features.
3. Select a Forest or Organization Unit, right click and select Properties.
4. Select the Security tab.
5. Make sure that the Access Account you are using has the Read and Write permissions to read and update the particular object.

Understand Who Can Modify a User Profile for Active Directory Profiles

  • All users can view other user profiles.
  • Only domain users who have Read and Write permissions can edit another user’s profile. The Domain Administrator group has this right by default.

Release Notes for User Directory

Release Notes for User Directory

NOTE: Release Notes will open in a new browser tab

WSSv3/MOSS SharePoint 2010 SharePoint 2013
Release Notes Release Notes Release Notes
Microsoft ended mainstream support for SharePoint 2007 in October 2012. See Microsoft’s Lifecycle Support Policy.
At that time, Bamboo stopped enhancements to our SharePoint 2007 product line, but continues to provide support and bug fixes to customers with active support contracts until October 2017. Previously purchased licenses will continue to function after October 2017, but support for these products will end, and no additional bug fixes will be provided beyond that time. Bamboo plans to cease selling new licenses and annual support contacts for its SharePoint 2007 products in October 2016 to ensure customers will be eligible to receive support for at least one year after purchase.
Microsoft plans to end mainstream support for SharePoint 2010 in October 2015. See Microsoft’s Lifecycle Support Policy. At that time, we will stop any enhancements for our SharePoint 2010 product line but will continue to provide support and bug fixes for our SharePoint 2010 products to customers with active support contracts until October 2020. Previously purchased licenses will continue to function after October 2020, but support for these products will end, and no additional bug fixes will be provided beyond that time. Bamboo plans to cease selling new licenses and annual support contacts for its SharePoint 2010 products in October 2019 to ensure customers will be eligible to receive support for at least one year after purchase.

Bamboo Solutions has also begun releasing Bamboo Apps to the SharePoint Store, for additional details, see the SharePoint Apps & Mobile products page where you can get the latest info about each of our Apps as they release to the Microsoft Store.

A separate installation package and license key is required for SharePoint 2013 deployment. For additional details, review the following knowledge base articles:

Understanding Bamboo Releases:

  • Bamboo offers Trial, Basic and Premium support.
    • Free Trial support expires after 30 days.
    • For more information about Basic and Premium support, please see the Support Plans page.
    • There may be a fee to upgrade from a major version to another.

See Also:

Picture Library for User Profile Images

Picture Library for User Profile Images

Return to User Directory Configuration

PictureLib.jpgSelect a Picture Library to store user profile images. Images of your users can be stored in Active Directory Services, but you and your users might find it simpler to use a SharePoint picture library so that images can be updated easier and more often.

  • Select the Save User Profile Image to SharePoint Library instead of AD check box in the configuration tool pane and enter in a site URL.
  • Click Connect and then select a Picture Library from the libraries available on that site.

When you choose SharePoint mode, end users will be able to type in the URL to a profile image already stored in a SharePoint Library from the Picture field when editing their profile.

Overview of User Directory Web Part

Overview of User Directory Web Part

Many companies use Active Directory Services to manage their users. With the addition of SharePoint, another user directory database has been introduced – the User Profile Database. But even with SharePoint features such as Single Sign On and automatic importing of Active Directory profile information to SharePoint, the bulk of the workload to maintain user information is still on the Administrator. What is lacking is a way to allow the owners of the user information to maintain it themselves, both safely and securely, using either database as their directory service source.

User Directory provides a quick and easy way to manage real-time user information in the SharePoint User Profile and Active Directory Services databases. User Directory takes user management one step further to make SharePoint the central place for managing directory services. hw08004.gifMaintain your current IT user administration policies and standards by providing an easy to use, SharePoint-based self-service directory for users to maintain on their own.

User Directory reads and updates user profile data from SharePoint Portal Server’s User Profile database or an Active Directory database. The diagram shown here depicts how each of these components fit together as part of the solution.

Organizational Unit Path

Organizational Unit Path

Return to User Directory Configuration

ADchoice.jpg If you selected to read user profiles from Active Directory Services, then you have the option of entering a specific or multiple Organizational Units (OU) as your data source.

OrgUnitPath.jpgEnter the full path of an OU in Active Directory that you want to use as the tree view root directory. The tree will start at the lowest OU level specified in this text box.

For example: If you enter CRM/BambooSolutions/BusinessCenter the tree will only show the OU “BusinessCenter” at the tree top level node. The alphabet view of the tree and search results only show users belonging to this “BusinessCenter” OU branch.

Select the Expand selected OU as default check box if you are showing only one OU (i.e. not multiple OUs separated by a semicolon) and want to automatically expand the OU to its first sublevel OUs when the Organization view is accessed by users.

Shown below is an example of what users will see based on the choices you configure in this tool pane.
ViewOfOU.jpg

Migrating User Directory from SharePoint 2007 to SharePoint 2010

Migrating User Directory from SharePoint 2007 to SharePoint 2010

Be sure you have at least the Minimum SharePoint 2007 Product Release (shown in the table below) installed before migrating. If not, upgrade your Bamboo product release before migrating. For more information, see Upgrading your Bamboo Web Part. Also, the target SharePoint 2010 farm requires at least the Minimum SharePoint 2010 product release shown.

Icon-Warning IMPORTANT: When migrating from SharePoint 2007 to SharePoint 2010, you MUST select the option to change existing SharePoint sites to use the new user experience. Your Bamboo products will not perform as expected with the old look and feel.

Minimum SharePoint 2007 Product Release 1.7.1 Minimum SharePoint 2010 Product Release 10.7.2
In-Place Upgrade
Issues The User Directory Web Part does not successfully migrate to SharePoint 2010. Users will experience two separate issues:

  1. The User Directory Web Part display fails. Instead, the Web Part shows the error:
Web Part Error: One of the properties of the Web Part has an incorrect format.
Microsoft SharePoint Foundation cannot deserialize the Web Part. Check the
format of the properties and try again.
  1. When adding the Web Part to the page in SharePoint 2010, users will see two instances of the Web Part in the Web Part gallery.

    1. The first entry in the Web Part Gallery can be added to the page without any problems.

    2. When adding the second entry to the page, users will see the following error:

The Bamboo.WebParts.UserDirectory class does not derive from the
Microsoft.SharePoint.WebPartPages.WebPart class and therefore cannot be imported
or used in a WebPartZone control
Resolution To resolve the first issue, delete the existing User Directory Web Part instance and add a new instance to the page. However, before adding a new instance you will have to resolve the second issue by following these steps:

  1. Log into SharePoint 2010 as a Site Collection Administrator. From the top site of a site collection, go to Site Actions > Site Settings.
  2. In the Site Collection Administration section, click Site Collection Features.
  3. Locate the entry Bamboo User Directory Web Part and click Deactivate then Deactivate Feature.
  4. Return to Site Settings. In the Galleries section, click Web Part Gallery.
  5. Locate the entry Bamboo User Directory Web Part (there should be only one) and delete it.
  6. Return to Site Collection Administration and click Site Collection Features.
  7. Locate the entry Bamboo User Directory Web Part and click Activate.
  8. Repeat for each Site Collection where a User Directory Web Part resides.
Database Attach Upgrade Method
Issues The issues for this method are the same as those noted for the In-Place Upgrade method.
Resolution The resolution for this upgrade method is the same as that noted for the In-Place Upgrade method.

Migrating User Directory from SharePoint 2010 to SharePoint 2013

Migrating User Directory from SharePoint 2010 to SharePoint 2013

Be sure you have at least the Minimum SharePoint 2010 Product Release (shown in the table below) installed before migrating. If not, upgrade your Bamboo product release before migrating. For more information, see Upgrading your Bamboo Web Part. Also, the target SharePoint 2013 farm requires at least the Minimum SharePoint 2013 product release shown.

Icon-WarningIMPORTANT: When migrating from SharePoint 2010 to SharePoint 2013, the Database Attach Upgrade Method is the only method supported.

Minimum SharePoint 2010 Product Release 10.7.53 Minimum SharePoint 2013 Product Release 10.7.81.2013
Database Attach Upgrade Method
Issues The User Directory migrates without any errors or additional steps required.
Resolution N/A

How to View User Profiles

How to View User Profiles

Once the Web Part is installed and configured to work with the SharePoint users or Active Directory, you can see the user information populated in the Web Part as shown below. The table below contains high-level information about each of the sections or tabs on the web part.

HW08_UDWebPart_SP_Alpha.jpg

No. Description More
1. Alphabetical or Organization Navigation The Alphabetical view displays the users in alphabetical order by their LAST name. The information from the user profile is displayed in the right-hand pane of the Web Part, including user name and title as well as contact information.
The default Organization view (not visible in the image above) displays the users in a hierarchical organization view based on the organizational unit Field in the profile database. The web part also displays each section of the profile database using a tabbed format. Out of the box, you should see the General tab, Organization tab, and the About me tab.
2. General Tab This tab contains general information in the SP user profile database.
3. Organization Tab This tab contains information about the people reporting to the selected user and his/her manager. The information is populated by displaying information from the Manager fields within the entire user profile database.
4. About Me Tab This tab displays the content of the “About me” field in the user profile database.
5. Contact Information Additional tabs are displayed for each new section that you define in the user profile database, and all the fields in that section are shown under each tab.
6. Custom Properties Additional tabs are displayed for each new section that you define in the user profile database, and all the fields in that section are shown under each tab.

How to Update User Directory Profile Information

How to Update User Directory Profile Information

Users who have permission to update the user profile information are able to make changes to the profile database.

Step Action Result
1. To update a user profile, click on the Edit button at the bottom of the tab window. hw08044.jpg
2. The Web Part displays the fields that can be edited by the user. The fields are again grouped by each section: Contact Information, General, Organization, About Me, and other tabs as available. The system also displays two icons next to each field:
hw08046.jpg Indicates a field that will be visible to everyone (marked as Public in the profile). This icon is not used in MOSS 2007 or WSS 3.0. There is a separate column to the far right of the user profile fields that allow you to choose who each field is visible to (depending on the available options for that field).
hw08048.jpg Indicates a field that is scheduled to be updated automatically from the other corporate profile directory, such as Active Directory. Changes to these properties may be lost if the import is run after the edit session.

hw08050.jpg
> NOTE: To edit the text that is displayed when you move your mouse over this icon, locate the language file that is selected in the Web Part tool pane settings in the following directory: C:inetpubwwwrootwssVirtualDirectories 80wpresourcesBamboo.UserDirectory1033.English.xml (or whichever language file you are using)
Open the XML file in Notepad and locate the text that is in the hover text currently. Edit only the text between the tags, then save the language file.
To edit the profile, make your changes and then click Save.

NOTE: When you edit and change the “Report To” information of a user, the tree on the left does not automatically refresh while you are in the Organization view. You can manually refresh the view by selecting another view (Alphabetical) and then switching back to the Organization view.

3. Upload User Pictures:
The User Directory allows you to upload profile pictures. When you are using the Web Part in the AD mode, you can browse for a GIF or JPEG image and upload directly from the user interface and the image is stored in AD. You can also configure the Web Part so that the image is stored in a SharePoint Library of your choice instead of AD. In the SP mode, you can specify the path to a SP Library where an image file is already uploaded or copy and paste the URL to a picture on the internet by editing the profile in the Web Part.
hw08052.jpg