Monday, April 2, 2012

user profile synchronization service not starting in SharePoint 2010

I had a difficult time to get user profile service synchronization started. Following are the errors encountered to me when I tried to start the synchronization manually as well as through SharePoint.

Errors Encountered

  • Windows could not start the forefront identity manager synchronization services on local computer
  • The system cannot find the file specified. …
  • Windows could not start the forefront identity manager synchronization services on local computer
  • You account is not a member if a required security group (came from Forefront Identity Manager)
  • The Forefront Identity Manager Service cannot connect to the SQL Database Server.
  • Windows Could not start the Forefront Identity Manager Synchronization Service on local. for more info review the system event log. If this is a non Microsoft service contact the vendor and refer the specific error code 2145185792.

Workaround

These are things we need to consider to make it work.

  • First make sure you don’t give fully qualified name for the database in the SharePoint Product Configuration Wizard.

(giving the database name with domain postfix (fully qualified name) cause to connection issues in User profile synchronization service )

image

  • Add the User profile Synchronization user to Farm Administration Group.

image

  • Make sure the User profile Synchronization user in the Local Administrator Group.

image

 

  • Delegate the User profile Synchronization user to have Active directory access.

(How to add user profile service user to active directory delegation)

Go to the Active Directory User and Computer console.

image

Then Specify the user who want to access the Active Directory (this is use for synchronization).

image

Then Select Custom task to delegate.

image

Then delegate for folders and existing objects.

image

Then delegate active directory replication with general permissions.

 image

  • Then add the user for Active Directory Configuration.

For that go to run window and type adsiedit.msc

image

Then Go to properties and add the User profile Synchronization user to the configuration.

image

Then make sure that user is having Replicate Directory Changes permission.

image

  • And check whether you can start the two synchronization services manually by giving specified username and password. This will help you to identify any other errors related to the synchronization services (Forefront Identity Manager Service,Forefront Identity Manager Service Synchronization ).

image

First check whether you can start the services using specified username and password.

image

  • Check the User Profile Service User has relevant permission in the  user profile services. If not add it.

image

Then add the full control for the user.

image 

Other References

http://melick-rajee.blogspot.com/2011/07/user-profile-synchronization-service.html

4 comments:

Albert Hobson said...

One of my friend suggested me about your blog to find some solution to my question and I think he was absolutely right. Your posts are getting useful to me, most of my problems are being solved here.

Melick Rajee said...

@Albert Hobson,

You are most welcome Albert Hobson !

Mobile Application Development said...

I am agree with Albert, this is very useful post for us.

md mamun rana said...

Service Management software helps you gain the IT process automation you need to drive and
support the business. Leveraging ITIL best practices, the intuitive, service-centric design
of FootPrints will help you to improve your IT services, streamline workload and effectively
communicate with your peers and the business, all while reducing the cost associated with
managing and delivering IT services.


Service management software
Service software
Mobile field service
QuickBooks service software
Field service software
service inventory
QuickBooks inventory software
work orders
service system
service management
Field force automation