Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Managing user accounts in AD/Profile database

  Asked By: Grace    Date: May 20    Category: Sharepoint    Views: 1312

We use Active Directory groups to give our users access to various
content within our portal structure.

This works very well and gives us great flexibility and control over
who can access what.

My question is that we also use the "Profile" database (imported
from Active Directory) to bring in "attributes" and data regarding
our employees so it is available in the portal (Ie. department,
phone number, business org, title, etc.).

One of the things that I am finding as users come and go (Ie. AD
accounts are removed or added from AD) is that the Profile still
contains all of the old information.

A user quits or leaves the company. His AD account is removed from
our AD Directory. Security-wise, the user can no longer access the
portal because his account is gone. In the SharePoint Profiles
database however, the user information (profile) is still present.
This is misleading to our users and is sure to bring up questions.

I am wondering if anyone out there has tackled this issue
specifically or could recommend where to start. Im wondering if I
should programatically build a script or maintenance app that
flushes out the Profile database of old users. Or perhaps does a
clean wipe to wipe out all users from the profile database and then
does a new Full import on a monthly basis.

I pray this has been fixed in 2007... Manual administrative overhead



4 Answers Found

Answer #1    Answered By: Joshuah Huber     Answered On: May 20

The profiles will be deleted after they are not present in three imports from AD.

Answer #2    Answered By: Gopal Jamakhandi     Answered On: May 20

Are they members of an audience? From the Sharepoint Resource
Kit: "The table that contains the audience members remains static until the audience is recompiled." Full Imports re-read existing profiles and update. Incremental Imports only proces changes since the last import.

Answer #3    Answered By: Keenan Whitehead     Answered On: May 20

Yes, they are members of various audiences.

So its the full  imports of the "audience" that removes the "old
users" from the profile database  then?

Answer #4    Answered By: Damon Garner     Answered On: May 20

They should go away in either case, Full or Icremental, but you may want to schedule a Full Import periodically. At any rate, you may want to recompile your audiences.

Didn't find what you were looking for? Find more on Managing user accounts in AD/Profile database Or get search suggestion and latest updates.