Using an LDIF file to import profiles from an LDAP provider
SharePoint Server 2010 currently supports the following LDAP providers for importing user and group profile information into the SharePoint profile store:
- SunOne 5.2
- Novell eDirectory 8.7.3
- IBM Tivoli 5.2
But what if you need to import profile information from a different LDAP provider? Well, the good news is you can! In addition to directly supporting the three LDAP providers listed above, SharePoint Server 2010 also supports using a Lightweight Directory Interchange Format (LDIF) file to import user and group profile information from an LDAP provider to SharePoint Server.
LDIF files are typically used to exchange information with LDAP Directory System Agents (DSAs). However, you can also use an LDIF file to import profiles from your LDAP provider to SharePoint by using the SharePoint Server Synchronization Services Manager.
The following article explains how to do this in detail:
We've also provided a sample LDIF file that you can use for testing, along with the Config.xml file that you will need to use when setting up profile synchronization by using an LDIF file. These files can be downloaded here:
Let us know what you think!
Comments
Anonymous
January 01, 2003
Still working on getting the official word on this from the product group. Right now, since you can create a direct sync connection between SharePoint Server and AD DS, this is not supported. There's a chance doing this by using an LDIF file may be supported in the future, but I don't have an answer on that yet. Will post here as soon as I know something.Anonymous
January 01, 2003
Somugo, I have forwarded your question to the product group and hope to have an answer for you later today.Anonymous
January 01, 2003
In order to do this, you need to provide the SID in the import.ldif file for the user to be recognized as an AD based user.Anonymous
January 01, 2003
Frank, I'm checking with the product group to see if there is an additional formatting step that is needed here or if there is something we need to do on our end. Stay tuned . . .Anonymous
January 01, 2003
The comment has been removedAnonymous
November 18, 2010
I'm in the same situation - is there a resolution for this issue?Anonymous
November 22, 2010
Hi Clake, Thanks for the tip, however, it's still not working. Profile data imports fine, but it displays as DOMAIN:username instead of DOMAINusername. I have tried using both versions of the SID - the plain text, with the format 'S-1-5-21-28-32--13' and the encrypted version 'AQUAAAAA*****AAAFsDqMufL3X0jX2NrAQUAAA=='. Profile imports fine, no errors, but it's not importing as a domain account. Somugo, did you have any luck with this?