Share via

SharePoint 2010 Troubleshooting: User Profile Synchronization Service Not Starting

  • Article

Following are the errors encountered to you try to start the synchronization manually as well as through SharePoint.

Errors Encountered

  • Windows could not start the forefront identity manager synchronization services on local computer
  • The system cannot find the file specified. …
  • Windows could not start the forefront identity manager synchronization services on local computer
  • You account is not a member if a required security group (came from Forefront Identity Manager)
  • The Forefront Identity Manager Service cannot connect to the SQL Database Server.
  • Windows Could not start the Forefront Identity Manager Synchronization Service on local. for more info review the system event log. If this is a non Microsoft service contact the vendor and refer the specific error code 2145185792.

Workaround

These are things we need to consider to make it work.

First make sure you don’t give fully qualified name for the database in the SharePoint Product Configuration Wizard.

Giving the database name with domain postfix (fully qualified name) cause to connection issues in User profile synchronization service.

http://lh3.ggpht.com/-r8uOyOlj4o8/T3k0K5fey2I/AAAAAAAAA48/ymXNw2gqv1I/image_thumb%25255B2%25255D.png?imgmax=800

Add the User profile Synchronization user to Farm Administration Group.

http://lh6.ggpht.com/-1YJ9OqDntG0/T3k0OysF2iI/AAAAAAAAA5M/zvIt-0IXapc/image_thumb%25255B4%25255D.png?imgmax=800

Make sure the User profile Synchronization user in the Local Administrator Group.

http://lh6.ggpht.com/-oqp-e0qEhyk/T3k0SywNGPI/AAAAAAAAA5c/yLz2We5JU_4/image_thumb%25255B6%25255D.png?imgmax=800

Delegate the User profile Synchronization user to have Active directory access.

(How to add user profile service user to active directory delegation)

Go to the Active Directory User and Computer console.

http://lh3.ggpht.com/-vSUdRPjwGyQ/T3k0WoRL0sI/AAAAAAAAA5s/LnYQguOt8cA/image_thumb%25255B9%25255D.png?imgmax=800

Then Specify the user who want to access the Active Directory (this is use for synchronization).

http://lh4.ggpht.com/-HsL7b-6wdes/T3k0ZRyJlYI/AAAAAAAAA58/HGRPjikBIsA/image_thumb%25255B11%25255D.png?imgmax=800

Then Select Custom task to delegate.

http://lh3.ggpht.com/-gSHhsG0oGb8/T3k0cY8MwvI/AAAAAAAAA6M/NdpGSjG-mq4/image_thumb%25255B13%25255D.png?imgmax=800

Then delegate for folders and existing objects.

http://lh6.ggpht.com/-LxUj5rSwf2A/T3k0fGqE0WI/AAAAAAAAA6c/r132TIO9iN4/image_thumb%25255B16%25255D.png?imgmax=800

Then delegate active directory replication with general permissions.

http://lh5.ggpht.com/-7Y_O9nathPE/T3k0iRuuIvI/AAAAAAAAA6s/aP_R7I0ccbE/image_thumb%25255B18%25255D.png?imgmax=800

Then add the user for Active Directory Configuration.

For that go to run window and type adsiedit.msc

http://lh6.ggpht.com/-Rp6zv_iSkz0/T3k0k36FU0I/AAAAAAAAA68/alglrkqr6oI/image_thumb%25255B20%25255D.png?imgmax=800

Then Go to properties and add the User profile Synchronization user to the configuration.

http://lh3.ggpht.com/-zpwav94kfVI/T3k0pXQU-vI/AAAAAAAAA7M/E0BL9VOzbzI/image_thumb%25255B22%25255D.png?imgmax=800

Then make sure that user is having Replicate Directory Changes permission.

http://lh3.ggpht.com/-hR3ph8tVD_g/T3k0s-omoPI/AAAAAAAAA7c/4nDML3GwzOQ/image_thumb%25255B26%25255D.png?imgmax=800

And check whether you can start the two synchronization services manually by givingspecified username and password. This will help you to identify any other errors related to the synchronization services (Forefront Identity Manager Service,Forefront Identity Manager Service Synchronization ).

http://lh3.ggpht.com/-4IBFad71oVY/T3k0wYg4-OI/AAAAAAAAA7s/Wo7a8t205o8/image_thumb%25255B28%25255D.png?imgmax=800

First check whether you can start the services using specified username and password.

http://lh3.ggpht.com/-mMMc0VG4oOA/T3k0zfooVmI/AAAAAAAAA78/CtP5YBq6UgE/image_thumb%25255B30%25255D.png?imgmax=800

Check the User Profile Service User has relevant permission in the  user profile services. If not add it.

http://lh5.ggpht.com/-AjMDmlOXXUQ/T3k037W4KqI/AAAAAAAAA8M/JZFYRnkBOTo/image_thumb%25255B32%25255D.png?imgmax=800

Then add the full control for the user.

http://lh4.ggpht.com/-CHvq2HX0GRU/T3k07r20V9I/AAAAAAAAA8c/tGWDH4wyCTA/image_thumb%25255B34%25255D.png?imgmax=800

Other References

http://melick-rajee.blogspot.com/2011/07/user-profile-synchronization-service.html