Sdílet prostřednictvím

Using an LDIF file to import profiles from an LDAP provider

  • Článek

SharePoint Server 2010 currently supports the following LDAP providers for importing user and group profile information into the SharePoint profile store:

  • SunOne 5.2
  • Novell eDirectory 8.7.3
  • IBM Tivoli 5.2

But what if you need to import profile information from a different LDAP provider? Well, the good news is you can! In addition to directly supporting the three LDAP providers listed above, SharePoint Server 2010 also supports using a Lightweight Directory Interchange Format (LDIF) file to import user and group profile information from an LDAP provider to SharePoint Server.

LDIF files are typically used to exchange information with LDAP Directory System Agents (DSAs). However, you can also use an LDIF file to import profiles from your LDAP provider to SharePoint by using the SharePoint Server Synchronization Services Manager.

The following article explains how to do this in detail:

Configure profile synchronization using a Lightweight Directory Interchange Format (LDIF) file (SharePoint Server 2010)

We've also provided a sample LDIF file that you can use for testing, along with the Config.xml file that you will need to use when setting up profile synchronization by using an LDIF file. These files can be downloaded here:

Lightweight Directory Interchange Format (LDIF) files for configuring profile synchronization in SharePoint Server 2010

Let us know what you think!

Comments

  • Anonymous
    January 01, 2003
    Still working on getting the official word on this from the product group. Right now, since you can create a direct sync connection between SharePoint Server and AD DS, this is not supported. There's a chance doing this by using an LDIF file may be supported in the future, but I don't have an answer on that yet. Will post here as soon as I know something.

  • Anonymous
    January 01, 2003
    Somugo, I have forwarded your question to the product group and hope to have an answer for you later today.

  • Anonymous
    January 01, 2003
    In order to do this, you need to provide the SID in the import.ldif file for the user to be recognized as an AD based user.

  • Anonymous
    January 01, 2003
    Frank, I'm checking with the product group to see if there is an additional formatting step that is needed here or if there is something we need to do on our end. Stay tuned . . .

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    November 18, 2010
    I'm in the same situation - is there a resolution for this issue?

  • Anonymous
    November 22, 2010
    Hi Clake, Thanks for the tip, however, it's still not working. Profile data imports fine, but it displays as DOMAIN:username instead of DOMAINusername. I have tried using both versions of the SID - the plain text, with the format 'S-1-5-21-28-32--13' and the encrypted version 'AQUAAAAA*****AAAFsDqMufL3X0jX2NrAQUAAA=='. Profile imports fine, no errors, but it's not importing as a domain account. Somugo, did you have any luck with this?