This section covers the User Profile Service, which
is an integral part of SharePoint 2010. The User Profile Service makes
SharePoint 2010 a complete and effective collaboration tool by providing
fundamental services such as user profile storage, social tagging,
audiences, and My Sites. Although user
profiles and related services were present as part of the Shared
Services Provider in the previous version, SharePoint 2010 adds many new
features such as social tagging, organizational profiles, user
subtypes, and bi-directional profile synchronization.
Communities stand as a key
capability in SharePoint 2010. The user profile server is the linchpin
service that holds the various elements of communities together. The
service stores information about all users of the system in a central
location. This information is used by other services to provide an
effective and productive collaboration environment. In addition to storing
the user information, the service also provides a central repository
for all social tags and notes, organization profiles, audiences, and
synchronization information.
The term user
within an IT environment is an identity that is associated with a
certain role and permissions to perform some action in a system. This
definition does not give much importance to the user itself but instead
indicates what the user can do within the system. This approach is
technology-centric, in which the emphasis is on systems and what the
user can do within them. For a collaboration tool like SharePoint, this information is not sufficient, because the system should know who the user actually is, not just what the user’s roles and permissions are. It should know the user not as an entity but as a person, a person who has a title, skills, interests, a personal site, photographs, and other unique characteristics.
The User Profile Service is
based on an architecture that is person-centric. It focuses on the user
as the key entity and includes all information that is stored in the
system about the user. This architecture moves away from the
technology-centric systems approach of an application. One of the main
aspects of this person-centric approach is the social network. Within a
social network, users who share common interests and skills or belong to
the same business unit can now collaborate effectively with one another
and share ideas.
1. Uses and Benefits of the User Profile Service
The User Profile Service in SharePoint 2010 provides the following benefits and uses for the enterprise.
1.1. User Profiles
One of the most important and
fundamental uses of the User Profile Service, as the name suggests, is
to store the user profiles—information about the users. The profile of a
user can include a variety of information ranging from the user’s
personal contact information to organization-specific information such
as the user’s role or supervisor name.
The information stored in a user profile is highly customizable and
can include new attributes that are specific to an organization. For
example, a large organization might add an attribute called Organization
Team that defines the team for which the user is a member. In addition
to basic user information, SharePoint 2010 adds a new attribute called social tags
that contain various tags (keywords) that can be added to a user’s
profile by other users. These tags can be used to find and track a user
within an organization.
The information in a user
profile can be pulled from external directory services, such as
Microsoft Active Directory, Lightweight Directory Access Protocol
(LDAP), and other Business Connectivity Services (BCS) connections.
SharePoint 2010 can even pull user profile information from multiple
data sources.
1.2. Organization Profiles
One of the new additions in SharePoint 2010 is a feature called Organization Profiles.
An organization profile is very similar to a user profile, but the
organization profile includes information about a team or a business
unit within the organization. The organization profile behaves just like
a user profile. It can have its own profile properties that describe
the organization; it can be used in a people picker control, and so on.
An organization profile can be planned in advance or created
extemporaneously to bring together a group of people within an
organization. The members of a profile can be categorized as leaders or
members. Leaders are the members who control the profile and its
memberships.
1.3. Profile Synchronization for User Profile Services
Most enterprises keep
their user information in Active Directory or other directory stores.
Information from these sources will need to be pulled into SharePoint
for the creation of user profiles to allow users to find people by their
expertise or other characteristics. This process of creation and
synchronization of user, group, and organization profile information
among the SharePoint profile store and other directory stores is
performed by the Profile
Synchronization Service. The Profile Synchronization Service can pull
information from a variety of directory stores like Active Directory,
LDAP, and other BCS models.
The Profile Synchronization
Service in SharePoint 2010 provides a bi-directional synchronization
between the SharePoint profile store and the enterprise directory store.
Profiles from SharePoint can also be exported into the enterprise
directory store. This bi-directional model is currently supported only
for Active Directory and LDAP stores, however; it is not supported for
the BCS service.
Another important feature of the
Profile Synchronization Service is that it can synchronize data from
multiple sources to bring information into a single user profile.
1.4. Audiences
SharePoint 2010 allows
content and information on the system to be targeted to a specific set
of users based on rules defined in the system. This specific set of
users is known as an audience
and can be complied using a variety of rules defined on the user
properties, group memberships, organization reporting structure, and so
on. The audiences that are created can be used in the people picker
control and also to target Web Parts.
1.5. My Site Host
Within each SharePoint 2010 deployment, at least one site is dedicated for hosting
My Sites. This dedicated site is called the My Site host. The My Sites
for all of an organization’s users are hosted under this site, and it
serves many of the shared pages and features needed for interacting with
profile information. The My Site host is also needed for the deployment
of social features within SharePoint 2010.
If you used the Farm
Configuration Wizard to set up your farm, you should already have a My
Site host. If not, you can create from within SharePoint Central
Administration, just as you would any other site collection. Be sure you
use the My Site Host template.
1.6. My Site
A My Site is the personal site
of a specific user within the enterprise. The site acts a repository for
the user’s documents, links, and other information. Each user’s My Site
also hosts the user’s profile page, within which the user can edit his
or her profile to identify interests, skills, colleagues, and so on. The
My Site also hosts a My Content section, within which all personal
content is stored; this section also includes a blog that lets the user
share his or her views, ideas, and knowledge.
1.7. Social Tags and Notes
In its bid to be a complete
collaboration and social networking product, SharePoint 2010 adds a new
feature called Social Tags And Notes. This feature allows end users to
tag various documents, Web pages, and items (including external pages)
with keywords or tags. These tags can be used to describe the item or
page and are useful later when searching for items. SharePoint 2010 also
gives users the ability to add impromptu notes, items, pages, and even
another user’s profile. There is a built-in governance model through
which an administrator can search, monitor, and delete tags that are not
wanted.
2. User Profile Service Architecture
The underlying
architecture of the User Profile Service supports and provides the
services and features described in the section titled Section 1
earlier in this article. The profile store is based on three back-end
databases that store all user profiles and profile-related information.
The three databases are the Sync database, the Social database, and the
Profile database.
Figure 1 shows the User Profile Service architecture. The architecture also includes a caching element that helps maintain performance.
2.1. Web Front-End Servers
Though not directly part of the
User Profile Service architecture, the Web front-end (WFE) servers
request the information on behalf of the end-user client’s browser. The
WFE servers talk to applications servers, on which the User Profile
Service is made available, which in turn communicates with the back-end
database servers for profile information. The SQL databases provide
information about colleagues, social tags, personalization sites, and so
on. The User Profile Service on the application server provides the
light user profile, which is stored in the mid-tier cache maintained by
the application server. The WFE server has its own cache, known as the
front-end cache, which is a light cache that stores the SQL connection
string, the schema for the user profiles, and so on.
.2.2. Application Servers
The application server hosts the User
Profile Service and the User Profile Synchronization Service. Although
the synchronization service is a separate service in SharePoint 2010 and
is not part of the actual User Profile Service, they are covered
together here for simplicity—and because they are dependent on one
another. The User Profile Service is the service responsible for making
the user profile features available to end users. This service hosts a
mid-tier cache that holds the light user profile data, which includes
information such as account names, e-mail addresses, and display names.
The default size of the mid-tier cache is 256 megabytes (MB), and it is
configurable based on business needs. Optimally, the cache is configured
to cache the most used profile, as compared to the standard cache approach of storing the last used
profile. By storing the most used data, the User Profile Service cache
makes the information in a user profile that is most often visited or
used more easily and quickly accessible.
The User Profile
Synchronization Service is the service that pulls profile data from the
external directory source into the SharePoint Profile store. Since the
User Profile Service is a separate service in SharePoint 2010, the
synchronization service needs to be set up separately after the profile
service has been configured. The synchronization service has a
one-to-one relation with a user
profile service. Each user profile service can have only one
synchronization service associated with it. The profile synchronization
service also provides a feature to set up scheduled jobs that can run
incremental profile imports.
2.3. Databases
The profile service in
SharePoint 2010 utilizes three databases to store all profile data and
related pieces of information. The following is a description of each of
these databases.
User profile database The user profile
database is used to store all the information present in a user’s
profile. The profile picture of the user is not saved in the profile
database, but it is stored as part of the My Site content database. The
profile database also stores the activity feed, a set of latest changes
or activities related to the user across the system. These activities
can range from a user adding a tag to a page to a user becoming a member
of a group.
Social data database
This is a new database that was added as part of SharePoint 2010 and
supports the new social features of SharePoint 2010. The social data
database is used to store tags, keywords, comments, bookmarks, and
ratings that are related to various items present in the system. The
database also stores other social data, such as term values for use on
the news feed and the Tags And Notes page.
Sync database The synchronization
database is used to store the staging sync data for Active Directory,
LDAP, or other external directory stores that are providing data for the
user’s profile.
As part of the
extended architecture, you will look at two related services that work
in conjunction with the User Profile Service. These two services are the
Search Service and the newly added Managed Metadata Service. The Search
Service is used to index tags and make them available in search results
as well as to provide the necessary security trimming. The Managed
Metadata Service provides the metadata that is used for tagging various
items within the system.