Compare AD Properties to SharePoint UPA Properties

Scenario: I had a situation where I had to compare the properties of users from Active Directory to User Profile.

Solution:

1. Export all users from Active Directory to CSV. How?
2. Export all users from User Profile Application to CSV. How?
3. Compare columns between two CSV files using the PowerShell script (ADvsUPAValidation.ps1) below.

#
# Author: Tahir Naveed
# Created: Mar 13, 2014
# Modified: Mar 13, 2014
# Description:     
# This script compares AD properties with UPA properties for a user
#
#

function WriteLog
{
    Param([string]$message, [string]$logFilePath)
    Add-Content -Path $logFilePath -Value $message
}

$LogFile = "G:\PowerShellScripts\ADvsUPAValidation\ADvsUPA_Result.log"
$ADFile = "G:\PowerShellScripts\ADvsUPAValidation\ADexport.csv"  
$UPAFile = "G:\PowerShellScripts\ADvsUPAValidation\UPAexport.csv"

$ADProfileCount = 0
$ADUsers = Import-CSV $ADFile | sort sAMAccountName
$TotalADProfiles = $ADUsers.Count


ForEach ($ADUser in $ADUsers) 
{
    $ADProfileCount ++;

    try
    {  
        # Search AD User in UPA
        $UPAUser = Import-CSV $UPAFile | where-object {$_.UserName -eq $ADUser.sAMAccountName}
        
        $Now = [System.DateTime]::Now
        $MSG = $Now.ToString() +  " | Working on "+ $ADProfileCount + " of " + $TotalADProfiles + " - " +$ADUser.sAMAccountName 
        write-host $MSG

        if(($UPAUser.FirstName -ne $null)-and($ADUser.givenName -ne $null)-and($UPAUser.FirstName -ne $ADUser.givenName))
        {
            $MSG = "FirstName mismatch:"+ $UPAUser.UserName + ":UPA:" + $UPAUser.FirstName+ ":AD:" + $ADUser.givenName
            write-host -f red  $MSG
            WriteLog $MSG $LogFile
        }
        if(($UPAUser.LastName -ne $null)-and($ADUser.sn -ne $null)-and($UPAUser.LastName -ne $ADUser.sn))
        {
            $MSG = "LastName mismatch:"+ $UPAUser.UserName + ":UPA:" + $UPAUser.LastName+ ":AD:" + $ADUser.sn
            write-host -f red  $MSG
            WriteLog $MSG $LogFile
        }
        if(($UPAUser.PreferredName -ne $null)-and($ADUser.displayName -ne $null)-and($UPAUser.PreferredName -ne $ADUser.displayName))
        {
            $MSG = "PreferredName mismatch:"+ $UPAUser.UserName + ":UPA:" + $UPAUser.LastName+ ":AD:" + $ADUser.displayName
            write-host -f red  $MSG
            WriteLog $MSG $LogFile
        }

    }
    catch [system.exception]
    {
        $Now = [System.DateTime]::Now
        $MSG = $Now.ToString() + " | "+ $ADUser +" | Exp | " + $_.Exception.Message
        write-host -f red $MSG
        WriteLog $MSG $LogFile
    }

    $User = $Null
}

write-host "Done."

SharePoint 2013 - Document Management

I already have wrote about the design of the Document Management using SharePoint in my previous post. You can see the links below. Now I will go through the steps of how to create Document Center and Record Center and how they will be connected.

Design: http://mysplist.blogspot.com/2014/03/sharepoint-2013-document-management.html

Implementation:

1. Go to SharePoint Central Administration and create a separate Web Application and then create a Site Collection based on Document Center template.
   
   
2. Go to SharePoint Central Administration and create another Web Application and then create a Site Collection based on Records Center template.
   
   
3. Go to SharePoint Central Administration -> General Application Settings -> Configure Send to Connections.
   Select the web application that is hosting Document Center and provide Display Name, Send to URL for Records Center as http://[SharePoint2013/RecordCenter]/_vti_bin/officialfile.asmx and Send to action. I don't want to keep my document in Document Center but I want its link there when it is archived in Record Center so I have chosen Move and Leave a Link option.
   
   Ref: http://technet.microsoft.com/en-us/library/ee424395(v=office.15).aspx
4. Go to the Document Center. Upload a document and send it to the Records Center to verify the link.
   
5. In Document Center site collection, for the Document Unique ID, you have to enable Document ID Service feature.
   
   Document ID might not be available right away as it is taken care of by Document ID assignment job. You might want to manually run it from Timer Jobs.
6. You can also set the prefix of the Document ID by going to the Site Collection Administration -> Document ID Settings.
   
7. In Records Center's site settings, go to Site Collection Administration -> Record Declaration Settings and select Block Edit and Delete option. to make the record read only.
   

SharePoint 2013 - Document Management

In this post I will explain how a Document Management System using SharePoint 2013 can be designed for an Enterprise.

I had a requirement at my work for designing a Document Management using SharePoint 2013 and here is my proposed design.

Background:
Document Center
Document Center site is designed to managed an enterprise's live documents. Users can perform different functions like create, upload, edit, check-out/in, document set, search etc on a document.

Records Center
Records Center site is designed to retain the expired/retired documents which are no longer required in a project but an enterprise keeps them for the record.

Design:
The whole life cycle would be, user will create the document on his machine and then upload it to the Document Center where a unique DocumentID will be assigned to it. The document will be live at that point, meaning it will be available for edit, check-out/check-in, search etc in the Document Center. When its time to retire the document, it will be sent to Record Center where it will be available as a Read-Only Document.

User should also be able to send email with attachments to the Document Center too.

Implementation: http://mysplist.blogspot.com/2014/03/sharepoint-2013-document-management_12.html

Export AD Users

I had a requirement to compare User Profile data from SharePoint with AD data and I found this little tool to export all the AD users into CSV file. Nice and easy.

CSVDE -f c:\Temp\AD_Users.csv -r objectClass=user

Other example would be

CSVDE -f AD_Users.csv -r "(&(objectClass=user)(objectCategory=person)"

and

CSVDE -d "OU=Directors,DC=domain,dc=local" -f test.csv -r "(&(objectClass=user)(objectCategory=person)"

Ref:  http://www.techrepublic.com/blog/data-center/simplify-admin-tasks-by-exporting-active-directory-data-with-csvde/#.