We're trying to set up a workflow for approval of an item in a list in Sharepoint 2010, where whenever a user creates an item in the list, it automatically routes to their manager for approval before being added to the queue of work items. We'd also like to go a step further and recursively query up the heirarchy until we reach a user with a specific "Job Title".
We use the "manager" attribute and "title" attribute in user profiles so we should be able to poll all this info from AD.
Anyone have any experience or thought as in how to accomplish this task?
Thanks for the help.
+1 to what Patricker suggested with respect to user profile traversal. For AD Query assuming you are using an MS product for AD, create an LDAP Query.
You should be able to figure out lot of tools as well to build LDAP queries. My personal favorite is Search Using Active Directory Users and Computers
To execute LDAP queries via .Net you would use classes in System.DirectoryService namespace
Related
We just created a rather complex power app which will be used by numerous users (in the company). Although there will be a small team who will handle over viewing the inputs from these users.
The goal is to restrict the users to go into the sharepoint site and delete or edit any records which them or others created. We cannot use any other datasource only sp lists.
I tried creating permissions for specific groups but they don't seem to be working properly.
thank you for your help in advance
Take a look at item level permission on SharePoint, I believe this is what you need
In addition Take a look here as well.
Follow below process:
Create two groups in SharePoint site - Admins and Normal users
On item creation in SharePoint list, run a Power automate flow which will grant Full control access to Admins and only Read permissions to normal users (or just the user who created list item - as per your requirements).
Follow below article for setting permissions for individual list items using power automate: Set Item Level Permission in SharePoint List using Power Automate
Several fields in MOSS profiles are mapped to fields in active directory and we have given the user the ability to modify these.
But when the incremental profile import runs it overwrites these with the old values from active directory.
How do we make it so that AD is updated with the new values from the profile?
Thanks for any suggestions.
From http://blog.seancleaver.com/sean_cleaver/2008/07/sync-ad-users-to-sharepoint---2-way.html
So some of you have requested support to provide 2-Way Synchronization of AD Users between a SharePoint List and Active Directory. The good news is that the AD Provider for Data Synchronization Studio now supports this.
So you can effectively publish your AD Users to an Intranet Site to create a "Staff List" or "Telephone List" and then from this you can now allow your staff to update the personal information stored in the AD themselves by just simply editing the records in SharePoint. Then when the Synchronization occurs all changes are applied to the AD. There are a few limitations you can't create new AD Users this way and you can't delete users from the AD and certain properties are not updateable such as Member-Of etc.
We've given up on an easy way to do this and are writing a scheduled task that gets the recent change info from the users profile and updates AD from that.
Will try to post code once I've got something working.
I have created a custom membership provider for a SharePoint application but would like to populate the Title and Department columns for the MembershipUsers that are displayed with data from my user repository.
Is this possible? How can it be done?
I don't see anything in the System.Web.Security.MembershipUser class that could store this information. How does the Windows AD MembershipProvider have a different Display Name than the Account Name? Are some of these values coming from someplace else?
What happens in the AD is that, SharePoint runs the User Profile Sync Job that will pull all the required information from AD and updated the SharePoint UserProfile DB which In turn pushes to Each of the Site. Whereas in the case of the Custom Membership we don't have a direct option to update the Profile Information.
One method you can do is to update those information using code.There are two options you can update the User Profile information in the SSP so that it will be displayed in all the Site Collection or to Update the SPWeb.SiteUserInfo List. Please refer these link1 , link2 on how to do that. In case you want to update in SiteUserInfo list it is just another list just search for Item based on the user account name and update that item.
I have a code activity that sends an email in a VS workflow. It simply sets the 'To' property to the name of a SharePoint group in the site collection. However, only the 1st person in the group gets emailed.
Any ideas why this is happening?
thanks
Does your group contain anything other than just users (ex: distribution lists, ad groups)?
If this is still a problem and you need to be able to send to a SharePoint group, I would recommend writing a custom workflow Action that would gather the emails of all the users in a specified group (you can find many tutorials online on how to make a custom action).
Turned out it was not even emailing the first user. I decided to extract the user emails programatically instead. Works fine.
Hi guys i am new to sharepoint . Actually we are using WSS not the MOSS 2007. we don't have shared service provider installed and no user profile service web service installed.Now I need to populate the active directory data to sharepoint list and after that I have to sync both Active directory and sharepoint list.which means the changes happened to Active directory data it must reflect in sharepoint list also.
What we are doing is extracting active directory data to SQL Server database and populating sharepoint list from SQL server database. I need a solution to populate sharepoint list from SQL Server database and sharepoint list must synchronize with SQL Server database table or stored procedure all the time automatically.
Can anyone suggest me the best solution to solve both importing the active directory data and sync the active directory and sharepoint list.
If anyone of you provide the sample source code that will be helpful.
I just want to clarify a bit first. Not sure if you're looking to configure sync for proper user profiles (which mundeep's answer solves nicely) or a generic SP list.
If you're looking to:
AD <-> SharePoint list
It's probably easier to break this problem down into two parts:
AD -> SP list
and:
SP list -> AD
For AD -> SP list
Microsoft provides some guidance on monitoring the AD for changes. Unfortunately, neither of these methods is a specific event message system (if anyone knows of one, please chime in!) both are essentially polling.
I would create a Windows service to handle this part of the solution.
The service would (in pseudo-code):
look for records that have changed
for each record that has changed:
get the matching SP item from the SP list (probably based on username)
update/add/remove the properties of the SP item
save the SP item
For SP list -> AD
I would create a custom event handler and attach it to the SP list.
Again in pseudo-code:
On SP item delete:
remove the matching AD record (if that's the behaviour you want)
On SP item create:
create a new AD record
On SP item update:
find the matching record in the AD
update the changed properties (which are flagged in the SP event handler)
The SP side of things is a little more elegant because events are raised only when something happens. This is definitely more efficient than polling.
What I'm suggesting has the added benefit of removing SQL (explicitly) from the solution. You can use the ADSI interface in the .NET framework to handle the AD update code. It's in the System.DirectoryServices assembly.
The AD polling service could use the SP object model if it's installed on the WSS box or the web services if it's on another system.
Again, if you're just looking to use the actual WSS/SP user profiles, use mundeep's solution.
1) Have you look into the User Information Lists & User Profiles? Sahil Malik has a very good overview of 'All you ever wanted to know about user profiles'. Keep in mind that because you are using WSS you don't have SSP Admin.
2) If you read the above article you will he mentions "How can profile information be kept up to date, if in case I am not using MOSS (and have no SSP)?" and his answer is an import/export utiltiy, the codebase of which (or even the utility itself) should give you a good start on what you want to do.
3) Also mentioned in the above article is a good diagram on how user information flows.