sharepoint and ActiveDirectory - sharepoint

Hi guys i am new to sharepoint . Actually we are using WSS not the MOSS 2007. we don't have shared service provider installed and no user profile service web service installed.Now I need to populate the active directory data to sharepoint list and after that I have to sync both Active directory and sharepoint list.which means the changes happened to Active directory data it must reflect in sharepoint list also.
What we are doing is extracting active directory data to SQL Server database and populating sharepoint list from SQL server database. I need a solution to populate sharepoint list from SQL Server database and sharepoint list must synchronize with SQL Server database table or stored procedure all the time automatically.
Can anyone suggest me the best solution to solve both importing the active directory data and sync the active directory and sharepoint list.
If anyone of you provide the sample source code that will be helpful.

I just want to clarify a bit first. Not sure if you're looking to configure sync for proper user profiles (which mundeep's answer solves nicely) or a generic SP list.
If you're looking to:
AD <-> SharePoint list
It's probably easier to break this problem down into two parts:
AD -> SP list
and:
SP list -> AD
For AD -> SP list
Microsoft provides some guidance on monitoring the AD for changes. Unfortunately, neither of these methods is a specific event message system (if anyone knows of one, please chime in!) both are essentially polling.
I would create a Windows service to handle this part of the solution.
The service would (in pseudo-code):
look for records that have changed
for each record that has changed:
get the matching SP item from the SP list (probably based on username)
update/add/remove the properties of the SP item
save the SP item
For SP list -> AD
I would create a custom event handler and attach it to the SP list.
Again in pseudo-code:
On SP item delete:
remove the matching AD record (if that's the behaviour you want)
On SP item create:
create a new AD record
On SP item update:
find the matching record in the AD
update the changed properties (which are flagged in the SP event handler)
The SP side of things is a little more elegant because events are raised only when something happens. This is definitely more efficient than polling.
What I'm suggesting has the added benefit of removing SQL (explicitly) from the solution. You can use the ADSI interface in the .NET framework to handle the AD update code. It's in the System.DirectoryServices assembly.
The AD polling service could use the SP object model if it's installed on the WSS box or the web services if it's on another system.
Again, if you're just looking to use the actual WSS/SP user profiles, use mundeep's solution.

1) Have you look into the User Information Lists & User Profiles? Sahil Malik has a very good overview of 'All you ever wanted to know about user profiles'. Keep in mind that because you are using WSS you don't have SSP Admin.
2) If you read the above article you will he mentions "How can profile information be kept up to date, if in case I am not using MOSS (and have no SSP)?" and his answer is an import/export utiltiy, the codebase of which (or even the utility itself) should give you a good start on what you want to do.
3) Also mentioned in the above article is a good diagram on how user information flows.

Related

How to tell if the logged in user has a security role?

I am trying to find out if the currently logged on user has a certain security role. I've looked on Google (couldn't find an answer) and the SDk examples (they seemed way too complicated). So, if you know the name of the security role and the user ID, how do you check to see if the user has that role?
If you browse the folder structure of the CRM 2011 SDK (link: https://www.microsoft.com/en-us/download/details.aspx?id=24004) to this location you will find what you are looking for:
.\SDK\SampleCode\CS\BusinessDataModel\UsersAndRoles\DoesUserBelongToRole.cs
It provides a sample built as a C# Console application. The code will work in ASP.NET as long as the app pool user is authorized to access the CRM Organization that you are trying to connect to.
Hope this helps
You should be able to find lots of examples out there. However to get the current users roles in JavaScript you can use:-
Xrm.Page.context.getUserRoles()
That however will return a list of GUID's which you then need to compare with roles in the system. This part is a bit trickier however here is an article that shows pretty clearly how to do it
http://www.infinite-x.net/2010/11/16/retreiving-user-roles-in-crm-2011/
At a high level you need to do an OData query (against RoleSet) to return the role (or roles) that you are wanting to compare. Then you compare the GUID's of those roles against the GUID's returned by the getUserRoles() function and you're good to go!

How to retrieve data from SharePoint?

I have a web application. When the user clicks on a button in my web application, I'd like to retrieve data from SharePoint on behalf of the user. I have read quite a few articles on SharePoint but I'm still not sure how to proceed. Should I create a provider hosted SharePoint App and use the SharePointREST API? Thank you in advance for your help.
You don't need to create a Provider to use the SharePoint Rest Services.
Quoting http://msdn.microsoft.com/en-us/library/office/jj164022(v=office.15).aspx :
One advantage of using REST is that you don’t have to add references to any SharePoint 2013 libraries or client assemblies. Instead, you make HTTP requests to the appropriate endpoints to retrieve or update SharePoint entities, such as webs, lists, and list items. See Get started with the SharePoint 2013 REST service for a thorough introduction to the SharePoint 2013 REST interface and its architecture.
Inside the page you will find videos and code examples that will help you to connect and execute operations.
It's Correct. Data in SharePoint is Stored in Lists or Libraries (to files).
You can use the Client Object Model, to get data remotely from a SharePoint Server (on-premise or Online). The Client Object Model can be used through Assemblies (DLL files) or REST services provided by SharePoint. Generally you should know the location of the data you are going to get, that is, as I initially mentioned, the data in SharePoint are stored in Lists or Libraries, therefore you must know the name of the List or Library Additional Site or Sub-site of the List or Library is.
If the name of the list where the information is stored is "employees" and the HR website, the URL could be formed as follows:
http://spserver.company.com/HR/Employees
For REST services, simply complete URL of the list you want to see, so that you retrieve the information from the list. If you want to apply filters, sorting, to retrieve specific columns, you must do it through CAML queries which the add on REST service call.

Retrieve Office 365 directory information from SharePoint online

I was wondering if is it possible to retrieve Office 365 directory information (i.e. security group membership) from SharePoint online programmatically (for example through a workflow custom action)?
By the way, I am not looking for retrieving Sharepoint group membership information.
I know the custom development is pretty limited with SharePoint online since the code has to run as a sandbox solution. Is there any web service or any another solution available?
I have been looking for information about this matter but I could not find anything so I guess there is no way to do this.
In our case there is an active directory synchronized with office 365. So we will use a powershell script to read data from AD and update a sharepoint list every day.
Then we will be able to use this data from custom code (like a workflow custom action).

Query the Manager object from AD in Sharepoint

We're trying to set up a workflow for approval of an item in a list in Sharepoint 2010, where whenever a user creates an item in the list, it automatically routes to their manager for approval before being added to the queue of work items. We'd also like to go a step further and recursively query up the heirarchy until we reach a user with a specific "Job Title".
We use the "manager" attribute and "title" attribute in user profiles so we should be able to poll all this info from AD.
Anyone have any experience or thought as in how to accomplish this task?
Thanks for the help.
+1 to what Patricker suggested with respect to user profile traversal. For AD Query assuming you are using an MS product for AD, create an LDAP Query.
You should be able to figure out lot of tools as well to build LDAP queries. My personal favorite is Search Using Active Directory Users and Computers
To execute LDAP queries via .Net you would use classes in System.DirectoryService namespace

Syncing profile details with active directory

Several fields in MOSS profiles are mapped to fields in active directory and we have given the user the ability to modify these.
But when the incremental profile import runs it overwrites these with the old values from active directory.
How do we make it so that AD is updated with the new values from the profile?
Thanks for any suggestions.
From http://blog.seancleaver.com/sean_cleaver/2008/07/sync-ad-users-to-sharepoint---2-way.html
So some of you have requested support to provide 2-Way Synchronization of AD Users between a SharePoint List and Active Directory. The good news is that the AD Provider for Data Synchronization Studio now supports this.
So you can effectively publish your AD Users to an Intranet Site to create a "Staff List" or "Telephone List" and then from this you can now allow your staff to update the personal information stored in the AD themselves by just simply editing the records in SharePoint. Then when the Synchronization occurs all changes are applied to the AD. There are a few limitations you can't create new AD Users this way and you can't delete users from the AD and certain properties are not updateable such as Member-Of etc.
We've given up on an easy way to do this and are writing a scheduled task that gets the recent change info from the users profile and updates AD from that.
Will try to post code once I've got something working.

Resources