SharePoint 2007 – Issue with Active Directory User Information Sync

Problem:  User had personal information changed in Active Directory, such as last name or email address and SharePoint continues to display and/or use the old information in sites.   The user profile information on the mysite appears correct.

Issue:  SharePoint only syncs user information in sites for “Active” users.  These are users that are explicitly added to a SharePoint group in a site.   A user that belongs to an AD group that was added into a SharePoint group is not considered active by SharePoint.

Fix: Add the user directly to a group within the site temporarily until the profile sync process occurs.  Once the information is updated you can remove the user from the group.  You can try to force a sync with the command stsadm –o sync

Additional Information:
It is possible to verify this issue by running a query directly against the SQL Database tables.    Run the following query against each of the content databases to find out in what sites the user information needs to be synced.

select tp_login,tp_title,tp_email,tp_isactive, c.fullurl from dbo.userinfo a
inner join dbo.sites b on a.tp_SiteID = b.Id
inner join dbo.webs c on b.RootWebId = c.Id
where a.tp_login=’domainusername’

Replace domainusername with the full domain and username of the affected user.
The field tp_isactive should be 1 when the user is directly added to the site and 0 when the user is not directly added to the site.   The sync process will only occur with the tp_isactive is set to 1. 

NOTE:  Do not use insert, update or delete statements against the database tables. 

Leave a Reply