Using SPUserUtil to synchronize SharePoint user Display Names and Email addresses with the information in Active Directory

SPUserUtil will mean either WSSUserUtil or SPSUserUtil respectively (WSSUserUtil is used to administer Windows SharePoint Sites on a standalone WSS Farm/Virtual server OR Windows SharePoint sites in the same virtual server of a SharePoint Portal Server 2003 site.)  SPSUserUtil is a superset of WSSUserUtil, designed for working on SharePoint Portal Server Areas.

 

Consider the following:

  • We have an account named MYDOMAIN\margie.murphy.

  • This account has permissions on various SharePoint sites.

  • This accounts NT Login Name changes to MYDOMAIN\margie.richie for one of many different reasons (In our scenario, Margie married a really cool guy with the last name of Richie :))

  • The NT Login Name for this account was synchronized with Active Directory using the steps provided in my previous post :) Using SPUserUtil to update accounts when the NT Login Name changes

SharePoint provides a feature for users to use different Display Names and Email addresses across the site collections they are members of.  This information is cached in the tp_Title and tp_Email columns in the UserInfo table for every site collection in which the user has permissions.  The individual user can update their information or the administrator can do it by visiting the siteusrs.aspx page for every site collection.  This allows a user to utilize say, different email addresses for alerts on the same SharePoint Virtual Server but in different site collections.  One scenario is where I may want to alert myself of changes to content on one site collection using my work email address, while content from another site collection should send alerts to my personal email address.

 

The problem with this, is that most enterprise customers I have worked with find this feature really annoying :).  They prefer the users account display name and email address to be consistent to what the have established in their corporate environment, and it is an administrative nightmare to to update this information across literally 10's of 1000's of site collections.  It also confuses users of SharePoint when their information changes (Say a contractor becomes a full time employee, etc).   It can also cause administrative headache for administrators when they try to change security information on their sites (in some places we try to look up the account with the old NT Login Name).  You can however, re-sync SharePoint with the current information in active directory by using SPUserUtil.

To perform this action, there are actually two different ways of accomplishing this.

Using the displayname= and email= attributes in the UserMap file

  1. See my previous post (Using SPUserUtil to update accounts when the NT Login Name changes) to familiarize yourself with creating a proper UserMap file.

  2. Set the displayname= and email= attributes appropriately, similar to the following example.

     

    <?xml version="1.0" standalone="no"?>

    <!DOCTYPE SPUserUtilUserMapFile>

    <!--This file represents the user information generated and used by SPUserUtil-->

    <users>

      <user loginname="MYDOMAIN\margie.richie" newloginname=""displayname="Margie Richie" email="margie.richie@MYDOMAIN.com"/>

    </users>


  3. Run WSSUserUtil to update the information:

    WSSUserUtil –o update –url http://myserver -usermap users.xml –ac

    This will find the user on the site collections, and update the displayname and email address to what is defined in the XML file for the user.

    Note: The –ac switch tells SPUserUtil to perform the operation on “ALL” site collections on the SharePoint Virtual Server. If you only wanted to perform it on the http://server/sites/thesite then remove the -ac switch and specify the site using the –url option.

Using the -adu switch to query AD for the current values

  1. See my previous post (Using SPUserUtil to update accounts when the NT Login Name changes) to familiarize yourself with creating a proper UserMap file.

  2. It is not necessary to specify or even include the displayname= and email= attributes using this method.  All we need is the loginname= attribute as in the following example.

     

    <?xml version="1.0" standalone="no"?>

    <!DOCTYPE SPUserUtilUserMapFile>

    <!--This file represents the user information generated and used by SPUserUtil-->

    <users>

      <user loginname="MYDOMAIN\margie.richie" />

    </users>


  3. Run WSSUserUtil to update the accounts in the UserMap file with information from Active Directory:

    WSSUserUtil –o update –url http://myserver -usermap users.xml –ac -adu

    This will find the user on the site collections, and update the displayname and email address to what is currently set in Active Directory.

    Note: In this example, I’m using the –adu switch. This tells SPUserUtil to lookup the displayname and email address from Active Directory, and bypass what is in the usermap file if it is defined. Again the –ac switch will perform the operation on all site collections.

It may seem silly to just go through all those steps for a single user, but if you need to do a batch of users, I personally think WSSUserUtil and SPSUserUtil is the way to go.

Try this out for fun, do it Wicked Kung Fu style

If you want to just update all the users across your entire SharePoint Virtual Server in one whopping swoop try the following (But be sure you have a backup first in case you don't like the results!!!)"

WSSUserUtil –o analyze –url http://myserver -usermap users.xml –asu -ac

Note: In this example, I’m using the –asu and -ac switch. This tells SPuserUtil to enumerate over All site collections and just dump what we find for all site collection users into the usermap.   You don't need to specify the -r swtich (Recursive web dive) as we don't care where and what web they are actually on.  The end result, is that we will get a unique record for every user found in the usermap across all site collections.

Then just issue the following command:

WSSUserUtil –o update –url http://myserver -usermap users.xml –ac -adu

And every single user defined in the users.xml file will be updated in SharePoint

Hope this helps!!!!

Keith Richie


For more information in regards to the Schema of the Various SharePoint Tables, see the Databases section in the SharePoint Products and Technologies SDK at:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/spptsdk/html/SPPTWSSDatabases_SV01072208.aspp

SPUserUtil is contained in the The SharePoint Utility Suite at:
http://www.microsoft.com/sharepoint/downloads/components/detail.asp?a1=724

For more information on Windows SharePoint Services and SharePoint Portal Server 2003:
http://www.microsoft.com/sharepoint