Today’s post comes to us from Spencer Harbar, a SharePoint MVP,  at http://www.harbar.net. He graciously offered to let us use his User Profiles graphic and accompanying text. You can find his guides on User Profiles at http://www.harbar.net/articles/sp2010ups.aspx and http://www.harbar.net/articles/sp2010ups2.aspx. Thank you, Spencer!

This diagram shows the high level architecture and the various components that make up the User Profile subsystem in SharePoint Server 2010.

User Profile Subsystem in SharePoint Server 2010

The key components are briefly described below.

User Profile Service Application (UPA)

A logical component which encompasses:

· An IIS Application which sits in the SharePoint Web Services IIS Web Site. The IIS Web Site is on every machine in the farm. When we start the User Profile Service machine instance later, the IIS Application will be created on that machine. It will be named with a GUID and hosts two of WCF services. This is known as a Service Application Endpoint.

· Pages for managing the Service Application are hosted in Central Administration and are called using a GUID in the query string. The WCFs don’t actually do any work themselves but provide an interface to calling clients and calls other elements of the system.

There can be more than one instance of the User Profile Service Application, but there is a one to one mapping between a Service Application and the User Profile Synchronization Service Service Machine Instance.

User Profile Service Application Proxy (UPA Proxy)

A Service Connection (aka Proxy). This lives within the SharePoint Foundation Web Application Service and allows Service Consumers (e.g. Web Applications) to call the Service Application.

User Profile Service Instance (UP)

A SharePoint Service Instance. This is not a Windows Service, but .NET assemblies that are primarily responsible for surfacing User Profile data to consuming Web Applications. There are no configuration options. This should run on the machine in the farm you wish to use to host the User Profiles “Role”. When it’s running that machine is known as the Service Machine Instance.

User Profile Synchronization Service Instance (UPS)

A SharePoint Service Instance. This is a wrapper responsible for the provisioning of the Forefront Identity Manager (FIM) components. You select a User Profile Service Application to associate with, and need to specify the credentials of the Farm Account (under which the FIM Services will run). This should run on the machine in the farm you wish to use to host the User Profiles “Role”. When it’s running that machine is known as the Service Machine Instance. There can only be one UPS Service Instance per User Profile Service Application.

Forefront Identity Manager (FIM)

A bundled version of FIM that includes two Windows Services, associated configuration and data, along with a rich client Synchronization Manager tool. FIM is responsible for synchronizing user profile properties with attributes or data from external directory services such as Active Directory. It is not supported to use the FIM client but this can be useful for viewing progress and identifying errors. The two FIM services are automatically configured by the User Profile Synchronization Service Instance and the User Profile Service Application.

Related Service Applications

We can configure the UPA to use Term Sets provided by the Managed Metadata Service Application (MMS). In order to take advantage of the Social Search capabilities in SharePoint Server 2010 we also need the Enterprise Search Service Application.

Profile Database

The Profile database contains the profile properties and other related data such as Audiences. It also stores Activity Feed data for users.

Social Database

The Social database contains social data such as Tags, Keywords, Comments, Bookmarks and Ratings.

Sync Database

The Sync database is a staging area for data synchronized with external directory services or business data connections. In FIM terminology this is known as the “metaverse”.