Hi guys, quick question.
The account used for AD Import in UPA, does he need to bee a member of the users group in AD?
I have an account that is in the service group in AD, a service account with replicate direcotry permission, but when i enter the account and pass and press to populate container i get invalid credentials. I know that the credentials are correct.
When I enter one of the SP users insted i can populate the container but the sync will not performe, because the users does not have replicate directory permission.
So, why cant i recognize a AD service account?
Hi,
Think I misunderstood, didn’t realise it wasn’t even validating the credentials. I just thought it wasn’t populating the containers, so thought permissions.
I would also only ever use a service account that is only a domain user for services and the like as I am stickler when it comes to best practice 🙂 Even though you cannot adhere to it when it comes to the UPSA in terms of starting the User Profile Synchronisation Service or at least you couldn’t in 2010 and when I tried in a test evironment with SharePoint 2013 but let’s not get into that.
Anyway to cut a long story short I am glad you got it sorted 🙂
