SPUserProfileServiceApp - dsccommunity/SharePointDsc GitHub Wiki
Parameters
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Name | Key | String | The name of the user profile service | |
| ApplicationPool | Required | String | The name of the application pool to run the service app in | |
| DatabaseCredentials | Write | PSCredential | If using SQL authentication, the SQL credentials to use to connect to the instance | |
| EnableNetBIOS | Write | Boolean | Whether Farm should resolve NetBIOS domain names | |
| Ensure | Write | String | Present if the service app should exist, absent if it should not | Present, Absent |
| MySiteHostLocation | Write | String | The URL of the my site host collection | |
| MySiteManagedPath | Write | String | The Managed Path of the my site sites | |
| NoILMUsed | Write | Boolean | Specifies if the service application should be configured to use AD Import | |
| ProfileDBName | Write | String | The name of the profile database | |
| ProfileDBServer | Write | String | The name of the server to host the profile database | |
| ProxyName | Write | String | The proxy name, if not specified will be /Name of service app/ Proxy | |
| SiteNamingConflictResolution | Write | String | Specifies which SiteNamingConflictResolution should be used | Username_CollisionError, Username_CollisionDomain, Domain_Username |
| SocialDBName | Write | String | The name of the social database | |
| SocialDBServer | Write | String | The name of the database server to host the social database | |
| SyncDBName | Write | String | The name of the sync database | |
| SyncDBServer | Write | String | The name of the database server to host the sync database | |
| UpdateProxyGroup | Write | Boolean | Specifies if an issue with Service App Proxy Groups should be automatically corrected (see wiki for more info). Default value is true. | |
| UseSQLAuthentication | Write | Boolean | Should SQL Server authentication be used to connect to the database? |
Description
Type: Distributed Requires CredSSP: Yes
This resource will provision an instance of the user profile service to the farm. It creates the required databases using the parameters that are passed in to it (although these are only used during the initial provisioning).
The specified PSDSCRunAsCredential cannot be the Farm Account. The resource will throw an error when it is.
To allow successful provisioning, the farm account must be in the local administrators group, however it is not best practice to leave this account in the Administrators group. Therefore this resource will add the Farm Account credential to the local administrators group at the beginning of the set method and remove it again later on.
The default value for the Ensure parameter is Present. When not specifying this parameter, the service application is provisioned.
The parameter SiteNamingConflictResolution accepts three values: Username_CollisionError, Username_CollisionDomain and Domain_Username. More information on each of these parameters can be found at: https://docs.microsoft.com/en-us/dotnet/api/microsoft.office.server.userprofiles.sitenameformat?view=sharepoint-server
NOTE: Due to the fact that SharePoint requires certain User Profile components to be provisioned as the Farm account, this resource and SPUserProfileSyncService retrieve the Farm account from the Managed Accounts. This does however mean that CredSSP is required, which has some security implications. More information about these risks can be found at: http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/
NOTE2: The UpdateProxyGroup parameter fixes the following issue: The User Profile service is looking up the proxy groups to find the correct MMS. Unfortunately it doesn't follow what you configured in Central Administration. Instead it verifies an obsolete ServiceApplicationProxyGroup property of the UPA, which is always pointing to the default proxy group.
It seems that property doesn't get updated for any Service Application when you modify the associations in Central Administration and it can store only one association (while in central administration a Service Application can be added to multiple proxy groups).
Examples
Example 1
This example adds a new user profile service application to the local farm
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
SPUserProfileServiceApp UserProfileServiceApp
{
Name = "User Profile Service Application"
ApplicationPool = "SharePoint Service Applications"
MySiteHostLocation = "http://my.sharepoint.contoso.local"
MySiteManagedPath = "personal"
ProfileDBName = "SP_UserProfiles"
ProfileDBServer = "SQL.contoso.local\SQLINSTANCE"
SocialDBName = "SP_Social"
SocialDBServer = "SQL.contoso.local\SQLINSTANCE"
SyncDBName = "SP_ProfileSync"
SyncDBServer = "SQL.contoso.local\SQLINSTANCE"
EnableNetBIOS = $false
PsDscRunAsCredential = $SetupAccount
}
}
}
Example 2
This example adds a new user profile service application to the local farm
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
SPUserProfileServiceApp UserProfileServiceApp
{
Name = "User Profile Service Application"
ApplicationPool = "SharePoint Service Applications"
MySiteHostLocation = "http://my.sharepoint.contoso.local"
MySiteManagedPath = "personal"
ProfileDBName = "SP_UserProfiles"
ProfileDBServer = "SQL.contoso.local\SQLINSTANCE"
SocialDBName = "SP_Social"
SocialDBServer = "SQL.contoso.local\SQLINSTANCE"
SyncDBName = "SP_ProfileSync"
SyncDBServer = "SQL.contoso.local\SQLINSTANCE"
EnableNetBIOS = $false
NoILMUsed = $true
PsDscRunAsCredential = $SetupAccount
}
}
}
Example 3
This example adds a new user profile service application to the local farm
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
SPUserProfileServiceApp UserProfileServiceApp
{
Name = "User Profile Service Application"
ApplicationPool = "SharePoint Service Applications"
MySiteHostLocation = "http://my.sharepoint.contoso.local"
MySiteManagedPath = "personal"
ProfileDBName = "SP_UserProfiles"
ProfileDBServer = "SQL.contoso.local\SQLINSTANCE"
SocialDBName = "SP_Social"
SocialDBServer = "SQL.contoso.local\SQLINSTANCE"
SyncDBName = "SP_ProfileSync"
SyncDBServer = "SQL.contoso.local\SQLINSTANCE"
EnableNetBIOS = $false
SiteNamingConflictResolution = "Domain_Username"
PsDscRunAsCredential = $SetupAccount
}
}
}