SharePoint 2013 Active Directory Import will NEVER delete users

by Ed Sparks

<face palm>

Microsoft teased us all with the prospect of finally having a simple, supportable and consistent way to quickly sync basic user information from Active Directory into SharePoint 2013.

No more do we have to deal with the wonders of FIM and this mess.  One-click wonder.

Look: it even filters disabled accounts with a checkbox!

It appears there's one minor doesn't work.

First off, check out Microsoft's (not so) tiny list of caveats/exceptions for AD Import.  

Consider the following situations and note what the AD import option does not support when you determine whether to use this option.  

Consider, indeed!  That should more accurately read: "If you wish to use this for any task whatsoever, choose a different option"

Well, it technically it does work, but I guess when they named it Active Directory Import they literally meant that. Once it imports a user it's there for the rest of eternity, never to be removed in any sort of automated fashion.  It doesn't matter if you disable, move, or delete an AD account - AD Import could care less, and will do nothing with the related SharePoint User Profile.  The "bdeleted" flag never gets updated.  Nothing.  Yes, Virginia, this wondrous tool will NEVER remove a disabled or deleted account.  Of course, the lack of deleted flags means we can't easily run PowerShell commands to remove orphaned users either.  In the eyes of the User Profile they're NOT orphaned.  They're still there as happy, safe and sound objects.

Honestly, Microsoft, do you ever test this stuff anymore?

It's our belief that this behavior comes from the fact that Active Directory Import appears to be based on a version of the DirSync utility to push users up to the Office 365 or Azure clouds, which also suffers from the same behavior (i.e. removing an on-premise user does nothing at all to the cloud user).

It also appears the LDAP filters may or may not even take effect either, nor are they documented about how they apply, or mix with the OU selection, etc.
This entire thing is just ridiculous and sad.

Back to User Profile Synchronization and FIM we go.

Here's a Microsoft Escalation Blog on this very issue.



The Many Faces of Office 365

by Ed Sparks

Updated: July 18
Microsoft has recently announced updates to its Office 365 offerings, which represent a significant improvement, addresses many of our ongoing complaints with the small business plans, and for many a substantial price drop.  There will be some initial confusion, but good news come October all around!

Again, from Paul Thurrott:

Last week, Microsoft announced some major changes to its Office 365 versions for small and medium-sized businesses, triggering an avalanche of questions. And with the fog of war starting to finally fade, I feel like I have a better handle on what this will mean to those SMBs who are already on Office 365 but are unsure how these changes will impact them.

The good news? The changes are all positive. For customers with small business versions of Office 365—that is, Office 365 Small Business and Office 365 Small Business Premium—your subscriptions will be upgraded somewhat (albeit in ways that will impact few customers) and the cost of those subscriptions will remain the same. For midsized businesses, however—those with Office 365 Midsized Business subscriptions—the news is even better: You're about to realize a significant price reduction.


Microsoft offers a dizzying array of options for Office 365, and unfortunately causes confusion between the various options as are some are hosted on their consumer services ( Accounts), while the majority are on the Business Service platform (Exchange/SharePoint/Lync/OneDrive for Business/Organization Accounts).  Further confusing matters is that there are software-only subscriptions, and many are under the false impression that "Office 365" refers only to this, and not services at all.

Paul Thurrott at has written a superb article documenting the various intricacies of the service offerings.   Well worth a read.

It is our hope, along with many others in the Microsoft community, that they will soon merge all of these services into one platform and end the confusion.

In the mean time, regardless of version, we continue to believe it's a fantastic service and value and superior to most offerings in the marketplace.

Have an on-premise Exchange server?  Wondering how easy it can be to move to the cloud?
Let us help you migrate today!


SharePoint Large Upload Limits - The Definitive Article

by Ed Sparks

There's a tremendous amount of confusing information on the internet surrounding configuring SharePoint to properly allow large uploads.  Much of the confusion is due to differences in SharePoint versions (2007 ("12"), 2010 ("14") and WSS / Foundation) along with changes Microsoft made to the underlying OS and IIS.

For our sanity - and everyone else's - here's what we've found is truly the only full proper way to make this work consistently across Document Libraries, Lists and everything in between. 

The following example would be to allow 500+MB uploads, and you would need to adjust the numbers to match your needs.  Keep in mind the numbers are (in true Microsoft fashion) in MB in some places, KB in others, and bytes in still others! 

We've also made these steps a fully GUI based affair, as many admins are still uncomfortable about hacking around in config files manually. 

Note: This process applies to SharePoint 2010 or greater on Windows 2008 R2 or newer.  On Windows 2008 (non-R2) manual edits to web.config would be required using the same settings, or download the Configuration Editor as part of the IIS Administration Pack.

  1. In Central Administration, under Application Management/Manage Web Applications find the web application to update and select it.  Then from the ribbon choose General Settings.
  2. Update the Maximum Upload Size to the desired size – i.e. 512 MB and click OK

Repeat the following steps on EACH Web Front-end Server and for each IIS site representing each SharePoint zone:

  1. In IIS Manager navigate to the Sites node and choose the appropriate site representing the chosen SharePoint Web Application
  2. Click Advanced Settings in the Action Pane.  Under Connection Limits increase the Connection Time-out to at least 300 seconds and click OK
  3. In the middle pane double click on Configuration Editor
  4. Under Section, choose system.webserver/security/requestFiltering
  5. Expand requestLimits and change the maxAllowedContentLength entry to a value of at least 536870912  (this is in bytes).  Click out of the entry box, then choose Apply in the action pane
  6. Under Section  choose system.web/httpruntime
  7. Modify the entry maxRequestLength to a value of at least 524288 (this time it's in KB!) and the executionTimeout value to 3600.  Click out of the entry box, then choose Apply in the action pane
  8. Open Command Prompt As Administrator and execute
  9. Go forth, and upload! 

All of these steps are required to fully and properly support large uploads across libraries and lists.

Does your SharePoint environment need help?  Contact us today.

Image courtesy Techbush

Image courtesy Techbush

Slow SharePoint 2010 site? The best hidden troubleshooting gem

by Ed Sparks

Two words - Developer Dashboard.

Ever had a slow SharePoint site and been unable to figure out what's causing the issue, or where to turn next?  Once you've given up on resetting IIS and checking your performance monitors, you'll be happy to find out that Microsoft has a fantastic tool built right into SharePoint 2010 and later.

There is plenty of good information all over the internet about this already, so I will just point to a couple of excellent sources:

Happy bug hunting!


Dynamics AX Enterprise Portal in a Farm - The rest of the story

by Ed Sparks

I was recently working with a customer to get the Microsoft Dynamics AX "Enterprise Portal" working correctly in their multi-tier production SharePoint environment. 

We quickly discovered this was not a well-documented or particularly easy task, as Microsoft seems to think everyone will just blindly install this with defaults in a SharePoint Foundation Instance on the AX server itself.  As this isn't a very scalable or common solution, we decided to investigate and find a proper supportable and reproducable way to install EP into a SharePoint 2010 Enterprise environment. 

Read More