Reset the User Profile Synchronization Service if it is disabled in SharePoint Server 2010

Introduction

This script will help IT administrator to reset the User Profile Synchronization Service in Microsoft SharePoint Server 2010.

Scenarios

The User Profile Synchronization service interacts with Microsoft Forefront Identity Manager (FIM) to synchronize profile information with external systems such as directory services and business systems. The two FIM services, Forefront Identity Manager Service and Forefront Identity Manager Synchronization Service, are provisioned when you start the User Profile Synchronization service. Being unable to start the User Profile Synchronization service is the most common profile synchronization (profile sync) issue that administrators encounter.

The farm account is used to start the User Profile Synchronization service. If you have configured a wrong service account, User Profile Synchronization Service won’t be started. This script could be used to reset the User Profile Synchronization service and its service account.

Script

This script contains one advanced function, Set-OSCSPUserProfileSyncSvc. You can use this script in following ways:

Method 1:

Download the script and copy it to a Microsoft SharePoint 2010 Server.
Open the script file with Notepad or any other script editors.
Press “Ctrl + End” and add the commands which are listed in the Examples section.
Save the file then run the script.

Note: Don’t forget to replace displayName and domainname\accountname with your own value.

Method 2:

Rename scriptname.ps1 to scriptname.psm1 (PowerShell Module file)
Run Import-Module cmdlet to import this module file.
Import-Module filepath\scriptname.psm1

PowerShell

Edit|Remove

Function Set-OSCSPUserProfileSyncSvc
{
	[CmdletBinding()]
	Param
	(
		#Define parameters
		[Parameter(Mandatory=$true,Position=1)]
		[string]$DisplayName,
		[Parameter(Mandatory=$true,Position=2)]
		[System.Management.Automation.PSCredential]$FarmAccount
	)
	Process
	{
		Try
		{
			#Get SharePoint Service Application according to the specified display name.
			$verboseMsg = $Messages.GetSPSvcApp
			$verboseMsg = $verboseMsg -replace "Placeholder01",$DisplayName
			$pscmdlet.WriteVerbose($verboseMsg)
			$spSvcApp = Get-SPServiceApplication -Name $DisplayName -ErrorAction Stop -Verbose:$false
		}
		Catch
		{
			#If Get-SPServiceApplication failed for any reason, this function will be terminated.
			$errorMsg = $Messages.CannotFindAppWithSpecifiedDisplayName
			$errorMsg = $errorMsg -replace "Placeholder01",$DisplayName
			$customError = New-OSCPSCustomErrorRecord `
			-ExceptionString $errorMsg `
			-ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet
			$pscmdlet.WriteError($customError)
			return $null
		}
		#If $spSvcApp is not a User Profile Service Application, this function will be terminated.
		if ($spSvcApp.TypeName -eq "User Profile Service Application") {
			#Get related information from environment and user input.
			$computerName = $env:ComputerName
			$farmAccountUserName = $FarmAccount.UserName
			$farmAccountPassword = $FarmAccount.Password
			if ($farmAccountUserName -ne $((Get-SPFarm -Verbose:$false).DefaultServiceAccount.Name)) {
				$errorMsg = $Messages.WrongSvcAccount
				$customError = New-OSCPSCustomErrorRecord `
				-ExceptionString $errorMsg `
				-ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet
				$pscmdlet.WriteError($customError)
				return $null			
			}
			#Get SharePoint User Profile Synchronization Service instance and modify the properties.
			$verboseMsg = $Messages.GetUPSS
			$pscmdlet.WriteVerbose($verboseMsg)
			$spSvcInstance = Get-SPServiceInstance -Verbose:$false | Where-Object {$_.TypeName -eq "User Profile Synchronization Service"}
			if ($spSvcInstance.Status -eq [Microsoft.SharePoint.Administration.SPObjectStatus]::Disabled) {
				$verboseMsg = $Messages.UpdateSvcAcct
				$pscmdlet.WriteVerbose($verboseMsg)				
				$spSvcApp.SetSynchronizationMachine($computerName,$spSvcInstance.Id,$farmAccountUserName,$farmAccountPassword)
				$spSvcInstance.Status = [Microsoft.SharePoint.Administration.SPObjectStatus]::Provisioning
				$spSvcInstance.IsProvisioned = $false
				$spSvcInstance.UserProfileApplicationGuid = $spSvcApp.Id
				$spSvcInstance.Update()
			} else {
				$errorMsg = $Messages.CannotSetUPSyncSvc
				$errorMsg = $errorMsg -replace "Placeholder01",$($spSvcInstance.Status)
				$customError = New-OSCPSCustomErrorRecord `
				-ExceptionString $errorMsg `
				-ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet
				$pscmdlet.WriteError($customError)
			}
		} else {
			$errorMsg = $Messages.WrongSvcAppType
			$errorMsg = $errorMsg -replace "Placeholder01",$DisplayName
			$errorMsg = $errorMsg -replace "Placeholder02",$($spSvcApp.TypeName)
			$customError = New-OSCPSCustomErrorRecord `
			-ExceptionString $errorMsg `
			-ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet
			$pscmdlet.WriteError($customError)
			return $null			
		}
	}
}

Function Set-OSCSPUserProfileSyncSvc 
{ 
    [CmdletBinding()] 
    Param 
    ( 
        #Define parameters 
        [Parameter(Mandatory=$true,Position=1)] 
        [string]$DisplayName, 
        [Parameter(Mandatory=$true,Position=2)] 
        [System.Management.Automation.PSCredential]$FarmAccount 
    ) 
    Process 
    { 
        Try 
        { 
            #Get SharePoint Service Application according to the specified display name. 
            $verboseMsg = $Messages.GetSPSvcApp 
            $verboseMsg = $verboseMsg -replace "Placeholder01",$DisplayName 
            $pscmdlet.WriteVerbose($verboseMsg) 
            $spSvcApp = Get-SPServiceApplication -Name $DisplayName -ErrorAction Stop -Verbose:$false 
        } 
        Catch 
        { 
            #If Get-SPServiceApplication failed for any reason, this function will be terminated. 
            $errorMsg = $Messages.CannotFindAppWithSpecifiedDisplayName 
            $errorMsg = $errorMsg -replace "Placeholder01",$DisplayName 
            $customError = New-OSCPSCustomErrorRecord ` 
            -ExceptionString $errorMsg ` 
            -ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet 
            $pscmdlet.WriteError($customError) 
            return $null 
        } 
        #If $spSvcApp is not a User Profile Service Application, this function will be terminated. 
        if ($spSvcApp.TypeName -eq "User Profile Service Application") { 
            #Get related information from environment and user input. 
            $computerName = $env:ComputerName 
            $farmAccountUserName = $FarmAccount.UserName 
            $farmAccountPassword = $FarmAccount.Password 
            if ($farmAccountUserName -ne $((Get-SPFarm -Verbose:$false).DefaultServiceAccount.Name)) { 
                $errorMsg = $Messages.WrongSvcAccount 
                $customError = New-OSCPSCustomErrorRecord ` 
                -ExceptionString $errorMsg ` 
                -ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet 
                $pscmdlet.WriteError($customError) 
                return $null             
            } 
            #Get SharePoint User Profile Synchronization Service instance and modify the properties. 
            $verboseMsg = $Messages.GetUPSS 
            $pscmdlet.WriteVerbose($verboseMsg) 
            $spSvcInstance = Get-SPServiceInstance -Verbose:$false | Where-Object {$_.TypeName -eq "User Profile Synchronization Service"} 
            if ($spSvcInstance.Status -eq [Microsoft.SharePoint.Administration.SPObjectStatus]::Disabled) { 
                $verboseMsg = $Messages.UpdateSvcAcct 
                $pscmdlet.WriteVerbose($verboseMsg)                 
                $spSvcApp.SetSynchronizationMachine($computerName,$spSvcInstance.Id,$farmAccountUserName,$farmAccountPassword) 
                $spSvcInstance.Status = [Microsoft.SharePoint.Administration.SPObjectStatus]::Provisioning 
                $spSvcInstance.IsProvisioned = $false 
                $spSvcInstance.UserProfileApplicationGuid = $spSvcApp.Id 
                $spSvcInstance.Update() 
            } else { 
                $errorMsg = $Messages.CannotSetUPSyncSvc 
                $errorMsg = $errorMsg -replace "Placeholder01",$($spSvcInstance.Status) 
                $customError = New-OSCPSCustomErrorRecord ` 
                -ExceptionString $errorMsg ` 
                -ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet 
                $pscmdlet.WriteError($customError) 
            } 
        } else { 
            $errorMsg = $Messages.WrongSvcAppType 
            $errorMsg = $errorMsg -replace "Placeholder01",$DisplayName 
            $errorMsg = $errorMsg -replace "Placeholder02",$($spSvcApp.TypeName) 
            $customError = New-OSCPSCustomErrorRecord ` 
            -ExceptionString $errorMsg ` 
            -ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet 
            $pscmdlet.WriteError($customError) 
            return $null             
        } 
    } 
}

Examples

Example 01: Displays help about Set-OSCSPUserProfileSyncSvc.
Command: Get-Help Set-OSCSPUserProfileSyncSvc -Full

Screenshot:

Example 02: Set the service account for User Profile Synchronization Service.
Command: Set-OSCSPUserProfileSyncSvc -DisplayName "User Profile Service Application" -FarmAccount (Get-Credential "domainname\accountname") -Verbose

Screenshot:

Note:

You cannot change User Profile Synchronization Service setting when the status is not disabled. If you want to run this script immediately, please use following command to stop User Profile Synchronization Service.

Get-SPServiceInstance | ?{$_.TypeName -eq "User Profile Synchronization Service"} | Stop-SPServiceInstance

After running the script, you can open Event Viewer, and find an event log entry in the Event Viewer. Here is one example:

Prerequisite

Windows PowerShell 2.0
Microsoft SharePoint 2010 PowerShell Snapin

Additional Resources

Technical Resource:
Windows PowerShell Advanced Function
Plan for profile synchronization (SharePoint Server 2010) - Plan account permissions
User Profile Service troubleshooting