SharePoint – Synchronization service with Windows 2000 domain controllers

As you already know, the user synchronization profile service in SharePoint 2010 is managed by ForeFront Identity Manager (FIM).

This product (FIM) is still in beta – Release Candidate 1; so we may expect a SharePoint update to install the RTM version.

As I’m currently involved on a SharePoint 2010 PoC, I had//have some issue with the synchronization service. This post is about the first issue I had to implement the service.

The domain/forest functional level is Windows 2000 mixed mode.

The user profile synchronization service application can be successfully created but the related SharePoint services (user profile and user profile synchronization) have some trouble. Indeed, the synchronization service stay on starting mode.

The registry keys and values which should be created within HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FIMService are not created, and no access try is done (discover thanks to ProcMon).

Log analysis helps to discover the use of S4U Kerberos function’s.

Forcing SharePoint server to use a Windows Server 2003 controller helps to make services start.

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.