Many thanks to Ward Ralston at Microsoft for this tip. Ward and I met when he was a trainer at the now defunked Paladin Data Systems in Poulsbo, Washington. He's a great guy and this tip is really worth reading.
Have you ever wanted to grab the information users enter into their SharePoint profile and write it back to Active Directory? Thought it wasn't possible? Well, it is. Read this:
First, schedule the profiles to import daily from Active Directory to SharePoint Portal Server 2003.
Then, do this:
Allow users to edit some of their mapped AD attributes in their profile (Last Name, Title, Room, etc). You can also make an HR group in Active Directory that has the edit profile permission so HR could change any user too.
Thirdly, use MIIS to query the profile database to extract those attributes on a defined schedule…….Something like this:
select ntName, max(title) as Title, max(sn) as sn, max(givenName) as givenName, min(objectGUID) as objectGUID
from (select ntName, propertyVal,
(case when propertyid = 13 then propertyVal else '' end) as Title,
(case when propertyid = 4 then propertyVal else '' end) as sn,
(case when propertyid = 5 then propertyVal else '' end) as givenName,
(case when propertyid = 1 then propertyVal else '' end) as objectGUID
from userProfileValue upv inner join userProfile up
on upv.recordid=up.recordid
where propertyid in (13, 4, 5, 1)) as tbl
group by ntName
order by ntName
Lastly, have MIIS write the changes back to AD so it they are reflected on the next replication cycle. (MIIS also wrote the change to a MySQL HR database)
Viola! You can have the attributes that users fill out in their profile written back to Active Directory.
Bill English
Mindsharp