User Profile synchronization does not import all the Active Directory users – Event ID: 6803
Updated: Apr 11
User profile Synchronization goes to idle without importing all the users from the Active Directory (AD) connection.
The Profle sync service imports only few profiles and then the syncrnization service becomes idle.
First of all verify your AD connection is mapped to correct OU, most organizations have multiple OU’s.
Now verify your Exclusion filters – Unlike inclusion filters of MOSS in SharePoint 2010we have exclusion filters.
Now check application events – This will be your first place to show the errors
Check the ULS logs
In my scenario i got the following in Event,
Log Name: Application Source: FIMSynchronizationService Date: <Date and Time> Event ID: 6803 Task Category: Management Agent Run Profile Level: Error Keywords: Classic User: N/A Computer: Description: The management agent “MOSS-GUID” failed on run profile “MOSS_EXPORT_GUID” because the server encountered errors.
Next stop ULS logs
This is what i found there
Exception occured while connecting to WCF endpoint: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme ‘Anonymous’. —> System.Net.WebException: The remote server returned an error: (403) Forbidden.
So what you need to do…………
Ensure the FIM service account has the required permissions [http://technet.microsoft.com/en-us/library/gg750257.aspx].
Stop the User Profile synchronization service from SharePoint Central Administration
Delete all the FIM certificates from the system certificates console.
Reboot the SharePoint server where Profile Synchronization service is provisioned.
Start the User profile Synchronization service from SharePoint Central Administration.
Start a Full Profile Synchronization.
All the profiles from the AD should be imported now.
Happy Hunting 🙂