locked
Multi Tenancy and user profiles RRS feed

  • Question

  • Single farm with one web app.

    Multi tenancy configured to host 6 tenants

    User profile service partitioned to allocate a separate OU to each tenant

    tenant includes

    Site collection for users, my sites and tenant admin

    Some users will be given access to multiple tenants as they work for more than one organisation

    Is it possible to arrange things so they have a single my site and user profile ?

    I thought trusted locations might be a way to redirect a user to a single 'my site' based on audience membership when logged into the second tenant site.

    I tried to configure audiences through the tenant admin but when trying to  select a user for the audience rule I simply see the name of the OU allocated to the tenant. Typing in a valid user id gives a message user not found on your system.

    Should this be possible ?

     

    Thanks

     


    David Severn
    Tuesday, January 18, 2011 12:05 PM

Answers

  • David-

    Quick clarifying question.  For those users that will have access to multiple site collections - will they have a user account in each OU?

    If that is the case - then I can not think of way "out of the box" that would allow those users to have a single MySite.  By the nature of how Multi-Tenancy works - it will create one for each user.

    What you might consider would be to have a grou of users who are "OU Agnostic" - but manually grant them rights into the specific site collections.

    Jeff DeVerter, MCSE
    Rackspace
    blog:http://www.social-point.com
    twitter: http://www.twitter.com/jdeverter

    • Marked as answer by David Severn Tuesday, January 25, 2011 10:10 AM
    Tuesday, January 18, 2011 2:27 PM
  • When creating the multi tenancy I had omitted the useraccountdirectorypath parameter in the spsitesubscriptionconfig thereby losing the value of proper multi tenancy when this was set each tenant was locked down properly and from what I can see there is no way to have a single my site / trusted lcoations as the audiences are locked down to suers within the assigned ou for the tenant.
    David Severn
    • Marked as answer by David Severn Tuesday, January 25, 2011 10:05 AM
    Tuesday, January 25, 2011 10:04 AM

All replies

  • David-

    Quick clarifying question.  For those users that will have access to multiple site collections - will they have a user account in each OU?

    If that is the case - then I can not think of way "out of the box" that would allow those users to have a single MySite.  By the nature of how Multi-Tenancy works - it will create one for each user.

    What you might consider would be to have a grou of users who are "OU Agnostic" - but manually grant them rights into the specific site collections.

    Jeff DeVerter, MCSE
    Rackspace
    blog:http://www.social-point.com
    twitter: http://www.twitter.com/jdeverter

    • Marked as answer by David Severn Tuesday, January 25, 2011 10:10 AM
    Tuesday, January 18, 2011 2:27 PM
  • Thanks for the reply Jeff

    The users will exist in one OU which will be associated with a tenant - this should update their profile in one place - I think?

    They will be given permissions in the second (or other) site collection which will be a separate tenant. I am ssuming they dont get a user profile here.

    When they click on the my site link I want them to go to their my site which will be associated in their main tenant. 

     


    David Severn
    Tuesday, January 18, 2011 2:46 PM
  • Making some progress now - AD permssions needed to be set and I ran user profile import and am now seeing more in the audience member selector
    David Severn
    Wednesday, January 19, 2011 1:49 PM
  • When creating the multi tenancy I had omitted the useraccountdirectorypath parameter in the spsitesubscriptionconfig thereby losing the value of proper multi tenancy when this was set each tenant was locked down properly and from what I can see there is no way to have a single my site / trusted lcoations as the audiences are locked down to suers within the assigned ou for the tenant.
    David Severn
    • Marked as answer by David Severn Tuesday, January 25, 2011 10:05 AM
    Tuesday, January 25, 2011 10:04 AM