INTRODUCTION
The client I'm currently working has the following farm configuration:
- 1 WFE
- 1 Central Admin + Indexing
- 1 DB
They have both Test and Prod environments configured with the same number of servers.
After a while, the client starts to find out that although User Profile Import service is running successfully nightly and the data is updated correctly from AD, but somehow the WSS Profile Page is not updated with the latest AD data. There is someone whose job title is updated in AD and it hasn't been replicated in WSS Profile Page although this person's My Site page and search results page are already updated with the correct data. This problem happens in both Test and Prod.
After a day worth of investigation I found out that the secure certificate for Office Server Web Services web site needs updating.
Below are some of the warnings in Event Viewer:
==
==
WHAT DOES IT CAUSE?
With MOSS there are two profile "area" that needs to be updated, MOSS Profile and WSS Profile page.
My Sites and search results page are displaying information from MOSS Profile Page but Contact Details web-part and People And Groups -> All People display information from WSS Profile Page.
Because of this issue, the WSS Profile Page is not updated and causing Contact Details web-part to display incorrect (old) information about someone's profile.
HOW DO YOU SOLVE IT?
After reading some blogs about the error, I finally came up with a solution:
1. Use SelfSSL to update Office Server Web Services web site. Run the following command:
selfssl /S:<site ID of Office Web Services - mine is 951338967> /V:999999
2. Perform full User Profile import in SSP
3. Run stsadm -o sync -deleteolddatabases 0 --> This is to remove the failed-to-sync database information (don't worry it's safe. It's not deleting the actual content database or anything like that)
3. Run stsadm -o sync -sweeptiming m:2 -synctiming m:3 --> This is to sync the WSS Profile Page every 2 minutes, we'll change this later to every day or every 12 hours once we've known that we've solved the problem.
4. Wait for 2-3 minutes.
5. Open Event Viewer and you shouldn't see any more of the above warnings.
6. Go to Central Admin -> Operations -> Timer Job Status -> Profile Synchronization and Quick Profile Synchronization, they will run successfully.
7. DONE, run stsadm -o sync -sweeptiming h:12 -synctiming h:12 --> To set the WSS Profile Update every 12 hours.
That's it.
Hope this helps,
Tommy
Microsoft.Office.Server.UserProfiles.UserProfileException: Failed to obtain crawl status. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
Microsoft.Office.Server.UserProfiles.UserProfileException: Failed to obtain crawl status. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.