Exclude expired accounts in user profile synchronization

Similar Messages

• User profile synchronization service wont start after SharePoint Service pack SP2

  Hi
  -Using SharePoint 2010 with 1 appserver and 2 frontend webservers on Service Pack2. (ms server 2008r2, SQLServer2008r2).
  -Farmaccount has been set to local admin on all sp servers.
  -Firstly, the User Profile Service Application runs fine and is started. Dont mix it with the User profile synchronization Service.
  Prior to installing SP2 User profile service application and user profile synchronization service were running fine.
  The first thing I did after the installation of SP2 was running the:
  -psconfig -cmd upgrade -inplace b2b -wait
  As SharePoint setup user (spadmin).
  This ran fine on the 2 front end web servers.
  However i got one fault on the Appserver:
  I have also tried:
  PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures
  which led to same resulting error.
  So I tried to start the Use profile synchronization service as suggested manually by logging on with the Farmaccount, starting the user profile synchronization service through Central Administration. This led to Stuck on Starting status. 
  The windows services Forefront had status starting, then stopped.
  One question:
  Prior to starting the User profile synchronization service through Central Administration. What account and startup status should the 2 Forefront Windows Services have? (Automatic and local system?) or (Automatic and Farmaccount?) or (Disabled and Local
  system?) or (Disabled and farmaccount?). Because i know that SharePoint UPA will provision these services though Central Administration. However what is the default state prior to starting the Synchronization service?
  So i continue...
  Since it was stuck on starting i stopped it with:
  stop-SPServiceInstance -identity <upaSyncguid>
  which gave me:
  Stop-SPServiceInstance : An object of the type Microsoft.SharePoint.Administrat
  ion.SPServiceInstanceJobDefinition named "job-service-instance-36bdf2ef-58f2-45
  e5-8f78-ab75f646611a" already exists under the parent Microsoft.SharePoint.Admi
  nistration.SPTimerService named "SPTimerV4". Rename your object or delete the
  and i could fix with:
  #Stop the stopping:
  stsadm -o provisionservice -action stop -servicetype "Microsoft.Office.Server.Administration.ProfileSynchronizationService, Microsoft.Office.Server.UserProfiles,
  Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" -servicename FIMSynchronizationService
  I also removed the forefront certificate from personal - certificate store, as this is provisioned when user profile synchronization service is provisioned.
  That set the Central Administration Status on the User profile synchronization Service to disabled. Fine.
  Everytime i tried to start the user profile synchronization service (logged on as farmaccount), left it for 10-15 min and did iisreset and restart sharepoint timer service, and also tried rebooting the appserver. No change.
  A thought, is it important to restart timer service and do iisreset on the two frontend servers after trying to start the user profile synchronization service on the appserver?
  I'm getting to the point were i just want to delete the whole service application and set it up anew...
  any tips will be greatly appreaciated.
  brgs
  Bjorn

  You're very welcome, hope it helped, if not the I suggest you clear the configuration cache as follows.
  The config cache is where config settings are stored locally on the Microsoft SharePoint server, so a SQL call isn’t required.
  To clear the cache:
  Stop the SP Timer service. To do this, follow these steps:
  Click Start, point to Administrative Tools, and then click
  Services.
  Right-click SharePoint 2010 Timer, and then click Stop.
  Close the Services console.
  On the computer that is running Microsoft SharePoint Server 2010 and on which the Central Administration site is hosted, click
  Start, click Run, type explorer, and then press ENTER.
  In Windows Explorer, locate and then double-click the following folder:
  %SystemDrive%\ProgramData\Microsoft\SharePoint\Config\GUID
  Notes
  The %SystemDrive% system variable specifies the letter of the drive on which Windows is installed. By default, Windows is installed on drive C.
  The GUID placeholder specifies the GUID folder. There may be more than one of these.
  The ProgramData folder may be hidden. To view the hidden folder, follow these steps:
  On the Tools menu, click Folder Options.
  Click the View tab.
  In the Advanced settings list, click Show hidden files and folders under
  Hidden files and folders, and then click OK.
  You can also simply type this directly in the path if you do not want to show hidden files and folders.
  Back up the Cache.ini file. (Make a copy of it. DO NOT DELETE THIS FILE, Only the XML files in the next step)
  Delete all the XML configuration files in the GUID folder (DO NOTE DELETE THE FOLDER). Do this so that you can verify that the GUID folders content is replaced by new XML configuration files when the cache is rebuilt.
  Note When you empty the configuration cache in the GUID folder, make sure that you
  do NOT delete the GUID folder and the Cache.ini file that is located in the GUID folder.
  Double-click the Cache.ini file.
  On the Edit menu, click Select All.
  On the Edit menu, click Delete.
  Type 1, and then click Save on the
  File menu. (Basically when you are done, the only text in the config.ini file should be the number 1)
  On the File menu, click Exit.
  Start the Timer service. To do this, follow these steps:
  Click Start, point to Administrative Tools, and then click
  Services.
  Right-click SharePoint 2010 Timer, and then click Start.
  Close the Services console.
  Note The file system cache is re-created after you perform this procedure. Make sure that you perform this procedure on all servers in the server farm.
  Make sure that the Cache.ini file in the GUID folder now contains its previous value. For example, make sure that the value of the Cache.ini file is not 1.
  Check in the GUID folder to make sure that the xml files are repopulating. This may take a bit of time.
  BRGS
  Mishagri

• SharePoint 2013 User Profile Synchronization service problem

  After one week trying (three clean installs of SharePoint 2013), I haven't succeed to start "User Profile Synchronization service".
  Environment:
  Domain environment with two Windows Server 2012 R2 domain controllers. 
  Fully qualified domain name matches NetBIOS name (domain.com - DOMAIN)
  Two tiers: SQL Server 2014 enterprise on Windows Server 2012 R2, and SharePoint 2013 SP1 on Windows Server 2012 R2.
  I'm using named SQL instance for SharePoint (<SQLSRV>\<SHAREPOINT>), and SQL alias on SharePoint app server.
  All SharePoint prerequisites are installed successfully.
  SharePoint 2013 is installed successfully.
  Hotfix 2760265 is installed (before configuring SharePoint)
  SharePoint is configured successfully
  Preparing MySites host:
  MySites web application is created with separate AppPool, and with address https://my.domain.com.
  Certificate used is wild-card cert (*.domain.com), issued by trusted local PKI
  Managed path "personal" is created
  Site collection of type "My Sites Host" is created at root path
  "Self-Service Site Creation" is enabled for https://my.domain.com web application
  Farm account permissions:
  Local admin at SharePoint application server
  "Log on locally" at SharePoint application server
  "Replicate Directory Changes" at domain level
  I've even tried with adding farm account into domain admins group :)
  After trying to to start user profile synchronization service, service is in "starting" state about 5-10 min, and then returns to "stopped" state. 
  ULS log shows the following exceptions:
  ILM Configuration: Error 'ERR_CONFIG_DB'
  UserProfileApplication.SynchronizeMIIS: Failed to configure MIIS post database, will attempt during next return. Exception: System.Configuration.ConfigurationErrorsException: ERR_CONFIG_DB
  UserProfileApplication.SynchronizeMIIS: Failed to configure MIIS post database, will attempt during next return. Exception: System.NullReferenceException: Object reference not set to an instance of an object
  Event viewer log:
  Event ID 6398, The Execute method of job definition Microsoft.Office.Server.UserProfiles.LMTRepopulationJob (ID <guid>) threw an exception. Unexpected exception in FeedCacheService.BulkLMTUpdate: Region not found..
  some perfnet event id 2004 errors
  Troubleshooting:
  I've tried with clearing configuration cache
  Assigning farm account to domain admins group
  Installing form scratch three times, and thousand times from different checkpoints...
  I've saw 'ERR_CONFIG_DB' like million times, but never "Started" next to "User Profile Synchronization service". Does anyone has actually succeeded to start this service? :)
  I would really appreciate any help. Thanks!
  P.S. I can't stop asking myself is it was really necessary to develop such complex, problematic, and log-tells-nothing software just for getting user info from AD? Honestly, after more then decade experience as software developer and software architect -
  I must say I doubt...
  Fat Dragon

  The full packages are available:
  http://blogs.technet.com/b/stefan_gossner/archive/2014/05/08/april-2014-cu-for-sharepoint-2013-has-finally-been-released.aspx
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Anyone tried using LDIF file in the User Profile Synchronization Process?

  Microsoft pushied an article recently talking about using LDIF file in the SharePoint's user profile synchronization. 
  Configure profile synchronization using a Lightweight Directory Interchange Format (LDIF) file (SharePoint Server 2010) http://technet.microsoft.com/en-us/library/ff959234.aspx
  Currently I am unable to obtain the required "Replicate Directory Change" permission set up by the AD admin.  So I thought of exploring this alternative since I still have AD search permission right now.
  So far, I was able to set up the MOSSLDAP-LDIFMA, and use an import.ldif file to add, remove and update user profiles.  However, there are some problems that I can't resolve.  One of key problems is, the LDIF-imported records can't be
  sync'd with login-based records.
  In my environment, when a user login SharePoint via Windows authentication, a new profile would be added, under the account name "domain\username".  Meanwhile, when an LDIF record imported, there will be another profile created under the account
  name "domain:domain\username", or "domain:username".  That is, there would be two profiles for each user.
  Based on my understanding, it is very likely the user profile synchronization is based on the user's account name.  But in document and sample files provided, I can't find out any clue how to prepare the ldif file so that it will update the
  matching records, instead of creating new ones.
  Any help?  Thanks in advance.

  Has anyone managed to get this to work?
  It's nice that Microsoft offers the ability to import user profiles via LDIF into SharePoint, but it is useless if the account name is not correct after the import. I have tried multiple imports from the LDIF to get a user account to show up as  "domain\username" but
  it always ends up as "domain:domain\username", or "domain:username".  or a variation
  of these 2 with a colon separating the domain form the username. i see that multiple people have had the same problem, but unfortunetaly can't seem to find a solution. Also I see Bradley mentions that he was able to import accounts using get-QADUser,
  but he doesnt mention what the accounts import as or if it resolved the domain colon issue.
  Thanks in advance for any help or information anyone can provide.
  cheers,
  Zed

• Temp-Contract Worker User Profile Synchronization in SharePoint 2013

  Hi All,
  I was wondering if anyone could provide some feedback on what is the best practice for configuring Temp or Contract worker user profile services in SharePoint 2013. We have had lot of issues within MySites when we make these types of workers AD account inactive
  and then active again when they come back on projects. The user profile synchronization does not work correctly and MySites has issues loading the profile etc. Also in the same context are there best practices for Name/Title/Department changes as well. 
  thank you for your feedback!
  AJ
  Ajay Mandal

  Given what you describe I assume you've created a user profile Sync connection filter to remove disabled AD accounts from the user profile sync.  That's why you are running into problems.  When a user is missing from the import their profile is
  deleted within an hour or so, but their MySite isn't deleted for 14 days (to allow time for a manager to clean it off).  If the user is reactivated within the 14 day period their old mySite is still there, but is no longer referenced by the new profile
  that is created.  So When the user goes to their profile it tries to create a new mySite where one already exists.  It can't do that.
  The same thing will happen if you delete the contractor's user account, but then recreate them in AD when they return.  The only way to fix it is to make sure both the profile and mySite site collection in /Personal/ have been deleted before re-adding
  an old contractor.
  Paul Stork SharePoint Server MVP
  Principal Architect: Blue Chip Consulting Group
  Blog: http://dontpapanic.com/blog
  Twitter: Follow @pstork
  Please remember to mark your question as "answered" if this solves your problem.

• How to start user profile synchronization services

  Hi i am not able to start "user profile synchronization service"
  When i click on Start user profile, it will show starting, after few minutes again it will stop.
  How to resolve this

  Check permission of service account used for the user profile/sync service application.
  Ref link: http://social.msdn.microsoft.com/Forums/en-US/9062721a-4066-42f9-bd90-8c2376abad5e/user-profile-synchronization-service-got-stuck-in-starting-mode-and-stops-after-a-few-minutes?forum=sharepointadminprevious
  Thanks, Pratik Shah

• FIM EVENT ID 3 when starting User Profile Synchronization service

  I am having issues getting the USP Sync Service to start correctly in our 2013 Farm.  
  We are using a named instance for this install and from what I have read, it looks like that is the issue.
  In the ULS I find this error "ERROR  ILMPostSetupConfiguration: ILM Configuration: Validating installation of SQL Service FAILED ."
  The event log shows this error: 
  .Net SqlClient Data Provider: System.Data.SqlClient.SqlException: HostId is not registered
     at Microsoft.ResourceManagement.Utilities.ExceptionManager.ThrowException(Exception exception)
     at Microsoft.ResourceManagement.Data.Exception.DataAccessExceptionManager.ThrowException(SqlException innerException)
     at Microsoft.ResourceManagement.Data.DataAccess.RetrieveWorkflowDataForHostActivator(Int16 hostId, Int16 pingIntervalSecs, Int32 activeHostedWorkflowDefinitionsSequenceNumber, Int16 workflowControlMessagesMaxPerMinute, Int16 requestRecoveryMaxPerMinute,
  Int16 requestCleanupMaxPerMinute, Boolean runRequestRecoveryScan, Boolean& doPolicyApplicationDispatch, ReadOnlyCollection`1& activeHostedWorkflowDefinitions, ReadOnlyCollection`1& workflowControlMessages, List`1& requestsToRedispatch)
     at Microsoft.ResourceManagement.Workflow.Hosting.HostActivator.RetrieveWorkflowDataForHostActivator()
     at Microsoft.ResourceManagement.Workflow.Hosting.HostActivator.ActivateHosts(Object source, ElapsedEventArgs e)
  The server was set up with a sql alias and we also added an alias for the server itself.   Based on the below links, I did verify that the SQLInstance is empty in the registry.  
  I am at a loss on what to try next to get this working.  As a side note, I just noticed the dev farm we have (which I didn't set up) does not have the UPS configured.  I have seen references that state the only FIM  2010 SP1 works with SharePoint
  2013 and am currently investigating updating the version on our server to SP1.
  all help is appreciated!  
  Thanks,
  Natalie
  References:
  https://translate.google.com/translate?sl=es&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fmsmvps.com%2Fblogs%2Fhaarongonzalez%2Farchive%2F2013%2F03%2F07%2Funa-raz-243-n-mas-por-la-cual-no-inicializa-la-aplicaci-243-n-de-servicio-de-perfiles-de-usuario-de-sharepoint-2010.aspx&edit-text=
  http://sharepoint.licomputersource.com/2010/07/23/installing-and-configuring-user-profile-synchronization-service-in-sharepoint-2010-2/
  NLewis

  Have you tried restarting the server hosting the FIM instance?
  http://blogs.msdn.com/b/akhawaja/archive/2010/03/24/forefront-identity-manager-hostid-is-not-registered.aspx
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• User Profiles Synchronization Error Event id 5553 - Every hour

  I am getting these 2 events logged in the event viewer when the user profile synch is attempted: 
  First event:
  Second Event: (although we don't always get this error with the one above)
  failure trying to synch site 6c02f82c-2029-4ca0-990b-d14786b95d88 for ContentDB 8185106e-233e-4302-bbc5-d0fb2252c64a WebApp 2b659ceb-e7b4-46d4-b2a1-1a9679a357c3. Exception message was Cannot insert duplicate key row in object 'dbo.UserMemberships' with
  unique index 'CX_UserMemberships_RecordId_MemberGroupId_SID'.
  The statement has been terminated..
  Does anyone know why this is happening and how it can be fixed?
  failure trying to synch site a12d2e6b-8227-45cd-b232-594f70d1abd1 for ContentDB 1fa8ce0f-f219-4f43-af9f-c5dc57257f4d WebApp 54c24445-8543-493c-857b-5a57df27c722. Exception message was Procedure or function profilesynch_MS_DeleteWeb has too many arguments
  specified.
  The 'profilesynch_MS_UpdateWeb' procedure attempted to return a status of NULL, which is not allowed. A status of 0 will be returned instead..

  When I run the stsadm -o sync -deleteolddatabases 5  <- no matter whst number is here I get:
   "A failure occurred during the processing of this command. Check diagnostic logs  for more information."
  There is nothing in the ULS logs
  Same problem here.
  Hoping this will fix a slightly different issue though. My issue is the profile doesn't update with changes in Active Directory and therefore there isn't anything new for the content databases
  to sync with.
  If I delete my personal profile in the UPS Service -> Manage User Profiles and then click on MySite -> MyProfile it recreates my profile with the new Active Directory values
  (without having to do a UPS Sync) and I don't know why these values exist but of cause in doing this I lose all the non AD imported values.
  I've been working on this for nearly a week now. I've learnt a lot about the UPS but still no solution. Great article on how the Sync works by the way if anyone is interested can be found here
  http://blogs.msdn.com/b/spsocial/archive/2010/05/04/conceptual-view-of-how-user-profile-synchronization-works-in-sharepoint-2010.aspx
  I have been recommended to perform stsadm -o sync -deleteolddatabases in the following post but I am unable to do so.
  http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/bc3cd2ff-dc12-4223-a80b-e4cae616e861

• User Profile Synchronization not displaying Title field correctly

  Hello,
  I've an issue with User Profile Synchronization (SP 2010). The Title field is displaying correctly for most of the users but still there are few user for them the Title field is blank. However in "User Information List" it displays the Title field
  properly for those users. But in Central Administration when I check the User Profiles it's blank.I have already run Full Profile Synchronization few times in Central Administrations. Every time it's shows as successful but still no luck, still the Title field
  is blank for some profiles.
  Can anybody help on this? Thanks in advance.

  Hi ,
  Firstly , I need to verify the followings:
  Whether the title field of user information list is changed if you type a value in user profile page and perform full sync.
  Whether you have upgraded to SharePoint 2010.
  If you have upgraded to SharePoint 2010, you need to make sure the user information list is mapped or connected to AD directly. More information, please refer to the post below:
  http://social.msdn.microsoft.com/Forums/sharepoint/en-US/926abf50-83a0-4e9c-a4cb-4848fcf4f88d/sharepoint-2010-userprofile-title-field-empty?forum=sharepointgeneralprevious
  If this issue still exists, please create a new User Profile Services Application, and compare the result.
  Here are some similar posts for you to take a look at:
  http://social.technet.microsoft.com/Forums/en-US/0b9b5747-80b2-4a2e-8e8e-c918bc9d6cbd/user-profile-synchronization-not-working-correctly?forum=sharepointadmin
  http://blog-sharepoint.blogspot.in/2010/08/user-information-list-not-synchronised.html
  I hope this helps.
  Thanks,
  Wendy
  Wendy Li
  TechNet Community Support

• User Profile Synchronization for FBA Users in SharePoint 2010: Any successes?

  Ok, so I've got my user profiles importing using forms authentication and my configured authentication provider (ActiveDirectoryMembershipProvider) and profiles are importing (account name is domain\username).
  However when the user logs in they don't receive this profile. Instead a second one is created in the format i:0#.f|provider|username and is not synced to their AD account (our business requirements require that we use FBA for authentication against Active
  Directory).
  Has anyone tried or had any success in syncing FBA profiles?

  I opened a support case on this issue and talked with Microsoft support (for 5 days).
  What they told me is that you can NOT have both Windows accounts and FBA LDAP accounts both synchronize with the same Active Directory. The reason they say is that the account GUIDs are the same and the UPS will see that as a duplicate so it does not add
  the LDAP account after the same Windows account has been synchronized into the profile database.
  They tell me I have to write a script to synchronize the FBA LDAP accounts. I told them this is a product defect and I shouldn't have to write a script to do what the Profile Service is suppose to do out of the box. Microsoft needs to provide a hotfix for
  this defect.
  Andy Fitch

• The User profile synchronization Full , runs for 1 second successfully

  Hi!
  On our sharepoint 2013 farm we can run the user profile incremental synchronzation timer job without issues, it runs for about 2-3 min.
  However when trying to run a Full import, we observe that the full user profile synchhronization job only runs for a second and is finished. There must be something wrong..
  The user profile service and synchronzation service are up and running. The connections to Active directory are present and working (incremental synchronization works).
  Have anyone experienced this?
  brgs 
  Bjorn

  Hello Bjorn,
  You should not run Full incremental until anything on UPA is broken. It should be only ran in case of disaster and recovery.
  Thank You, Pallav S. Srivastav ----- If this helped you resolve your issue, please mark it Answered.

• Restore "account unknown" user profile Windows7

  After accidentally remove user and  computer from domain controller (Windows Server 2003), i was create new user with same old name on DC and rejoin my client PC (Windows7) to domain.
  As result i have brand new profile, my old profile i see as: "account unknown"
  How can i restore my old user profile ?

  On Tue, 18 Feb 2014 18:58:11 +0000, SaeedShweiki wrote:
  Inadvertently i have been deleted an "unknown user" in Windows XP
  This forum is for Windows Server security related issues and not for
  Windows XP issues.
  Please repost to one of the forums here:
  http://answers.microsoft.com
  Paul Adare - FIM CM MVP
  "Bother," said Pooh, "Eeyore, ready two photon torpedoes and lock
  phasers on the Heffalump, Piglet, meet me in transporter room three."
  -- Robert Billing

• How to see and add usernames from other forest in User Profile Synchronization

  Hello Community
      Using Sharepoint 2010 Server there are 2 forests each containing their
  domain users, lets call them  Forest1/Domain1 and Forest2/Domain2 and their
  is a one-way trust relationship between the two forests.
      The users are in Forest2/Domain2 but Sharepoint is on Forest1/Domain1. The
  only way I have been able to add the users from Forest2\Domain2 to the Forest1\Domain1
  has been to create a domain local group and an OU in Forest1\Domain1 and then put the
  domain local group into the OU so that I can perform a UPS Synchronization on those
  users (I also create a group on the Sharepoint 2010 Server add the users there too).
      The problem is that when I run the UPS Synchronization I can select the
  checkbox for the domain local group but the individual usernames are not displayed in the
  Synchronization process of populate container. 
      The only names that get Synchronized are the Sharepoint Service Accounts and
  the usernames that were created in Forest1\Domain1 AD.
      Consequently when users in Forest2\Domain2 logon they can access the intranet web appl
  in Forest1\Domain1 by entering the url in the address box, but they cannot create a
  My Site when the click their username because they get an error stating:
      "This page can't be displayed".
      But username created in Forest1\Domain1 can access the intranet web appl and
  can create a My Site.
      I noticed that the difference is when users from Forest2\Domain2 get the error message
  in the address box I see the My site url but it is missing "default.aspx" page which is
  the page that contains My Content and My Profile and is the page that can't be displayed.
      But the users from Forest1\Domain1 have the My Site url in the address box with
  "default.aspx" appended and therefore can create their My Site.
      The other problem is that when I go to the My Site url page and I go to People
  and groups, I can add the OU that was Synchronized but I guess since I didn't see the
  individual usernames I can't add the users from Forest2\Domain2 from the people picker
  because the people picker error says:
     "no match found".
      But the people picker finds the users created in Forest1\Domain1.
      How do I make usernames visible when Synchronizing those usernames in the UPS Synchronization
  process and be able to find them in people picker?
      Thank you
      Shabeaut

  stsadm -o setapppassword -password<password
  stsadm -o setproperty -url <url> -pn “peoplepicker-searchadforests” -pv “forest:<source forest>;domain:<trusted domain>,<trusted domain>\<account>,<password>“

• User profiles with multiple login accounts in SharePoint 2010

  Hello,
  Consider the following scenario:
  We have Active Directory that is accessible inside our network. Except the sites, accessible from the corporate network, we are exposing SharePoint sites from the same farm on the internet, using claims based authentication with ADFS 2.0 using the same
  AD instance as in the intranet.
  The problems is that the claims based accounts are not linked to the profiles, that are created for the users by the User Profiles Synchronisation service.
  Is there a way to configure the user profiles so if our users are signing in from internet, to access the same profiles that they have, when accessing the SharePoint sites from intranet?
  (I've searched a lot, I didn't find excat solution. I've found something related to SPCLaims properties and had confugred them to sync with the AD using the "claims" trusted connection, but the problem remains.)
  This is simmilar to allow our users to login using their Facebook, Google, OpenID identity or the identity in our AD. How can this be done?

  SharePoint user profiles are not populated automatically when using claims-based authentication methods. You must create and populate these profiles yourself, typically in code. Users that map to existing accounts when you migrate to claims-based authentication
  will use any existing profile information, but other users and new users will not have profile information. For information about how you can populate user profiles when using claims-based authentication, see "Trusted Identity Providers & User Profile
  Synchronization" at
  http://blogs.msdn.com/b/brporter/archive/2010/07/19/trusted-identity-providers-amp-user-profile-synchronization.aspx.
  The same limitation occurs when using SharePoint Audiences. You cannot use user-based audiences directly unless you create custom code to support this, but you can use property-based audiences that make use of claims values. For information, see "Using Audiences
  with Claims Auth Sites in SharePoint 2010" at
  http://blogs.technet.com/b/speschka/archive/2010/06/12/using-audiences-with-claims-auth-sites-in-sharepoint-2010.aspx.
  From: http://msdn.microsoft.com/en-us/library/hh446523.aspx

• User Profile Service - User Profile Incremental Synchronization Timer job stuck at 33% Status: Pausing

  User Profile Service - User Profile Incremental Synchronization Progress: 33% Status: Pausing
  It has been almost 15 days.
  Both User Profile Service and User Profile Synchronization Service are in Started state and FIM service also starting 
  I tried clearing sharePoint config cache.
  I also restarted the sharepoint timer service.
  I tried almost everything that is on Internet but nothing helped me.
  Is there any other way to solve the issue as I was struck on production server (ASAP) 
  In synchronization serivce manager status of MOSS_DeltaImport is Inprogress from past 2 days  
  Best Regards.

  Hi,
  Please follow the steps in the link below to clear the configuration cache.
  http://blogs.msdn.com/b/jamesway/archive/2011/05/23/sharepoint-2010-clearing-the-configuration-cache.aspx
  Here is a similar thread for your reference:
  https://social.technet.microsoft.com/Forums/en-US/beaa852c-6f40-428a-b97c-20722864e045/user-profile-service-user-profile-incremental-synchronization-timer-job-stuck-at-88-status?forum=sharepointadminprevious
  Or try to clear the file system cache on all servers in the server farm on which the Windows SharePoint Services Timer service is running. Microsoft has provided a step by step procedure on clearing file system cache from the SharePoint front-end servers
  in this kb article.
  You can also see the ULS logs and check error messages.
  http://sharepointlogviewer.codeplex.com/
  Best Regards
  Dennis Guo
  TechNet Community Support