Recently I was working on a farm and finally got around to being able to enable the User Profile Sync to Active Directory.  Everything worked beautifully, but there was a problem in SharePoint with orphaned users in the UIL.  There are two reasons why obsolete users or groups can exist in the SharePoint Server 2010 user profile store:

  • Obsolete users: The My Site cleanup timer job is not active. The User Profile Synchronization timer job marks for deletion users who have been deleted from the directory source. When the My Site cleanup job runs, it looks for all users marked for deletion and deletes their profiles. Respective My Sites are then assigned to the manager for the deleted user and an e-mail message notifies the manager of this deletion.
  • Obsolete users and groups: Users and groups that were not imported by Profile Synchronization exist in the user profile store. This can occur, for example, if you upgraded from an earlier version of SharePoint Server and chose to only synchronize a subset of domains with SharePoint Server 2010.

Since this was upgraded from a 2007 farm and there was a period of time when the Farm was not syncing with AD, we had a period of time when several colleagues were removed from AD who had been using the new upgrade farm; However, they still had entries in the UIL, and once the UPA was set up to sync with AD, SharePoint orphaned these UIL entries.  The solution for this is a pretty simple PowerShell script.

1. Open SharePoint PowerShell window.

2. Enter the following in order to get the User Profile Service guid.

Get-spserviceapplication

3. Now using the UPS ID, type the following

$upa = Get-spserviceapplication <identity>

4. To see your Orphaned Accounts, use the following:

Set-SPProfileServiceApplication $upa -GetNonImportedObjects $true

5. Assuming everything looks as it should and you want to get rid of these Orphaned Accounts, use the following command (which is the point of no return as there is no recycle bin for these orphaned users).

Set-SPProfileServiceApplication $upa -PurgeNonImportedObjects $true

And now your orphaned accounts in the User Information List is all cleaned up!