Scenario
Consider the following:
- your organization maintain custom active directory attributes – e.g. Campus Name, Employee Id, Hiring Category etc.
- your organization use Microsoft 365 for collaboration
- users want to search for custom properties like “Employee id” or refine search by custom properties like Campus Name
What is Microsoft saying
“The following Azure AD user attributes are synced to the UPA.” :
(Azure AD attributes) – UserPrincipalName, DisplayName, GivenName, sn, telephoneNumber, proxyAddresses, PhysicalDeliveryOfficeName, Title, Department, WWWHomePage, PreferredLanguage, msExchHideFromAddressList, Manager
Respective User profile property display names: Account Name, User Name, User Principal Name, Name, FirstName, LastName, Work phone, Work Email, SIP Address, Office, Title, Job Title, Department, Public site redirect, Language Preferences, SPS-HideFromAddressLists, Manager (here)
Q: “Why isn’t it possible to map additional properties for UPA synchronization to sync from Azure AD to the User Profile Application?”
A: “UPA synchronization is limited to a preconfigured set of properties to guarantee consistent performance across the service.” (here)
“You can make the following attributes from Azure Active Directory (Azure AD) visible on users’ profile cards. These attributes are not case-sensitive: UserPrincipalName, Fax, StreetAddress, PostalCode, StateOrProvince, Alias” (here)
“You can add any of the 15 Azure AD custom extension attributes to users’ profile cards… Custom properties are not searchable and can’t be used to search for people across Microsoft apps and services.” (here)
Solution
It takes a few steps to solve the problem:
- create a custom property under SharePoint Online User Profiles service
- synchronize AD/AAD attribute with SPO User Profile custom property
- configure Search Schema – map crawled property to managed property
Detailed:
Create a custom property under SharePoint Online User Profiles service
- Ensure you have a SharePoint Administrator role activated
- Navigate to SharePoint Admin Center – more features – User Profiles – Manage user properties – New Property
- Configure custom property according to your needs,
– ensure “Policy Settings” “Default Privacy Setting:” Everyone is selected
– ensure “Search Settings” “Indexed” is selected
Hint: you can fill this property for some user profiles – for search to pick it up and crawl the property – so you could configure search schema mapping before synchronizing property from Active Directory
Synchronize Active Directory attribute to SharePoint Online User Profile
That would be a custom solution – e.g. scheduled PowerShell script. You can host this script in Azure Functions if you sync Azure AD attributes to SPO or use on-prem machine if you need access to local AD.
PowerShell Script example (TBP)
Configure Search Schema – map crawled property to managed property
- Ensure you have a SharePoint Administrator role activated
- Navigate to SharePoint Admin Center – More features – Search – Manage Search Schema
- Select Crawled Properties and ensure search picked up your custom property and crawled it – you should see your property name under Category: People.
Full-text search and/or query-based search
If you want your custom property is generally available in full-text-search – i.e.
user simply enter value in a search bar and gets results – typical scenario might be an employee id – here are the steps (under Search Schema)
- create a new managed property
- for Full-text search
- select Searchable
- under Advanced searchable settings – select Full-text index: PeopleIdx
- for Query-based search – select Queryable and Retrievable
- map this managed property to crawled property
Free-text search: you just enter what you search for into search bar and click search.
Query-based search allows you to use KQL – e.g. you are searching for keyword “PowerShell” with full-text search, but want only people with PowerShell skills located in a specific building or campus –
search query might look like “PowerShell campus:Stanford”
Refine search with custom property
If you want to be able to refine your search with custom property – in this case the steps are (under Search Schema):
- under Managed Properties – select a refinable string property that is not taken (not mapped) – e.g. RefinableSting53
- setup alias – so you could refer to this RefinableSting53 by meaningful name
- map this RefinableSting to crawled property
Related articles:
- Microsoft 365 People Search by Nickname and Full Name
- Microsoft 365 Search: built-in people search by nickname
- How to hide some user accounts from Microsoft 365 Search
- Add or delete custom attributes on a profile card using the profile card API
- Synchronization of User Profiles in SharePoint Online
- KQL Syntax reference
Pingback: How to remove service accounts from people search in SharePoint or Office 365 (Classic search) ⋆ SharePoint Vlad
Pingback: Hide User Accounts from Microsoft 365 People Search ⋆ SharePoint Vlad
Pingback: Microsoft 365 People Search by Nickname and Full Name ⋆ m365 SharePoint Engineer