Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
SharePoint Products TechCenter
Click to Rate and Give Feedback
TechNet
TechNet Library
 Policies for user profiles planning
Plan policies for user profiles (SharePoint Server 2010)

Updated: 2009-11-12

[This article is pre-release documentation and is subject to change in future releases.]

Policies are sets of rules that administrators of the User Profile service assign to users or groups of users. These rules enable administrators to specify both the site content that users can see and how users can interact with that content. To start planning, assess the current visibility of the information about users in the organization. Some information about individual users should remain private. Other information can and should be shared freely with other users to encourage collaboration.

Microsoft SharePoint Server 2010 provides a set of configurable policies to help administrators make the appropriate information available to meet the needs of the organization. Organizations can also create and deploy custom policy features to meet specific needs. You should review collaboration needs across the organization before you develop a plan for implementing the best mix of policies.

Information architecture and site hierarchy play an important role in decisions about which policies to use. You should also consider who is using sites. For example, a large organization that has a central portal site with a large number of viewers but very few contributors might have less need to share information than a departmental site where many people can contribute content. Many of these issues are handled as part of security planning, but privacy policies and security considerations are sufficiently related that it is a good idea to consider them together.

Policies that are less restrictive allow more users to view public profiles more frequently, which affects how often you must update user profiles and compile audiences. In organizations that have many users, frequent updating could affect performance and capacity planning.

User Profile Service administrators should share policy decisions with IT professionals in the organization. Some policy-related issues that could affect IT planning include the following:

  • the source of the user profile information

  • the expected frequency of updating user profile information

  • the expected frequency of compiling audiences

  • the effect on performance and capacity of servers that are running Profile Services.

In this article:

Before reading this article, you should understand the concepts described in Plan user profiles (SharePoint Server 2010).

Default policies

Every personalization feature and property exposed in user profiles and personal sites has a recommended default policy that can be customized based on the needs of the organization. Each policy has two parts: the policy setting and the default visibility setting.

  • Policy setting Some personalization features provide important information for key business processes in an organization, whereas other information might be inappropriate for sharing across an organization. Between these extremes is the information that should be shared among some users but not made available to everyone. In the latter case, you must create policies to address these specific situations. You should work with representatives from the business side of your organization to determine the appropriate features or properties. The policy settings are:

    • Enabled The feature is visible to the administrator of the User Profile service and to users other than the User Profile Service administrator, depending on the default visibility setting.

    • Required This property must contain information and the information is shared based on default access. Forms that contain these features or properties cannot be submitted until the required information is provided. For example, the Manager property is often mandatory so that it can be used to provide information for the Organization feature and audiences based on an organization's reporting hierarchy.

    • Optional The property is created but its values might not be provided automatically. Each user decides whether to provide values for the property or leave the property empty. For example, the My Colleagues feature is optional. Instead of being blank, the full list of colleagues, which includes everyone in a user’s My Team list, is visible by default to users who have access. Users can decide to opt out by removing colleagues from the list, or expand the list by adding colleagues.

    • Disabled The property or feature is visible only to the User Profile Service administrator. It does not appear in personalized sites or Web Parts, and it cannot be shared.

    • User Override Properties that have the User Override option selected enable users to change the default visibility settings for those properties. With this option selected, each user can decide who can see the values they entered for the property. If this option is not selected, only administrators of the User Profile Service can change default access settings.

      Ee656741.note(en-us,office.14).gifNote:
      Properties and features can be replicated to other SharePoint sites if the default access policy is set to Everyone and the User Override option is not selected.

  • Default visibility setting The visibility setting determines who can see information for a specific personalization feature. Available settings include the following:

    • Everyone Every user who has viewer permissions to the site can see the relevant information.

    • My Colleagues Every user in this user's My Colleagues list can see the information for this user.

    • My Team Every colleague in the user's immediate team, a subset of the My Colleagues list, can see the information.

    • My Manager Only the user and the user's immediate manager can see the information.

    • Only Me Only the user and the administrator of the User Profile service can see the information.

Policies for user profile properties

The following questions can help you determine which policies are appropriate for your organization:

  • Which properties should be mandatory?    Some properties — such as account name, preferred name, work telephone number, department, title, and work e-mail address — are mandatory by default and cannot be overridden or changed by users. In most organizations, these properties are key ways to enable collaboration and develop relationships across the organization. SharePoint Server 2010 also uses many of them to enable other features, such as colleagues and audiences. For more information, see Plan audiences.

  • Which properties should be visible to everyone?    By default, most properties are visible to everyone, but sensitive information can be configured to have limited visibility. For example, a company that has many employees in the field might decide that mobile phone information is important for everyone to see. Other organizations might choose to keep all non-work telephone numbers private.

  • Which properties can be changed by users?    Some properties can be made available without requiring that users provide information or allow a certain action to be performed. For example, some users might not want automatic population of colleague lists. Other users might want to change the default visibility setting for a property.

When planning the policy setting for a property, consider the following factors:

ConditionDisable the propertyMake the property optionalMake the property required

The property is used by key user features.

X

The property is associated with key business data for applications in the Microsoft Business Connectivity Services.

X

The property is used when you create audiences.

X

User Profile Service administrators expect consistent and meaningful values for the property.

X

The property will rarely be used.

X

The property will distract from more important properties.

Ee656741.note(en-us,office.14).gifNote:
You can change the display settings for properties to hide them from users viewing public profiles, the Edit Details page, or the My Colleagues Web Part.

X

You decide to provide default values for properties, but still want users to be able to remove the information, or if you want to enable each user to provide the relevant value for the property.

X

When you plan the default visibility settings for an organization’s policies, consider the following factors:

ConditionAction

You want to use the property in search so that users can be found by searches for the property.

Set the default access policy to Everyone.

Ee656741.note(en-us,office.14).gifNote:
Properties that have more restrictive access will not be used by search.

The property is useful across workgroups and other divisions in your organization and does not contain sensitive information.

Make the property visible to everyone.

The property is mostly useful for collaboration inside an immediate workgroup or with a specific group of individually selected colleagues.

Make the property visible only to colleagues.

The property is of a private or sensitive nature.

Make the property visible only to the immediate manager, or in some cases, only the individual user.

Ee656741.Important(en-us,office.14).gifImportant:
What is considered private information can vary from organization to organization.

See Also

© 2009 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker