Replicating directory changes permission is a requirement to configure User Profile Service Application(UPS) in SharePoint 2010 and for SharePoint 2013. We've to grant replicate directory changes permission on a domain to our service account which crawls and syncs AD contracts to SharePoint.
Here is the step by step instructions to provide "Replicating directory changes" permission to your managed account.
![]()
Here is the step by step instructions to provide "Replicating directory changes" permission to your managed account.
- Log in to your domain controller, Open "Active Directory Users and Computers", right-click on your domain and select Delegate Control.
![sharepoint user profile service replicating directory changes]( "sharepoint user profile service replicating directory changes")
- Click on "Next"
![sharepoint 2010 user profile synchronization replicating directory changes]( "sharepoint 2010 user profile synchronization replicating directory changes")
- Click on "Add" to add the managed
account
![sharepoint 2010 user profile service replicating directory changes]( "sharepoint 2010 user profile service replicating directory changes")
- Enter your Service Account and click on "OK"
![sharepoint replicating directory changes]( "sharepoint replicating directory changes")
- Click on "Next"
![sharepoint replicating directory changes]( "sharepoint replicating directory changes")
- Select "Create a Custom Task to Delegate", Click Next
![sharepoint replicate directory changes permission]( "sharepoint replicate directory changes permission")
- Click "This folder, existing objects in this folder, and creation of new objects in this folder" and Click "Next"
![sharepoint 2010 replicate directory changes permission]( "sharepoint 2010 replicate directory changes permission")
- Select "General" and choose "Replicating Directory Changes" Permission. Click
Next
![]()
- Click Finish
![sharepoint 2010 user profile sync replicate directory changes]( "sharepoint 2010 user profile sync replicate directory changes")
