Running into an issue trying to get our 2010 profile, sync and social dbs converted over to a SP13 UPS. I've gotten UPS setup using PS as outlined in the main MS article. ie.
$upa = New-SPProfileServiceApplication -Name 'User Profile Service Application' -ApplicationPool $applicationPool -ProfileDBName 'User Profile Service Application_ProfileDB' -SocialDBName 'User Profile Service Application_SocialDB' -ProfileSyncDBName 'User Profile Service Application_SyncDB'
Then created the proxy:
New-SPProfileServiceApplicationProxy -Name ProxyName -ServiceApplication $upa -DefaultProxyGroup
I have also exported the encryption key from 2010 and successfully imported it to 2013, and even ran the check to verify, and it says it was successful. The database names are the same in our 2010 and 2013 environment.
The problem is when I go to start the User Profile Sync Service, and start it, it kicks off and then stops again. (Yes, the account is a local admin).
This is the error I am seeing in the logs:
- ILM Configuration: The miissku.exe process exited with error code -2146893813. Error: .
- ILM Configuration: The ValidateMiisEncryptionKey process returned False.
- Synchronization database is already initialized. Importing the encryption key for the database into the registry
- UserProfileApplication.SynchronizeMIIS: Failed to configure MIIS pre database, will attempt during next rerun. Exception: System.NullReferenceException: Object reference not set to an instance of an object. at Microsoft.Office.Server.Administration.UserProfileApplication.RestoreMiisEncryptionKey(ILMPostSetupConfiguration psc) at Microsoft.Office.Server.Administration.UserProfileApplication.SetupSynchronizationService(ProfileSynchronizationServiceInstance profileSyncInstance).
The heart of the issue from what I am able to gather is that we are using new accounts (trying to use best practices) on our 2013 environment. These accounts are different than 2010 (and what was used to export the 2010 key). Based on what I have read on a one post here: User Profile Service Application upgrade issues it really is somehow tied to the fact that the accounts are different, so the key is not properly decrypting (?).
I've tried everything I can think of to "temporarily" change our farm account in our 2013 over to the old account using "updatefarmcredentials" and also changing entries where the "new" farm account is being used manually through"Services", "IIS", and "Configure Service Accounts" in Central Admin. However, when I go to try to start the User Profile Sync Service it still shows the new account. I thought that would allow me to at least test this theory.
It would really frustrate me if I had to use the 2010 farm account for the 2013 environment just because of the UPS.
Any ideas on how I can update the account for starting the User Profile Sync Service to our old account without rebuilding our 2013 environment from scratch?
Or have any ideas on how to get the sync service started in general?