In the continuing saga of the User Profile Service (UPS) kicking my butt, I have a heartwarming tale of one victory I can claim. It involves Event ID 6801 "Invalid URI: A port was expected because of there is a colon (':') present but the port could not be parsed." and me besting the User Profile Service. Don't believe me? Well, here's my tale…
It was the best of times; it was the worst of times. I was getting a handle on the UPS, but it threw another error at me. A customer contacted us. The UPS refused to sync on their farm. It had never worked. I looked in the Application log and saw a string of Event ID 6801s and 6803s. The 6801s included the text "Invalid URI: A port was expected because of there is a colon (':') present but the port could not be parsed." The 6803s were just saying that portion of the sync failed. A normal profile sync has 10 steps. Some pull from AD, some from SharePoint, some push, and so on. The initial AD import step, DS_DELTAIMPORT was working. The rest were failing.
Unlike a lot of error messages, this one was helpful. I wasn't sure where this broken URI was, or why it didn't have a port, but it was something. After going through the Windows logs and the trace logs, my next step was the fire up the miisclient.exe in the C:\Program Files\Microsoft Office Servers\14.0\Synchronization Service\UIShell directory. This let me watch each step as it happened. I could see the failures going through. After doing some research on the error, and comparing a working system to the broken system, I figured out the difference. Central Admin on the working system was on a nonstandard port, 1026. On the broken system, Central Admin was using https on the common port, 443.
Armed with this information I went back to miisclient.exe. I clicked "Management Agents" in the toolbar and opened the properties for the SharePoint agent. It's the one of type "Extensible Connectivity." This is how Forefront Identity Manager (FIM, the software behind the User Profile Sync) connects to SharePoint.
Once in the properties I clicked "Configure Connection Information" on the left to get the connection information. On the bottom, in the "Connect To:" box was the key.
This screenshot is from the working system. Notice my connection string has a colon and a port number. I looked at the broken system and it did not have a colon or a port, since it was running on the standard https port. The fix was to change direct://centraladmin/_vti… to https://centraladmin:443/_vti... After I did that, I started a full profile sync. All 10 steps completed successfully.
The moral of this story is that the UPS will not work if your Central Admin default zone URL does not have a colon and a port number in it. The fix is to specify the color and port in the connection setting in miisclient.exe.