This article explains the sources of data that populate user profile experiences in applications across Office 365. It will help you to understand which of the attributes Hyperfish has the capability to manage.
We are often approached with questions around where attributes live, where they are stored, and how to manage them centrally using Hyperfish.
One of the main reasons for this confusion, is due to Office 365 being a combination of products run by different engineering teams at Microsoft. These teams were brought together to deliver a single Office 365 offering, but with an on-premises standalone product and a multi-tenant service, some inconsistencies are inevitable.
The sections below explain where user attributes are sourced from in different Office 365 experiences.
Where Delve Profile Information Comes From
Delve is a user and document search experience for Office 365. A common request we get is for our tooling to "update Delve." The misconception here is that Delve is a place for information storage, which isn't the case.
Delve sources most of its profile information from SharePoint Online User profiles, with the exception of the profile picture, which is sourced from the Exchange Online photo store.
Where SharePoint Online Attributes are Used
The SharePoint Online user profile store houses the people information that can be surfaced in SharePoint online. In addition to being the profile information source for the Delve profile experience, the SharePoint Online user profile store is also the source for user profile information and images that are surfaced through SharePoint search functionality.
Where SharePoint Online Attributes Come From
To keep things in sync, most of the basic profile information in SharePoint Online is synced from Azure Active Directory. However, SharePoint Online also has many desirable native attributes such as Skills, About Me, Past projects, and Schools, to name a few.
You can get a good idea of which attributes are synced and which ones aren't by modifying a user profile within the SharePoint Admin experience; some of the attributes will show up with a database link icon:
Those are the attributes that are synced, typically from Azure AD.
SharePoint Online User Profile Attribute Extensibility
SharePoint Online lets you create custom profile attributes. This can be very useful for storing user information important to your organization. And since Delve sources information from SharePoint, the custom attributes that you add here can end up in Delve too, albeit not in a very flexible manner when it comes to putting things in order.
Photo storage in Office 365 is an outlier when compared to other examples of user properties, and has had a tumultuous journey. Since there can be multiple photo stores in a Microsoft-tooled environment (AD, Azure AD, Exchange Online, SharePoint Online), different experiences have sourced images from different sources in the past.
Thankfully, Microsoft are moving mostly to sourcing images from Exchange Online, which stores images at the highest resolution anywhere in Office 365.
Photo Experiences and Sources
|Outlook Web Access||Exchange Online||648x648|
|Delve User Profile|
|Office 365 Applications (Outlook/Word/Excel/PowerPoint)|
|Sharepoint Online Profile Photos||SPO Photo Library, synced and re-scaled from Exchange Online||S: 48x48
|Azure DevOps||Azure AD||96x96|
Hyperfish is offered in two varieties depending on your Active Directory landscape and needs: Hybrid, or Online.
These are the attributes that Hyperfish can manage by default on a fresh installation for each implementation type:
Default Hyperfish Managed Attributes for Active Directory and Azure Active Directory
|Attribute Label||Hyperfish Hybrid (AD)||Hyperfish Online (Azure AD via Graph)|
|Standard Profile Information|
Also simultaneously written to SPO and EXO photo stores with O365 Connector enabled
|Photos written through the Graph follow Microsoft's flow of updating the Exchange Online photo if an Exchange mailbox exists for the user, otherwise it is written to the Azure AD photo store.|
|Post Office Box||postOfficeBox|
|Custom and Extended Attribute Support|
|Custom Attribute||Active Directory Extended Schema Attributes and SharePoint Online User Profile custom attributes supported out-of-the-box||Not supported until made available through MS Graph API|
Hyperfish Extensibility in Managing Attributes
The Hyperfish Hybrid configuration is the most flexible deployment of Hyperfish. It can leverage both on-premises AD extended schema attributes as well as connected sources with custom attributes such as SharePoint Online User Profiles via the Office 365 connector.
Hyperfish Online configurations are limited to what the Microsoft Graph API can expose for management. This is currently limited to the default attributes that Hyperfish manages out-of-the-box. As Microsoft make more attributes available through the Graph, Hyperfish Online will be updated to support them.
Which Hyperfish Implementation is Right For You?
If you have on-premises Active Directory synchronized to Azure Active Directory via Azure AD Connect, you should choose a Hyperfish Hybrid configuration. This is mostly because AD is the source of truth in this configuration, but also because attributes synchronized by Azure AD Connect are write-locked in Azure AD, meaning they can't be written to by Hyperfish.
There may be an edge case where you don't want to collect information from users, don't need custom attribute support, are only looking to surface basic user information through Hyperfish Directory and Org Chart web parts, and want a quick deployment. In this case, an Online deployment may be appropriate, but you would be missing out on a lot of functionality.
If your organization has Azure AD only, your only choice is Hyperfish Online, which can only manage attributes made available through the Graph (listed in table above), and does not support connections to other sources such as SharePoint Online User Profiles at this time.