SharePoint 2010 User Profile Synchronization Service Active Directory Connection

I recently tried configuring the Synchronization Connection for a client which ended up in a few problems.

First our client had different a different FQDN name and NetBIOS name for the domain and it took a while for us to figure out how to fix this. The accounts got imported with the FQDN name and the user selector for user field in lists was unable to find users using the FQDN name.
My first attempt was to just recreate the synchronization connection but when I tried deleting it I got an error from Central Administration. Okay so deleting the connection wouldn’t work, how about creating a new one and then trying to delete it. Maybe it can’t be deleted because it’s the only connection thats in there. Well it turned out creating a new connection worked but I still couldn’t remove the old connection or the new one. So now I had two connections which caused the User Profile Synchronization Service to stop and then hang in ‘Starting’ mode.
Fortunatley I knew how to fix that problem from an earlier issue we had on the development machine.

Stepping through ‘Reset profile synchronization’ in this link: http://technet.microsoft.com/en-us/library/ff681014.aspx will remove the existing synchronization connections and reset everything that has to do with the profile synchronization itself. NOTE: this does not empty the data currently in the profiles.
After these steps it turns out that just running IISReset is not enough, you have to reboot the server for the service to be able to start again.

No to get the synchronization connection to work properly I had to enable NetBIOS domain names on the User Profile Service Application before creating the synchronization connection. If you don’t do it before you create the connection it won’t have any effect.
Doing this is described in this link: http://technet.microsoft.com/en-us/library/ee721049.aspx under the headline ‘Enable NetBIOS domain names’

Now that the User Profile Service is prepared for the fact that the domain has mismatching FQDN and NetBIOS names I could create the connection and start a full synchronization.

To make sure the connection had enough privileges on the domain controller we used the domain administrator account. I’m sure someone could give me the up and downs on that but in this case I didn’t want to mess with the connection any more. Specially in a production environment.