Sunday, December 26, 2010

SharePoint People Picker Multiple Domains

The people picker is an important part of a SharePoint farm. Making sure that the correct users are available for selection is key. Issues almost always show up in farms where multiple domains need to be available for selection. The fix is a couple of stsadm commands, these commands work in SharePoint 2007 and 2010. 

By default, the application pool identity is used to search active directory. If the account does not have the correct permissions, you will need to encrypt the password for the account that will be used to search that domain. This account needs to be noted for password changes!

Set the encryption key (run on each WFE)
stsadm -o setapppassword -password  *********
Set the domains that should be searched  (run on one WFE per web application)
stsadm -o setproperty -pn peoplepicker-searchadforests 
       -pv domain:domain1;domain:domain2,domain2\account,password 
       -url http://webapp
A more detailed discussion can be found here:
http://blogs.msdn.com/b/joelo/archive/2007/03/08/cross-forest-multi-forest-configuration-additional-info.aspx
Posted by Shawn Kirby

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)