Tuesday, August 07, 2012 6:26 PM
Would like to know below two points -
(1) When anyone tried to access SharePoint site, windows prompt for username and password, so user is authenticated from user Info table or directly from Active Directory or LDAP?
(2) When new users is added into any sharepoint group, first picket people control check him into User Info table and if the sepcific user is not available there then it goes to Active Directory and add it into User ifno table. Thia is my understanding. Please correct me if I am wrong.
Tuesday, August 07, 2012 10:15 PM
1) Depending on the authentication method, SharePoint will use a different provider. In the case of Windows Authentication (NTLM/Kerberos) (in either Classic or Claims), authentication happens between IIS and Active Directory. Once authenticated, SharePoint can then check if the user is authorized by looking at the permissions of the requested resource (site, list, item, etc). SharePoint stores user information in the content database. This information is used to distinguish users within SharePoint.
2) The people picker will check both existing users in the site collection and perform a query to Active Directory (I do not know if there is an order to this process, just that it will search both). You can use the Peoplepicker-onlysearchwithinsitecollection stsadm property to limit People Picker only to users in the site collection.
- Marked As Answer by Robert Lukose Wednesday, August 08, 2012 2:18 AM
Wednesday, August 08, 2012 2:18 AMThanks Jason.