locked
People picker prevent returning farm ad account RRS feed

  • Question

  • Hi

    I am using SharePoint Foundation 2010 and I am new to it. I have a problem on people picker.

    Here are the settings on my Active Directory

    GlobalAD - Farm Server AD

    TerminalAD1 - One Way Trust AD

    TerminalAD2 - One Way Trust AD

    TerminalAD3 - One Way Trust AD 

    For example, I plan to create 3 web applications for different terminals. Web App 01 for TerminalAD01 and so on.

    I would like to segregate people picker can only search for the particular TerminalAD users within web application. So I run below stsadm command on WFE server:

    STSADM.EXE -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue "TerminalAD01.com,TerminalAD01\User,Password" -URL http://webApp01
    STSADM.EXE -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue "TerminalAD02.com,TerminalAD02\User,Password" -URL http://webApp02
    STSADM.EXE -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue "TerminalAD03.com,TerminalAD03\User,Password" -URL http://webApp03

    The result is positive in some way.

    By clicking the Browse button, people picker is working perfectly. Only return TerminalAD accounts.

    But not for Check Name button. This will return me accounts in TerminalAD and GlobalAD as well.

    How do I prevent users/groups check name returning GlobalAD account and only return me for TerminalAD account? Is this possible?

    Hope someone here can assist me.

    Thanks!




    • Edited by JohnThen Friday, April 10, 2015 8:48 AM
    Friday, April 10, 2015 2:24 AM

Answers

  • Hi,

    Please try to launch the SharePoint 2010 Management Shell (PowerShell) and run the following Script.

    Modify the PowerShell script base on environment.

    Set-SPSite -Identity http://webApp01 -UserAccountDirectoryPath "OU=TerminalAD1,OU=SharePoint,DC=Contoso,DC=com"
    Set-SPSite -Identity http://webApp02 -UserAccountDirectoryPath "OU=TerminalAD2,OU=SharePoint,DC=Contoso,DC=com"
    Set-SPSite -Identity http://webApp03 -UserAccountDirectoryPath "OU=TerminalAD3,OU=SharePoint,DC=Contoso,DC=com"
     

    More information for your reference:

    http://www.tcscblog.com/limit-the-people-picker-in-sharepoint-2010-to-a-specific-ou-or-domain/

    Best Regards,

    Dennis Guo


    TechNet Community Support
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    • Proposed as answer by Patrick_Liang Saturday, April 18, 2015 1:47 AM
    • Marked as answer by Patrick_Liang Saturday, April 25, 2015 2:41 AM
    Monday, April 13, 2015 7:16 AM