Bill Baer

Senior Product Marketing Manager (SharePoint), Microsoft Certified Master for SharePoint, Microsoft Corporation

Configuring SharePoint Products and Technologies for Cross-Forest Deployments

Configuring SharePoint Products and Technologies for Cross-Forest Deployments

  • Comments 6
  • Likes

 

People Picker works both cross-domain and cross-forest in one and two way trust environments.

People Picker will issue queries to all two-way trusted domains and two-way trusted forests to search People & Groups out-of-the-box. *People Picker uses the Windows SharePoint Services Web Application logon identity to access the target domain/forest.  If the Web Application pool does not have access to the target domain/forest, People Picker will need to be configured to use an account with access to the target domain/forest using the following STSADM operations:

STSADM –o setapppassword –password <password>
which establishes the Credential Key used to encrypt/decrypt the service logon identity in the configuration database. This must be configured identically on all servers that have the Windows SharePoint Services Web Application service configured.

NOTE This operation not required in scenarios where the target domain/forest is trusted. Each server farm should use a unique credential key.

STSADM.exe –o setproperty –pn peoplepicker-searchadforests –pv <domain(s)/forests(s)> -url http://<webapp>

The format of

<domain(s)/forests(s)>
is a list of
forest:DnsName,LoginName,Password
or
domain:DnsName,LoginName,Password
separated by a semicolon where necessary in scenarios where the target forest/domain is trusted, People Picker can be configured using
forest:DnsName
or
domain:DnsName
Comments
  • PingBack from http://mikewalsh.bilsimser.com/PermaLink,guid,891ba647-2b16-4382-ac0d-54a99aaa362e.aspx

  • Great Article ... worked like a charm! The flow chart really helped alot!!!!!

  • While working on a deployment this week, the OOB People Picker caught my attention and I realized there

  • SharePoint People-Picker and Active Directory Part 1

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment