SharePoint and PeoplePicker configuration

MSDN Article: http://technet.microsoft.com/en-us/library/gg602075.aspx

Excellent article on complex scenarios: http://blog.octavie.nl/index.php/2010/10/12/my-challenge-with-the-people-picker/

 

Important steps:

1. Set an encryption key for use with a one-way trust

If the forest or domain on which SharePoint 2013 is installed has a one-way trust with another forest or domain, you must first set the credentials for an account that can authenticate with the forest or domain to be queried before you can use the Stsadm peoplepicker-searchadforests property.

Note: The encryption key must be set on every front-end web server in the farm on
which SharePoint 2013 is installed.

To set an encryption key, type the following command:

stsadm.exe -o setapppassword -password <Key>

2. Enable cross-forest or cross-domain queries when you use a one-way trust

If the forest or domain on which SharePoint 2013 is installed has a one-way trust with another forest or domain, you must specify the credentials to be used to query the forest or domain, in addition to the names of the forests or domains to be queried. People Picker will only query the forests or domains that you specify in the peoplepicker-searchadforests property setting.

STSADM.exe -o setproperty -pn peoplepicker-searchadforests
-pv "forest:Contoso.com,ContosoUser1,Password1;domain:Fabrikam.com,FabrikamUser2,Password2"
-url http://central

 

Here are is a sample batch file to help

 

@echo off
setlocal

SET UID=%1
SET PWD=%2

SET PPCFG="domain:corp.domain.org,%UID%,%PWD%;domain:pws.domain1.com,%UID%,%PWD%;domain:domain2.lab,%UID%,%PWD%"

CALL :execute %PPCFG% <<URL1>>
CALL :execute %PPCFG% <<URL2>>
exit /b

:executeecho Setting People Picker for URL: %2
STSADM.exe -o setproperty -pn peoplepicker-searchadforests -pv %1 -url %2
GOTO:eof

 

Attached script:

set-peoplepicker.bat (375.00 bytes)