Comments on: More People Picker issues

By: Rob

Rob — Mon, 08 Feb 2010 11:00:10 +0000

Have you tried manually specifying the domain list in the people picker, with user names and passwords that have access to view the AD? You need to specify these via the command line otherwise it will use the account that the service is running under, and if that doesn’t have access, neither will the people picker.

The mix of users signing in is probably due to a group membership that has been set somewhere. If you specify authenticated users to have access to a site, they’ll log on. Incidentally, normally after logging on via a group, you’ll see them showing up in the People Picker index, whether or not the People Picker can see the AD details beforehand.

In the import via the SSP, you specify a domain account in the GUI – the people picker won’t use this. It runs in the context of the service or usernames and passwords specified via stsadm.

By: Tom

Tom — Fri, 22 Jan 2010 21:00:20 +0000

Oh imports from the affected domain work perfectly still using the domain account given so its not a read right which is what peoplepicker should be doing.

By: Tom

Tom — Fri, 22 Jan 2010 20:58:17 +0000

We have not modified peoplepicker in anyway.
The tool only finds users in the site collections.
We have some users that can sign in and get access request page and then some that can actually sign in and see a page but still cannot be found in peoplepicker.
All trusts are correct.
Peoplepicker commands run
stsadm -o getproperty -url http://sitename -pn peoplepicker-onlysearchwithinsitecollection

stsadm -o setproperty -url http://sitename -pn “peoplepicker-nowindowsaccountsfornonwindowsauthenticationmode” -pv no

We did get the AD commands to work yet we still cannot see users in peoplepicker unless they are already in the site.
This still only affects one domain and most can authenticate we just cannot add them to a site.

By: Rob

Rob — Fri, 27 Nov 2009 15:00:16 +0000

I’m not really able to answer your questions with the level of information available, I’m afraid. The PeoplePicker generally doesn’t look at the profiles imported in the SSP anyway. It sounds like an attempt to customise the people-picker on the webapp has been set up incorrectly, and thats blocking the response for any user. Just check the articles on customiseing the PeoplePicker results, and update it with a blank custom query to set it back to default behaviour. For question 2, do you mean the people picker is returning users from the other domain, or the ssp import is pulling in more users to the user directory than you want? Those are very different questions.

By: Tom

Tom — Fri, 20 Nov 2009 20:31:30 +0000

About the issues I posted, we found that some how the link between the sites and the ssp broke down, we have somewhat fixed the problem but we still have one webapp that will not find users that is in the ssp or the specific domain the other sites will find users and works just fine.
Ever seen this issue

Question 2
We also have a domain that we do not want any imports to come from yet we are pulliung them in and it is not specified in the profile import connections How can we keep the one from getting imported.