Post
Ask Question

Configure People Picker For A Domain With One Way Trust

This post will help you Configure People Picker for a domain with One way trust.

If SharePoint is installed on a domain that has a one-way trust with other domains and you want the People Picker on SharePoint 2013/2010 to show users and groups from those other domains, you have to use the STSADM command to configure the People Picker.

This is tested on SharePoint 2010 and 2013.

So let’s get started :)

How to use stsadm commands in SharePoint.

  • In SharePoint Server, Click Start and type CMD.
  • Right click on Command prompt and select run as administrator.

    SharePoint
  • We have change the path in order to excute STSADM commands.
  • To change the path run below command.

    SharePoint

Step 1

You have to set an encryption key on all web front end servers in your farm so that the stored credentials can be encrypted:


STSADM.exe -o setapppassword -password Key

where "Key" is any value.

Example

STSADM.exe -o setapppassword -password Password11

SharePoint

Note

For two way trust there's no need to set an encryption key, it means you can skip step 1 for a domain with two-way trust.

Step 2

You have to give SharePoint the credentials to authenticate against the remote domain and tell it which domain you would like to authenticate against. You only have to run this on one of your SharePoint web servers

STSADM.exe -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue <Valid list of domains> -url <URL of the Web application>

where <Valid list of domains> is in the following format,

domain:DnsName,LoginName,Password

For example, a sample command might look like this:

STSADM.exe -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue "domain:Test.com,test\user,P@ssw0rd" -url https://sharepoint.com

You can add more than one domain. Just delimit them with a semicolon and a space.

For example

SSTSADM.exe -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue "domain:Test.com,test\user,P@ssw0rd;domain:Test2.com,test2\user,P@ssw0rd" -url https://sharepoint.com

Step 3

Run below cmd to test if value has been set for people picker or not.

STSADM.exe -o getproperty -pn peoplepicker-searchadforests -url http://Sharepoint.com

Hope it helps. Happy Sharepointing :)


Similar Articles