Tuesday, June 26, 2007

People Picker in MOSS 2007 unable to find user from Multiple Domain

When the sharepoint is installed in environment with multiple domains , the user profile import mechanism only imports the user from the domain in which the sharepoint server is installed.


For eg , if there are multiple domains Domain1.abc.com and Domain2.abc.com and sharepoint 2007 server is installed at Domain2.abc.com , in such case when user profile import is run in SSP , all the users from Domain2.abc.com are imported to user profile database.


when we try to use the people picker control to search for user present in Domain1.abc.com we don't get any results as shown below :



In order to import users from Domain1.abc.com , we need to define new import connection for the Domain1.abc.com and start user profile import once more .

Follow these steps :

  • Open SSP(Shared Service provider)
  • Go to User Profiles and Properties
  • Click on View Import Connections
  • Create New Connection
  • Add the following entries , also shown in figure below

Domain Name :Domain1


Auto discover domain controller(Selected)


Search Base :DC=Domain1,DC=abc,DC=com


Other as default*



  • Start full import and now you should get all users

11 comments:

The JD said...

Did the above, can see all the secondary(new) domain uers in SSP but still cant add/find on Site...!?

SM said...

Same problem here, I have single domain and can import all the accounts in SSP. But the site people picker is not able to resolve the domain accounts except administrator.

Please Please help

troytnv said...

I am also seeing this similar behavior.. My details of the problem are as follows:
The domain that the SharePoint Server is located in has no problems of resolving names through the Add Users – People Picker areas when adding a user id, common name or e-mail address of that domain there are some 200+ users in that domain.
I’ve imported users through the import connection from a trusted domain by adding in another connection. This imported some 36,000+ users successfully, no errors in the logs. No when I go back to the Add Users in a group, it will not resolve any of these imported users through common name or e-mail address. However, if I enter in the DOMAIN/username it will resolve them. Select ok and it adds them to the user group. The strange thing here is that it takes about 3-4 minutes to pull the information from the imported users area to resolve the common name or e-mail address. If you sit there on the group that you just added the user to and keep hitting the F5 for refresh you will see this resolution take place eventually as you will see the newly added account in the Name column change from DOMAIN/username to their correctly resolved First Last name.
Another odd area of this is when I use the New – Add User function to add a user to the group, then select the Browse icon on the right side taking you into the People Picker. I cannot even associate the DOMAIN/username there, it only resolves the names from the local domain that the SharePoint server is sitting in, not the trusted domain from where I imported the users from. Where does this Browse function pull its names from?? It’s OBVIOUSLY not from the imported names.

Raghu Iyer said...

Make sure after profile import you also run the complete search crawl.

Jaya Borra said...

Hi,
I am not able to add the connection at all :(
as soon as I click OK, the page showing me an error stating "The query is not valid based on the specified search base and search filter. Please validate your input of search base and filter. "
can anybody help me out to resolve this issue? Please respond as soon as possible, because this is a very serious problem for me which I am not able to resolve from past 5 days and with out resolving this I cant move farward in this.

JAYAKANDAN said...

people picker in MOSS unable to resolve usernames just for few users ,it just shows Domain\Username,
could anyone suggest to fix this

Raghu Iyer said...

Hi jay ,
I had similar issues but u configured my Search properly.

Make sure you have imported the user profiles .

Anonymous said...

You need to use the peoplepicker searchadforrests command to give it the domain(s) or forrest(s) you want to search and any identities needed for those domains. You also need to run this for each web app you've set up.

shanti said...

I have similar problem.
I have imported few newly added distribution groups.Full crawl is also completed.Even after full crawl the people picker is not able to identify the group.
Any help in this regard is appreciated.

Anonymous said...

We have the similar situation now on prod and it shows thousands of records under people_dl_import category with format spsimport://?$$dl$$/domain1/domain2/domain3/

Also import was not stopping and added millions of records in database and was on verge of dik full.

On other servers like dev we have very less data in this category. I need to know the cause of this garbage data and how to fix it. I tried resetting content source and I will do full import in this weekend to see if this garbage data gets cleared. Any idea on cause for thiss issue?

Anonymous said...

People Picker

stsadm -o setproperty -pn peoplepicker-searchadforests -url site:portnumber -pv "domain:xxx.xxx.xxx.com",username,password