Cross-forest and cross-domain people picker queries
==============================
Extends extends icker-searchadforests
The following command may be used to query people picker users across foreast:
Example:
Stsadm.exe-O setproperty-URL http: // server: Port-PN "specify parameter icker-searchadforests"-PV
"Forest: foo.corp.com; domain: bar.foo.corp.com", domainname \ loginname, P @ ssword
Stsadm.exe-O setproperty-URL http://server.domain1.com: 80-PN Login Attempts icker-searchadforests-PV domain: domain1.xxx.com; domain: domain2.yyy.com; domain: domain3.zzz.com
If the following error occurs:
Cannot retrieve the information for application credential key.
Run the following command:
Stsadm.exe-O setapppassword-Password P @ ssword
People picker custom Query
============================
Extends extends icker-searchadcustomquery
This stsadm attribute allows the Administrator to configure custom queries.
For example, you can use the following command to search by office name.
Stsadm.exe-O setproperty-PN extends icker-searchadcustomquery-PV "(physicaldeliveryofficename = {0 })"
Note: Be careful when using this command. If the set attribute value is not a correct ad query, people Picker will crash completely. in addition, if the searched attribute is not an index attribute in AD, the ad will be very slow.
Note: People picker can only use its wildcard when searching for the name of an ad Windows Group. When searching for a Sharepoint group, there will be no query results with the same wildcard.
For example, if you have a Sharepoint group named readers, you cannot search for read.
Extends extends icker-onlysearchwithinsitecollection
This will restrict the picker to only people and groups that are in the site collection.
Invalid parameter icker-nowindowsaccountsfornonwindowsauthenticationmode
This cocould be used to turn off the windows lookup on a non ad web app. From here you 'd be leveraging the customer provider
Extends extends icker-activedirectorysearchtimeout
Allows you to manage the Active Directory Search timeout for lower bandwidth/Higher latency Environments
Specified parameter icker-distributionlistsearchdomains
I'm not sure. I'll try to find out more. Note: DLS cannot be used for securing a Sharepoint site/list, Etc...
Update
==================
When you find that only the user in a certain ou can be searched by people picker in a site collection, and no one in other ou or domain can find the user, you should run the following command in the collections to check
Stsadm-O getsiteuseraccountdirectorypath-URL http: // SERVER_NAME/sites/contoso
If the returned result is not null, run the following command to reset it to the default state. By default, people picker does not restrict the search Target ou.
Stsadm-O setsiteuseraccountdirectorypath-path ""-URL http: // SERVER_NAME
For more information about the two commands, see
Http://technet.microsoft.com/en-us/library/cc262912%28v=office.12%29.aspx
Http://technet.microsoft.com/en-us/library/cc263328%28v=office.12%29.aspx
Updated on 2011-11-30
====================
NextArticleLet's talk about people picker very thoroughly. We recommend you take a look.
Http://blogs.msdn.com/ B /rajank/archive/2009/09/20/all-you-want-to-know-about-people-picker-in-sharepoint-functionality-configuration-troubleshooting-part-2.aspx
Source:
Multi forest/Cross forest people picker extends icker-searchadcustomquery
Http://blogs.msdn.com/joelo/archive/2007/01/18/multi-forest-cross-forest-people-picker-peoplepicker-searchadcustomquery.aspx