Stsadm commands related to zookeeper icker in SharePoint

Cross-forest and cross-domain people picker queries

==============================

Extends extends icker-searchadforests

 

The following command may be used to query people picker users across foreast:

 

Example:

Stsadm.exe-O setproperty-URL http: // server: Port-PN "specify parameter icker-searchadforests"-PV

"Forest: foo.corp.com; domain: bar.foo.corp.com", domainname \ loginname, P @ ssword

 

Stsadm.exe-O setproperty-URL http://server.domain1.com: 80-PN Login Attempts icker-searchadforests-PV domain: domain1.xxx.com; domain: domain2.yyy.com; domain: domain3.zzz.com

 

If the following error occurs:

Cannot retrieve the information for application credential key.

Run the following command:

Stsadm.exe-O setapppassword-Password P @ ssword

People picker custom Query

============================

Extends extends icker-searchadcustomquery

This stsadm attribute allows the Administrator to configure custom queries.

For example, you can use the following command to search by office name.

Stsadm.exe-O setproperty-PN extends icker-searchadcustomquery-PV "(physicaldeliveryofficename = {0 })"

Note: Be careful when using this command. If the set attribute value is not a correct ad query, people Picker will crash completely. in addition, if the searched attribute is not an index attribute in AD, the ad will be very slow.

Note: People picker can only use its wildcard when searching for the name of an ad Windows Group. When searching for a Sharepoint group, there will be no query results with the same wildcard.

For example, if you have a Sharepoint group named readers, you cannot search for read.

Extends extends icker-onlysearchwithinsitecollection

This will restrict the picker to only people and groups that are in the site collection.

Invalid parameter icker-nowindowsaccountsfornonwindowsauthenticationmode

This cocould be used to turn off the windows lookup on a non ad web app. From here you 'd be leveraging the customer provider

Extends extends icker-activedirectorysearchtimeout

Allows you to manage the Active Directory Search timeout for lower bandwidth/Higher latency Environments

Specified parameter icker-distributionlistsearchdomains

I'm not sure. I'll try to find out more. Note: DLS cannot be used for securing a Sharepoint site/list, Etc...

Update

==================

When you find that only the user in a certain ou can be searched by people picker in a site collection, and no one in other ou or domain can find the user, you should run the following command in the collections to check

Stsadm-O getsiteuseraccountdirectorypath-URL http: // SERVER_NAME/sites/contoso

If the returned result is not null, run the following command to reset it to the default state. By default, people picker does not restrict the search Target ou.

Stsadm-O setsiteuseraccountdirectorypath-path ""-URL http: // SERVER_NAME

For more information about the two commands, see

Http://technet.microsoft.com/en-us/library/cc262912%28v=office.12%29.aspx

Http://technet.microsoft.com/en-us/library/cc263328%28v=office.12%29.aspx

Updated on 2011-11-30

====================

NextArticleLet's talk about people picker very thoroughly. We recommend you take a look.

Http://blogs.msdn.com/ B /rajank/archive/2009/09/20/all-you-want-to-know-about-people-picker-in-sharepoint-functionality-configuration-troubleshooting-part-2.aspx

 

Source:

Multi forest/Cross forest people picker extends icker-searchadcustomquery

Http://blogs.msdn.com/joelo/archive/2007/01/18/multi-forest-cross-forest-people-picker-peoplepicker-searchadcustomquery.aspx