Sharepoint 2010, People Picker (peoplepicker-searchadforests), 1 way Active Directory trust .... process monitor to the rescue!

Posted by steve schofield on ASP.net Weblogs See other posts from ASP.net Weblogs or by steve schofield
Published on Sat, 12 Mar 2011 21:27:00 GMT Indexed on 2011/03/13 0:11 UTC
Read the original article Hit count: 323

Filed under:

If you run Sharepoint 2010 in one forest, users in another forest and a 1-way forest in-place.  There is some additional configuration needed in Sharepoint 2010.  I included links below that discuss the details.  My post is not to be in-depth how to setup, rather share a tidbit not discussed in documentation (not that I could find).  Thanks to a smart co-worker and process monitor, it was found there is a registry entry, the application pool needs READ access.  You can either manually grant permissions on the server or add registry permission in AD Group Policy.  Hope this helps.

People Picker overview (SharePoint Server 2010)
http://technet.microsoft.com/en-us/library/gg602068.aspx

Configure People Picker (SharePoint Server 2010)
http://technet.microsoft.com/en-us/library/gg602075(d=lightweight).aspx

Peoplepicker-searchadforests: Stsadm property (Office SharePoint Server)
http://technet.microsoft.com/en-us/library/cc263460.aspx

Application Pool needs read access
MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\14.0\Secure

Multi Forest/Cross Forest People Picker
http://blogs.msdn.com/b/joelo/archive/2007/01/18/multi-forest-cross-forest-people-picker-peoplepicker-searchadcustomquery.aspx

Process Monitor
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

Steve Schofield
Microsoft MVP - IIS

© ASP.net Weblogs or respective owner

Related posts about sharepoint