WSS 3.0 Adding Active Directory Users

ITPNS
ITPNS used Ask the Experts™
on
Hello,

We have a new WSS 3.0 installation. I'm trying to add Windows users/groups to SharePoint. When I search for or check names, I am only able to enumerate users from the CN=Users OU in Active Directory. Any other accounts from custom OUs don't enumerate and SharePoint is unable to match the names. How do I fix this?
Thanks for any help you can provide!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Check with your AD Administrators to make sure they didn't put any special security on the other OUs. By default, SharePoint should be able to find your users regardless of the OU they are in.

Commented:
Check you have defined proper DN name in share point to search the OU from root of the domain.
Ex your domain is abc.com having lot of user into that,the correct way is that
dc=abc,dc=com

Author

Commented:
Thanks,

quihong: We DO have special security on our OUs. There is an OU called 'clients' which contains the Active Directory users that I wish to add to SharePoint. The account that I used to install and administer SharePoint is a full Domain Administrator yet I cannot see those accounts through SharePoint?

Awinish: How do I define a proper DN name to search my 'clients' OU? I only know of the option to select Windows and Kerberos as my authentication mechanism. Remember, this is a clean 'out of the box' basic installation. I just want be able to add users/groups from an OU other than the default Users.

Please help and thanks!
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Commented:
It doesn't matter that your user account is a full domain administrator. Its the SharePoint service account that needs to be able to read the OU structure.

Author

Commented:
Oh,
Ok. But which service account? Is it an account that runs one of the SharePoint Windows services? I found the following article on the topic, but I don't know which account accesses Active Directory to enumerate users:

http://go.microsoft.com/fwlink/?LinkId=92885&clcid=0x409
Thanks!

Commented:
Don't have idea about Sharepoint,i thought there is way to define Dn like we did for websense to query user in AD for authentication,sorry mate some Share point expert can only help you.
Commented:
It's the identity of the application pool running the web application in which your site collection is located that you need to check.

Author

Commented:
Yes, it was the account assigned to the application pool identity, configured in SharePoint itself. Thanks!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial