Supportcomita
asked on
Configure people picker to list users from a specific OU in another forest
I have a SharePoint server 2010 in forest A, domain1.local and the users is in forest B, domain2.local. There is a two-way trust between forest A and forest B. I want to restrict the people picker only to list users from a specific OU in forest B, domain2.local. I am able to restrict the listing of users to an OU within the same domain using the following command:
stsadm.exe -o setsiteuseraccountdirector ypath -url <url> -path "<path>"
However, I have not figured out how to restrict it to an OU in the other forest and domain. Any clarification on how to resolve this issue is appreciated.
stsadm.exe -o setsiteuseraccountdirector
However, I have not figured out how to restrict it to an OU in the other forest and domain. Any clarification on how to resolve this issue is appreciated.
ALso, verify your app pools and timer account have access on that remote OU
ASKER
I have Access to the OU in forest B, domain2.local. I am able to list the users in the specific OU, but I can also list users in other OUs. I want to restrict it to only show results from the OU I spesify. I am not at all sure if the command I've used that worked within the same domain is usable for this purpose.
So have you tried it? It either works or it doesn't, there is no special step you need to do for going across forests (other than verifying permissions).
ASKER
Yes I have tried using the following command.
stsadm.exe -o setsiteuseraccountdirector ypath -url myurl -path "OU=myOU,OU=hosting,DC=dom ain2,DC=lo cal"
It doesn't result in an error, but I am not able to find any of the users in people picker after running this command.
stsadm.exe -o setsiteuseraccountdirector
It doesn't result in an error, but I am not able to find any of the users in people picker after running this command.
Ok, it probably won't work then. I've never tried it, but always read the documentation like it would only work in the same domain.
ASKER
Does anyone have any idea how to resolve this issue?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your effort ACH1LLES! I guess the solution is to keep the users and the SharePoint server within the same domain.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for Supportcomita's comment #a38476357
for the following reason:
Closed because it seems like there is no good solution to this problem.
Accepted answer: 0 points for Supportcomita's comment #a38476357
for the following reason:
Closed because it seems like there is no good solution to this problem.
Don't delete the question just because it's not possible. Accept the comment ( 38466740) stating as much :)
Have you tried specifying the remove domain (DC=remote,DC=int) in the path? Did it error?