Friday, 9 December 2016

Configure People Picker for a domain with One way trust

This post will help you Configure People Picker  for a domain with One way trust.

If SharePoint is installed on a domain that has a one-way trust with other domains and you want the People Picker on SharePoint 2013 to show users and groups from those other domains, you have to use the STSADM command to configure the People Picker.

This is tested on SharePoint 2010,2013

So lets get started :)

Step 1

You have to set an encryption key on all web front end servers in your farm so that the stored credentials can be encrypted:

STSADM.exe -o setapppassword -password Key

where "Key" is any value.

STSADM.exe -o setapppassword -password Password11

Note : For two way trust no need for setting an encryption key,means you can skip step 1 for a domain with two way trust.

Step 2

You have to give SharePoint the credentials to authenticate against the remote domain and tell it which domain you would like to authenticate against. You only have to run this on one of your SharePoint web servers

STSADM.exe -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue <Valid list of domains> -url <URL of the Web application>

where <Valid list of domains> is in the following format:


For example, a sample command might look like this:

STSADM.exe -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue ",test\user,P@ssw0rd" -url

You can add more than one domain. Just delimit them with a semicolon and a space. For example:

SSTSADM.exe -o setproperty -propertyname peoplepicker-searchadforests -propertyvalue ",test\user,P@ssw0rd;,test2\user,P@ssw0rd" -url

Step 3

Run below cmd to test if value has been set for people picker or not.

STSADM.exe -o getproperty -pn peoplepicker-searchadforests -url

Happy Sharepointing :)

No comments:

Post a Comment