Thursday, January 21, 2016
Enabling SharePoint 2013 PeoplePicker to retrieve users from multiple domains.
There is already information out on the net about this, but I thought I would try to package this up concisely to help someone (possibly myself) do this in the future.
Has your organization recently acquired another company?
Do you now have multiple domains added to your previously single domain SharePoint Farm?
That has been my motivation for writing this blog post.
We had one domain called "Domain1" and needed to integrate a second domain we will call "Domain2"
Below is the Powershell script for making this happen.
$wa = Get-SPWebApplication -identity "https://sharepoint.company.com"
$key = convertto-securestring "Add_Your_Password_For_The_Search_Account_Here" -AsPlainText -Force
[Microsoft.SharePoint.SPSecurity]::SetApplicationCredentialKey($key)
$adsearchobj = New-Object Microsoft.SharePoint.Administration.SPPeoplePickerSearchActiveDirectoryDomain
$userpassword = Convertto-SecureString "Password_For_UserProfileSynchAccount(Domain1)" -asplaintext -force
$adsearchobj.DomainName = "Domain1"
$adsearchobj.ShortDomainName = "This_Is_Optional"
$adsearchobj.IsForest = $false
$adsearchobj.LoginName = "UserProfileSynchAccountForDomain1"
$adsearchobj.SetPassword($userpassword)
$wa.PeoplePickerSettings.SearchActiveDirectoryDomains.Add($adsearchobj)
$wa.Update()
$wa.PeoplePickerSettings #This displays current settings for clarity (optional)
$adsearchobj = New-Object Microsoft.SharePoint.Administration.SPPeoplePickerSearchActiveDirectoryDomain
$userpassword = Convertto-SecureString "Password_For_UserProfileSynchAccount(Domain2)" -asplaintext -force
$adsearchobj.DomainName = "Domain2"
$adsearchobj.ShortDomainName = "This_Is_Optional"
$adsearchobj.IsForest = $false
$adsearchobj.LoginName = "UserProfileSynchAccountForDomain2"
$adsearchobj.SetPassword($userpassword)
$wa.PeoplePickerSettings.SearchActiveDirectoryDomains.Add($adsearchobj)
$wa.Update()
$wa.PeoplePickerSettings #This displays current settings for clarity (optional)
If for some reason you need to back out of this, the below code will remove them one at a time:
$wa = Get-SPWebApplication -identity "https://sharepoint.company.com"
$adsearchobj = $wa.PeoplePickerSettings.SearchActiveDirectoryDomains.Item(1) #zero-based index
$wa.PeoplePickerSettings.SearchActiveDirectoryDomains.Remove($adsearchobj)
$wa.Update()
Subscribe to:
Post Comments (Atom)
Don't forget that the to see the order(index posistion) of the domain in the search settings you should run:
ReplyDelete(Get-SPWebApplication https://sharepoint.company.com).PeoplePickerSettings
Thx for this article!
ReplyDelete