No exact match found when adding users from different domains in SharePoint

Problem:
Either when you’re trying to add a user account from a different domain to a SharePoint site collection or using People Picker you get a “no exact match found”.

Issue:
The service account attached to the Sharepoint Web Application is used for user account verification. In the case where there is only a one-way trust between the domains, a login for the requested domain is required. For example, when you add a user from a different domain to the security list for a file, where the current login does not have permissions to the queried domain a login popup appears. Since a login dialog doesn’t appear for Sharepoint, an additional login is required.

Solution:
In a multi forest network, separate logins will have to be registered against each domain. Assuming you have a login with permissions to the domains that are found in different forests you can run the following command on the Sharepoint server to register the login password (domain:<domain>, login, password; domain<domain>, login, password):

stsadm.exe -o setproperty -url "<https://SharepointPortal>" -pn "peoplepicker-searchadforests" -pv "domain:na.aecomnet.com,na\mosssp,Password; domain:as.aecomnet.com,nas\mossspas,Password; domain:corp.aecomnet.com,aecom/mossspcorp,Password; domain:au.aecomnet.com,au\mosstest,mos5test"

Advertisements

3 comments

  1. Sylvia Chan

    Hi,

    1. My company has only 1 domain which is PDC1 (cw.com), MOSS 2010 is installed in APP1 and joined to domain.
    2. Peoplepicker shown Not Match in the Team Site(http://mossserver) -> Site Permission.
    3. I have tried stsadm

    stsadm.exe -o setproperty -url “” -pn “peoplepicker-searchadforests” -pv “domain:cw.com, cw\administrator,password

    syntax correct?

    Any other way else to resolve the peoplepicker issue?

  2. jkhk

    Well assuming you have your Sharepoint portal URL in those double quotation marks the syntax looks fine.

    Double check the full domain name, admin account password, and url…specify a port if its not running off the standard 80.

    and make sure you run iisreset -noforce

  3. Pingback: Resources: SharePoint MySites, User Profiles, AD/Users and Alerts | lionadi

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s