Hi,
If a web application is using Windows authentication and the site user directory path is not set, the People Picker control searches all the Active Directory to resolve users' names or find users, instead of searching only users in a particular organizational unit (OU). The Stsadm setsiteuseraccountdirectorypath operation allows the user's directory path to be set to a specific OU in the same domain. After the directory path is set to a site collection, the People Picker control will only search under that particular OU.
To restrict People Picker to a certain OU in Active Directory, type the following command:
stsadm -o setsiteuseraccountdirectorypath -path <Valid OU name> –url <Web application URL>
The following example configures People Picker to only return users and groups in the OU named "Sales":
stsadm -o setsiteuseraccountdirectorypath -path "OU=Sales,DC=ContosoCorp,DC=local" –url http://central
For more information, see “Restrict People Picker to a certain group in Active Directory” section in the http://technet.microsoft.com/en-us/library/gg602066(v=office.14).aspx.
Thanks.
Tracy Cai
TechNet Community Support
No comments:
Post a Comment