Tuesday 4 February 2014

SharePoint People Picker Filter

We had an issue where some users show up twice in the People picker search and it happen to be one of them from another domain and that domain is a trusted domain of the main domain which is used for SharePoint.
As a result of that, when ever user search for some one it gives two results in the People picker.
ex\ search Ed show - ABC\ed and DEF\ed

DEF is a completely separate AD which is used in the Dev environment. This is a trusted domain in the ABC and that cannot be removed due to few other reasons.
Fastest solution was to filter the People picker to show users only from ABC domain.

Setting the filter is limited to the Web application and need to be executed for each web app.


$webapp = Get-SPWebApplication http://siteurl
$webapp.PeoplePickerSettings 
 
$webapp.PeoplePickerSettings.
ActiveDirectoryCustomFilter = 
"(userPrincipalName=*@ABC.local)"
$webapp.Update() 

Two good references for filtering are

http://sharepointserver-2007.blogspot.co.uk/2008/10/limiting-sharepoint-people-picker.html

http://www.sharepointdiary.com/2012/04/people-picker-filter-in-sharepoint.html


Can use following to check the output before setting the filter

$strFilter = "(&(&(objectcategory=person)(!sAMAccountName=*_ssl))(userPrincipalName=*@ABC.local))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"

$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}

$colResults = $objSearcher.FindAll()

foreach ($objResult in $colResults)
    {$objItem = $objResult.Properties; $objItem.name}