People picker can be configured to look up users from various locations in AD such as domain or OU and others using STSADM or PowerShell.
The people picker consists of two buttons, check names and browse button (select people and groups). Check names should be fast compared to browse as it doesn’t send query, but the catch it resolves exactly what is in the text box. You have multiple options to speed up this process.
Just a quick note – by default if you don’t restrict to search within some domains, the query will be executed in all the domains. If there are any firewall restrictions in any of the domain, it’s going to take more time as the timeout for each of the domain I guess is 30 secs. Find out if there is a Global Catalog close and reachable by SharePoint? You can use the Netmon to see which server(s) the SharePoint try to communicate with.
To force People Picker to only return users who have permissions in the site collection when the Check Names button is clicked, type the following command,
stsadm -o setproperty –pn peoplepicker-Peopleeditoronlyresolvewithinsitecollection –pv yes –url <Web application URL>
To force People Picker to only return users who have permissions in the site collection when the Select People and Groups dialog box is used, type the following command:
stsadm -o setproperty –pn peoplepicker-onlysearchwithinsitecollection –pv yes –url <Web application URL>
Again, if you want to restrict the users within specific domain, you can use these commands
stsadm -o setproperty -url http://webapplicationURL -pn peoplepicker-distributionlistsearchdomains -pv ME
stsadm -o setproperty -pn peoplepicker-searchadforests -pv domain:ME -url http://webapplicationURL
If there are multiple domains, separate the domain names using semicolon (;)
Some of these articles are for SharePoint 2010 but they are applicable to 2007 as well.
People Picker overview
Configure People Picker
Peoplepicker: Stsadm properties
An overview of site permissions
Plan site permissions