People Picker SharePoint 2007 and 2010

People picker can be configured to look up users from various locations in AD such as domain or OU and others using STSADM or PowerShell.

The people picker consists of two buttons, check names and browse button (select people and groups).  Check names should be fast compared to browse as it doesn’t send query, but the catch it resolves exactly what is in the text box.  You have multiple options to speed up this process. 

Just a quick note – by default if you don’t restrict to search within some domains, the query will be executed in all the domains.  If there are any firewall restrictions in any of the domain, it’s going to take more time as the timeout for each of the domain I guess is 30 secs.  Find out if there is a Global Catalog close and reachable by SharePoint? You can use the Netmon to see which server(s) the SharePoint try to communicate with.

To force People Picker to only return users who have permissions in the site collection when the Check Names button is clicked, type the following command,

stsadm -o setproperty –pn peoplepicker-Peopleeditoronlyresolvewithinsitecollection –pv yes –url <Web application URL>

To force People Picker to only return users who have permissions in the site collection when the Select People and Groups dialog box is used, type the following command:

stsadm -o setproperty –pn peoplepicker-onlysearchwithinsitecollection –pv yes –url <Web application URL>

Again, if you want to restrict the users within specific domain, you can use these commands

stsadm -o setproperty -url http://webapplicationURL -pn peoplepicker-distributionlistsearchdomains -pv ME

stsadm -o setproperty -pn peoplepicker-searchadforests -pv domain:ME -url http://webapplicationURL

If there are multiple domains, separate the domain names using semicolon (;)



Some of these articles are for SharePoint 2010 but they are applicable to 2007 as well.

People Picker overview

Configure People Picker

Peoplepicker: Stsadm properties

An overview of site permissions

Plan site permissions