SharePoint - Hide Irrelevant Users from Search
https://sharepoint.stackexchange.com/questions/121651
-
30-09-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianسؤال
I have a SharePoint site - is there an easy way to hide specific users from being searched and/or logging in? For instance, I have two domain accounts (DOMAIN\William and DOMAIN\William.Yeack) one for each of my exchange mailboxes. But I only want one (DOMAIN\William) to show in SharePoint because it is my main one:
المحلول
The screenshot shows the People Picker and I take it you'd like to prevent certain Active Directory (AD, LDAP) Users from being shown. As you've tagged the question with Profile-Sync and talk about 'Search' you may be more concerned with multiple profiles in the User Profile Service (UPS).
People Picker
If it's the People Picker you're interested in then I'd suggest you identify (or create) some property of the User [object] suitable for filtering on and configure a query for the People Picker to filter on by following the procedure at Filter Active Directory accounts by using LDAP queries (MSDN).
- Compose an LDAP Query (you can use the AD Users & Computers tool to run a custom search) which returns only the user & groupaccounts for the you'd like to appear.
- e.g. only Groups or enabled People accounts:
(|(objectcategory=group)(&(objectCategory=organizationalPerson)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2))))
- e.g. only Groups or enabled People accounts:
- Use
Stsadmcmd-line tool to set this query for each Web ApplicationStsadm –o setproperty –pn peoplepicker-searchadcustomfilter -pv "(|(objectcategory=group)(&(objectCategory=organizationalPerson)(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2))))" -url http://SPWebAppDefaultUrl
UPS
Regarding UPS, if you've used both accounts to access SharePoint then you'll have multiple SharePoint Site User Profiles but even if you've been careful to use only a single account the User Profile Sync may have created a UPS User Profile for your second account.
A UPS Service Application administrator will be able to delete the profile for the second account and apply an LDAP query to filter the next sync. Once the UPS user profile has been removed then Enterprise Search will stop returning the profile as a result.
