People Picker is not recognizing usernames on Server 2008 R2

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/7621

Question

In the original configuration, I have a SharePoint 2007 site hosted on Windows Server 2003/32 bit server. I configured it to use Forms Authentication with ActiveDirectoryMembershipProvider and LdapRoleProvider. I configured the PeoplePickerWildCard tags in the web.config. Now, this all worked fine and everything is great.

I then tried to duplicate this configuration on our production servers. The big difference is that the production server is a Windows Server 2008 R2/64 bit machine with IIS 7.5. The Membership/Role providers are the same configuration, but I can't seem to get the people picker to work at all. I even did a full user profile import (I'm not sure if this is nessessary, but I tried it anyway).

Now, although the people picker doesn't work, authentication does work. I am able to log in with the Form Authentication form, but I get the access denied error. Is there anything that needs to be configured differently on Windows Server 2008 R2?

EDIT:

I've modified the SharePoint website web.config, setting the defaultProvider for both the Membership and Role provider. I also modified the CA web.config, but didn't set the defaultProvider on either the Membership or Role provider. I added the People Picker wild cards to both the SharePoint site and the CA, since I thought it was needed for both. My Domain Controller is on a different box. I'll check out the links to see if I can find anything I forgot.

Thanks for your help!

Was it helpful?

Solution

You can try explicitly setting the people picker:

stsadm -o setapppassword -password password
stsadm -o setproperty -url $yourUrl -pn peoplepicker-searchadforests -pv "forest:domain,username,password"

OTHER TIPS

Do you have the domain controller on the same box? Perhaps you could try two things:

  1. Setting the peoplepicker-searchadforests property. I was writing about it here
  2. Windows Server 2008 has a loopback check and it's possible that it can't see itself. More about it here.

Hope it helps.

Could you elaborate where you try to set the picker? Eg. CA or web app.

If you need to assign access to your FBA sites by policy from CA, you need to add providers to CA web.config as well. Here there is an important difference from your web apps web.config, since the default role provider should remail AspNetWindowsTokenRoleProvider.

This old blog post describes the configuration thoroughly.

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top