Issue while Setting people picker for SharePoint 2019

%3CLINGO-SUB%20id%3D%22lingo-sub-1389437%22%20slang%3D%22en-US%22%3EIssue%20while%20Setting%20people%20picker%20for%20SharePoint%202019%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1389437%22%20slang%3D%22en-US%22%3E%3CP%3Ehello%20All%2C%3C%2FP%3E%3CP%3EI%20have%20working%20on%20building%20SharePoint%202019%20environment%20and%20have%20requirement%20to%20set%20peoplepicker%20to%20set%20to%20get%20limited%20users%20only%20from%20Active%20directory.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20using%20below%20script%20to%20set%20.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24WebApp%20%3D%20Get-SPWebApplication%20%3CA%20href%3D%22https%3A%2F%2Fsharepoint.abc.com%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsharepoint.abc.com%2F%3C%2FA%3E%3B%3CBR%20%2F%3E%24WebApp%20%3D%20Get-SPWebApplication%20%3CA%20href%3D%22http%3A%2F%2Fserver%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttp%3A%2F%2FAppServer%3C%2FA%3E%2F%3B%3CBR%20%2F%3E%24WebApp%20%3D%20Get-SPWebApplication%20%3CA%20href%3D%22http%3A%2F%2Fserver%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttp%3A%2F%2FAppServer%3C%2FA%3EFQDNUrl%2F%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24WebApp.PeoplePickerSettings.ActiveDirectoryCustomFilter%20%3D%20%22(%26amp%3B(!samaccountname%3Dx6*)(!employeetype%3Dtype1)(!employeetype%3Dtype2)(!employeetype%3Dtype3)(!employeetype%3Dtype3)(!employeetype%3Dtype4)(!userAccountControl%3A1.2.840.113556.1.4.803%3A%3D2))%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24WebApp.Update()%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFilter%20query%20is%20not%20working%20correctly%20in%20people%20picker.%3C%2FP%3E%3CP%3EBut%20same%20time%20when%20I%20run%20this%20for%20using%20below%20method%2C%20it%20gives%20expected%20results.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGet-ADObject%20-LDAPfilter%20'(%26amp%3B(!samaccountname%3Dx6*)(!employeetype%3Dtype1)(!employeetype%3Dtype2)(!employeetype%3Dtype3)(!employeetype%3Dtype3)(!employeetype%3Dtype4)(!userAccountControl%3A1.2.840.113556.1.4.803%3A%3D2))'%26nbsp%3B%7C%20ogv%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1389437%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdmin%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EPowerShell%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%20Server%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1817553%22%20slang%3D%22en-US%22%3ERe%3A%20Issue%20while%20Setting%20people%20picker%20for%20SharePoint%202019%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1817553%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F667947%22%20target%3D%22_blank%22%3E%40VichareRohan%3C%2FA%3E%26nbsp%3Bhi%2C%20try%20to%20start%20wireshark%20with%20monitoring%20LDAP%20traffic%20on%20your%20WFE%20server%2C%20then%20try%20to%20find%20some%20user%20through%20peoplepicker%2C%20stop%20monitoring%20in%20Wireshark.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELook%20to%20the%20LDAP%20query%2C%20and%20DomainController%20that%20response%20on%20your%20query.%20In%20my%20case%20was%2C%20that%20my%20queries%20went%20to%20wrong%20DC(domain%20orgname.com%20instead%20corp.orgname.com).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAfter%20I've%20added%20peoplepicker%20property%20to%20look%20to%20specific%20domain%2C%20filters%20start%20to%20work%20fine.%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

hello All,

I have working on building SharePoint 2019 environment and have requirement to set peoplepicker to set to get limited users only from Active directory.

 

I am using below script to set .

 

$WebApp = Get-SPWebApplication https://sharepoint.abc.com/;
$WebApp = Get-SPWebApplication http://AppServer/;
$WebApp = Get-SPWebApplication http://AppServerFQDNUrl/;

 

$WebApp.PeoplePickerSettings.ActiveDirectoryCustomFilter = "(&(!samaccountname=x6*)(!employeetype=type1)(!employeetype=type2)(!employeetype=type3)(!employeetype=type3)(!employeetype=type4)(!userAccountControl:1.2.840.113556.1.4.803:=2))"

 

$WebApp.Update()

 

Filter query is not working correctly in people picker.

But same time when I run this for using below method, it gives expected results.

 

Get-ADObject -LDAPfilter '(&(!samaccountname=x6*)(!employeetype=type1)(!employeetype=type2)(!employeetype=type3)(!employeetype=type3)(!employeetype=type4)(!userAccountControl:1.2.840.113556.1.4.803:=2))' | ogv

 

 

1 Reply

@VichareRohan hi, try to start wireshark with monitoring LDAP traffic on your WFE server, then try to find some user through peoplepicker, stop monitoring in Wireshark.

 

Look to the LDAP query, and DomainController that response on your query. In my case was, that my queries went to wrong DC(domain orgname.com instead corp.orgname.com).

 

After I've added peoplepicker property to look to specific domain, filters start to work fine.