Skip to content

SPWebAppPeoplePickerSettings

Jump to bottom
dscbot edited this page Mar 17, 2023 · 12 revisions

SPWebAppPeoplePickerSettings

Parameters

Parameter Attribute DataType Description Allowed Values
WebAppUrl Key String The URL of the web application
ActiveDirectoryCustomFilter Write String Sets a customized query filter to send to Active Directory
ActiveDirectoryCustomQuery Write String Sets the custom query that is sent to Active Directory
ActiveDirectorySearchTimeout Write UInt16 Sets the time-out in seconds when a query is issued to Active Directory
OnlySearchWithinSiteCollection Write Boolean Specifies whether to search only the current site collection
PeopleEditorOnlyResolveWithinSiteCollection Write Boolean Specifies whether to check the user against the existing site collection users
SearchActiveDirectoryDomains Write MSFT_SPWebAppPPSearchDomain[] List of all domains/forests that must be searched

MSFT_SPWebAppPPSearchDomain

Parameters

Parameter Attribute DataType Description Allowed Values
FQDN Required String FQDN of the domain or forest
IsForest Required Boolean Is the FQDN a forest?
AccessAccount Write PSCredential Specifies the credentials to use to connect to the specified domain or forest
CustomFilter Write String Sets a customized query filter to send to Active Directory
ShortDomainName Write String NetBIOS name of the domain or forest

Description

Type: Distributed Requires CredSSP: No

This resource is used to configure the People Picker settings for a web application.

NOTE: If the forest or domain on which SharePoint is installed has a one-way trust with another forest or domain, you must first set the credentials for an account that can authenticate with the forest or domain to be queried before you can configure the SearchActiveDirectoryDomains.

The encryption key must be set on every front-end web server in the farm on which SharePoint is installed: https://technet.microsoft.com/en-us/library/gg602075(v=office.15).aspx#section3

Due to a SharePoint API limitation a password missmatch cannot be detected. To update the password after the initial add to the SearchActiveDirectoryDomains the SPPeoplePickerSearchActiveDirectoryDomain has to be removed from the SearchActiveDirectoryDomains or the the password needs to be updated with the SetPassword(SecureString) Method directly.

Examples

Example 1

This example shows how to configure the people picker settings on the specified web application

Configuration Example
{
    param
    (
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $AccessAccount,

        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )

    Import-DscResource -ModuleName SharePointDsc

    node localhost
    {
        SPWebAppPeoplePickerSettings ConfigurePeoplePicker
        {
            WebAppUrl                      = "http://sharepoint.contoso.com"
            ActiveDirectoryCustomFilter    = $null
            ActiveDirectoryCustomQuery     = $null
            ActiveDirectorySearchTimeout   = 30
            OnlySearchWithinSiteCollection = $false
            SearchActiveDirectoryDomains   = @(
                MSFT_SPWebAppPPSearchDomain
                {
                    FQDN            = "contoso.com"
                    IsForest        = $false
                    AccessAccount   = $AccessAccount
                    CustomFilter    = '(company=Contoso)'
                    ShortDomainName = 'CONTOSO'
                }
            )
            PsDscRunAsCredential           = $SetupAccount
        }
    }
}

SharePointDSC

SharePointDsc Module

Clone this wiki locally