locked
SharePoint 2016 Picker Picker AD lookup errors RRS feed

  • Question

  • We have SharePoint on DOMAIN A. People Picker requires looking up AD users from DOMAIN B. There is one-way trust from DOMAIN A to DOMAIN B.

    I have ran the PS script, however I am unable to resolve AD users. SharePoint ULS logs are 

    10/19/2020 08:50:23.00               w3wp.exe (0x4E70)                                       0x2F4C  SharePoint Foundation                         Search                                72e7      Medium               Error in resolving user. User: 'user', ResolverInformation: 'SPActiveDirectoryPrincipalResolver, DomainName: 'DOMAINB.com', DomainIsForest: 'False', DomainLoginName: 'svc_user', CustomSearchQuery: '', CustomSearchFilter: '', Timeout: '00:00:30', IncludeDistributionList: 'True'', Exception: 'System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): The user name or password is incorrect.       at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)     at System.DirectoryServices.DirectoryEntry.Bind()     at System.DirectoryServices.DirectoryEntry.get_AdsObject()     at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)     at Microsoft.SharePoint.WebControls.PeopleEditor.SearchFromGC(SPActiveDirectoryDomain domain, String st...                3420859f-d316-b00e-40fb-4acc960758ab

    I have checked again and again my script and user and password are correct.

    Add-PSSnapin Microsoft.SharePoint.PowerShell #Add the SP snapin
    $webApp = Get-SPWebApplication http://sharepoint_portal_url
    $key = ConvertTo-SecureString "Password123" -AsPlainText -Force
    [Microsoft.SharePoint.SPSecurity]::SetApplicationCredentialKey($key)
    
    $userpwd = ConvertTo-SecureString "svc_user password" -AsPlainText -Force
    $ADSearchObj = New-Object Microsoft.SharePoint.Administration.SPPeoplePickerSearchActiveDirectoryDomain
    $ADSearchObj.DomainName = "domainb.com"
    $ADSearchObj.IsForest = $false
    $ADSearchObj.LoginName = "svc_user"
    $ADSearchObj.SetPassword($userpwd)
    $webApp.PeoplePickerSettings.SearchActiveDirectoryDomains.Add($ADSearchObj)
    $webApp.Update()

    Also  have used same user to configure UPS and it works perfectly fine. Not only that I have checked AD tool installed on the server to query AD using these credentials and they work perfectly fine as well.

    Why SharePoint people picker not able to resolve query lookup?


    • Edited by bpatel27 Monday, October 19, 2020 9:50 AM
    Monday, October 19, 2020 9:49 AM