locked
WSS 3.0 Can't add users from AD RRS feed

  • Question

  • I am having a problem that no one else seems to be having out there and I am hoping that someone can help me with.  My environment is as follows:
    Windows Server 2008 R2 Enterprise
    SQL Server 2008 Enterprise w/SP1
    IIS v7
    WSS 3.0 with SP2

    I will try to explain my issue as best as possible, but if I miss something please let me know and I will do my best to provide you with that information.  Ok, here goes.
    I have everything installed and working, but when I go in to SharePoint 3.0 Central Administration I do the following:
    1.  Click on Operations
    2.  Click on Update Farm administrator's Group
    3.  Click New < Add Users
    In the add users window I enter the username for the person that I want to add and I get the error: "No exact Match was found".  I then click on the book to browse for the user and just put in the first letter and click search and only get HelpGroup to show up.  No matter what I do the only users that show up in here are the local users for this server and nothing will show up from Active Directory.  I know that Active Directory works because if I go to the users and groups on the server and add a user or group that is on the domain it finds them without a problem.  I have even tried to add a user under the groups like administrotrs or users, but even after doing that you still can't add that user in SharePoint, however if I create a local user of course you can add that user.  This seems like it would be an easy fix, but believe me if it is than it is beyond my grasp at this time.  Please help me to fix this problem.  I hope I have provided all the infromation that you need, but as I said if I have not please feel free to ask me.
    Tuesday, October 6, 2009 9:38 PM

Answers

  • What is the user account currently in “Farm administrator’s group”, local machine account or domain account?  I guess it may be a local machine account.  

     

    According to http://technet.microsoft.com/en-us/library/cc288210.aspx , the server farm account is used as the application pool identity for the SharePoint Central Administration Web site, if it is a local machine account, it may not have the privilege to query AD, so you cannot find AD account with people picker in Central Administration web site.

     

    You can run the stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword command as described in http://support.microsoft.com/kb/934838/en-us to update the farm administrator account to a domain account.

    • Marked as answer by GuYuming Friday, October 9, 2009 2:51 PM
    Thursday, October 8, 2009 10:27 AM

All replies

  • Have you tried entering "domain\username" to find your users?

    Also, did you see these threads?

    http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/16fcd427-3c6a-4bff-a876-71c75626eede/

    http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/221b409c-cbed-469e-92a4-4b2b1e65455b


    Brownie Points fixed a similar issue by changing authentication type to windows authentication:

    http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/d782e431-1034-48a6-9d57-df87dc51f0b6


    It appears that this problem can be fixed by running the following command:

    stsadm -o setproperty -url <your URL> -pn "peoplepicker-searchadforests" -pv <your domain>


    Details on the proper usage of Peoplepicker-searchadforests property:

    http://technet.microsoft.com/en-us/library/cc263460.aspx
    Andre Galitsky, MCTS, Lexington, KY -- My SharePoint Blog: http://www.sharepointnomad.com
    • Proposed as answer by Anand yadav Wednesday, October 7, 2009 5:49 PM
    Wednesday, October 7, 2009 12:06 PM
  • What is the user account currently in “Farm administrator’s group”, local machine account or domain account?  I guess it may be a local machine account.  

     

    According to http://technet.microsoft.com/en-us/library/cc288210.aspx , the server farm account is used as the application pool identity for the SharePoint Central Administration Web site, if it is a local machine account, it may not have the privilege to query AD, so you cannot find AD account with people picker in Central Administration web site.

     

    You can run the stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword command as described in http://support.microsoft.com/kb/934838/en-us to update the farm administrator account to a domain account.

    • Marked as answer by GuYuming Friday, October 9, 2009 2:51 PM
    Thursday, October 8, 2009 10:27 AM
  • What is the user account currently in “Farm administrator’s group”, local machine account or domain account?  I guess it may be a local machine account.  

     

    According to http://technet.microsoft.com/en-us/library/cc288210.aspx , the server farm account is used as the application pool identity for the SharePoint Central Administration Web site, if it is a local machine account, it may not have the privilege to query AD, so you cannot find AD account with people picker in Central Administration web site.

     

    You can run the stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword command as described in http://support.microsoft.com/kb/934838/en-us to update the farm administrator account to a domain account.


    OMG !!!!!!!!!!!!!!!!!!!!!!!!!!   OMG !!!!!!!!!!!!!!!!!!!!!    THAT fixed it... You rock... Thank you soo much for helping me out on this.  You have no idea how much I have been pulling my hair out on this.  I am putting this in my notes right now.  Thank you, a million times over !!!!!!!!!!
    Friday, October 9, 2009 2:22 PM
  • What is the user account currently in “Farm administrator’s group”, local machine account or domain account?  I guess it may be a local machine account.  

     

    According to http://technet.microsoft.com/en-us/library/cc288210.aspx , the server farm account is used as the application pool identity for the SharePoint Central Administration Web site, if it is a local machine account, it may not have the privilege to query AD, so you cannot find AD account with people picker in Central Administration web site.

     

    You can run the stsadm -o updatefarmcredentials -userlogin <var>DomainName</var>\<var>UserName</var> -password <var>NewPassword </var>command as described in http://support.microsoft.com/kb/934838/en-us to update the farm administrator account to a domain account.


    OMG !!!!!!!!!!!!!!!!!!!!!!!!!!   OMG !!!!!!!!!!!!!!!!!!!!!    THAT fixed it... You rock... Thank you soo much for helping me out on this.  You have no idea how much I have been pulling my hair out on this.  I am putting this in my notes right now.  Thank you, a million times over !!!!!!!!!!

     Hi,

    I am having the same problem, unable to add new users. I tried to follow the directions shown but it didn't work. Any ideas?
    Monday, January 25, 2010 6:01 PM