Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

PeoplePicker Missing New AD Groups

80 views
Skip to first unread message

Scott@discussions.microsoft.com Rick Scott

unread,
Oct 27, 2009, 12:40:02 PM10/27/09
to
I've got an WSS 3.0 installation. In the people picker, I can see AD groups
that existed when I installed it, and I can see all new AD users, however I
cannot see any new AD groups that have been created since the WSS
installation. I have reviewed the STSADM commands
"get/setsiteuseraccountdirectorypath" and "get/setproperty -pn
peoplepicker-searchadforests" to ensure they are correct (we only have one
forest, and WSS is on our intranet). I read in a couple of places online
that this behavior is by design, however, I've also read that WSS can read
the AD all the time, in real-time, so I'm confused. Anybody know the truth?

Paluch@discussions.microsoft.com Vinicius Paluch

unread,
Nov 13, 2009, 11:36:03 AM11/13/09
to
Hi.. did you get it to work ? I´m facing the same problem.

Rick Scott

unread,
Nov 17, 2009, 12:36:25 AM11/17/09
to
Hi Vinicius,

No, I have not found a solution. I've ensured that these are in fact global
security groups and not distribution groups. The only other piece I have to
this puzzle is our network administrators are in the process of moving groups
from one OU to another, but they assure me that the domain account for
SharePoint has permissions to read both the old and new OUs. SharePoint can
only "see" the old OU, and was in the old OU until a about an hour ago when I
requested that it be moved to the new OU as a test. That did not fix the
problem, and I would have expected it to by now. I'll probably keep it there
overnight just to see what happens.

At this point I'm open to suggestions.

Let me know if you have any success,
Rick

Brooks

unread,
Nov 19, 2009, 1:09:56 AM11/19/09
to
On Nov 16, 10:36 pm, Rick Scott <RickSc...@discussions.microsoft.com>
wrote:
> > > the AD all the time, in real-time, so I'm confused.  Anybody know the truth?- Hide quoted text -
>
> - Show quoted text -

You need to run a full profile import for the new groups to display.

Yury James Stevenson

unread,
Nov 19, 2009, 3:23:56 AM11/19/09
to
Rick,

It's a rather annoying and known issue, following steps usually solve
the issue

1.Check if your ssp databases are still in sync first:

stsadm -o deleteolddatabases 2

Where "2" indicates the number of days you want to check.

2. If you get a result with mutiple sid's you need to get the db's back
in
sync.

To do so run the command:

stsadm -o deleteolddatabases 2

3. Then configure the sync timing from the command line like this:

stsadm -o sync -synctiming M:5

In this example M indicates minutes and 5 is the delay between
synchronizations.

4. Run a full crawl, after it is finished you should see the new
users/groups

--
regards,

Yury

http://www.xylos.com
http://ystex.net

Rick Scott

unread,
Nov 19, 2009, 10:55:02 AM11/19/09
to
Thanks Yury and Brooks for the assists. Actually, I ended up contacting Tech
Support, and discovered that I have inadvertently set my server farm to AD
creation mode that last time I installed it. They walked me through the
process on creating a new server farm without AD creation mode turned on,
then attaching the new server farm to my existing content databases. Worked
like a charm.

Thanks again!
Rick

"Yury James Stevenson" wrote:

> .
>

0 new messages