Wednesday, October 12, 2011

Limiting the SharePoint People Picker with PowerShell

We had the problem that the searching after people in the Active Directory took very long. If you don't limit the people picker in SharePoint it searches the whole domain and all forests within. This can be very time consuming when the picker tries to resolve the names ( In out company about 1 minute).

Therefore we decided to limit the people picker by domain. The problem is that you can define this limitation only on sitecollection level. This means that you have to do that each time you create a new sitecollection.

I wrote a powerhell script which loops throught alle sitecollections and restricts the one, which do not already have a limitation.

 #Powershell for Changing People Picker Settings
  
 #Author I.Bikmaz
 #Add SharePoint SnapIn
  
 $snapin = Get-PSSnapin | Where-Object {$_.Name -eq 'Microsoft.SharePoint.Powershell'}
  
 if ($snapin -eq $null) {
   Write-Host "Loading SharePoint Powershell Snap-in"
   Add-PSSnapin "Microsoft.SharePoint.Powershell"
 }
  
 Get-SPWebApplication | Where {$_.Url -eq "http://youwebapp/"} | Get-SPSite -Limit ALL | ForEach-Object {
   # Choose the sites with empty setting
   Get-SPSite $_.Url | Where {$_.UserAccountDirectoryPath -eq ""} | ForEach-Object {  
     Write-Host "Creating People Picker Setting for '"$_.Url"'"  
     Set-SPSite $_.Url -UserAccountDirectoryPath "DC=xxx,DC=xxx,DC=com"  
     Write-Host "done..."  
     Write-Host ""  
   }
  
 }
  


Using PowerShell for restricting the people picker


In SharePoint 2007 generally you have used the stsadm command to set the properties for the people picker (Look here for the list of stsadm commands for the people picker).

In SharePoint 2010 you can use PowerShell. But: You have to code multiple lines for what the stsadm command could do in one line. Therefore most people are still using stsadm commands for limiting the people picker.

The example above was a setting for a single site collection. You can also set limitations on webapplication level. To see which settings can be manipulated open your SharePoint Management Shell and type:

C:\>$webapp = Get-SPWebApplication http://yourwebapp
C:\>$webapp.PeoplePickerSettings





An easy way is to restrict your people picker to a single domain. This boost your picker if you have lots of subdomains.

Here you can find all properties and their types. The SearchActiveDirectoryDomains property has the type SPPeoplePickerSearchActiveDirectoryDomain. So you have to create an object of this type to manipulate the object.

For an example look here.



Here I have some useful links:

No comments: