How can I diagnose or resolve missing AD groups for target audience rules

Hello everyone,

I'm having some problems with the target audiences I have set up in my SharePoint 2010 farm. I have set up a single rule for each target audience in Central Administration, pointing to a group in Active Directory. Up until a couple of weeks ago I had no problem using the people picker to look up AD grups and everything seemed to be working, but now I am suddenly not able to find any groups in AD.

The User Profile Synchronisation is running without any errors. I have already performed a full synchronisation and compiled all audiences with no luck. I have also checked the property called peoplepicker-searchadforests with stsadm and that appears to be correct as well. If I try and look up the same AD group in a peoplepicker on one of the site collections it is immediately displayed with no errors. All of the AD groups I'm using are global security groups and the ULS log contains no errors from when the target audience compilation started until it ended.

What puzzles me is that AD groups on our test environment can be found in the peoplepicker in Central Administration without any problems, despite the fact that the target audience rule fails with the message "Non-existent Membership group...". It would seem to me that SharePoint does not look up the security groups directly in AD but rather somewhere else - a lot of posts suggests that SharePoint stores information about target audience it in the ProfileDB but I haven't been able to find which table.

I know I'm leaving out a lot of other details but what I really need to know is how I can investigate this issue further, e.g. does SharePoint in fact look up the groups in the ProfileDB and if so from what table? Is there any kind of tool or technique I can use to actually see what happens in SharePoint from the moment I try and search for an AD group in the people picker?

January 10th, 2014 4:56pm

could you please share the Target Audience rule( ma be screen shot).

Did you see any user in that target audience after compile?

Free Windows Admin Tool Kit Click here and download it now
January 10th, 2014 5:03pm

It is not about User Profile Synchronization.  It is about People Picker Configuration.  You can do this per web application, where you tell your people picker what domain(s) it should look up from, any LDAP filters to filter out certain users based on whatever attributes. 

Keep in mind the people picker setting is WEB-APPLICATION specific... so you can also check this in powershell:

    $wa = get-spwebapplication "<web app url>"

    $wa.PeoplePickerSettings

  DO this for the central admin web application url, not your content web app.

So you want to use the stsadm -o getproperty -pn peoplepicker-searchadforests

    to make sure that you are searching the correct a/d domain and forest

      make sure the account you used to set up the people picker is not locked out

 also check this

  stsadm -o getproperty -pn peoplepicker-searchadcustomfilter

       check this to make sure you are not accidentally filtering out users based on some attribute

if you need to change anything you can use the stsadm -o setproperty -pn <property name> -pv <new value>


  • Edited by SharePointMC Friday, January 10, 2014 2:11 PM better answer
January 10th, 2014 5:08pm

Hi Waqas,

I have taken a screenshot of the target audience details along with the lookup dialog that I'm using to try and resolve the "Non-existent Membership group..." error.

Details on one of the target audiences

...and this is the error I get when trying to look up the missing group:

Result from trying to lookup the AD group named

Free Windows Admin Tool Kit Click here and download it now
January 13th, 2014 4:51am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics