Securre Store and multiple forests

Hi,

I was looking for a little help trying to understand how the secure store works. I'm using it right now to create an ID for a tabular excel report/cube and it works fine for everyone in the root forest. My issue comes when I try and add users from another forest. There is two way trust between the forests and if I try and add the same user to say a site collection admin it can find the user. If I try and add the user to a SharePoint page it finds them.   The problem seems to be isolated to the Secure Store. The secure store is running under the same App pool as the root web app. There is only one web app. That app pool is running under a domain account that is in the local admin group on the server. If I logon with that service account and open an mmc console and add users and computers I can find the group and or user I'm looking for in the other forest, so I can't see it being a trust issue between the forests. Does anyone have any other ideas what could be stopping the secure store from connecting to the DC in the other forest and looking up users?

Thanks,
Jeff

August 25th, 2015 4:17pm

The resolution was to run stsadmin for people picker. i.e.

stsadm -o setproperty -pn peoplepicker-searchadforests -pv "domain:<DOMAINNAME.COM>;domain:<DOMAINNAME.CA>;domain:<DOMAINNAME.ORG>" -url <your web app url>

then run it again for your Central admin console url then do an iisreset. and then I could see all the domains I had added.

  • Marked as answer by Jeff Shep 8 hours 1 minutes ago
Free Windows Admin Tool Kit Click here and download it now
August 25th, 2015 7:42pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics