Multi domain people search in SharePoint

1 juli 2014

Sometimes you have the luck to be part of a merger of two companies that both have a SharePoint implementation. In the end, they want a fully migrated SharePoint environment, but the first need they have is finding people within both companies.

The best solution is to create a new User Profile, sync with both Active Directories and migrate both existing profiles and mysites to the new environment. But this takes quit a lot of time before everything is in place. There is a much faster way to fulfill the requirement of finding people and that is the use of People search.

There’s one assumption: both domains are trusted so users can access both farms when they have permission. And keep in mind, All settings have to be done on both farms!

Read on the step by step walkthrough to accomplish a multi domain user profile search. So lets start!

  1. Relevant Accounts
  • Make sure you have access to the Central Admin in both farms
  • Know all crawler- and domain user group accounts
  1. User Policy
  • In Central Admin/Application Management/Manage Web Applications, select the MySite web application and add the following to the User Policy:
    • Crawler account of the other farm – Full Read
    • Domain users of the other domain – Full Read
User Policy settings 
  1. User Profile Service Administrator
  • In Central Admin/Application Management/Service Applications/Manage Service Applications, select the row of the User Profile Service. DON’T click on any of the words User Profile service, because that brings you to the Manage Profile Service page, but that’s for later. You only have to select the row!
  • Click Administrators in the ribbon
  • Add the crawler account from the other farm and give it ‘Retrieve People Data for Search Crawlers’ permissions
Administrators for User Profile Service 
  1. User Profile Permissions

Now you’ve set the administrator, you must disable the possibility to create new MySites in the other domain.

  • From the Manage application service page click on the User Profile Service link (the words, not the row as in previous step)
  • Click on Manage User Permisions in the People section.
  • Make sure at least both domain user groups of both domains are present.
  • Set permissions for the internal domain
Permission settings User Profile Service Internal Domain 
  • Set permissions for the visiting domain, make sure the ‘Create Personal Site’ is disabled.
Permission settings User Profile Service External Domain 
  1. Content Sources
  • In Central Admin/Genral Application Settings/Search/Farm Search Administration, select the Search service to host the People search
  • Select Content Sources from the navigation panel
  • From the existing Content Source, remove the http://Mysite and sts3://Mysite
  • Add a new Content Soucre, called something like ‘People Profiles’
  • From both farms, put the http:// and sts3:// URL’s in the new content source
Content source settings 

Now you’re ready to start the crawl. Perform a full crawl on all new and changed Content Sources

Test your search from the Search Center and see results of all personnel in both farms!

Happy Namesearching! :-)

Submit a comment

Dit vind je vast ook interessant.