SharePoint People Picker Returns No Results

I ran into an interesting issue on my SharePoint development environment recently where my people picker was returning no results when searching for users by name, or browsing all users:

The warning message is:

No results were found to match your search item. Please enter a new term or less specific term.

By default the SharePoint people picker uses the farm account to query Active Directory to retrieve this information. If your farm account does not have permission to query AD then your people picker will return no results. As it happened my dev environment was using a local account and hence was failing. To fix run the following stsadm commands:

1. stsadm -o setapppassword -password password
2. stsadm -o setproperty -pn peoplepicker-searchadforests -pv "domain:domaintosearch.com,username,password" -url http://centraladminurl

Run this for each web application that is seeing the problem, and you should see the following result:

Resources

• Peoplepicker: Stsadm properties (Office SharePoint Server) http://technet.microsoft.com/en-us/library/cc263318.aspx

Note from Technet

If Password is used, you need to run stsadm –o setapppassword -password on every front-end Web server first. The could be any string, and is used as the key to encrypt the password in the domain:DnsName,LoginName,Password or forest:DnsName,LoginName,Password and store the encrypted password in the database. However, if the domains or forests are trusted, it is not necessary to pass in the login name or password. The following format is used: forest:DnsName or domain:DnsName.

Update

This behavior typically happens when the account that is running the application pool for the site you are running, is not a domain account. It is good practice to use domain accounts for SharePoint services, but this is not always practical for development environments.

Missing Property Mapping Fields in SSP User Profile Properties

Today I was configuring user profile properties for a SharePoint intranet site and ran into a problem where I couldn't see the property mapping settings when configuring an individual property:

The actual error reported is:

Note: The selection of directory service properties is disabled because the portal is in an untrusted domain or no directory service import is configured yet. 

After much Google searching I found an archived post from the now defunct site http://paulhorsfall.co.uk.  The fix suggested is that the SSP application pool must use a domain account.  My SSW app pool had been configured to run under a local account...

To fix:

1. In Central Administration, go to Operations
   
2. Click the Service Accounts link
   
3. Click the web application pool radio button then select the application pool for your SSP in the drop down list
   
4. Change the account to a domain account and click OK
   

When the app pool has restarted, the mapping properties should be available again:

Thanks to Paul Horsfall for initially reporting this fix!