For this issue,Opened a MS ticket and resolved finally :) .
Action:
++++++++++++++++++++++++++++++++++++++++++
Unable to add Domain2 users to the SharePoint application server.
Error Message:
+++++++++++++++++++++++++++++++++++++++++++
“User does not exist” or “No match found”
Root Cause:
+++++++++++++++++++++++++++++++++++++++++++
For the MOSS people picker to work we need the below listed ports opened as well as the dynamic RPC ports opened for all the DC’s in DOMAIN1 domain that the server will talk to and in turn the DOMAIN1 DC’s should be able to communicate with the Domain2 DC’s and resolve SID’s.
The dynamic RPC ports are needed for the end point mapping.
A complete list of ports and protocols required to successfully instantiate and execute a People Picker request are as follows (WFE):
Defining and allocating a range of RPC ports.
How to configure a firewall for domains and trusts
http://support.microsoft.com/default.aspx?scid=kb;EN-US;179442
How to configure RPC dynamic port allocation to work with firewalls
http://support.microsoft.com/kb/154596/
TCP/UDP 135, 137, 138, 139 (RPC)
TCP/UDP 389 by default, customizable (LDAP)
TCP 636 by default, customizable (LDAP SSL)
TCP 3268 (LDAP GC)
TCP 3269 (LDAP GC SSL)
TCP/UDP 53 (DNS)
TCP/UDP 88 (Kerberos)
TCP/UDP 445 (Directory Services)
TCP/UDP 749 (Kerberos-Adm) [Opt.]
TCP port 750 (Kerberos-IV) [Opt.]
Resolution:
++++++++++++++++++++++++++++++++++++++++
The high end RPC dynamic service ports 1024 to 65535 between Domain1 and Domain2 domain controllers were enabled. Once this was done SharePoint automatically started to resolve APAC accounts.
Additional information
How to configure a firewall for domains and trusts
http://support.microsoft.com/default.aspx?scid=kb;EN-US;179442
How to configure RPC dynamic port allocation to work with firewalls
http://support.microsoft.com/kb/154596/
Action:
++++++++++++++++++++++++++++++++++++++++++
Unable to add Domain2 users to the SharePoint application server.
Error Message:
+++++++++++++++++++++++++++++++++++++++++++
“User does not exist” or “No match found”
Root Cause:
+++++++++++++++++++++++++++++++++++++++++++
For the MOSS people picker to work we need the below listed ports opened as well as the dynamic RPC ports opened for all the DC’s in DOMAIN1 domain that the server will talk to and in turn the DOMAIN1 DC’s should be able to communicate with the Domain2 DC’s and resolve SID’s.
The dynamic RPC ports are needed for the end point mapping.
A complete list of ports and protocols required to successfully instantiate and execute a People Picker request are as follows (WFE):
Defining and allocating a range of RPC ports.
How to configure a firewall for domains and trusts
http://support.microsoft.com/default.aspx?scid=kb;EN-US;179442
How to configure RPC dynamic port allocation to work with firewalls
http://support.microsoft.com/kb/154596/
TCP/UDP 135, 137, 138, 139 (RPC)
TCP/UDP 389 by default, customizable (LDAP)
TCP 636 by default, customizable (LDAP SSL)
TCP 3268 (LDAP GC)
TCP 3269 (LDAP GC SSL)
TCP/UDP 53 (DNS)
TCP/UDP 88 (Kerberos)
TCP/UDP 445 (Directory Services)
TCP/UDP 749 (Kerberos-Adm) [Opt.]
TCP port 750 (Kerberos-IV) [Opt.]
Resolution:
++++++++++++++++++++++++++++++++++++++++
The high end RPC dynamic service ports 1024 to 65535 between Domain1 and Domain2 domain controllers were enabled. Once this was done SharePoint automatically started to resolve APAC accounts.
Additional information
How to configure a firewall for domains and trusts
http://support.microsoft.com/default.aspx?scid=kb;EN-US;179442
How to configure RPC dynamic port allocation to work with firewalls
http://support.microsoft.com/kb/154596/
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.