根据上次的网络包的分析, 我们在AD中找到了wtc-beijing-it的组, 不过在SharePoint日志中我们没有发现搜索成功的记录.
- SearchResultEntry: CN=WTC-BeiJing-IT,OU=Groups,OU=BeiJing,OU=WTC User,OU=WesTrac China,DC=westrac,DC=com,DC=cn
+ ObjectName: CN=WTC-BeiJing-IT,OU=Groups,OU=BeiJing,OU=WTC User,OU=WesTrac China,DC=westrac,DC=com,DC=cn
- Attributes: 9 Partial Attributes
+ SequenceHeader:
+ PartialAttribute: objectClass=( top )( group )
+ PartialAttribute: cn=( WTC-BeiJing-IT )
+ PartialAttribute: distinguishedName=( CN=WTC-BeiJing-IT,OU=Groups,OU=BeiJing,OU=WTC User,OU=WesTrac China,DC=westrac,DC=com,DC=cn )
+ PartialAttribute: displayName=( WTC-BeiJing-IT )
+ PartialAttribute: proxyAddresses=( smtp:WTC-BeiJing-IT@westrac.com.au )( MS:WESTRACEQU/WESTRAC/WTCBEIJIN9 )( CCMAIL:WTC-BeiJing-IT at OLD )( NOTES:WTC-BeiJing-IT@Westrac Exchange )( SMTP:WTC-BeiJing-IT@westrac.com.cn )( X400:c=US;a= ;p=WesTrac Equipmen;o=WesT
+ PartialAttribute: objectSid=( )
+ PartialAttribute: sAMAccountName=( WTC-BeiJing-IT )
+ PartialAttribute: groupType=( -2147483640 )
+ PartialAttribute: mail=( WTC-BeiJing-IT@westrac.com.cn )
- LDAPMessage: search Result Done, MessageID: 355
+ ParserHeader:
+ MessageID: 355
+ OperationHeader: search Result Done, 5(0x5)
+ SearchResultDone: Status: Success, MatchedDN: NULL, ErrorMessage: NULL
+ Controls:
请协助执行以下步骤:
1. 在SharePoint服务器上执行以下命令:
WebAppURL为web application的URL, 可以从管理中心的”管理应用程序”页面获取.
cd “C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions15BIN”
STSADM.exe -o getproperty -pn peoplepicker-searchadforests -url http://WebAppURL
记录命令输出结果
stsadm -o setproperty -url http://WebAppURL -pn peoplepicker-searchadforests -pv "domain:westrac.com.cn;domain:westrac.com"
再次执行STSADM.exe -o getproperty -pn peoplepicker-searchadforests -url http://WebAppURL
确认输出结果Vaule为domain:westrac.com.cn;domain:westrac.com
IISRESET重启IIS
验证问题是否仍然重现.
2. 因为目前我们没有同时抓取的SharePoint详细日志以及网络包, 如果步骤1后问题仍然重现, 请按照之前的步骤再次抓取.
3. 执行附件中的GETSID.exe<dc01/dc02分别为2台DC的服务器名>
以问题站点在IIS应用程序池的身份执行GETSID.exe \dc01 “wtc-beijing-it” \dc02 “wtc-beijing-it”
将结果截图.
示例: