Limiting Sharepoint People picker to show users and groups from a Specific Active Directory

In corporate environment if you have more than one Active directory, Sharepoint by Default tries to get the user and groups from all of them and shows in the People picker, it is bit annoying when this are just the Test AD’s in the network.

Sharepoint Central admin does not have any UI to configure this. However there is a work around using the STSADM (No Powershell command for web application level configurationL :(

To make it more elaborative, consider there are 3 Domain Controllers in the network, tz.com, subtz.com and test-tz.com.

Following is the Stsadm command to read the user from two of our Domain controllers except the test-tz.local.

STSADM.exe -o setproperty -pn peoplepicker-searchadforests -pv "tz.local,tz\User1,Password1;subtz.local,subtz\User2,Password2" -url http://[webapplicationurl]

Source: http://technet.microsoft.com/en-us/library/gg602066.aspx#section4

In a different scenario, we have to set this different for different site collection, following is powershell command. (domain is tz.local)

Set-SPSite -Identity http://intranet.tz.com -UserAccountDirectoryPath " dc=tz,dc=local"

To make it more specific to a particular group in the AD, following command be used to point the specific group. (domain is tz.local and group is Sales(OU=sales))

Set-SPSite -Identity http://intranet.tz.com -UserAccountDirectoryPath " Ou=sales,dc=tz,dc=local"

Source: http://technet.microsoft.com/en-us/library/ff607958.aspx