In a SharePoint environment in which you have a one-way trust domain configuration, you discover that the people picker is not resolving all users from other domains as needed.
Here is the fix:
1) On every server in the SharePoint farm, set an encryption key.
2) Clear the existing peoplepicker-searchadforests property for the web application.
3) Set the new peoplepicker-searchadforests property for the web application. The key point here is to add all domains that need to be available in the people picker within the same command.
Format:
Example:
Notes:
- The service account should have Read permissions for each domain, and the service account credentials should be the same for all instances listed in the command.
- In the example above, the third domain (uk.corp.com) is a child domain under corp.com. As you can see, there is no need to add another forest instance if it is a child domain.
Repeat steps 2 and 3 for each web application as needed.