So maybe you have a slow people picker? We did. The network guy said “Let’s check which ports are being blocked.” I thought “well, it’s working so I don’t know what good that’s going to do? It’s just super slow.” but I bit my tongue and went through the motions.
We saw that port 3268 was being blocked from SharePoint servers to AD. We unblocked it and the people picker ran like the wind. I was amazed. Now that we knew the port number things became easier to find. First thing I did was tweet about it. Then we went and did some research.
Our infrastructure was a little weird, they are . . . let’s say, firewall friendly. Between the 3 servers in the SharePoint farm there are 3 firewalls and then between all that and AD there’s one going out and one before active directory. The outbound firewall rule was prohibiting 3268 from going out.
Last night I had an interview and it came up and I couldn’t hardly remember the port, so I thought I’d blog about it. An hour ago I sat down to write this post and couldn’t find my tweet. I never know how hard it was to find old tweets. Good thing for me I have cool friends who know stuff. Dan Usher send me this link http://support.microsoft.com/kb/832017 and I saw the port number and it jogged my memory.
The long and the short of it is ldap at 389 is not as graceful as the catalog at 3268 at searching. If you have a slow people picker try to find someone while looking at the traffic and you’ll see a wealth of information.