Search in a Federated SharePoint Deployment


The Optimal People Picker is a vendor supported federated claims provider that re-enables search capabilities for users and groups in SharePoint within on-premise directories.



Vendor supported federated claims provider

When deploying SharePoint with Federated Claims Authentication, the out of the box “People Picker” no longer searches your directory. Instead, it simply resolves whatever you type and accepts this as a claim value. This functionality is “as designed” by Microsoft, where SharePoint no longer has a physical connection to your Active Directory.

While this makes sense when federating with external organizations where you wouldn’t search their directories for users and groups, SharePoint People Picker doesn’t allow users to search the on-premise directory.

This is an especially frustrating problem for the many organizations that deploy SharePoint with Federated Claims Authentication with no intention of ever federating with external organizations.

The Optimal People Picker/Claims Provider is a vendor-supported claims provider that re-enables SharePoint’s advanced claims search capabilities. This allows end users to confidently search for and select users and groups from their on-premise directory.


Optimal People Picker/Claims Provider leverages Optimal IdM’s Virtual Identity Server (VIS). In doing so, it not only supports multiple AD forests, but it also allows users to exist in any directory or database.

Finding and selecting the right object using the out-of-the-box SharePoint People Picker can be difficult, confusing and time consuming. This increases costs and end user frustration. To make matters worse, security can be compromised if the wrong user or group is selected with the People Picker.

Key Features

Optimal People Picker for SharePoint is a full-featured application designed to provide safe and effective advanced claims searching. It:

  • Re-enables the search capability of the SharePoint People Picker when deployed in Federated Claims mode
  • Stops SharePoint from resolving/accepting whatever is typed into the People Picker
  • Allows users and groups to exist in any directory or database.
  • Provides full support for wildcard searches
  • Filters results based on a role/group, so one set of users cannot view or select another set of users/groups
  • Can be configured so the default ADFS 2.0 claims provider can remain or be hidden


The Optimal People Picker allows you to do all of these and much more.



Reduced IT Costs

Read more

Eliminate Deployment Barriers

Read more

Meet Audit and Compliance Initiatives

Read more

Increased Security and Control

Read more

Product Awards

Winner Best of Tech Ed 2013 (SharePoint)



Does VIS support Kerberos and/or NTLM/Negotiate authentications?

faq-imageYes, VIS supports Kerberos, NTLM and Negotiate as authentication options on both the listing side as well as the back-end connection sides.

Can I get a demo/evaluation version of VIS?

Yes. Please fill out a demo form with your contact information.

What data stores can the Virtual Identity Server connect to?

The Virtual Identity Server supports a number of data stores directly with out of the box adapters. Additionally, a customer or integrator can create adapters utilizing our built-in extensibility.

Is your product FIPS compliant?

Yes. Our software is running in both non-secure and secure government networks.