Recently I had a client ask me if there was any way to hide the "All Users" option that appears within the people picker of SharePoint 2010. You know the one I mean:
The scenario is based around the SharePoint site using a custom identity provider with a custom claims provider that displays the users as we needed them to be. The "All Users" option shows users from not just the Identity Provider but all providers that are being used on the SharePoint Farm, so the idea was to hide this from the user base, so the only options they had were for the custom claims provider and SharePoint Groups.
After some investigation if you run the following command:
You can see the current list of providers, on my environment you can see:
- System
- Active Directory
- All Users
- Forms Auth
This means that the "All Users" option is also exposed as a claim provider that should be able to be removed. In actual fact this one inherits from SPAllUserClaimProvider. If we now run the following command:
You will see that it is available and most importantly you will see it has a property called "IsEnabled". So if we put it all together we can use the following:
$cpm = Get-SPClaimProviderManager
$au = get-spclaimprovider –identity "AllUsers"
$au.IsEnabled = $false
$cpm.Update()
This when ran will modify the people picker as shown below:
To revert the change you can use the same as above with the following change:
NOTE: you will need to use other variable names or use a new PowerShell window
$cpm = Get-SPClaimProviderManager
$au = get-spclaimprovider –identity "AllUsers"
$au.IsEnabled = $true
$cpm.Update()
Just another hidden gem in the massive platform of SharePoint.