Thanks to a recent customer I have a new troubleshooting tidbit for SharePoint 2010's people picker: if the People picker returns a call back error when searching for accounts in a remote domain in a one way trust take the following steps:

1. Ensure that the AD trust is working correctly. This can be done in Active Directory Domains and Trust on the Domain Controller.

2. The Farm Account should be a member of the local machine’s administrator group.

3. On the “HKLM\Software\Microsoft\Shared Tools\Web Server Extensions\14.0\Secure” registry key ensure the following permissions are in place and are being inherited in the sub-keys

          * WSS_WPG Read permission
          * WSS_Admin_WPG Full Control
          * WSS_RESTRICTED_WPG_V4 Full Control

4. Get and copy the peoplepicker-searchadforests property value via stsadm command:
stsadm -o getproperty -url <URL> -pn peoplepicker-searchadforests

5. Clear the peoplepicker-searchadforests property value via stsadm command:
stsadm -o setproperty -url <URL> -pn peoplepicker-searchadforests -pv ""

6. Rerun the password encrypt command with different password:
stsadm -o setapppassword -password <NewPassword>
NewPassword can be anything you want.

7. Set the peoplepicker-searchadforests property value via stsadm command:
stsadm -o setproperty -url <URL> -pn peoplepicker-searchadforests -pv "domain:domain.local;domain:domain2.local,domain\username,password"