Versions Compared

Old Version 31

changes.mady.by.user Mateusz Lorc

Saved on

compared with

New Version 32

changes.mady.by.user Lars Gjestang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To extract and index documents stored in Microsoft SharePoint, the Locator SharePoint connector needs to be configured with a user that has access to all the documents that are to be extracted. This user is referred to as the index user.

...

Additional user typeRequired permissions
Separate user for authentication and identification

Requires "Read for index user" custom permission or Site Collection Administrator on each site collection.the root site (https://[tenant].sharepoint.com) or site specified in wizard

Multiple index usersEach additional index user requires exactly the same permissions as main index user.

...

  • If any of the "Include Office 365..."-checkboxes in wizard is used for specific site collection templates
  • If "Include other site templates" is checked in the wizard and some of the templates were selected.

Note 3: Global admins and SharePoint admins don't have automatic access to Group Sites. That means they can not manage permissions inside Group Sites. However global admins still have option to add members and owners to Group Sites.

...

Excerpt

   

Configuring Windows Azure Active Directory

Locator uses the Windows Azure Graph API.  The Office 365 Global Administrator will need to configure an application, called a "service principal" in Windows Azure terminology, to be authorized to read Windows Azure Active Directory information.

Setting up the Windows Azure Graph API for Locator 

Setting up the Windows Azure Graph API for Locator is required in order to configure either an Exchange Online or a SharePoint online connection.  This need only be done one time, as the client ID and secret key obtained through these steps can be used for both the Exchange Online connector and the SharePoint Online connector.


To create and obtain an Azure AD Client App Id and a Client Secret, sign into https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps using the global administrator account for your Office 365 organization and do the steps indicated in red below. The two values that are to be extracted are circled in green:






The screenshot above has the application Id we need. The two menu options that are to be used for creating and obtaining the client secret, are circled in red and will be used in the following screenshots:

Image Modified



Adding Permissions to the Azure AD Application for SharePoint Online indexing

...