Export (0) Print
Expand All

Registersecuritytrimmer: Stsadm operation (Office SharePoint Server)

Office 2007

Updated: July 12, 2007

Applies To: Office SharePoint Server 2007

 

Topic Last Modified: 2007-07-12

Enterprise Search in Microsoft Office SharePoint Server 2007 performs security trimming of search results at query time. The results are trimmed based on the identity of the user submitting the query, by using the security information obtained from the crawler. However, there are certain scenarios in which the built-in security trimming results are not sufficient for your requirements and you need to implement custom security trimming. Enterprise Search provides support for custom security trimming through the ISecurityTrimmer interface. For example, say you have a Windows NT security model on your Human Resources database that only allows users access between the hours of 9:00 A.M. and 5:00 P.M. There is not a way to express that in an Access Control List (ACL), so instead, you would implement a custom security trimmer which implements this logic.

Also, if the ACL information changes in real time, the ACL read at crawl time is considered not current. Consequently, the security picture is invalid. A dynamic security check through a custom security trimmer at query processing time will return documents based on the current ACL picture.

Once a security trimmer is registered a full crawl of all the content that is specified by the rulepath parameter is required.

stsadm -o registersecuritytrimmer

   -ssp <ssp name>

   -id <ID number>

   -typename <assembly qualified TypeName of ISecurityTrimmer implementation>

   -rulepath <crawl rule URL>

   [-configprops] <name value pairs delimited by '~'>

 

Parameter name Value Required? Description

ssp

A valid SSP name, such as "SharedServices1"

Yes

The name of the SSP.

id

A unique ID from 0 to 2147483647

Yes

The security trimmer ID.

This value is unique. If a security trimmer is registered with an ID that is already registered for another security trimmer, the registration for the first trimmer is overwritten with the registration for the second trimmer.

typename

A valid type name, for example:

"Microsoft.Office.Server.ApplicationRegistry.Search.QueryProcessorSecurityTrimmer, Microsoft.SharePoint.Portal, Version=12.0.0.0, Culture=neutral, PublicKeyToken

=71e9bce111e9429c"

Yes

The strong name of the custom security trimmer assembly.

rulepath

A valid rule path, such as "file://file1"

Yes

The crawl rule for the security trimmer.

configprops

A valid name-value pair in the form "name1~value1~name2~value2"

No

The name-value pairs that specify the configuration properties. It must be in the following format: Name1~Value1~Name2~Value2~…

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft