Windows Search 4.0 Administrator's Guide

Applies To: Windows Server 2008

This Administrator’s Guide provides instructions for deploying Windows® Search 4.0 (WS4) and is designed for IT professionals and deployment specialists who are responsible for deploying Windows Search in an enterprise environment. We recommend that you first use the steps provided in this guide in a test lab environment. This guide is divided into the following sections:

Last Updated March 2009

This document is provided for informational purposes. Microsoft makes no warranties, express or implied, with respect to this document or the information contained in it. In addition, this should be considered a living document and as such readers should check back to the online version located at Microsoft TechNet for any updates that may have taken place since the time this document was created. This document targets an audience of IT managers and administrators and pertains to Windows Search 4.0 and later versions for Windows™ XP, Windows™ Server 2003/2008 and Windows Vista™ operating systems.

The latest version of the technology is Windows Search 04.xx.xxxx.xx (Microsoft Knowledge Base article 940157). In this documentation, Windows Search 04.xx.xxxx.xx is referred to as Windows Search 4.0 (or WS4). Windows Search 4.0 is an upgrade from Windows Desktop Search 3.xx.xxxx which is referred to as Windows Desktop Search 3.x. Windows Search 4.0 is available via Windows Update for Windows Vista, Windows XP, and Windows Server 2003.

This document will attempt to differentiate the functionality of Windows XP and Windows Server versus Windows Vista.

Note

Some features are not available in all markets

What’s New in Windows Search 4.0

Windows Search 4.0 has a number of new features and enhancements that can help IT professionals deploy and maintain desktop search:

  • Improvements in performance and stability of the indexer

  • Fuller complement of Group Policy settings, available on all supported operating systems

  • Fast sorting and grouping of results in Windows Explorer

  • Improvements in indexing online e-mail

  • Ability to index delegate mailboxes for online e-mail

  • Support for indexing encrypted documents of local file systems

  • Expanded ability to do fast remote queries of file shares, including on Windows XP and Server 2003

  • Automatic indexing of shared folders

  • Improvements in previews for earlier, supported operating systems (Windows Server 2003 and Windows XP)

Online E-Mail Indexing

Before users can search for e-mail, Windows Search 4.0 must index the e-mail store, which involves crawling the store and collecting the properties and content of e-mail items. This initial indexing is later followed by smaller incremental indexing (as mail arrives, is read and deleted, and so on) to keep the index current.

Running in cached mode When you configure an Outlook client to run in Exchange Cached Mode, the mailbox is copied locally on the end user’s computer, and WS4 performs its indexing activities locally as well. This means the Exchange server isn’t burdened during either the initial or the incremental indexing. Therefore, if your need is to minimize the impact of the desktop indexing service on your Exchange server, we highly recommend running in cached mode.

Running in online mode In practice, it isn’t always feasible to run in cached mode, and when running in Exchange uncached or classic online mode, WS4 cannot crawl and index e-mail locally. However, WS4 attempts to help you reduce the burden on Exchange while keeping the index current. The initial indexing must still occur, and Exchange server can experience a higher than usual load during this time. After the initial indexing, WS4 updates the index incrementally, using Exchange synchronization APIs to identify changes in the store. This methodology significantly lowers the impact on Exchange by eliminating the massive RPC load and I/O load that crawling the store would cause.

Note

To index the content of an online e-mail store, the indexing service on the client must be able to communicate with the Exchange server. Unless explicitly allowed, some firewall applications may prevent this communication by default, causing the indexing of online mailboxes to fail. Therefore, when enabling online e-mail indexing, ensure that the firewall on the client machines allows SearchProtocolHost.exe to communicate through the firewall, either by adding it to the list of exceptions or by ensuring that appropriate polices are in place.

We highly recommend that you stage your rollout and deployment across smaller groups of users. This minimizes the burden on Exchange during the initial indexing phase of deployment.

Note

When running in classic online mode, Outlook 2007 sends search queries to Exchange Server rather than the local Windows Search index. Because versions earlier than Exchange Server 2007 do not index mail stores by default, these searches may be slower.
However, users in this environment (running Outlook 2007 in classic online mode) can still get a fast and efficient search of their mail items by using Windows Search 4.0 directly.

Group Policy To help administrators further control the impact of indexing on performance, WS4 has a Group Policy that throttles the indexer on the client side to allow only two messages per second (120 per minute) to be indexed. This policy is enabled by default. See the Group Policy for Windows Search section for more information on using this policy.

Remote Query

Windows Search 4.0 extends the ability to search across remote desktops. Previously, only Windows Vista users could query recognizable indexes on remote Vista computers; now, WS4 enables users to query remote computers running any supported operating system. Remote querying includes the following features:

  • Queries work across all supported OSes (Windows XP, Server 2003, Home Server, and Vista).

  • All shared NTFS folders are automatically indexed (excludes all FAT file systems).

  • All shared, and therefore indexed, locations can be remotely queried.

The location on the remote computer must be shared and it must be indexed. With Group Policy, administrators can control whether shared locations are automatically indexed.

Querying from Windows Vista or Windows Server 2008

To query a remote computer, users use Windows Explorer to browse the shared, indexed folder on another machine and enter their searches in Explorer’s search box. If the location is not indexed, then Vista falls back to a slower GREP search instead of WS4.

Querying from Windows XP or Windows Server 2003

To query a remote computer, users select the location from their All Locations menu and enter their search query as usual. First, of course, they must add the remote location to their search scope:

  1. From the Windows Search UI, click the All Locations menu and select Add Location.

  2. Enter the full path of the location, or browse to the location.

Once added, the new location appears at the bottom of the All Locations menu allowing users to select that location to search in. In the same way, users can remove a location by selecting Remove Location. If the remote location is not indexed, a message appears advising users that the location cannot be searched.

Support for Indexing Encrypted Files

Windows Search 4.0 fully supports indexing encrypted files on local file systems, allowing users to index and search the properties and contents of encrypted files. Users can manually configure WS4 to include encrypted files or administrators can configure this with Group Policy. WS4 ensures that only users with the correct permissions can search the content of encrypted files by honoring ACLs and by restricting access to users with decryption permissions for the files. Additionally, WS4 restricts access to encrypted files to local searches only; WS4 does not return encrypted files in search results when the query is initiated remotely.

The indexing of encrypted files should not be enabled unless the search index itself is protected with full volume encryption. While encrypting the index file with EFS is possible it is not recommended. See the “Encrypting Your Index” section in Security and Privacy.

Smart Cards and Encryption If you use smart card certificates to encrypt your files, WS4 adds a cached copy of the certificate hash and its associated user SID to include with the encrypted content in the index. Therefore, you must retain the default setting for the Encrypting File System Properties under Local Security Policy within secpol.msc for Create caching-capable user key from smartcard.

Using Group Policy to activate encrypted file indexing with smartcard technology is not recommended unless, as a standard practice, smart cards are always inserted. The search indexer polls for certificate hash changes approximately every three minutes, and if the smart card isn’t present, some users’ files won’t get indexed for a lengthy period of time. Therefore, we recommend you retain the default ‘not configured’ setting on the Group Policy and let users manually activate encrypted file indexing, which prompts them for their smart cards.

To include encrypted documents in the index, follow these instructions:

  1. From the Indexing Options Control Panel, click the Advanced button.

  2. Select the Index Encrypted Files option.

Note

If you use smart card certificates, you must insert your smart card and enter your password when prompted.

  1. Click OK on the Index Encrypted File notification dialog to rebuild the index to include encrypted files.

Once these documents are indexed, the user can search to find the content within them.

See Also

Concepts

Windows Search 4.0 Troubleshooting Guide

Other Resources

Microsoft Knowledge Base article 940157