About

I’m a technology architect specialising in Microsoft SharePoint and supporting technologies.  I’ve been involved with Microsoft technologies since 1995 and have implemented a number of solutions for Government, Logistics and private enterprise.

I love technology.  I’m just not very good at it 😉

2 Responses to “About”

  1. Jonathan Manley Says:
    December 30, 2008 at 8:53 pm | Reply

    I had a question about Search Server Express, I know that when it indexes file shares it captures the Windows Server Security ACL’s for the files and the results are filtered through that based on who is logged in. My problem i would guess is that i’m Using FBA to login to the MSSX site and now windows. When i search the file system i get no results, but if i change it to windows i get results fine, what do we need to change?

    • gavinmckay Says:
      January 5, 2009 at 2:11 am | Reply

      Hi Jonathon,

      Sorry for the late reply – been on holidays 🙂

      I would say you are a tad stuck if you are using Forms-Based Authentication (FBA). As you stated, when searching file systems Search Server uses file system ACLs to control who is allowed to view results from directories.

      From a security standpoint, you shouldn’t really allow Forms-Based authenticated users access to your internal file system anyway, but that is of course your choice. You may have to do this because of incompatible operating systems, or a complex network setup (multiple domains, etc.). Two possible changes you could try:

      1. Upload files you need people to access to the Search Server itself, then you can control access via FBA. This is probably the easiest way, though it will mean you may need to maintain two copies. I am slowly migrating my clients to this approach and closing down file-system access altogether. The advantages you get with SharePoint and file access is worth the effort.
      2. Use Windows Authentication. I have two sites that use both Windows Auth and Forms-Based to accomplish this for an Extranet scenario, with the inward-facing users access via Windows Auth, and external-facing use FBA

      There might be other combinations, but it starts to get complex… like for example implementing a custom security protocol, but that is getting into some painful territory and I wouldn’t suggest following this course without a *really* good reason 🙂

      Hope this helps,

      Gavin.

Leave a comment