Product DocsMenu

Coveo Platform 6.5 >
Administrator Help > Connectors > Microsoft SharePoint Connector > Granting SharePoint Permissions to the Crawling Account

Granting SharePoint Permissions to the Crawling Account

You must select an existing Active Directory account or create a new one that the Coveo connector will use to crawl your SharePoint content.

Tip: The best practice is to create a dedicated Active Directory account for the exclusive use of the Coveo connector with a password that never changes. If you must change the password of this account you will need to change it both in AD and in the corresponding CES user identity(see Adding a User Identity).

This crawling account must have the proper rights to retrieve the information from your SharePoint farm. The following table presents the minimal required permissions that the crawling account must have to perform the specified action for the supported SharePoint versions.

SharePoint version Action to perform Minimal required permission
2010 2007 2003
  Content and Security indexing, live indexing, and site collection discovery Full Read policy for all SharePoint farm web applications (see Adding the Full Read Policy to All SharePoint Farm Web Applications)
  Personal site and user profile indexing Read permission for the site collection of the source starting address (see Adding the SharePoint Website Read Permission)
    Retrieve People Data for Search Crawlers permission to the User Profile Service Application(see Adding the Retrieve People Data for Search Crawlers Permission to the User Profile Service Application)
    Manage user profiles permission to the Shared Service Rights (see Adding the Manage User Profiles Permission in Shared Service Rights)
    Content and security indexing SharePoint Website Administrator permission (see Adding the SharePoint Website Administrator Permission)
    Personal site and user profile indexing, live indexing, and site collection discovery Member of the SharePoint farm administrators group (see Adding the Crawling Account to the SharePoint Farm Administrators Group)

OR

Member of the SharePoint server local Administrators group (see Adding the Crawling Account to the SharePoint Server Local Administrators Group)

Automatic Permissions Setup

For SharePoint 2010 and 2007, the SharePoint connector has the ability to automatically set up the required permissions for the crawling account when a source is refreshed or rebuilt.

The automatic permissions setup has the following requirements:

What's Next?

Once you granted the appropriate permissions: