Product DocsMenu

Configuring a Database Security Provider

When your database contains permission information and user group definitions, you can use a security provider to expand the groups and index the permissions stored in the database. Otherwise, you do not need a security provider.

Note: You can get familiar with how Coveo components deal with permissions on documents both at indexing and query time (see Security) .

To create or modify a database security provider

  1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

  2. Select Configuration > Security.

  3. In the navigation panel on the left, select Security Providers.

  4. In the Security Providers page:

    • Click Add to create a new security provider.


    • Click an existing security provider to modify it.

  5. In the Modify Security Provider page:

    1. In the Name box, enter a name to identify this security provider.

    2. In the Security Provider Type drop-down list:

      1. On a 32-bit server, select Database (x86).

      2. On a 64-bit server, select Database (x64), or when the database driver used is a 32-bit process, select Database (x86).

    3. In the User Identity section, select a user identity only when you want to hide the account credentials in the Database Connection String:

      1. In the drop-down list, select the user identity that you selected or created to crawl your databases.

      2. When this is not already done, click Add, Edit, or Manage user identities respectively to create, modify, or manage user identities.

    4. In the Security Provider drop-down list:

      Note: CES 7.0.8691– (December 2016) The parameter was labeled Active Directory Security Provider.

      1. Select the security provider that you selected or created to allow this security provider to resolve and expand the groups (see Database Connector Deployment Overview).

      2. When an appropriate security provider is missing, click Add, Edit, or Manage security providers respectively to create, modify, or manage security providers.

    5. In the Database Connection String box, enter the connection string used to connect to the database. The connection string syntax differs from one database type to another. Refer to the appropriate documentation for the format of the connection string specific to your database (see

      Note: When you assign a user identity to the security provider, you can hide the password and the user ID by replacing them with tokens in the connection string (see Replacing the Identity in Database Connection Strings).

    6. In the Drive Type box, enter the type of the driver used to connect to the database:

      • Enter Odbc for Open Database Connectivity.

      • Enter OleDb for Object Linking and Embedding, Database.

      • Enter SqlClient for an SQL client.

    7. In the Query Page Size box, enter the desired page size value for an ODBC query when executing in paged mode. The value should be positive and different from 0. The default value is 5000.

    8. In the Query Timeout Time box, enter the maximum time (in milliseconds) allowed to perform a query on the database. The default value is 60000 ms (60 seconds).

    9. In the Parameters section, in rare cases, the Coveo Support could instruct you to click Add Parameters to specify other security provider parameter names and values that could help to troubleshoot security provider issues.

    10. Leave the Allow Complex Identities option cleared as it does not apply to this type of security provider.

    11. Click Save or Apply Changes, depending whether you are creating or modifying a security provider.

What's Next?

Create an index a source (Configuring and Indexing a Database Source).

People who viewed this topic also viewed