Coveo .NET Front-End First Time Setup

When you install the Coveo .NET Front-End components for the first time on a server, the installer automatically accesses the search page at the end of the installation process. The Front-End Server Configuration web page appears to allow you to complete the Front-End first time setup.

As a Coveo administrator, you can also access the Front-End Server Configuration page again later from the .NET search interface Do more menu (see Content of the Do More Menu in a .NET Search Interface).

In the Front-End Server Configuration page, you must provide administrator credentials to configure the Back-End server that this Front-End server uses to send queries and receive search results. You can also select or create the search security certificate used to secure the connection between the Front-End and Back-End processes (see About Search Security Certificate).

Coveo .NET Front-End 12.0.49+ (September 2012) CES 7.0.4855+ (August 2012) When the Coveo search interface is installed on a server that uses Claims to authenticate users (such as a SharePoint server), you must also provide Claims parameters.

To perform the Coveo .NET Front-End first time configuration

1. In the Front-End Server Configuration page, the Front-End Server Settings section appears only when the current user does not have administrator permissions on the Front-End server.

   Example: The Front-End Server Settings section appears when you access the Front-End Server Configuration page from a Coveo .NET search interface installed on a SharePoint server that uses Claims to authenticate users.

   

   1. In the Username and Password boxes, enter the credentials of an administrator account on the Front-End server to be able to save the configuration performed in this page.

   2. Click Login.

2. In the Coveo Enterprise Search Server Settings section that appears:

   

   1. In the Connection Information section:

      1. In the Hostname box, enter the hostname of the Coveo Master server, where Coveo Enterprise Search (CES) is installed.

         When the Coveo Front-End component is installed on the same server as the Coveo Master server, you can use localhost. When they are on different servers, enter the hostname of the Master server, even when you want to connect this Front-End server to a Mirror server (you will select the Mirror server later in this page).

      2. In the case where your Coveo Master server uses a Coveo Search Web Service other than the default (52810), expand the Advanced setting section, and in the Services Port, enter the appropriate value (see and About the Coveo Search Web Service).

         Note: Do not confuse this port with the CES service port (see About the CES Service Port). The Front-End uses the Coveo Search Web Service to get additional configuration information from the Back-End server, including the CES service port (52800 by default) that the .NET search interface will use to communicate with the server.

      3. Click Validate server information.

         When the connection is established successfully, a green indicator () appears next to the button.

         When the connection cannot be completed, a red indicator and message ( Invalid server information) appear next to the button and an error message appears at the top of the page. In this case, adjust the connection information and try again.

   2. In the Administrator Credentials section that appears:

      1. In the Username and Password boxes, enter the credentials of a Coveo administrator account for the Coveo Master (Back-End) server.

      2. In the Provider drop-down list, select the security provider that can validate these user credentials, most likely Active Directory.

      3. Click Login.

3. Coveo .NET Front-End 12.0.1548+ (June 2016) When you want users of the search page you are configuring to be able to see content from a SharePoint server configured with Claims authentication, the Coveo .NET Front-End search page hosted outside SharePoint must authenticate each SharePoint end-user performing queries (see Configuring a .NET Search Interface Claims SSO) .

   In such a case, in the Claims SSO for SharePoint Settings section: 

   

   1. Select the Import the claims SSO configuration from the SharePoint claims identity provider setup page check box.

   2. In the Claims SSO Configuration to Import box, paste the claims SSO configuration that was generated in the SharePoint claims identity provider setup page (see Configuring a .NET Search Interface Claims SSO) .

4. In the Mirror Settings section:

   

   • When your Coveo implementation does not include Mirror servers:

     Select the Select a mirror option, and in the drop-down box, leave Default.

   • When your Coveo implementation includes one or more Mirror servers:

     You can decide to which Mirror server this Front-End server sends queries.

     Example: When you want to free the Master server from handling the queries, you can rather connect the Front-End to a Mirror server.

     Tip: When you have two or more Coveo Front-End servers, you can later set them up in a network load-balancing cluster (see Configuring Coveo Servers in a Network Load-Balancing Cluster).

     • Select the Select a mirror option, and in the drop-down box, select the mirror to which you want this Front-End server to send the queries.

       OR

     

     1. When you configured your Mirror server to use a CES service port other than the default (52800), select the Configure mirror manually option.

     2. In the Mirror Hostname box, enter the Mirror hostname, otherwise, enter the same machine name as in Hostname.

     3. In the Mirror Port box, enter the port that your Mirror server uses (see About the CES Service Port).

5. When the Coveo .NET search page is installed on a server such as SharePoint that uses Claims to authenticate users or when the Claims SSO for SharePoint is enabled, in the Claims-Based Authentication Settings section that appears:

   

   1. Coveo .NET Front-End 12.0.1633+ (September 2016) In the Claims Security Provider drop-down lists, select the claims security providers that you created for these Claims-based Front-End servers.

      Note: Coveo .NET Front-End 12.0.1548– (June 2016) Only one Claims Security Provider is supported for your Claims-based Front-End servers.

      Example: You could index content from a Claims-based on-premises SharePoint server and also from SharePoint Online. You need to create one Claims security provider for each of these SharePoint instances.

      Note: The following message appears when no Claims security provider is available (see Security Providers to Use):

      A Claims Security Provider is required, add one with the Administration Tool.

   2. In the Active Directory Security Provider drop-down list, select the Active Directory security provider to use.

      Note: The message An Active Directory Security Provider is required, add one with the Administration Tool. appears when no AD security provider is available (see Configuring an Active Directory Security Provider).

   3. In the Claim type holding Active Directory users list, the first claim is automatically selected, typically in the DOMAIN\username form, and is generally the best choice. Consider selecting another claim when the first one does not work.

      Note: Coveo .NET Front-End 12.0.1459– (March 2016) With previous versions, the Claim type holding Active Directory users list provided many more claims to select from.

      • When you want end-users to be able to search for documents from other sources that were crawled in an Active Directory environment, select the Claim Type to use to resolve an Active Directory identity from a Claims identity. You must select a Claim Type that has a Claim Value Example in the MyDomain\UserName or UserName@MyDomain.com form. Only the Claim Type is saved and used to get the Claim Value for each user when they perform queries.

      • When end-users can only search for Claims protected documents, you can select (None).

      

6. In the Search Certificate Settings section that appears:

   1. For Select or create the search certificate to use to be trusted when communicating with the Back-End server select one of the following options: 

      Use the default certificate

      The default certificate trusts everyone that has access to the .NET search interface and the Front-End server can be any machine (any IP address).

      Use an existing certificate

      When you already created one or more search security certificates on the Back-End server, select the desired certificate in the list that appears.

      

      Create a new certificate

      Use this option to create a certificate to trust only specific users and/or groups and trust only servers with specific IP addresses.

   2. When you select Create a new certificate, use the parameters that appear to build the certificate:

      

      1. In the Name box, enter a name for your new search security certificate.

      2. In the Trusted Users/Groups section, optionally define the trusted users:

         1. Select Specific user and/or groups when you want this certificate to trust only specific users.

         2. In the Name box, enter the name of a user or group to be trusted.

         3. In the Type drop-down list, select if the name is for a user or group.

         4. In the Provided drop-down list, select the security provider in which this user or group is defined.

         5. Click Add.

            The specified user or group appears in the list.

         6. When you want to add other trusted users or groups, repeat the previous steps.

      3. In the Trusted Front-End Servers section, define the IP address for one or more Front-End servers to be trusted by the Back-End server:

         1. Select Specific IP addresses when you want this certificate to trust only specific machines.

         2. In the IP address box, enter an IP address to be trusted.

         3. Click Add.

            The specified IP address appears in the list.

         4. When you want to add other trusted Front-End servers, repeat the previous steps.

7. In the Search Analytics Settings section, you can optionally configure this search front-end server to send search usage information to an on-premises database and/or to the Coveo Usage Analytics cloud service to later be able to review search usage data: 

   Notes:

   • Coveo .NET Front-End 12.0.1548+ (June 2016) .NET Framework 4.5 is required on the Coveo Front-End server to push information to the Coveo Usage Analytics cloud service.

   • CES 7.0.7711+ (June 2015) Support for sending analytics to the Coveo Usage Analytics cloud service.

   1. When you have access to a deployed on-premises Coveo Analytics module (see On-Premises Usage Analytics Module), in the On-Premises Analytics Module section:

      1. Select the Enable check box.

      2. In the Database Connection String box, enter the connection string for the database of your Analytics module.

      3. Click Test to validate the string.

   2. Coveo .NET Front-End 12.0.1548+ (June 2016) When you have access to the Coveo Usage Analytics cloud service (see Usage Analytics Cloud Service), in the Cloud Platform section: 

      1. Select the Enable check box.

      2. Depending on your setup, select one on the following radio button:

         • In a non-NLB (Network Load Balancing) setup, select the Push usage analytics information directly to the Coveo Usage Analytics cloud service radio button.

         • In an NLB setup, select the Push usage analytics information directly to the Coveo Usage Analytics cloud service radio button on one .NET Front-End server, and the Delegate pushing usage analytics information to another Coveo .NET Front-End NLB server radio button on the other(s).

           Notes:

           • For high-volume environments, the best practice is to set up a separate .NET Front-End server, outside the NLB, and whose only responsibility is to push events to the cloud service.

           • The URI of the Front-End(s) on which the Delegate pushing usage analytics information to another Coveo .NET Front-End NLB server radio button is selected should point to the Front-End that pushes the events to the cloud service.

      3. Depending on the radio button you select:

         • When you select the Push usage analytics information directly to the Coveo Usage Analytics cloud service radio button, in the API Key box, enter the API key to be used to call the Usage Analytics REST endpoint, and then click Test to validate the endpoint.

           Note: Contact Coveo Support to get an API key.

         • When you select the Delegate pushing usage analytics information to another Coveo .NET Front-End NLB server radio button, in the box, enter the URL of the Coveo .NET Front-End to delegate pushing usage analytics information to in the following form:

           http://[CoveoFrontEndServer]:8080/PushCloudAnalyticsInfo.aspx

8. Click Apply Settings.

9. Enable the Front-End that pushes UA information to the Coveo Usage Analytics cloud service to log errors in a folder of your choice:

   Note: Error logs are a good starting point when investigating problems.

   1. Using a text editor, open the Web.config file (by default C:\Program Files\Coveo .NET Front-End 12\Web.config).

   2. In the file, add the logFolder parameter (in red) in the analytics section as follows:

      <analytics enabled="False" connectionString="Data Source=yourServerName;Initial Catalog=CoveoAnalytics;Integrated Security=SSPI;" cloudEnabled="True" logFolder="D:\[folderPath]" platformEndpoint="" analyticsEndpoint="https://usageanalyticsdev.coveo.com/rest/v13" accessToken="YOURACCESSTOKEN" analyticsCloudDelegateUri="http://YOURHOSTNAME:8080/PushCloudAnalyticsInfo.aspx" analyticsCloudDelegateEnabled="False" />

The first time setup is completed and the default .NET search interface appears.