Product DocsMenu

Coveo Platform 7.0 >
Administrator Help > Connectors > Microsoft SharePoint Connectors - Shared Topics > Creating an Office 365 Security Provider for SharePoint Online

Creating an Office 365 Security Provider for SharePoint Online

CES 7.0.5031+ (March 2013)

Because Office 365 security groups can be used as domain groups in SharePoint Online to set documents permissions, you must create an Office 365 security provider to allow authenticated users to search for documents secured using SharePoint Online domain groups.

The role of the Office 365 security provider is to resolve Office 365 security groups into its list of members.

Notes:

  • Coveo .NET Front-End 12.0.99+ (March 2013) Support to display search results with Claims permissions.

  • The SharePoint, SharePoint Legacy, and OneDrive for Business (CES 7.0.8047+ (December 2015)) connectors can use the Claims for SharePoint On-premises security provider type.

  • You can get familiar with how Coveo components deal with permissions on documents both at indexing and query time (see Security) .

To create an Office 365 security provider for SharePoint Online

  1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

  2. In the Administration Tool, select Configuration > Security.

  3. In the navigation panel on the left, select Security Providers.

  4. In the Security Providers page, click Add.

  5. In the Modify Security Providers page:

    1. In the Name box, enter a descriptive name of your choice.

    2. In the Security Provider Type drop down, select Office 365.

    3. In the User Identity drop-down list, select the user identity that you created to crawl your SharePoint Online (see Microsoft SharePoint Connector Deployment Overview or Microsoft OneDrive for Business Connector Deployment Overview).

    4. In the Users Security Provider drop-down list, select the Claims Security Provider for SharePoint Online or the Claims to Email Security Provider for SharePoint Online that you previously created (CES 7.0.7433+ (February 2015)) (see Creating a Claims Security Provider for SharePoint Online and Creating a Claims to Email Security Provider for SharePoint Online).

    5. In the Windows Azure Active Directory Module for Windows PowerShell box, ensure that the MSOnline.psd1 file is available at the default location (C:\Windows\System32\WindowsPowerShell\v1.0\Modules\MSOnline\MSOnline.psd1) on your Coveo Master server following the installation of the Windows Azure AD Module installation (see Installing the Windows Azure AD Module for Windows PowerShell). Change the path if needed.

      Note: You need to install the Windows Azure AD Module version with the same word size (32-bit vs 64-bit) as your version of CES. If you install the 64-bit version of the Windows Azure AD Module and run the 32-bit version of CES, when the connector requires the module, Windows will silently attempt to load the 32-bit version of the AD module, even if you specified the path for the 64-bit version.

    6. Leave the Allow Complex Identities option cleared as it does not apply to this type of security provider.

    7. Click Save.

What's Next?

Create a SharePoint security provider that will use this Claims security provider (see Creating a SharePoint Security Provider or Creating a Security Provider for the SharePoint Legacy Connector).

People who viewed this topic also viewed