Using the Security Browser

The Security Browser page allows you to look into the relationships between the indexed security user and groups found in your unified index. The features of this page are useful to troubleshoot indexing and search results issues involving security.

To use the Security Browser

1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

2. In the Administration Tool, select Content > Security Browser.

3. In the Security Browser page:

   

   1. In the Name box, enter the name of a user or group for which you want to browse the security.

      Example: For an Active Directory user or group, enter the name in the domain\UserOrGroupName form such as MyOrg\JSmith.

      Note: You must enter an exact case sensitive name. You cannot use wildcard.

   2. In the second box on the same line, select the type or security entities for the typed name (User, Group, or Virtual Group).

      Note: A Virtual Group is a group that is defined only in CES, not in a security provider.

   3. In the third box on the same line, select the security provider in which the user or group is defined.

   4. At the end of the same line, click View.

      The page presents related security entities:

      Navigation

      Indicates the history of navigation among security entities. The last element is the current entity. Previous navigation elements are clickable to allow you to easily return to a previously selected security entity.

      Members

      Lists the security entities that are members of the currently selected security entity. The listed security entities are clickable so that you can easily explore the membership relationships.

      Is Member of

      Lists the security entities for which the currently security entity is a member. The listed security entities are clickable so that you can easily explore the membership relationships.

   5. To drill down in the security information, click a security entity in either the Members or the Is Member of list.

      The selected security item is added to the navigation history and the Members and Is Member of lists are updated.

   6. Optionally, in the Filter box, type a string to refine the Members and Is Member of lists to only security entities that contain the typed string.

   7. Optionally, in the Members or Is Member of lists:

      • Click the title of a column to sort the list alphabetically by the clicked column values. A second click sorts the values in the reverse order.

      • Click the funnel icon next to a column title and select the desired security entities to refine the list to these entities.

      

   8. When you want to ensure that the CES security cache is up-to-date with the permissions associated with a given security group: 

      1. In the Members or Is Member of list, click the group for which you want to update the permissions.

      2. CES 7.0.6547+ (March 2014) At the bottom of the page, click the Update permissions for: [group_name] link.

         A message appears at the top of the page.

         

         Note: The command to update permissions is sent immediately and executed as soon as previously committed operations are completed, typically within seconds.

      Example: You just removed a member from a given Windows group and want to ensure in the Security Browser that the user no longer sees corresponding documents in the Coveo search results.

      By default the Update Windows Users and Groups Cache system schedule is executed once a day at 12:00 AM (see What Should Be the Frequency of System Schedules?) so CES will normally be aware of the permission changes only at midnight.

      You can use the Update permissions for: [group_name] link to force a security cache update for the specific group and continue your validation.