manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thomas Daniel <Daniel.Tho...@uk.fujitsu.com>
Subject ManifoldCF SharePoint/ActiveDirectory Authority Connection Issue
Date Thu, 14 May 2015 13:30:00 GMT
Hi,

We are using ManifoldCF and Solr in a Microsoft Windows environment.
We have an issue trying to search for documents from Solr when we have users from other domains.
We have two domains, one where everything is running in (Domain A) and one where our users
are (Domain B). The 2 windows domains trust each other.
We are placing users from Domain B into groups in Domain , which is where our problem is.

We have ManifoldCF 2.0.1 indexing Microsoft SharePoint 2013, and think there is an issue with
our authority set up (using a SharePoint/AD authority connection to the Domain Controller
in 'Domain A').
We are not able to add a connection to 'Domain B', as we don't have access to it directly.
We are putting a user from 'Domain B' into the above AD group in 'Domain A'.
Within SP2013 we have an  AD group from 'Domain A' inside a SP2013 group, the SharePoint group
has permission granted to read document libraries and various lists.

To double check the result, we used the authority service and we get a 'user not found' error.
If we try to look for user@domainB, domain B is not the suffix defined for the DC we are connecting
to. And if we say user@domainA, then it wouldn't be looking for the right user.
Also, having a look at the code, it seems the authority connector only looks for objects of
type 'user'.
Our best guess is that as our users are from a different domain, they will be a 'ForeignSecurityPrincipal'
object, and therefore not found by the connector?
Our users have the correct access rights to SharePoint itself, and the can view content and
sites. We have had this configuration working with users from 'Domain A' previously, so we
know our general configuration works.

Is there any way to configure ManifoldCF to find users who are members of a permitted group
in one domain when the users themselves belong to a trusted domain?

Thanks in advance for any help.

Kind regards,
Daniel Thomas
Software Developer
Fujitsu
Viables Ind. Est., Jays Close, Basingstoke, Hampshire, RG22 4BY
Mob: +44 (0) 7867 897274
Email: daniel.thomas@uk.fujitsu.com<mailto:daniel.thomas@uk.fujitsu.com>
Web: http://uk.fujitsu.com<http://uk.fujitsu.com/>
[cid:image001.jpg@01D08E4E.F2226CC0]<https://www.youtube.com/playlist?list=PLV493J-pTITeSWLKa-cxQ0QMLYy3h1dOT>

[cid:image002.jpg@01D08E4E.F2226CC0]
[cid:image003.gif@01D08E4E.F2226CC0]<http://www.youtube.com/user/fujitsuUK>[cid:image004.gif@01D08E4E.F2226CC0]<http://www.facebook.com/fujitsuuk>
[cid:image005.gif@01D08E4E.F2226CC0] <http://twitter.com/#!/fujitsu_uk>  [cid:image006.gif@01D08E4E.F2226CC0]
<http://www.linkedin.com/company/fujitsu-uk-and-ireland>  [cid:image007.png@01D08E4E.F2226CC0]
<http://blog.uk.fujitsu.com/>  [cid:image008.gif@01D08E4E.F2226CC0] <https://plus.google.com/103287532874520008913/>
Fujitsu is proud to partner with Action for Children<http://www.actionforchildren.org.uk/>
P Please consider the environment - do you really need to print this email?




Kind regards,
Daniel Thomas
Software Developer
Defence & National Security
Fujitsu
Viables Ind. Est., Jays Close, Basingstoke, Hampshire, RG22 4BY
Mob: +44 (0) 7867 897274
Email: daniel.thomas@uk.fujitsu.com<mailto:daniel.thomas@uk.fujitsu.com>
Web: http://uk.fujitsu.com<http://uk.fujitsu.com/>
[cid:image001.jpg@01D08E4E.F2226CC0]<https://www.youtube.com/playlist?list=PLV493J-pTITeSWLKa-cxQ0QMLYy3h1dOT>

[cid:image011.jpg@01D08E52.75534BC0]
[cid:image003.gif@01D08E4E.F2226CC0]<http://www.youtube.com/user/fujitsuUK>[cid:image004.gif@01D08E4E.F2226CC0]<http://www.facebook.com/fujitsuuk>
[cid:image005.gif@01D08E4E.F2226CC0] <http://twitter.com/#!/fujitsu_uk>  [cid:image006.gif@01D08E4E.F2226CC0]
<http://www.linkedin.com/company/fujitsu-uk-and-ireland>  [cid:image007.png@01D08E4E.F2226CC0]
<http://blog.uk.fujitsu.com/>  [cid:image008.gif@01D08E4E.F2226CC0] <https://plus.google.com/103287532874520008913/>
Fujitsu is proud to partner with Action for Children<http://www.actionforchildren.org.uk/>
P Please consider the environment - do you really need to print this email?


Unless otherwise stated, this email has been sent from Fujitsu Services Limited, from Fujitsu
(FTS) Limited, or from Fujitsu Telecommunications Europe Limited, together "Fujitsu".

This email is only for the use of its intended recipient.  Its contents are subject to a duty
of confidence and may be privileged.  Fujitsu does not guarantee that this email has not been
intercepted and amended or that it is virus-free.

Fujitsu Services Limited, registered in England No 96056, registered office 22 Baker Street,
London W1U 3BW.

Fujitsu (FTS) Limited, registered in England No 03808613, registered office 22 Baker Street,
London W1U 3BW.

PFU Imaging Solutions Europe Limited, registered in England No 1578652, registered office
Hayes Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.

Fujitsu Telecommunications Europe Limited, registered in England No 2548187, registered office
Solihull Parkway, Birmingham Business Park, Birmingham, B37 7YU.
Mime
View raw message