Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SharePoint Server 2010 with one way trusted domain -no search results for users from Trusted domain

Posted on 2013-05-24
7
Medium Priority
?
984 Views
Last Modified: 2013-05-28
I have a client with a SharePoint server 2010 environment. We have a local domain set up in the environment that hosts the Site. So we have domain1.local and then a one way trust was set up between the Clients internal domain and the local domain. So we have domain2.com.  The access and users in SharePoint groups are all working as expected from both domains.

The problem found is the users from domain2.com are getting no results when searching while the users with the same SharePoint permissions assigned from domain1.local do see results when searching.

The only fix that seems to be suggested  (that I have found) is to:
1. Change the Web App authentication from Classic-mode to Claims-mode.
or
2. Change the authentication on the SSA from Classic-mode to Claims-mode.

I am not comfortable with #1 since there are other application installed and configured to work with SharePoint that I am unsure if there will be a negative affect with. This environment if fully validated for FDA submissions and the applications have had Test scripts written and run. Changing the Authentication would most likely cause a whole new script having to be run on these apps.

So this leaves me with option #2 which I am trying to understand how this will work.
Will it have negative affects on the Security of the sharepoint configuration ? I am thinking not since it is just the Search ???
One article states "you will have to follow up with changing the web app over to claims-mode also". Is this true ?

Also stated is the "Search Alerts will be broken" - I dont think I have ever set up alerts on the Search - can you give me an example ?

Finally are there any other options that you know of that could help to get this working.
Am I missing something ? Is it really this involved ?

Any information would be appreciated - the security of the info on this site is very important that is why it was set up as a one way trust to begin with.

Thanks
Danielle
0
Comment
Question by:daniberes
  • 4
  • 3
7 Comments
 
LVL 38

Expert Comment

by:Justin Smith
ID: 39195977
This is a 500 pt question, my friend.
0
 

Author Comment

by:daniberes
ID: 39200902
Okay thanks.
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 39201028
Did you set your Enterprise Search application to use claims?
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 

Author Comment

by:daniberes
ID: 39201578
No not yet, I was concerned about the consequences. I dont think there is any negative impact but I wanted to be sure before just going ahead and changing that.
And when questioned by the site owners I would like to be able to explain why this will work and also be a good solution. I am a bit apprehensive of my own understanding of the Claims authentication and it being just on the search service app.

Thanks
Danielle
0
 
LVL 38

Accepted Solution

by:
Justin Smith earned 2000 total points
ID: 39201637
There won't be a negative impact.  I've done it in multiple farms.

The simple answer is, enabling claims allows the service application to properly read user information from all domains.  Without it enabled, the service app won't be able to tell if the end user has access to the search results and won't display them.

http://social.technet.microsoft.com/forums/en-US/sharepointadminprevious/thread/2d903f8a-f74b-48e6-9b3e-b9461ae3fa5e/
0
 

Author Comment

by:daniberes
ID: 39201650
So if I do that, will I have to enable claims in the whole web application as one article had mentioned ? That was my main concern.  There is to much configuration, validation and script testing  done to just go and change the whole web application to claims.
0
 

Author Closing Comment

by:daniberes
ID: 39201707
Thanks Achilles! Always knows the right answers for my SharePoint woes.....
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Technology opened people to different means of presenting information, but PowerPoint remains to be above competition. Know why PPT still works today.
A recent project that involved parsing Tableau Desktop and Server log files to extract reusable user queries for use in other systems. I chose to use PowerShell to gather the data, and SharePoint to present it...
Viewers will learn the different options available in the Backstage view in Excel 2013.
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question