Solved

SharePoint Server 2010 with one way trusted domain -no search results for users from Trusted domain

Posted on 2013-05-24
7
962 Views
Last Modified: 2013-05-28
I have a client with a SharePoint server 2010 environment. We have a local domain set up in the environment that hosts the Site. So we have domain1.local and then a one way trust was set up between the Clients internal domain and the local domain. So we have domain2.com.  The access and users in SharePoint groups are all working as expected from both domains.

The problem found is the users from domain2.com are getting no results when searching while the users with the same SharePoint permissions assigned from domain1.local do see results when searching.

The only fix that seems to be suggested  (that I have found) is to:
1. Change the Web App authentication from Classic-mode to Claims-mode.
or
2. Change the authentication on the SSA from Classic-mode to Claims-mode.

I am not comfortable with #1 since there are other application installed and configured to work with SharePoint that I am unsure if there will be a negative affect with. This environment if fully validated for FDA submissions and the applications have had Test scripts written and run. Changing the Authentication would most likely cause a whole new script having to be run on these apps.

So this leaves me with option #2 which I am trying to understand how this will work.
Will it have negative affects on the Security of the sharepoint configuration ? I am thinking not since it is just the Search ???
One article states "you will have to follow up with changing the web app over to claims-mode also". Is this true ?

Also stated is the "Search Alerts will be broken" - I dont think I have ever set up alerts on the Search - can you give me an example ?

Finally are there any other options that you know of that could help to get this working.
Am I missing something ? Is it really this involved ?

Any information would be appreciated - the security of the info on this site is very important that is why it was set up as a one way trust to begin with.

Thanks
Danielle
0
Comment
Question by:daniberes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 38

Expert Comment

by:Justin Smith
ID: 39195977
This is a 500 pt question, my friend.
0
 

Author Comment

by:daniberes
ID: 39200902
Okay thanks.
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 39201028
Did you set your Enterprise Search application to use claims?
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:daniberes
ID: 39201578
No not yet, I was concerned about the consequences. I dont think there is any negative impact but I wanted to be sure before just going ahead and changing that.
And when questioned by the site owners I would like to be able to explain why this will work and also be a good solution. I am a bit apprehensive of my own understanding of the Claims authentication and it being just on the search service app.

Thanks
Danielle
0
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 39201637
There won't be a negative impact.  I've done it in multiple farms.

The simple answer is, enabling claims allows the service application to properly read user information from all domains.  Without it enabled, the service app won't be able to tell if the end user has access to the search results and won't display them.

http://social.technet.microsoft.com/forums/en-US/sharepointadminprevious/thread/2d903f8a-f74b-48e6-9b3e-b9461ae3fa5e/
0
 

Author Comment

by:daniberes
ID: 39201650
So if I do that, will I have to enable claims in the whole web application as one article had mentioned ? That was my main concern.  There is to much configuration, validation and script testing  done to just go and change the whole web application to claims.
0
 

Author Closing Comment

by:daniberes
ID: 39201707
Thanks Achilles! Always knows the right answers for my SharePoint woes.....
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Access 2003 or later To MySQL Migration Project Hello All, this is my second article in the category of MS-OFFICE Automation. In internet I am not able to find any comprehensive resource on the Migration of MS Access back-end to MySQL so I fin…
Lync meeting or Lync conferencing is what many organizations would like to deploy to allow them save money. But companies are now giving up for various reasons, one of which is that they cannot join external meetings (non-federated company meetings)…
The viewer will learn how to simulate a series of sales calls dependent on a single skill level and learn how to simulate a series of sales calls dependent on two skill levels. Simulating Independent Sales Calls: Enter .75 into cell C2 – “skill leve…
The viewer will learn how to use the =DISCRINV command to create a discrete random variable, use this command to model a set of probabilities and outcomes in a Monte Carlo simulation, and learn how to find the standard deviation of a set of probabil…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question