Brief Instructions for Connectors

Web Connector with Authorization

Preparation

Firewall Configuration

The ports used by the portal of all web servers must be accessible by the Mindbreeze InSpire server. If a proxy server is configured (see point 3), the configured proxy port must also be accessible by the Mindbreeze InSpire server.

Configuration

Web Page

If a user has read permission, it is possible for him/her to index the pages cited in an XML site map when the page contains one. To do so, activate the “site map-based delta crawl” option. In this mode, all pages of the site map are indexed in the first indexing pass, and thereafter only the new or changed pages are indexed.

Access control by means of the site map

The site map can contain one ACL per URL to restrict the access for users (user groups).

Example:

<url>

  <pagetitle>inhalt1</pagetitle>

  <loc>http://example.com/inhalt.html</loc>

  <lastmod>2012-11-09T09:34:51+00:00</lastmod>

  <mes:acl xmlns:mes=”tag:mindbreeze.com,2008:/indexing/interface”>

    <mes:grant>cn=administrator,cn=users,dc=example,dc=com</mes:grant>

    <mes:deny>unauthorized</mes:deny>

  </mes:acl>

</url>

Proxy

Under “Proxy Settings”, you can enter a proxy server in the “Network” tab if your infrastructure requires it. Enter the computer name and the port of the proxy server in “Host“ and “Port“.

The web connector can also log in to the proxy using Basic Authentication. Just enter the user in the “User” field and enter the corresponding password in the „Password“ field.

File System Connector

Preparation

Read permissions for Mindbreeze service user

The Mindbreeze service user must have read rights on the file-share where the data to be index is located.

Firewall Configuration

Make sure that the port 445 is open (SMB) on the host where the file-share is, so that the users can access the data, otherwise it will not be possible to open the search results.

Configuration

File system data source

Detailed Instructions can be found here: Configuration - Microsoft File Connector

Microsoft SharePoint Connector

The following is a guide for using Mindbreeze InSpire.

Tutorial Video: Set up a Microsoft SharePoint Connector

In our tutorial video you will find all necessary steps to set up the Microsoft SharePoint Connector:

https://www.youtube.com/watch?v=yzTyTz1SpXo

Preparation

Required crawling user rights

The Microsoft SharePoint Connector allows you to crawl and browse Microsoft SharePoint items and objects. To configure a Microsoft Sharepoint data source, the following prerequisites must be fulfilled:

• The Microsoft SharePoint version used must be SharePoint 2013, SharePoint 2010, or SharePoint 2007.
• For Kerberos authentication of the service user on the Mindbreeze node with the SharePoint data source, the user must have at least full read access rights in the SharePoint Web application. Kerberos must be selected as the authentication method for this Web application.
• Basic Authentication - Basic Authentication must be selected as authentication policy for basic authentication using a username and password (accounts with full read-only permissions on the SharePoint Web application).

A user can be added as a SharePoint site administrator as follows:

• Central Administration -> Application Management -> Manage web applications
• Web Application -> User Policy
  
  
• Give the service user full read permission.

Configuration of the Authentication Provider:

• Navigate to Central Administration -> Application Management
• Select Web Application
• Configure Authentication Providers
  
  
• To crawl user profiles in SharePoint 2013, the service user must be added to the list of search crawlers.
• To do this, navigate to Central Administration Manage service application User Profile Service Application and add the service user to the list of search crawlers.
  
  

Installation of services for Microsoft SharePoint

The services for Microsoft SharePoint have to be installed as follows:

1. Log in to the SharePoint server whose contents are to be crawled by the Connector.
2. Open the ISAPI directory in SharePoint. If the default installation is used, the directory path is C:\Program Files\Common Files\Microsoft Shared\web server extensions\14\ISAPI (SharePoint 2010) or C:\Program Files\Common Files\Microsoft Shared\web server extensions\15\ISAPI (SharePoint 2013)
3. Copy these files from the System Requirements to the ISAPI
   • Ordner.GSBulkAuthorization.asmx
   • GSBulkAuthorizationdisco.aspx
   • GSBulkAuthorizationwsdl.aspx
   • GSSiteDiscovery.asmx
   • GSSiteDiscoverydisco.aspx
   • GSSiteDiscoverywsdl.aspx
   • GssAcl.asmx
   • GssAcldisco.aspx
   • GssAclwsdl.aspx
   • MesAcl.asmx
   • MesAcldisco.aspx
   • MesAclwsdl.aspx
4. The  Web server connectivity can be verified using the following URLs:
   http://mycomp.com/_vti_bin/GSBulkAuthorization.asmx
   http://mycomp.com/_vti_bin/GSSiteDiscovery.asmx
   http://mycomp.com/_vti_bin/GssAcl.asmx
   
   http://mycomp.com is the SharePoint page URL. Once the above URLs have been opened, all Web methods of the Web service should be visible.

Configuration

Microsoft SharePoint connection

The following information is important for configuring the connection to Microsoft SharePoint Server:

• SharePoint Server URL: Fully qualified Web address of the Microsoft SharePoint Server
• User credentials (user, domain, password)
• With Included URL and Excluded URL you can define the pages to be searched.
  
  

You can find details about this in our documentation: Configuration - Microsoft SharePoint Connector

Microsoft Web Connector

Preparation

Firewall Configuration

The ports used by the web sites (eg 80 or 443) must be accessible from Mindbreeze InSpire service. If a proxy server is configured (see point 4), the configured proxy port should also be reachable from the Mindbreeze InSpire service.

Configuration

Web Page

In the field “crawling root” the indexing start page can be configured.

In case not all pages should be indexed, you can use the fields “URL regex” and “URL Exclude Pattern” to include or exclude pages on the basis of their URL.

When an XML sitemap is available for the page, it is possible to index the pages listed therein. Activate the “Sitemap-based Delta crawl” option. In this mode, all pages listed in the Sitemap will be indexed during the first run and subsequently the new and changed pages.

Proxy

In the tab “Network”, under “Proxy Settings” you can enter a proxy server, if your infrastructure requires it. Please enter the machine name and port of the proxy server in the “Host” and “Port”.

The Web Connector can log on to the proxy using HTTP BASIC Authentication. You can enter in the “User” user and “Password” the corresponding password.

IBM Lotus Connector

Preparation

Activating the DIIOP and HTTP Protocol

The Mindbreeze Crawler requires the DIIOP and HTTP tasks in order to access the installation.
For this, make sure that the tasks are active in the program IBM Domino Administrator under
“Server” > “Status” > “Server-Tasks”.

If these are not available, they can be started under “Tools” > “Start Task”.

The DIIOP-Server can be configured at the following address:

http://YOURSERVER/diiop_ior.txt

Please ensure that the Port of the DIIOP-Service is accessible for Mindbreeze InSpire (Default: 63148).

IBM Lotus Crawler User

We recommend that you create a separate user, for example “mindbreeze.crawler”, for the Mindbreeze services. However, you may also use an existing user. The user must have read permission for all mailbox files and be able to read/read out their ACLs.

You can authorize the user by adding it to the LocalDomainAdmins group.

Configuration

IBM Lotus Notes Server Connection

For the configuration of the connection with the IBM Lotus Notes server, the following information is important:

• Lotus Domino Server: Domain name of the IBM Lotus Notes server (e.g. notes.mycompany.com)
• Enter the port of the HTTP server in the field Lotus Domino Server Port.
• In addition, the name of the crawler user (e.g.  mindbreeze.crawler) is needed.

User Assignment

There are different ways to assign the user name between Mindbreeze (for instance, Active Directory user) and IBM  Lotus Notes.

In „Map Users via Address Book“, the user property „ShortName“ is used in the IBM Lotus Notes   address book to execute the assignment  (for example, ShortName=User name in Active Directory).

Alternatively, the user assignment can be defined in a Java-Properties file. The path of this file is stored in the field „Map Users via File“.

Detailed Instructions can be found at Configuration - IBM Connections Connector.

Microsoft Exchange Connector

Preparation

Microsoft Exchange Crawler User

We recommend to create a separate user in Active Directory for the Mindbreeze services, for example, mindbreeze.crawler, but you can also use an existing user. The following points must be satisfied:

• User exists in Active Directory
• The user has a Microsoft Exchange mailbox
• The user has full access rights for all Microsoft Exchange mailboxes

You can obtain the required permissions for the user mindbreeze with the following command in a Microsoft Exchange Server Shell:

Get-MailboxDatabase -identity “Mailbox 1” |Add-ADPermission -user exchangecrawler –accessrights GenericALL

Microsoft Exchange throttling policy

We recommend that you create your own user for the Mindbreeze services. You can give it the name mindbreeze. crawler, for example, or you can use an existing user. The user must have read access rights for all mailbox files and be able to read their ACLs.

You can authorize the user by adding it to the LocalDomainAdmins group.

Also, make sure that the number of threads for Ews in Microsoft Exchange is not too low. This would result in Mindbreeze being blocked by the exchange server and also block the content from being crawled. To do this, modify the value EwsMaxConcurrency on the exchange server.

For optimal indexing speed, please set the following throttling policy option for the crawler user:

• EWSMaxConcurrency: 20
• EWSFindCountLimit: 1000

You can set the throttling policy with the following command in a Microsoft Exchange Server shell:

New-ThrottlingPolicy -Name mindbreezeUserPolicy -EWSFindCountLimit 1000 -EWSMaxConcurrency 20 Set-Mailbox \ -ThrottlingPolicy mindbreezeUserPolicy

Microsoft Exchange Server Connection

To configure the connection to the Microsoft Exchange server, the following information is important:

• Microsoft Exchange Server: Fully qualified domain name of the Microsoft Exchange 2010 server (e.g. exchange2010.mycompany.com)

Context Actions

Results for e-mail and calendar entries can be opened from the context menu.

To open all the results in Outlook Web Access, using the context menu, the “Outlook Web Access URL” must be entered and the “Use Outlook Web Access” option enabled.

If the “Use Outlook Web Access Open as Default Action” option is selected, this action is executed as a standard context action for each search result, ie, the link in the results opens Outlook Web Access.

Search Settings

To restrict the search of the user to each primary user mailbox and public folders, “Restrict to Primary Mailbox and Public Folder” must be selected. Thus, no results from shared mailboxes and shared folders of other users are found.

AD/LDAP Connector

Preparation

Basic Configuration

• LDAP Server Hostname
• Port: Default LDAP Port (389)
• Authentication Type:
  • Simple (Default): Specifying the user name and password is required.
  • Anonymous: No user data are necessary.
• Username: User name in distinguished name format.
• Password
• Connection Method:
  • Standard: (Default)
  • SSL
• LDAP Search Base: Defines where in LDAP/Active directory will be indexed.
• Search Filter: Defines which objects will be indexed.

Rights Administration

The service user needs read rights on all the AD Objects.

Firewall

The following Firewall port should be reachable from Mindbreeze InSpire LDAP port: default (389).