Brief Instructions for Connectors

Web Connector with Authorization Permanent link for this heading

PreparationPermanent link for this heading

Firewall ConfigurationPermanent link for this heading

The ports used by the portal of all web servers must be accessible by the Mindbreeze InSpire server. If a proxy server is configured (see point 3), the configured proxy port must also be accessible by the Mindbreeze InSpire server.

ConfigurationPermanent link for this heading

Web PagePermanent link for this heading

If a user has read permission, it is possible for him/her to index the pages cited in an XML site map when the page contains one. To do so, activate the “site map-based delta crawl” option. In this mode, all pages of the site map are indexed in the first indexing pass, and thereafter only the new or changed pages are indexed.

Access control by means of the site map

The site map can contain one ACL per URL to restrict the access for users (user groups).

Example:

<url>

  <pagetitle>inhalt1</pagetitle>

  <loc>http://example.com/inhalt.html</loc>

  <lastmod>2012-11-09T09:34:51+00:00</lastmod>

  <mes:acl xmlns:mes=”tag:mindbreeze.com,2008:/indexing/interface”>

    <mes:grant>cn=administrator,cn=users,dc=example,dc=com</mes:grant>

    <mes:deny>unauthorized</mes:deny>

  </mes:acl>

</url>

ProxyPermanent link for this heading

Under “Proxy Settings”, you can enter a proxy server in the “Network” tab if your infrastructure requires it.   Enter the computer name and the port of the proxy server in “Host“ and “Port“.

The web connector can also log in to the proxy using Basic Authentication. Just enter the user in the “User” field and enter the corresponding password in the „Password“ field.


File System ConnectorPermanent link for this heading

PreparationPermanent link for this heading

Read permissions for Mindbreeze service user Permanent link for this heading

The Mindbreeze service user must have read rights on the file-share where the data to be index is located.

Firewall ConfigurationPermanent link for this heading

Make sure that the port 445 is open (SMB) on the host where the file-share is, so that the users can access the data, otherwise it will not be possible to open the search results.

ConfigurationPermanent link for this heading

File system data sourcePermanent link for this heading

Detailed Instructions can be found here: Configuration - Microsoft File Connector


Microsoft SAP KMC ConnectorPermanent link for this heading

PreparationPermanent link for this heading

SAP KMC Crawler UserPermanent link for this heading

We recommend that you create a separate user for the Mindbreeze services, for example “mindbreeze.crawler”, on the SAP KMC server.  However, you may also use an existing user.  Should you choose to use an existing user, the following prerequisites must be fulfilled:

  • The SAP KMC user must have access to SAP KMC via the WebDAV interface
  • The SAP KMC user must have read permission of all content that is to be indexed
  • The WebDAV server must accept the registration with Basic Authentication
  • The connector uses the API in the background, which can normally be accessed via http://yoursapserver:50000/irj/go/km/docs/documents
  • It is important that this API is also accessible from the Mindbreeze server. If this API runs in your installation under a different path, please use it instead of the default path in the configuration. For more details, see our documentation: Configuration - SAP KMC Connector.

Firewall ConfigurationPermanent link for this heading

The SAP KMC WebDAV server port must be accessible by the Mindbreeze InSpire Server. Default-Port: 50000.

ConfigurationPermanent link for this heading

The following information is needed for the basic configuration:

  • SAP KMC server name and port
  • WebDAV user data (user name and password)
  • A list of the WebDAV folders to be indexed


Microsoft SharePoint ConnectorPermanent link for this heading

The following is a guide for using Mindbreeze InSpire.

PreparationPermanent link for this heading

Required crawling user rightsPermanent link for this heading

The Microsoft SharePoint Connector allows you to crawl and browse Microsoft SharePoint items and objects. To configure a Microsoft Sharepoint data source, the following prerequisites must be fulfilled:

  • The Microsoft SharePoint version used must be SharePoint 2013, SharePoint 2010, or SharePoint 2007.
  • For Kerberos authentication of the service user on the Mindbreeze node with the SharePoint data source, the user must have at least full read access rights in the SharePoint Web application. Kerberos must be selected as the authentication method for this Web application.
  • Basic Authentication - Basic Authentication must be selected as authentication policy for basic authentication using a username and password (accounts with full read-only permissions on the SharePoint Web application).

A user can be added as a SharePoint site administrator as follows:

  • Central Administration -> Application Management -> Manage web applications
  • Web Application -> User Policy

  • Give the service user full read permission.

Configuration of the Authentication Provider:

  • Navigate to Central Administration -> Application Management
  • Select Web Application
  • Configure Authentication Providers

  • To crawl user profiles in SharePoint 2013, the service user must be added to the list of search crawlers.
  • To do this, navigate to Central Administration Manage service application User Profile Service Application and add the service user to the list of search crawlers.

Installation of services for Microsoft SharePointPermanent link for this heading

The services for Microsoft SharePoint have to be installed as follows:

  1. Log in to the SharePoint server whose contents are to be crawled by the Connector.
  2. Open the ISAPI directory in SharePoint. If the default installation is used, the directory path is C:\Program Files\Common Files\Microsoft Shared\web server extensions\14\ISAPI (SharePoint 2010) or C:\Program Files\Common Files\Microsoft Shared\web server extensions\15\ISAPI (SharePoint 2013)
  3. Copy these files from the System Requirements to the ISAPI
  4. Ordner.GSBulkAuthorization.asmx
  5. GSBulkAuthorizationdisco.aspx
  6. GSBulkAuthorizationwsdl.aspx
  7. GSSiteDiscovery.asmx
  8. GSSiteDiscoverydisco.aspx
  9. GSSiteDiscoverywsdl.aspx
  10. GssAcl.asmx
  11. GssAcldisco.aspx
  12. GssAclwsdl.aspx
  13. MesAcl.asmx
  14. MesAcldisco.aspx
  15. MesAclwsdl.aspx
  16. The  Web server connectivity can be verified using the following URLs:
    http://mycomp.com/_vti_bin/GSBulkAuthorization.asmx
    http://mycomp.com/_vti_bin/GSSiteDiscovery.asmx
    http://mycomp.com/_vti_bin/GssAcl.asmx


    http://mycomp.com is the SharePoint page URL. Once the above URLs have been opened, all Web methods of the Web service should be visible.

ConfigurationPermanent link for this heading

Microsoft SharePoint connectionPermanent link for this heading

The following information is important for configuring the connection to Microsoft SharePoint Server:

  • SharePoint Server URL: Fully qualified Web address of the Microsoft SharePoint Server
  • User credentials (user, domain, password)
  • With Included URL and Excluded URL you can define the pages to be searched.

You can find details about this in our documentation: Configuration - Microsoft SharePoint Connector


Microsoft Web ConnectorPermanent link for this heading

PreparationPermanent link for this heading

Firewall ConfigurationPermanent link for this heading

The ports used by the web sites (eg 80 or 443) must be accessible from Mindbreeze InSpire service. If a proxy server is configured (see point 4), the configured proxy port should also be reachable from the Mindbreeze InSpire service.

ConfigurationPermanent link for this heading

Web PagePermanent link for this heading

In the field “crawling root” the indexing start page can be configured.

In case not all pages should be indexed, you can use the fields “URL regex” and “URL Exclude Pattern” to include or exclude pages on the basis of their URL.

When an XML sitemap is available for the page, it is possible to index the pages listed therein. Activate the “Sitemap-based Delta crawl” option. In this mode, all pages listed in the Sitemap will be indexed during the first run and subsequently the new and changed pages.

ProxyPermanent link for this heading

In the tab “Network”, under “Proxy Settings” you can enter a proxy server, if your infrastructure requires it. Please enter the machine name and port of the proxy server in the “Host” and “Port”.

The Web Connector can log on to the proxy using HTTP BASIC Authentication. You can enter in the “User” user and “Password” the corresponding password.


IBM Lotus ConnectorPermanent link for this heading

PreparationPermanent link for this heading

Activating the DIIOP and HTTP ProtocolPermanent link for this heading

The Mindbreeze Crawler requires the DIIOP and HTTP tasks in order to access the installation.
For this, make sure that the tasks are active in the program IBM Domino Administrator under
“Server” > “Status” > “Server-Tasks”.

If these are not available, they can be started under “Tools” > “Start Task”.

The DIIOP-Server can be configured at the following address:

http://YOURSERVER/diiop_ior.txt

Please ensure that the Port of the DIIOP-Service is accessible for Mindbreeze InSpire (Default: 63148).

IBM Lotus Crawler UserPermanent link for this heading

We recommend that you create a separate user, for example “mindbreeze.crawler”, for the Mindbreeze services. However, you may also use an existing user. The user must have read permission for all mailbox files and be able to read/read out their ACLs.

You can authorize the user by adding it to the LocalDomainAdmins group.

ConfigurationPermanent link for this heading

IBM Lotus Notes Server ConnectionPermanent link for this heading

For the configuration of the connection with the IBM Lotus Notes server, the following information is important:

  • Lotus Domino Server: Domain name of the IBM Lotus Notes server (e.g. notes.mycompany.com)
  • Enter the port of the HTTP server in the field Lotus Domino Server Port.
  • In addition, the name of the crawler user (e.g.  mindbreeze.crawler) is needed.

User AssignmentPermanent link for this heading

There are different ways to assign the user name between Mindbreeze (for instance, Active Directory user) and IBM  Lotus Notes.

In „Map Users via Address Book“, the user property „ShortName“ is used in the IBM Lotus Notes   address book to execute the assignment  (for example, ShortName=User name in Active Directory).

Alternatively, the user assignment can be defined in a Java-Properties file. The path of this file is stored in the field „Map Users via File“.

Detailed Instructions can be found at Configuration - IBM Connections Connector.


Microsoft Exchange ConnectorPermanent link for this heading

PreparationPermanent link for this heading

Microsoft Exchange Crawler UserPermanent link for this heading

We recommend to create a separate user in Active Directory for the Mindbreeze services, for example, mindbreeze.crawler, but you can also use an existing user. The following points must be satisfied:

  • User exists in Active Directory
  • The user has a Microsoft Exchange mailbox
  • The user has full access rights for all Microsoft Exchange mailboxes

You can obtain the required permissions for the user mindbreeze with the following command in a Microsoft Exchange Server Shell:

Get-MailboxDatabase -identity “Mailbox 1” |Add-ADPermission -user exchangecrawler –accessrights GenericALL

Microsoft Exchange throttling policyPermanent link for this heading

We recommend that you create your own user for the Mindbreeze services. You can give it the name mindbreeze. crawler, for example, or you can use an existing user. The user must have read access rights for all mailbox files and be able to read their ACLs.

You can authorize the user by adding it to the LocalDomainAdmins group.

Also, make sure that the number of threads for Ews in Microsoft Exchange is not too low. This would result in Mindbreeze being blocked by the exchange server and also block the content from being crawled. To do this, modify the value EwsMaxConcurrency on the exchange server.

For optimal indexing speed, please set the following throttling policy option for the crawler user:

  • EWSMaxConcurrency: 20
  • EWSFindCountLimit: 1000

You can set the throttling policy with the following command in a Microsoft Exchange Server shell:

New-ThrottlingPolicy -Name mindbreezeUserPolicy -EWSFindCountLimit 1000 -EWSMaxConcurrency 20 Set-Mailbox \ -ThrottlingPolicy mindbreezeUserPolicy

Microsoft Exchange Server ConnectionPermanent link for this heading

To configure the connection to the Microsoft Exchange server, the following information is important:

  • Microsoft Exchange Server: Fully qualified domain name of the Microsoft Exchange 2010 server (e.g. exchange2010.mycompany.com)

Context ActionsPermanent link for this heading

Results for e-mail and calendar entries can be opened from the context menu.

To open all the results in Outlook Web Access, using the context menu, the “Outlook Web Access URL” must be entered and the “Use Outlook Web Access” option enabled.

If the “Use Outlook Web Access Open as Default Action” option is selected, this action is executed as a standard context action for each search result, ie, the link in the results opens Outlook Web Access.

Search SettingsPermanent link for this heading

To restrict the search of the user to each primary user mailbox and public folders, “Restrict to Primary Mailbox and Public Folder” must be selected. Thus, no results from shared mailboxes and shared folders of other users are found.


AD/LDAP ConnectorPermanent link for this heading

PreparationPermanent link for this heading

Basic ConfigurationPermanent link for this heading

  • LDAP Server Hostname
  • Port: Default LDAP Port (389)
  • Authentication Type:
    • Simple (Default): Specifying the user name and password is required.
    • Anonymous: No user data are necessary.
  • Username: User name in distinguished name format.
  • Password
  • Connection Method:
    • Standard: (Default)
    • SSL
  • LDAP Search Base: Defines where in LDAP/Active directory will be indexed.
  • Search Filter: Defines which objects will be indexed.

Rights AdministrationPermanent link for this heading

The service user needs read rights on all the AD Objects.

FirewallPermanent link for this heading

The following Firewall port should be reachable from Mindbreeze InSpire LDAP port: default (389).