superdevo / google-enterprise-connector-sharepoint

Automatically exported from code.google.com/p/google-enterprise-connector-sharepoint
0 stars 0 forks source link

Bulk AuthZ web service fails to authorize SharePoint content at serve time if Alternate access mapping of the target SharePoint site is not FQDN. #134

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Environment details:
GSA AuthN: SAML
Authz type: SharePoint connector (content feed mode)
SharePoint site: NTLM
Search User: Domain user having site collection admin rights

Steps:
1. Run the connector in content feed mode for a NTLM SharePoint site whose
Alt. access mapping is not FQDN. (See the attached screenshot for Alt. 
access mapping)
2. Once the content is indexed on GSA, perform search for the SharePoint
content.

Expected result:
Search fails even if the logged in user has access to the SharePoint content.
Connector logs show following error:

SEVERE: Web Service has thrown the following error while authorizing. 
 Error: Following error occurred while authorizing user [
DMZGDC\domainuser1 ] against docid [
http://myhost:port/site/Forms/AllItems.aspx%7C286 ] :The Web application at
http://myhost:port/perfsite10/Document Sizes/Forms/AllItems.aspx could 
not be found. Verify that you have typed the URL correctly. If the URL
should be serving existing content, the system administrator may need to add a 
new request URL mapping to the intended application.
Jan 07, 2010 12:18:49 PM [AuthZ domainuser1@DMZGDC samltestcontent] 
com.google.enterprise.connector.sharepoint.spiimpl.SharepointAuthorizationManage
r
getAuthResponseFromAuthData
WARNING: [status: false], Complex Document ID: [
http://myhost:port/site/Forms/AllItems.aspx%7C286 ] 

Expected result:
Bulk AuthZ web service should resolve the non-FQDN URL set in SharePoint.
User should be able to see the search results.

Attachments:
Connector logs, SharePoint Alt. access mapping screenshot

Please use labels and text to provide additional information.
GSS for SharePoint connector 2.4

Original issue reported on code.google.com by shashank...@gmail.com on 7 Jan 2010 at 10:27

Attachments:

GoogleCodeExporter commented 9 years ago
Immediate work aroung for the issue is to change the Alternate access mapping 
of Sharepoint  Site.
To change the Alternate access mapping of Sharepoint Site, follow the steps as 
under:

1) Open Sharepoint Central Administration from Sharepoint server
2) Goto "Operation" Tab
3) Under Global Configuration section, click the "Alternate Access Mappings" 
link.
4) Click on the Web application link for which you want to change the access 
mapping.
5) Edit the URL and change it to FQDN format i.e. Fully qualified Domain Name.
eg: http://machine1.abc-pqr.net:9999/
6) The zone should be set to "Default".

Original comment by vishw...@google.com on 27 Oct 2010 at 12:27

GoogleCodeExporter commented 9 years ago
This issue is filed as Google issue #6514003

Original comment by tdnguyen@google.com on 18 May 2012 at 12:07