|Oracle® Secure Enterprise Search Administrator's Guide
11g Release 2 (11.2.1)
Part Number E17332-04
|PDF · Mobi · ePub|
Oracle SES can crawl through and provide secure search for e-mail and calendar items, related metadata, attributes, ACLs, and attachments in Microsoft Exchange. It also provides attribute search and browse functionality, which allows search to be done against a specific subfolder in the hierarchy.
Oracle SES supports incremental crawling; that is, it crawls and indexes only those documents that have changed since the last crawl was scheduled. A document is re-crawled if either the content or metadata or the direct security access (permissions) information of the document has changed. A document is also re-crawled if it is moved within Microsoft Exchange. Documents deleted from Exchange are removed from the index during incremental crawls.
A Microsoft Exchange source covers the following objects in Exchange:
On the Exchange server, the super user must grant himself the
Send as and
Receive as privileges. You can enable privileges globally for all users in the system. No user-specific privilege grants are required.
Microsoft Exchange 2003 Technical Reference Guide and information about permissions in Microsoft Exchange:
Oracle Secure Enterprise Search Release Notes on OTN for supported platforms
Microsoft Internet Information Server (IIS)
Note:The file ADODB.dll is usually included in the Windows .NET Framework SDK. However, if this file is not on your computer, then you must download the ADODB.dll appropriate for your system from Microsoft and install it using the following command:
gacutil /i adodb.dll
You can download the Windows .NET Framework from this site:
Proper permissions on the Exchange server must be granted to the Exchange administrator. The Exchange server is crawled with the permission of a super user with the
Send as and
Receive as privileges. The easiest way to configure this is to use an administrator as super user or create a super user with the administrator privilege and the
Send as and
Receive as privileges targeting Exchange inbox store and public folders.
To enable the Outlook Web Access logon page, you must enable forms-based authentication on the server. To enable forms-based authentication:
On the Exchange server, log on with the Exchange administrator account, and then start Exchange System Manager.
In the console tree, expand Servers.
Expand the server for which you want to enable forms-based authentication, and then expand Protocols.
Expand HTTP, right-click Exchange Virtual Server, and then click Properties.
In the Exchange Virtual Server Properties dialog box, on the Settings tab, in the Outlook Web Access pane, select the Enable Forms Based Authentication option.
Click Apply, and then click OK.
Restart the IIS server.
If you are using forms-based authentication with SSL off-loading, you must configure your Exchange Server front-end servers to handle this scenario.
E-mails with multibyte characters sent from a browser with a different language set than the characters in the mail are not indexed correctly in Oracle SES. The multibyte characters are converted to question marks (?).
This is a known e-mail content issue with Microsoft Exchange. To send future e-mails so that the Microsoft Exchange connector can crawl them properly, either of these workarounds can be applied:
Change the value of the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWEB\OWA\UseRegionalCharset (Original) '1' (New) Any number (except 1). For example, '0'
How to Modify the Default Browser Language Settings for Outlook Web Access at
Outlook Mobile Access and Exchange 2003 at
The Microsoft Exchange connector uses WebDAV for best performance. Oracle recommends that Active Directory be used as identity management system for the Oracle SES instance. The Active Directory instance must be the same one that Microsoft Exchange is using to authenticate users on the file system.
For the Oracle SES instance to read the files during crawling, add permission to each folder and file to make them accessible by the operating system user that runs the Oracle SES instance. Adding permissions to a folder automatically adds the same permissions to all the files and subfolders in the folder.
Create a Microsoft Exchange source on the Home - Sources page. Select Microsoft Exchange from the Source Type list, and click Create.
Enter values for the following parameters:
User Name: User name to authenticate between Oracle SES and Exchange
Password: password to authenticate between Oracle SES and Exchange
Server: Microsoft Exchange server IP
Domain: Microsoft Exchange server domain
LDAP Port: Microsoft Exchange LDAP port
Simple Include: To limit crawling, specify up to 50 colon-delimited path inclusion boundary rules using simplified regular expressions. Specify an inclusion rule that a URL contain, start with, or end with a term. Only
$ operators are permitted. An asterisk (
*) is a wildcard. A caret (
^) denotes the beginning of a URL, and a dollar sign (
$) denotes the end. For example:
Simple Exclude: To limit crawling, specify up to 50 colon-delimited path exclusion boundary rules using simplified regular expressions. Only
$ operators are permitted.
Regular Expression Include: To limit crawling, specify up to 50 colon-delimited path inclusion boundary rules using restricted (full java.util.regexp) regular expression rules. For example:
Regular Expression Exclude: To limit crawling, specify up to 50 colon-delimited path exclusion boundary rules using restricted (full java.util.regexp) regular expression rules.