Missing search results

Netwrix Data Classification
Other
https://kb.netwrix.com/3498
Copy Article URL Copied

There can be a situation where documents are classified to a particular term but are not showing within the “Browse” results, or – expected results are missing from “Search“.

This article applies to content stored in the following repository types:

  • SharePoint (Including SharePoint Online)
  • File Shares
  • Box
  • Microsoft Exchange
  • CMIS Repositories
  • Google Drives

Missing documents are typically related to security trimming – particularly depending on the configured authentication mechanism.

Search results are automatically trimmed based on source security. In the case of SharePoint this takes into account:

  • Explicitly defined user security (AD Users/Groups)
  • SharePoint Groups

At the time of search we will enumerate the user’s access, identifying all applicable usernames (including alternate domains) and all application AD groups. These will then be matched to the security (ACLs) of each document, before returning the “trimmed” search results.

There are two simple methods to confirm if trimming is the cause of missing results:

  1. Compare Security – A simple method is to confirm the two “ACL” lists, comparing the end-users security list to that of the document itself:
    1. User – An end-users security can be reviewed by requesting that they access the QS Administration interface, and navigate to the following URL: /conceptQS/ShowUser
    2. Document – This should then be compared to the document’s security which can be viewed by selecting the “i” within Sources/Reports/Taxonomies and viewing the “Properties” tab
  2. Disable Security Trimming – Security trimming can be disabled by following the below steps for all sources:
    1. Log into the QS Administration Interface and access the “Config” area
    2. Select the “Logging” tab
    3. Enable the “ACL” trace

Most sources also support disabling security on a more granular basis by selecting the “Allow Anonymous Access” option on the source edit screen.

While disabling security may be the most appropriate option, it may also be that the problem is related to federation of user accounts. This occurs when the environment is not on the same domain as the source system(s).

To assist with this scenario we support two SSO methods, allowing the logged in username to match the source system(s) security – as well as allowing for federated security groups to be passed through to conceptSearching:

  • Azure AD – Instructions for an Azure AD deployment can be found as a separate KB article
  • ADFS 3.0 – Instructions for an ADFS deployment can be found within the partners site in the “Documentation” section (QS AD FS Configuration Guide)
Go Up