Enabling Microsoft SharePoint to search Oracle IRM sealed documents

I guess you know that your blog is making an impact when customers start commenting that they've consulted it before asking a question. In response to one such comment, this article provides an overview of how to configure Microsoft SharePoint to search sealed documents.

Note that I say configure - no coding required.

Here's what's involved:

  1. Create an IRM account for the SharePoint application
  2. Authorise that account to Search in one or more contexts
  3. Install the IRM Desktop on the SharePoint server
  4. Enable the IRM Desktop to authenticate as the account in step 1
  5. Ensure SharePoint Services are enabled for Full-Text Search
  6. Enable SharePoint Portal Server to recognise sealed doc extensions (.sdoc etc)
  7. Enable SharePoint to use the familiar sealed doc icons in its UI

The precise detail of the tasks can vary depending, for example, on whether you want all classifications of sealed document to be searchable. The following is typical.

Steps 1, 2, and 3 are nothing unusual, apart from the fact that you may need to define a context based role that authorises Search, but does not provide any other rights at all. You shouldn't authorise SharePoint to Open, Edit, Print, etc - just Search.

The account that you create for SharePoint can use standard IRM authentication or Windows authentication, the same as any other account.

Step 4 is unusual. Ordinarily, the IRM Desktop acts on behalf of an end-user. For this scenario, you configure it to act on behalf of the SharePoint search component. This is simple enough - just access the IRM Desktop options, go to the Search tab, click Advanced and fill out the details of the IRM server and the account that you created for SharePoint.

search-1.png
search-3.png


When you click Next on the screen above, you are asked to specify the Standard authentication details for the account, or to identify the Windows account used by the Indexing Service.The IRM Desktop is then ready to request rights on behalf of the Indexing Service, and to permit searching subject to those rights. That's it as far as the IRM side is concerned. It remains to do some configuration of SharePoint itself.

Step 5 applies to SharePoint Services only, which need to be configured to allow Full-Text Search, as follows:

  • Open Administrative Tools -> SharePoint Central Administration
  • Under the Component Configuration section, click Configure Full-Text Search (Note: this option will only be present if SharePoint Services was installed to use SQL Server.)
  • Verify that the check-box is checked

Step 6 applies to SharePoint Portal Server only, which needs to be configured to recognise the sealed document extensions as follows:

  • Open Internet Explorer and go to the SharePoint home page
  • Click Site Settings in the top-right corner
  • Under Search Settings and Indexed Content, click on Configure Search and Indexing
  • Click on Include File Types
  • Click the New File Type button
  • Enter a sealed doc extension such as "sdoc" or "sxls" and click OK

Repeat this process for all sealed extension types that are to be found within the SharePoint repository. Any sealed documents added to the repository will now be indexed using an iFilter and searchable from the SharePoint web site.

Finally, step 7 improves the UI by associating the sealed document icons so that IRM protected documents look the same in the SharePoint UI as they do on the Windows desktop and elsewhere.

  • Edit the DOCICON.XML file, which you should find at:
    C:\Program Files\Common Files\Microsoft Shared\web server extensions\60\TEMPLATE\XML\DOCICON.XML

  • Find the ByExtension settings, and add an appropriate mapping entry for each sealed doc extension.
  • Now copy the sealed file icons to
    C:\Program Files\Common Files\Microsoft Shared\web server extensions\60\TEMPLATE\IMAGES

  • Finally, use the iisreset command from a command window to restart the IIS Server.
You now have a fully enabled Microsoft SharePoint server which can search inside encrypted and protected IRM documents. It will provide search responses that match content only the authenticated user has access to!

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Oracle IRM protects and tracks your sensitive information no matter where it goes. It combines business friendly encryption with role based usage rights and auditing.

11g quick guide

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today