Add or Edit a SharePoint Server Source

Administrators and content managers can include SharePoint on-premises content and make it searchable. This source can be shared, private, or secured (see Content Security). A SharePoint Server source is refreshed every six hours and rescanned every week to retrieve SharePoint item changes (addition, modification, or deletion). A source rescan or rebuild is necessary to capture deleted user profiles.

  • The SharePoint Server source allows you, as a member of the administrator or content manager group, to make SharePoint on-premises content searchable. To retrieve SharePoint Online content, you must create a SharePoint Online source (Add/Edit SharePoint Online Source).

  • Depending on the content retrieval method you choose, on-premises Active Directory permission systems may be unofficially supported by Coveo Cloud or not supported at all. If you use the Crawling Module to index SharePoint Server content, a custom project by Coveo experts may allow you to index your SharePoint Server source permissions. So, if you want to create a secured source, contact the Coveo Support team for further information. With SharePoint Server sources of the On-Premises type, on-premises Active Directory permission systems are not supported.

Source Features Summary

Features Supported Additional information
SharePoint version 2019, 2016, 2013, 2010, Foundation 2013, and Foundation 2010  
Searchable content types Sites, sub-sites, user profiles1, personal websites1, lists, list items, list item attachments, document libraries, document sets, documents, web parts2, and microblog posts and replies.
Content update Refresh

Rescan or rebuild is required to retrieve deleted user profiles.

Rescan  
Rebuild  
Content security options Secured Depending on the content retrieval method you choose, on-premises Active Directory permission systems may be unofficially supported by Coveo Cloud or not supported at all. If you use the Crawling Module to index SharePoint Server content, a custom project by Coveo experts may allow you to index your SharePoint Server source permissions. Contact the Coveo Support team for further information. With SharePoint Server sources of the On-Premises type, on-premises Active Directory permission systems are not supported.
Private  
Shared  

Note 1: Not available in Microsoft SharePoint Foundation.

Note 2: Not all web parts are available in Microsoft SharePoint Foundation 2010 (see Web Parts in SharePoint Foundation).

Requirements

Active Directory Federation Services

When your SharePoint environment uses ADFS as a trusted identity provider, the ADFS service endpoint URL paths must be enabled (see Enable the ADFS Service Endpoint URL Path).

SharePoint Account Permissions

When you want to include SharePoint content, you must create a specific SharePoint account to be used by the source exclusively. Otherwise, you need to also change the source Password value each time the account password changes to prevent authentication errors (see Source Password).

  1. Access your SharePoint tenant with an administrator account.

  2. On your SharePoint tenant:

    1. Select or create a user account for the source to use when retrieving your SharePoint content. Refer to the following table to identify the required type of user for your web application enabled authentication.

      SharePoint environment SharePoint web application enabled authentication User type User format
      Classic Windows Windows account

      domain\username

      or

      username@domain.com
      Claims Windows Windows account
      ADFS ADFS SSO
      Okta Okta SSO username@domain.com
    2. Grant appropriate SharePoint permissions to the SharePoint account to ensure it has access to the content that you want to make searchable.

      The following table presents the minimal required permissions that the source account must have to perform specific actions.

      Action to perform Minimal required permission
      Content and security indexing, source refresh, and site collection discovery

      Full Read policy for each web application to make searchable (see Add the Full Read Policy to All SharePoint Tenant Web Applications).

      Personal site, user profile, and social tags indexing

      When including personal sites or user profiles, the account used as source credentials must not have a personal site on the SharePoint server being included to prevent failures when attempting to retrieve the list of personal sites.

Add or Edit a SharePoint Server Source

  1. Ensure your SharePoint instance meets the source requirements (see Requirements).

  2. If not already in the Add/Edit a SharePoint Server Source panel, go to the panel:

    • To add a source, in the main menu, under Content, select Sources > Add source button > SharePoint. Depending on whether you need to use the Coveo On-Premises Crawling Module or not, select the option with the Crawling Module or the On-Premises tag (see Content Retrieval Methods).

      OR

    • To edit a source, in the main menu, under Content, select Sources, and then double-click the desired source row.

  3. In the Configuration tab, enter appropriate values for the available parameters:

    • Source name

      A descriptive name for your source under 255 characters (not already in use for another source in this organization).

      SharePoint-Intranet

    • URL

      One or more URLs corresponding to the desired site collection, lists, websites, and subsites to make searchable. Each URL must include the protocol and tenant name.

      • For a specific web application: https://site:8080/

      • For a specific site collection: https://site:8080/sites/support

      • For a specific website: https://site:8080/sites/support/subsite

      • For a specific list: https://site:8080/sites/support/lists/contacts/allItems.aspx

        A specific folder in a list is not supported.

    • Scope

      In the drop-down menu, select the option for the content type matching the URLs you specified. By default, Web application is selected.

      Available options are the following:

      Value Content to make searchable
      Web application All site collections of the specified web application
      Site collection All web sites of the specified site collection
      Web and sub webs Only the specified web site and its sub webs (also known as subsites)
      List Only the specified list or document library
    • Character optical recognition (OCR)

      Check this box if you want Coveo Cloud to extract text from image files and/or PDF files containing images (see Enable Optical Character Recognition). OCR-extracted text is processed as item data, meaning that it is fully searchable and will appear in the item Quick View (see Search Result Quick View).

      Since the OCR feature is available at an extra charge, you must first contact Coveo Sales to add this feature to your organization license. You can then enable it for your source.

    • Index

      When adding a source, if you have more than one logical (non-Elasticsearch) index in your organization, select the index in which the retrieved content will be stored (see Leverage Multiple Coveo Indexes). If your organization only has one index, this drop-down menu is not visible and you have no decision to make.

      • To add a source storing content in an index different than default, you need the View access level on the Logical Index domain (see Privilege Management and Logical Indexes Domain).

      • Once the source is added, you cannot switch to a different index.

    • Content security

      Select who can see items from this source in a search interface that includes this source in its scope (see Content Security). Your options are:

      • Shared: Everyone will be able to find the source content in the search interface.

      • Private: Only the source creator will be able to find the source content in the search interface (see SharePoint Account Permissions).

      • Secured: Only users authenticated in the search interface will see the source items for which they have read permission.

        If you want to create a secured source to use with the Coveo On-Premises Crawling Module, contact the Coveo Support team (see Coveo On-Premises Crawling Module).

  4. In the Authentication section, you must provide authentication information so that Coveo can access the content you want to make searchable (see Security). In the drop-down menu, select the identity provider you use to manage identities in your SharePoint site. Options are:

    Depending on the option you choose in the drop-down menu, you must fill some of the following boxes:

    • Username

      The username of a dedicated SharePoint administrator account that has access to the content to include, or, if using Okta, the username of an Okta administrator account (see Setting up SharePoint Crawling Account Permissions).

    • Password

      The corresponding password.

    • ADFS server URL

      The URL of an ADFS server trusted by SharePoint.

      https://adfs01.subdomain.example.com

    • SharePoint trust identifier

      The SharePoint server relying party trust identifier.

      https://subdomain.example.com:44626/_trust

      To find your relying party trust identifier:

      1. Access the AD FS 2.0 Management Console (Windows Start menu > All Programs > Administrative Tools > AD FS 2.0 Management).

      2. In AD FS 2.0 Management Console, under Trust Relationships, select Relying Party Trusts.

      3. In the Relying Party Trusts list, find the row for SharePoint. The ADFS relying party trust identifier is the value in the Identifier column.

    • ADFS trust identifier

      The relying party trust identifier of the ADFS server acting as an intermediate.

      http://adfs01.subdomain.example.com/adfs/services/trust

    • Identity provider server URL

      The URL of the identity provider used in SharePoint to authenticate users.

      https://adfs2012.subdomain.example.com

      You can edit the identity provider server URL in the ADFS settings (see Enable the ADFS Service Endpoint URL Path).

    • Okta realm

      The SharePoint trusted identity provider realm provided in your Okta application configuration (see Using Okta as a Trusted Identity Provider).

      urn:okta:sharepoint:exknuavz9hbOItwsS8e7

    • Okta sign in URL

      The URL to which users should be redirected in order to authenticate with Okta (see Using Okta as a Trusted Identity Provider).

      https://dev-782461.oktapreview.com/app/appname/sso/wsfed/passive

  5. In the Content to Include section, consider changing the default settings in this section to make additional content searchable.

    • User profiles: Select to include SharePoint users.

    • Personal sites: When the Scope is Web application, select to include SharePoint personal sites (see Scope).

  6. In the Access tab, determine whether each group and API key can view or edit the source configuration (see Understanding Resource Access):
    1. In the Access Level column, select View or Edit for each available group.
    2. On the left-hand side of the tab, if available, click Groups or API Keys to switch lists.

    If you remove the Edit access level from all the groups of which you are a member, you will not be able to edit the source again after saving. Only administrators and members of other groups that have Edit access on this resource will be able to do so. To keep your ability to edit this resource, you must grant the Edit access level to at least one of your groups.

  7. Optionally, consider editing or adding mappings (see Adding and Managing Source Mappings).

    You can only manage mapping rules once you build the source (see Refresh, Rescan, or Rebuild Sources).

  8. Complete your source addition or edition:

    • Click Add Source/Save when you want to save your source configuration changes without starting a build/rebuild, such as when you know you want to do other changes soon.

      On the Sources page, you must click Start initial build or Start required rebuild in the source Status column to add the source content or make your changes effective, respectively.

      OR

    • Click Add and Build Source/Save and Rebuild Source when you are done editing the source and want to make changes effective.

      Back on the Sources page, you can review the progress of your SharePoint Server source addition or modification (see Adding and Managing Sources).

    Once the source is built or rebuilt, you can review its content in the Content Browser (see Inspect Items With the Content Browser).

What’s Next?

Review your source update schedule and optionally change it so that it better fits your needs (see Edit a Source Schedule). By default, your content is refreshed every six hours and rescanned every week.