Controlling user access to search indexes
You use the query settings for an index collection to specify who is allowed to search that index.
You can create multiple sets of query settings per index collection. Each set of query settings can provide a different level of index access to that index to a different group of users.
You can also configure an index to be publicly searchable by all users.
Granting limited access to a search index
Each index collection can also have any number of private query settings. When a private set of query settings is enabled, users in groups associated with that set of query settings can search the index.
You can associate a group with only one set of private query settings per index collection.
Procedure
Create an index collection. For information, see Adding index collections.
When doing this, set Initial Visibility to Private.
NoteYou can change this at any point by enabling and disabling query settings for the index collection. For information, see Enabling and disabling query settings.Create a set of private query settings for the index collection. Configure the query settings to provide the search experience you intend for your users. For information, see Query setting configuration options.
Enable the query settings you created. For information, see Enabling and disabling query settings.
NoteA user might belong to more than one group, and thereby be associated with more than one set of private query settings. In this case, if multiple query settings are enabled, the user gets the search experience from only one of those query settings, the one that was created first.Click the Security tab for the index.
Click Add Group.
The Select a group to add menu appears and lists the groups that your administrator has added to the system.Select both a group and a set of query settings to associate with that group.
NoteFor a group to be able to search an index, your system administrator also needs to grant Search Query permissions to the group.
Granting public access to a search index
Each index collection has a special set of query settings called Public. When it's enabled, all users can search that index.
If the Public query settings are disabled, users can search an index only if:
- They belong to a group that's associated with a private set of query settings for the index collection.
- The applicable set of private query settings is enabled.
Procedure
Create an index collection. When doing this, set Initial Visibility to Public.
For information, see Adding index collections.
Configure the Public query settings to provide the search experience you want to provide to all users accessing searching this index.
For information, see Query setting configuration options.
Click the Security tab for the index.
Click Add Group.
The Select a group to add menu appears and lists the groups that your administrator has added to the system.
Select both a group and a set of query settings to associate with that group.
NoteFor a group to be able to search an index, your system administrator also needs to grant Search Query permissions to the group.
Enabling multiple query settings for an index collection
This table summarizes how query settings affect what search experience a user receives. It supposes that:
- A single index collection has three sets of query settings: Public, Private 1, and Private 2.
- User1 belongs to a group that is associated with only the Private 1 set of query settings.
- User2 belongs to a group that is associated with only the Private 2 set of query settings.
| Public enabled | Private 1 enabled | Private 2 enabled | Which query settings apply | ||
| Local admin account | User1 | User2 | |||
| No | No | No | No access | No access | No access |
| No | No | Yes | Private 2 | No access | Private 2 |
| No | Yes | Yes | Private 1 | Private 1 | Private 2 |
| Yes | Yes | Yes | Public | Private 1 | Private 2 |
| Yes | Yes | No | Public | Private 1 | Public |
| Yes | No | No | Public | Public | Public |
| No | Yes | No | Private 1 | Private 1 | No access |
| Yes | No | Yes | Public | Public | Private 2 |