Programming Microsoft Outlook and Microsoft Exchange, Second Edition (DV-MPS Programming)
Let's look at the Exchange Server-specific features and requirements of using Site Server and Exchange Server together. We'll also examine how to configure a host, how to set up a crawl, and how to begin searching Exchange Server information. Plus, we'll discuss the security implications of using Site Server and Exchange Server together.
Exchange Server Requirements for Site Server
When using Exchange Server and Site Server together, you need to run the two products on different computers. When setting up Site Server, tell the product which machine running Exchange Server it should point to in order to crawl for content. The machine that Site Server is pointing to should have all the public folders either homed or replicated to the Exchange server or to another Exchange server on the same site.
You can use Site Server to index and search the public folders homed on other sites. Then you need only set up public folder affinity correctly to achieve the best performance and set the default timeout period to crawl the content accordingly. You don't want Site Server to time out while trying to obtain Exchange Server content.
NOTE
Site Server can index only Exchange Server public folders, not private folders.
Figure 17-1 shows how to set the Exchange Server information in the Microsoft Management Console (MMC) administration for Site Server Search. Notice that you must also set the Exchange Server organization and site.
Figure 17-1. Setting the properties of the Exchange server that Site Server will talk to.
Once you set the properties for the Exchange server you want Site Server to use for public folder access, you can specify the Outlook Web Access (OWA) server used to read information returned from Exchange Server searches. This specification is optional because you can also use Outlook to view information returned by the Search service. Site Server includes an ActiveX control that detects whether the user has Outlook installed and launches the appropriate method of reading the search results. As a developer, you can force this ActiveX control to default to Outlook Web Access or Outlook depending on your needs. You'll see how to do this later in this chapter.
Setting Up Your Search Hosts
Before attempting to crawl a public folder, you need to configure some accounts and the security on all your systems, including Exchange Server, Site Server, and Windows NT. Different accounts, such as administrative access accounts, exist for propagating completed catalogs and content access accounts. We'll look at content access accounts only, because they cause problems for many developers and IT professionals who configure Site Server and Exchange Server.
Default Content Access Account
When Site Server crawls an Exchange server, the Search service either uses the default content access account specified on your search server or it uses a site-specific account. I don't recommend using site-specific access accounts for Exchange Server unless it's completely necessary—for example, when Exchange Server sites span untrusted Windows NT domains. It's better to use a single content access account—so that you make administration easier—and to track the use of this account when crawling content.
Your content access account must be configured with a domain account that has administrative rights on the Configuration object for each site that hosts the public folders you plan to crawl. This account must also have administrator privileges on the computer running Site Server and must be a member of an administrative group such as Site Server Administrators. For more information on this topic, see the Site Server documentation.
Search Service Account
Besides the default content access account, you need to configure the Windows NT account used by the Search service. This account must meet the same criteria as the default content access account mentioned earlier.
WARNING
By default, the Search service will run as the System account. Since this account has no permissions on the Exchange Server public folders, your crawling and searches will fail on Exchange Server properties. Watch out for this! To set the Windows NT account for the Search service, use the Service dialog box shown in Figure 17-2.
Figure 17-2. Configuring the Windows NT account used by the Search service.
Timeout Periods
You need to increase the default timeout for crawling in the Site Server administration program. By default, the timeout is 10 seconds. For Exchange Server data, change this to at least 60 seconds. If you're going to crawl replicated public folders in other sites, you'll need a longer timeout to allow Site Server to crawl those folders.
Setting Site Server to Crawl an Exchange Server Public Folder
Once you've completed the infrastructure work, setting up Site Server to start crawling Exchange Server information is a snap. Site Server provides two administration modes: MMC mode and Web-based mode. I'll show you the technique using the MMC administration, but you can also perform these steps using the Web-based one.
The first step is to create a new catalog build definition, which is where you specify the starting addresses of the items you want to crawl in your catalog. Site Server supports multiple start addresses for multiple document types, meaning that in a single catalog you can have Exchange Server, file, and http information and you can use a single query to search all this data. Figure 17-3 and Figure 17-4 show how to use the New Catalog Definition Wizard to set up a crawl of Exchange Server information. You can rerun these steps to add other types of crawls to your catalog.
After you're finished with the wizard, Site Server can start building the catalog for your data sources. You can then set up a build schedule so that Site Server can recrawl the information in your data sources at the times you specify. Note that Site Server supports incremental crawls so that changes are put into the catalog. Also, be careful if you have any slash (/) or percent (%) characters in your public folder names. If you use such names for start addresses, you'll need to replace the slash with %2F and the percent with %25.
Figure 17-3. Using the New Catalog Definition Wizard to define the type of information you want to crawl.
Figure 17-4. Specifying the start address for your data source.
Security Implications
There are two security implications of using Site Server and Exchange Server together that you should know about. Be assured that Site Server doesn't compromise an Exchange Server system. Site Server will return only the Exchange Server information that a specific user requests, and only that user will be able to see the search results.
First, Site Server does not store the access control lists (ACLs) of Exchange Server items in the catalog. Instead, it queries the Exchange Server for the permissions at search time. To improve performance, Site Server refreshes a cache of these ACLs only every 8 hours. After you change Exchange Server public folder permissions and then create a full or incremental build, users will retain their old permissions for 8 hours. You can configure the interval Site Server uses to refresh Exchange Server permissions by modifying the registry. Instead of listing the gory details here, I'll point you to Knowledge Base article Q198892.
Second, if you require https access to your Outlook Web Access servers, this can affect the default search pages and your custom-built search pages when using Outlook Web Access to view content. By default, Site Server will return links to Exchange Server content using only http. You'll have to modify the returned links programmatically to change http to https for your applications.