Security and Index Server

   

Microsoft Index Server indexes the contents and properties of documents on a Web site served by Internet Information Server (IIS). Because Index Server lets clients search your Web site, your application must carefully restrict the files and folders that organize and create viewable Web pages.

Configuring Index Server to secure your application's Index Server pages requires:

Protecting Index Server Files with NTFS File Security

Index Server is fully integrated with Windows NT security. This means that you can take full advantage of NTFS file protection for any information that is to be indexed and queried by Index Server.

Specifically, you should use NTFS to protect the following Index Server files:

Index Server will index subdirectories that do not have read permissions if they are located within a directory that has read permission. To prevent Index Server from indexing such a directory, you can mask unreadable roots by setting the CiRestriction in the .idq query file.

Choosing IIS Client Authentication

Index Server authentication uses the configured IIS authentication methods: anonymous logon, basic authentication, and Windows NT Challenge/Response. For an enterprise application, Windows NT Challenge/Response authentication is preferred because the client password is protected and only a single logon is necessary.

Note   Windows NT Challenge/Response authentication only works when the browser is Microsoft Internet Explorer. For more information on client authentication methods, see Internet Information Server Authentication Methods in this chapter.

Limiting Content Access with Catalogs

An Index Server catalog is a folder of files with indexing information. Index Server populates the catalog with generated content and property information.

User access permission for indexed documents is also maintained in the catalog. Every time a user submits a query, Index Server checks the file security information. Only permitted documents are included in the query's result set. This means that you must maintain the file security information in the Index Server catalog files.

Controlling Remote Shares

One of the features of Index Server is indexing and providing access to documents in a virtual root that points to a remote share. This presents important security issues for your application.

You need to understand that access to the remote share is controlled by the share's account access privileges. All documents in that share become available to that account. You should carefully check the access permissions on all remote shares.

Limiting Remote Administration

Some Index Server management functions are, by default, available from a remote Web site. This means that someone else could make unauthorized changes. The best way to control unauthorized access is to be sure that only you have access privileges, as defined by the Access Control List (ACL) in the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContentIndex

For More Information   For more information on securing Index Server files and processes, search for "Microsoft Index Server" in MSDN Library Visual Studio 6.0.