Product Selector

Fusion 5.9
    Fusion 5.9

    Migrate to Graph Security Trimming in Fusion 5.8 or later

    This article describes how to migrate your pre-Fusion 5.8 Graph Security Trimming query pipeline stage setup to Fusion 5.8 or later. It applies to deployments using:

    To set up a new configuration, refer to Configure Security Trimming for SharePoint Optimized V2.

    Migration

    To migrate a deployment that is crawling Active Directory to Fusion 5.8 or later, follow these steps.

    Update the datasource configurations

    The SharePoint Optimized V2 and LDAP ACLs V2 datasources must index the content documents and ACL documents to the same collection. Ensure both datasources use the same value, contentCollection, for the field ACL Collection ID.

    If using SharePoint-Optimized and LDAP-ACLs < v2.0.0

    Update the ACL Collection Id in the datasource configuration.

    The SharePoint-Optimized and LDAP-ACLs datasources must index their content_documents and acl_documents to the same collection. Make sure the property SecurityACL Collection in both datasources have the same value. In both datasources, SharePoint-Optimized and LDAP-ACLs, check the property SecurityACL Collection Id and make sure it points to the same content-collection.

    1. Navigate to Indexing > Datasources.

    2. Open your SharePoint Optimized V2 or LDAP ACLs V2 datasource.

    3. Under Security, update the configuration to use contentCollection as the ACL Collection ID.

      Datasource config for Fusion 5.8 with Graph Security Trimming

      The Security checkbox must be checked for this field to appear.

    4. Save the configuration.

    Repeat this process for all required datasources.

    If using SharePoint-Optimized and LDAP-ACLs >= v2.0.0

    Recreate or update the datasources. If only updated, it is not possible to go back to the configuration of a previous plugin version.

    By default, the LDAP-ACLs and SharePoint-Optimized V2 datasources will index the content_documents and acl_documents to the same collection.

    1. Navigate to Indexing > Datasources.

    2. Open your SharePoint Optimized V2 or LDAP ACLs V2 datasource.

    3. Under Graph Security Filtering Configuration, select Enable security trimming.

    Repeat this process for all required datasources.

    Update the Graph Security Trimming stage configuration

    The Graph Security Trimming query pipeline stage must be configured to be compatible with your datasources.

    1. Navigate to Querying > Query Pipelines.

    2. Open the query pipeline associated with your SharePoint Optimized V2 or LDAP ACLs V2 data.

    3. Select the Graph Security Trimming query pipeline stage.

    4. Update the stage to use the following values:

      Field Value

      ACL solr collection

      contentCollection

      Join method

      topLevelDV

      Join Field

      _lw_acl_ss

    5. Save the configuration.

    Clear the datasources and perform a full crawl

    1. Navigate to Indexing > Datasources.

    2. Open your SharePoint Optimized V2 or LDAP ACLs V2 datasource.

    3. Click the Clear Datasource button, and choose yes.

    4. Navigate to Collections > Collections Manager.

    5. Verify that the job_state collection is empty.

    6. Return to your datasource.

    7. Click Run > Start to reindex your data.

    Repeat this process for all required datasources.