Connector Configuration

SMB File Share Configuration

SMB File Share Connection Settings

Configuration Options related to establish connection to the target SMB File Share.

Share Connection

The connection details for a share. Multiple Shares can be configured.

Name	Description
User Domain	The domain of the user used to access the file share.
Username	The username used to access the file share.
User Password	The password of the user used to access the file share.
Host Name	The host that provides the file share.
Share Name	The name of the file share.
Start Folders	A list of folders to crawl.
Enable Filters	Enable Filter options for the SMB file share.

Name

Description

User Domain

The domain of the user used to access the file share.

Username

The username used to access the file share.

User Password

The password of the user used to access the file share.

Host Name

The host that provides the file share.

Share Name

The name of the file share.

Start Folders

A list of folders to crawl.

Enable Filters

Enable Filter options for the SMB file share.

Share Filter Settings

Multiple filters can be configured for a Share.

Folder Filter Settings

Name	Description
Regular Expression	The regular expression the path will be matched against.

Name

Description

Regular Expression

The regular expression the path will be matched against.

File Filter Settings

Name	Description
Action	When the Filter Rule matches, this action is performed.
Regular Expression	The regular expression the path will be matched against

Name

Description

Action

When the Filter Rule matches, this action is performed.

Regular Expression

The regular expression the path will be matched against

File Size Filter Settings

Name	Description
Action	When the Filter Rule matches, this action is performed.
Rule	The applied rule.
File Size	The applied File Size.

Name

Description

Action

When the Filter Rule matches, this action is performed.

Rule

The applied rule.

File Size

The applied File Size.

Path Length Filter Settings

Name	Description
Maximum Path Length	Maximum path length allowed.

Name

Description

Maximum Path Length

Maximum path length allowed.

Date Index Filter Settings

Name	Description
Date Field	Date field of the Item/Folder.
Mode	Choose if the filter will be applied on a period or on a specific date.
Unit	To calculate the relative date take the current date and go back N time.
Quantity	The amount of units which shall be used to calculate the cut-off date.
Format	A date format string.E.g.’yyyy-MM-dd’for year-month-day.
Date	A fixed date of the specified format.

Name

Description

Date Field

Date field of the Item/Folder.

Mode

Choose if the filter will be applied on a period or on a specific date.

Unit

To calculate the relative date take the current date and go back N time.

Quantity

The amount of units which shall be used to calculate the cut-off date.

Format

A date format string.E.g.’yyyy-MM-dd’for year-month-day.

Date

A fixed date of the specified format.

SMB File Share Global Index Settings

Index Options related to all configured SMB File Shares.

Name	Description
Index Folders	If Setting is enabled then the information of folders will be indexed too.

Name

Description

Index Folders

If Setting is enabled then the information of folders will be indexed too.

SMB File Share Global Connection Settings

Configuration Options related to all configured SMB File Shares.

Name	Description
Disable Security	If you experience low download speed, changing the download buffer size may help (default: 1MB).
Throttle	If you have to decrease load on the file server you can configure a crawl throttle. Each crawled item will get delayed for the configured amount of milliseconds (default: 0 = unthrottled).
Retry Pause	The pause between retrying to connect to a file share after a failed connection.
Enable DFS	If set to true, the connector connects to both, DFS and non-DFS SMB fileshares. If you know that you don’t have DFS set up then setting this option to false generates less network traffic, but the connector won’t connect to a DFS file share. (default: true).
Kerberos Realm	To authenticate via Kerberos, the Kerberos realm needs to be configured. If you authenticate via NTLM you can leave this field blank.
Kerberos KDC	Please enter the KDC (Key Distribution Center) hostname or the Active Domain were the KDC can be looked up from. If you authenticate via NTLM you can leave this field blank.
Auto close idle period	The number of seconds a connection can be idle before being automatically closed.
Auto close check period	The number of seconds between checking for idle connections to closed.

Name

Description

Disable Security

If you experience low download speed, changing the download buffer size may help (default: 1MB).

Throttle

If you have to decrease load on the file server you can configure a crawl throttle. Each crawled item will get delayed for the configured amount of milliseconds (default: 0 = unthrottled).

Retry Pause

The pause between retrying to connect to a file share after a failed connection.

Enable DFS

If set to true, the connector connects to both, DFS and non-DFS SMB fileshares. If you know that you don’t have DFS set up then setting this option to false generates less network traffic, but the connector won’t connect to a DFS file share. (default: true).

Kerberos Realm

To authenticate via Kerberos, the Kerberos realm needs to be configured. If you authenticate via NTLM you can leave this field blank.

Kerberos KDC

Please enter the KDC (Key Distribution Center) hostname or the Active Domain were the KDC can be looked up from. If you authenticate via NTLM you can leave this field blank.

Auto close idle period

The number of seconds a connection can be idle before being automatically closed.

Auto close check period

The number of seconds between checking for idle connections to closed.

SMB File Share ACL Cache Settings

Configuration Options related the ACL cache.

Name	Description
Maximum ACL Cache Size	Maximum number of ACL entries that can be cached before the cache attempts to remove entries due to the cache size.
Expiration Period	The cache entry expiration period in seconds, the expiration period is calculated from the last time the cache entry was accessed.

Name

Description

Maximum ACL Cache Size

Maximum number of ACL entries that can be cached before the cache attempts to remove entries due to the cache size.

Expiration Period

The cache entry expiration period in seconds, the expiration period is calculated from the last time the cache entry was accessed.

LDAP SID Well Known Groups Settings

Configuration options related to bypass LDAP lookup for groups that are not part of LDAP but are known to be groups.

SIDs which are known to be groups

Some SIDs that are used on the fileshares are not part of LDAP, e.g. local groups. These can be added here to prevent warnings during the traversal.

Name	Description
sid	A well known SID
label	A human readable debug label for the SID

Name

Description

sid

A well known SID

label

A human readable debug label for the SID

CSM Configuration

Required Configuration Properties

CSM Connection Settings

Configuration options for the connection to the target CSM instance.

Name	Description
URL	URL of the CSM instance to connect to.

CSM Authentication Settings

Configuration Options for the authentication against the target CSM instance.

Name	Description
Username	Username of the technical user.
Password	Password of the technical user.

Name

Description

Username

Username of the technical user.

Password

Password of the technical user.

Optional Configuration Properties

CSM Connection Settings

Configuration options for fine-tuning the Http connection parameters.

Name	Description
Concurrent Connections	Maximum number of concurrent open connections.
Requests Rate	Maximum number of requests per second.
Connect Timeout in Milliseconds	Timeout of the connect request.
Socket Timeout in Milliseconds	Timeout of the socket connected to CSM.
Request Timeout in Milliseconds	Timeout of a request to CSM.

Name

Description

Concurrent Connections

Maximum number of concurrent open connections.

Requests Rate

Maximum number of requests per second.

Connect Timeout in Milliseconds

Timeout of the connect request.

Socket Timeout in Milliseconds

Timeout of the socket connected to CSM.

Request Timeout in Milliseconds

Timeout of a request to CSM.

CSM Ingestion Settings

Configuration options to specify how principals are ingested in the CSM.

Name	Description
Domain	Namespace under which to ingest principals.

Name

Description

Domain

Namespace under which to ingest principals.

Microsoft Sharepoint Configuration

CrawlTrigger Service Settings

CrawlTrigger Service settings for fetching Submissions to SharePoint.

Name Property Key Description

Name	Property Key	Description
Endpoint	`raytion.connector.backend.sharepoint.bcs .crawl.service.endpoint`	Endpoint of the CrawlTrigger Service.
Content Source Name	`raytion.connector.backend.sharepoint.bcs .crawl.service.contentSourceName`	Name of the content source configured in SharePoint.
Domain	`raytion.connector.backend.sharepoint.bcs .crawl.service.domain`	User Domain for the Authentication process.
Username	`raytion.connector.backend.sharepoint.bcs .crawl.service.username`	Username to authenticate to CrawlTrigger Service.
Password	`raytion.connector.backend.sharepoint.bcs .crawl.service.password`	Password to authenticate to CrawlTrigger Service.
Connection Timeout	`raytion.connector.backend.sharepoint.bcs .crawl.service.connectionTimeout`	Specifies the amount of time, in milliseconds, that the consumer will attempt to establish a connection before it times out. 0 is infinite.
Receive Timeout	`raytion.connector.backend.sharepoint.bcs .crawl.service.receiveTimeout`	Specifies the amount of time, in milliseconds, that the consumer will wait for a response before it times out. 0 is infinite.

Endpoint

raytion.connector.backend.sharepoint.bcs .crawl.service.endpoint

Endpoint of the CrawlTrigger Service.

Content Source Name

raytion.connector.backend.sharepoint.bcs .crawl.service.contentSourceName

Name of the content source configured in SharePoint.

Domain

raytion.connector.backend.sharepoint.bcs .crawl.service.domain

User Domain for the Authentication process.

Username

raytion.connector.backend.sharepoint.bcs .crawl.service.username

Username to authenticate to CrawlTrigger Service.

Password

raytion.connector.backend.sharepoint.bcs .crawl.service.password

Password to authenticate to CrawlTrigger Service.

Connection Timeout

raytion.connector.backend.sharepoint.bcs .crawl.service.connectionTimeout

Specifies the amount of time, in milliseconds, that the consumer will attempt to establish a connection before it times out. 0 is infinite.

Receive Timeout

raytion.connector.backend.sharepoint.bcs .crawl.service.receiveTimeout

Specifies the amount of time, in milliseconds, that the consumer will wait for a response before it times out. 0 is infinite.

Submission Repository Limit Settings (Optional)

Settings for limiting the Submission number the Repository can have, so that the used disc space is limited.

Name Property Key Description

Name	Property Key	Description
Max. Unprocessed Submissions	`raytion.connector.backend.sharepoint.submission .repository.limit.maxUnprocessedSize`	Maximum unprocessed Submissions inside the repository. If Submissions exceed this number then insertions are blocked until other Submissions are removed from repository.
Max. Insertion Waiting Time	`raytion.connector.backend.sharepoint.submission .repository.limit.maxWaitingDuration`	Maximum insertion waiting time in case the Repository reaches the maximum size limit. After this duration the Submission will be rejected and marked as failed from the Connector.
Repository Size Retrieval Interval	`raytion.connector.backend.sharepoint.submission .repository.limit.sizeRetrievalInterval`	Duration interval in which the connector retrieves the current number of unprocessed Submissions in the Repository.

Max. Unprocessed Submissions

raytion.connector.backend.sharepoint.submission .repository.limit.maxUnprocessedSize

Maximum unprocessed Submissions inside the repository. If Submissions exceed this number then insertions are blocked until other Submissions are removed from repository.

Max. Insertion Waiting Time

raytion.connector.backend.sharepoint.submission .repository.limit.maxWaitingDuration

Maximum insertion waiting time in case the Repository reaches the maximum size limit. After this duration the Submission will be rejected and marked as failed from the Connector.

Repository Size Retrieval Interval

raytion.connector.backend.sharepoint.submission .repository.limit.sizeRetrievalInterval

Duration interval in which the connector retrieves the current number of unprocessed Submissions in the Repository.

Submission Crawl Settings (Optional)

Settings for fetching Submissions to SharePoint.

Name Property Key Description

Name	Property Key	Description
Crawl Trigger Size	`raytion.connector.backend.sharepoint.submission .crawl.crawlTriggerSize`	The size of cached Submissions to trigger a BCS Crawl.
Crawl Interval	`raytion.connector.backend.sharepoint.submission .crawl.crawlInterval`	Duration interval for checking if a crawl has to be triggered.
Inserting Idle Duration	`raytion.connector.backend.sharepoint.submission .crawl.submissionInsertingIdleTime`	Time duration that no other Submission is inserted to cache. After this time, a Crawl will be triggered even if the Trigger Size was not exceeded.

Crawl Trigger Size

raytion.connector.backend.sharepoint.submission .crawl.crawlTriggerSize

The size of cached Submissions to trigger a BCS Crawl.

Crawl Interval

raytion.connector.backend.sharepoint.submission .crawl.crawlInterval

Duration interval for checking if a crawl has to be triggered.

Inserting Idle Duration

raytion.connector.backend.sharepoint.submission .crawl.submissionInsertingIdleTime

Time duration that no other Submission is inserted to cache. After this time, a Crawl will be triggered even if the Trigger Size was not exceeded.

Submission Repository Sanitize Settings (Optional)

Settings for sanitize service of the Submission repository.

Name Property Key Description

Name	Property Key	Description
Submission Expiration Time	`raytion.connector.backend.sharepoint.submission .repository.sanitize.expirationTime`	Max. Duration that submissions will remain in the repository in case SharePoint does not request them.
Sanitize Interval	`raytion.connector.backend.sharepoint.submission.repository.sanitize.sanitizeInterval`	Duration interval for cleaning up the Submission repository from expired Submissions.

Submission Expiration Time

raytion.connector.backend.sharepoint.submission .repository.sanitize.expirationTime

Max. Duration that submissions will remain in the repository in case SharePoint does not request them.

Sanitize Interval

raytion.connector.backend.sharepoint.submission.repository.sanitize.sanitizeInterval

Duration interval for cleaning up the Submission repository from expired Submissions.

General Configuration

Database Configuration

Setting Description

Setting	Description
URL	JDBC URL for the target database. Out of the box, the connector will use H2 file database. For productive usage, use PostgreSQL specifying the URL in format: `jdbc:postgresql:<host>:<port>/<database>`
Username	Database Username to read and write to database.
Password	Database Password for the specified user

URL

JDBC URL for the target database. Out of the box, the connector will use H2 file database. For productive usage, use PostgreSQL specifying the URL in format: jdbc:postgresql:<host>:<port>/<database>

Username

Database Username to read and write to database.

Password

Database Password for the specified user

Traversal Configuration

Setting	Description
Traversal History Length	Max. number of traversals to store in the history. Once the limit is exceeded, the connector will automatically remove oldest entries in the history. (default: 100)
Number of Traversal Workers	Number of workers to execute the traversal in parallel. Increasing this value might improve the performance, but will footprint higher memory consumption. It is recommended to keep the default value. (default: 10)
Traversal Job Poll Interval	Interval between the workers to be triggered to fetch and process the next tasks. (default: 10ms)
Completion Timeout	If the search engine indexes the items asynchronously, there might be some processing still in-flight during the completion process of a traversal. This value specifies the timeout value until all asynchronous callbacks are expected to return before completing the traversal. (default: 10m)

Setting

Description

Traversal History Length

Max. number of traversals to store in the history. Once the limit is exceeded, the connector will automatically remove oldest entries in the history. (default: 100)

Number of Traversal Workers

Number of workers to execute the traversal in parallel. Increasing this value might improve the performance, but will footprint higher memory consumption. It is recommended to keep the default value. (default: 10)

Traversal Job Poll Interval

Interval between the workers to be triggered to fetch and process the next tasks. (default: 10ms)

Completion Timeout

If the search engine indexes the items asynchronously, there might be some processing still in-flight during the completion process of a traversal. This value specifies the timeout value until all asynchronous callbacks are expected to return before completing the traversal. (default: 10m)

Principal Aliaser Configuration

Principal Aliasing is applied on user information as part of Content ACL processing during Content Synchronization and Principal processing during Principal Synchronization. It’s purpose is to map external source system user to the corresponding user in search engines domain. You can configure a list of aliasers in the connector which will be applied in sequence and in order on user ACEs and user principals. The Connector supports following custom aliasing mechanism.

Custom Aliaser Disabled

If the Custom Aliaser checkbox is not selected, the connector will process user information on ACE and user principals unchanged to Search Engine. If all relevant users in the source system can be found with the same identifier in the search engine, this setup is sufficient to reflect the same secure search experience in the search engine as defined by the policy in the source system. The connector uses this option as default to process user information.

Custom Aliaser Enabled

If custom aliasing is enable then there are four types of aliaser avaialble:

Simple XML Table Aliaser

Static mapping table which can be uploaded as XML file. The connector uses the uploaded file as lookup table to map a user in the source system to a user in the search engine. Users missing a record in the file will be dropped from the ACE and during Principal Synchronization. This option is only recommended for environment with a manageable amount of users as for each user the corresponding mapping entry needs to be specified in the file.

Setting	Description
XML Mapping File	Browse and upload or drag and drop.

Setting

Description

XML Mapping File

Browse and upload or drag and drop.

Sample XML mapping file:

<?xml version="1.0" encoding="UTF-8"?>
<storeddata>
    <entry keyValue="user1">user1@raytion.com</entry>
    <entry keyValue="user2">user2@raytion.com</entry>
    <entry keyValue="user3">user3@raytion.com</entry>
</storeddata>

Regex Replacer Aliaser

Regex Replacer Aliaser computes aliases based on a regular expression. Principals that match the regular expression are replaced by the Substitution String.

Setting	Description
Pattern	The regular expression to match, this is the part that will be replaced. If braces (…) are used in the pattern then the matched value can be retrieved using $1
Substitute String	String to replace the matching part of the find string. Matched value is accessed by employing $1

Setting

Description

Pattern

The regular expression to match, this is the part that will be replaced. If braces (…) are used in the pattern then the matched value can be retrieved using $1

Substitute String

String to replace the matching part of the find string. Matched value is accessed by employing $1

Regex Extractor Aliaser

Regex Extractor Aliaser computes aliases based on a regular expression. Principals that match the regular expression are inserted into the Insert-Into String.

Setting	Description
Pattern	The regular expression to match, this is the part that will be inserted into the new value. If braces (…) are used in the pattern then the matched value can be retrieved using $$
Insert-Into String	String to replace the matching part of the pattern. Matched value is accessed by employing $$

Setting

Description

Pattern

The regular expression to match, this is the part that will be inserted into the new value. If braces (…) are used in the pattern then the matched value can be retrieved using $$

Insert-Into String

String to replace the matching part of the pattern. Matched value is accessed by employing $$

LDAP Aliaser

Ldap Aliaser searches for an LDAP entry with the requested name in the input value and returns the specified output attribute.

Setting	Description
Host	Fully Qualified Domain Name of an LDAP server
Port	Port to use for LDAP connection, defaults are 389/636 or (recommended) 3268/3269 for simple/SSL
AccountDN	AccountDN for bind to LDAP
Password	Password part of credentials
Input Field	The Active Directory attribute name for this equality filter
Search Root DN	Distinguished Name of the subtree which is searched. The smaller the subtree the better the performance but the higher the chance of encountering principals which are not part of this subtree
Output Field	Attribute that should be returned in result entries

Setting

Description

Host

Fully Qualified Domain Name of an LDAP server

Port

Port to use for LDAP connection, defaults are 389/636 or (recommended) 3268/3269 for simple/SSL

AccountDN

AccountDN for bind to LDAP

Password

Password part of credentials

Input Field

The Active Directory attribute name for this equality filter

Search Root DN

Distinguished Name of the subtree which is searched. The smaller the subtree the better the performance but the higher the chance of encountering principals which are not part of this subtree

Output Field

Attribute that should be returned in result entries