Search Returns Hits to Users Who Do Not Have Permissions

ID: Q237564

The information in this article applies to:

Microsoft Site Server version 3.0

SYMPTOMS

If you create a catalog using a file crawl and map the file ACLs, some files with a large number of access control entries appear in the client search results even if you do not have permission to view them. When you select the file or URL from the result page, Internet Information Server (IIS) displays a Basic Authentication dialog box.

CAUSE

When you search a Site Server Search catalog, if you do not have permission to an object, it will not be displayed in the result page. The symptoms only occur when the number of access control entries exceeds the default buffer size. This can happen after 14 access control entries on an individual file. Site Server Search does not have a large enough buffer to hold all of the ACLs.

WORKAROUND

Assign fewer than 14 access control entries to the file.

RESOLUTION

A supported fix that corrects this problem is now available from Microsoft, but it has not been fully regression tested and should be applied only to systems experiencing this specific problem. If you are not severely affected by this specific problem, Microsoft recommends that you wait for the next Microsoft Site Server version 3.0 Service Pack 4 that contains this fix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://www.microsoft.com/support/supportnet/overview/overview.asp

The English version of this fix should have the following file attributes or later:


   Date      Time                 Size    File name     Platform
   -------------------------------------------------------------
   07/27/99  12:40                 81,344 Fltrdmn.exe    x86
   01/27/99  14:02                 62,544 Update.exe     x86
   07/27/99  12:59                  1,803 Update.inf
   07/02/98  15:27                    913 Eula.txt
   07/27/99  12:39                139,024 Fltrdmn.exe    Alpha
   01/27/99  14:56                 80,144 Update.exe     Alpha

NOTE: If this product was already installed on your computer when you purchased it from the Original Equipment Manufacturer (OEM) and you need this fix, please call the Pay Per Incident number listed on the above Web site. If you contact Microsoft to obtain this fix, and if it is determined that you only require the fix you requested, no fee will be charged. However, if you request additional technical support, and if your no-charge technical support period has expired, or if you are not eligible for standard no-charge technical support, you may be charged a non-refundable fee.

For more information about eligibility for no-charge technical support, see the following article in the Microsoft Knowledge Base:

Q154871 Determining If You Are Eligible for No-Charge Technical Support

STATUS

Microsoft has confirmed this to be a problem in Site Server 3.0.

Additional query words:


Keywords          : 
Version           : winnt:3.0
Platform          : winnt 
Issue type        : kbbug

Last Reviewed: July 28, 1999