Connect SmartHub to the SharePoint 2013/16/19/SPSE Backend

Use the following procedures to connect SmartHub to the SharePoint On-Premise search engine The search engine your SmartHub instance uses to perform queries. SmartHub can be configured to use more than one search engine..

Establish Trust Relationship Between SmartHub and SharePoint

1. Create a public and private certificate. See Create and Configure Certificate.

   • This certificate is required to create trust between SmartHub and SharePoint On-Premise.

   • This single certificate you export as both private and public. Both private and public certificates are required.

2. Create the trust between SmartHub and SharePoint On-Premise: Configure SharePoint to use certificates and configure trust for your add-in.
   1. Record the $specificIssuerId that you use in this step.
   2. This information is required in the following section:Configure the SharePoint On-Premise Backend.

Enable Apps Management and Register the App in SharePoint

1. Enable Apps Management in SharePoint On-Premise:Configure the Subscription Settings and App Management service applications. This step is required to manage permissions for this high trust App.
   
   
2. Register the App in the SharePoint site that will be used by SmartHub to query for results: Register SharePoint Add-ins.
   1. Generate a new Client ID and Secret using the UI.
   2. App Domain: Enter the URL where SmartHub is hosted (without HTTP/HTTPS, such as contoso.azurewebsites.net).

   3. Redirect URI: Enter the full SmartHub URL, such as https://contoso.azurewebsites.net.

      Record the ClientID that was generated. This information is required in the following section Configure the SharePoint On-Premise Backend.

Grant Permissions to the App

Give permissions for the App that was created.

1. Navigate to SharePoint site that will be used by SmartHub and go to _layouts/15/appinv.aspx.
   
2. Use the Add-in ID box and enter the ClientID generated in step 2a. above and click Look-up.
   
   

3. Paste the following permissions XML in the Permissions Request XML box:
   

   App Permissions

   Copy

   <AppPermissionRequests AllowAppOnlyPolicy="false">   
       <AppPermissionRequest Scope="http://sharepoint/search"      
           Right="QueryAsUserIgnoreAppPrincipal" />   
       <AppPermissionRequest Scope="http://sharepoint/social/tenant"      
           Right="FullControl" />
   </AppPermissionRequests>

   The XML contains all of the permissions provided to the application that uses this Trust:

   • Impersonate user during searches
   • Request user profile properties

Synchronize User Profiles in SharePoint

1. Do a full User Profile Synchronization in SharePoint.

   1. Go to SharePoint Central Administration > User Profile Administration.

   2. Configure a Synchronization connection. Make sure the container used contains all of the users that you want to access SmartHub.

      
      
      
      

   3. Start a Full Profile Synchronization.

   4. After profile synchronization is complete, on the top right a "Number of User Profiles" value appears that is similar to the total number of users who have access to SmartHub. See the following graphic.
      
      

      

Configure the SharePoint On-Premise Backend

The Main backend The search engine your SmartHub instance uses to perform queries. SmartHub can be configured to use more than one search engine. determines which options are available for the search center and other search UI controls.

The main backend is also used to list the available search locations, as well as rank profiles, search scopes, and so on.

To configure this backend:

1. Navigate to the SmartHub Administration page at http(s)://[web-app-url]/_admin.
   For example:http://smarthub.azurewebsites.net/_admin.
   
   
2. Select Main Backend > Edit backend settings to see the Backend Properties pop-up window:
   
   
   
3. Backend Name (required):
   1. Enter a unique name for your backend.
   2. This name cannot be duplicated and can contain only letters, digits, or any of the following characters: 
      ' ', '-', '_', '.', '(', ')', '[', ']'
      
      
4. Backend type:
   1. Click the down arrow and select SPOnPremBackend.
      
      
5. Rank offset formula coefficients (optional):
   • These values are used only if you selected the Rank Based mixing algorithm that is set in the Properties for SmartHub SSA page.
     • For more information, see  Specify the Mixing Algorithm.
   • BOOST: Enter the boost factor.
   • OFFSET: Enter the rank offset.
     
     
6. These are the credentials used to access the site collection:
   • Url: Enter the URL for your SharePoint search site.
     • This URL needs to be accessible from the server where you install SmartHub.
     • For simplicity you can use the same value as Audience Url.
   • Username: Enter the user name for this site.
   • Password: Enter the password for this user.
     
     
7. Impersonate:
   1. Checked: This enables SmartHub to assume the identity of the user when retrieving data.
   2. Unchecked: If you don’t use impersonation, all queries will run as the account configured here in the backend configuration.
      
      

8. Url:

   1. Specify the internal website URL of the SharePoint On-Premise site that will be used for querying.

   2. Example: http://mysharepointserver/sites/search

      Caution: Site Collection:
      This Site Collection option must not be enabled:  
      Limited access user permission lockdown mode

9. Registered Issuer Name: Specify the "Registered Issuer Name" of the Security Token Issuer created for the High Trust App.
   
   
10. App Client ID: Specify the "Client ID" of the High Trust App registered in SharePoint.
    
    
11. Tenant Authentication Realm: Specify the "Authentication Realm" GUID of the On-Premise SharePoint farm.
    
    
12. Certificate path:
    1. Specify the relative path, which must start with ~/, to the location where the certificate (.pfx) was uploaded.
    2. This certificate must be in the same place as the rest of the SmartHub resources in the Azure Web App.
    3. Export your certificate:
       1. Go into Certification Manager and export your certificate, as a PFX file onto disk.
       2. Best practice is to export it to Certificates folder in the SmartHub folder
          
          
          
          
    4. Go back to your SmartHub Administration page and add the name of the PFX that you saved to the “Certificate path”
    5. The path should be ~/Certificates/the name of the pfx file
    6. Note: The path is not looking for the name and path in the Certification Manager. It is looking for the name path to the .PFX file on desk.
       
       
13. Click OK to add this backend.