Database Integrity in a Network Installation

In a network installation, it is common to want to restrict permission to refresh and rebuild a search database to the database administrator. For example, if any user can refresh or rebuild a database, and one user launches a search just after another user initiates a rebuild of the database, the first user may unwittingly obtain inaccurate search results.

There are three things an administrator must control to restrict access to the databases OL Connect Search creates.

  1. Search profile permissions on the search database

    The ReadOnly entry in a search profile controls whether that profile permits updates on its database. You set this entry to 1 to disable all the rebuild and refresh features available through the OL Connect Search user interface when that search profile is loaded. You must open the profile in Windows to edit the ReadOnly entry; you cannot modify it through the OL Connect Search user interface.

  2. Windows permissions on search profiles

    If users have write permission on the file containing the search profile in Windows, they can edit that profile either through the OL Connect Search user interface or by opening the file directly.

    A user could thus open the file in Windows and edit the ReadOnly entry to permit database updates from that search profile. They could also modify the file from OL Connect Search, for example, changing the printer OL Connect Search uses when it prints search results from searches accomplished with that profile. Even in an environment where users are trusted not to edit the ReadOnly entry, it may be preferable to ensure the contents of the search profile do not change unpredictably.

  3. Windows permissions on the search database

    Even if the ReadOnly entry is set to prevent database updates and the file containing the search profile is read-only, a user could create a new search profile that accesses the database, by creating the profile from scratch, or by loading a search profile that prevents database updates, saving it out under a different name or in a different folder, and editing the ReadOnly entry to permit database updates. The only way to prevent this is to ensure users cannot write to the database from outside OL Connect Search.