none
Sharepoint 2010 search service from C# web service and Powershell - passing credentials to search

    Question

  • Good morning everyone,

    I really need your expert help about the following issue. I ve developed a web service in C#. Its core code has a Powershell script inside which makes a call to SharePoint 2010 search service to make some search queries, and returns some URL of some files. 

    In Powershell code I make connection to SharePoint search service using the Farm Admin account. This system works, but given results are not filetered by the user using the web service (I remember you I m using the Farm admin account in PS code)

    How can I use user account to make some queries ? How can I filter search results by user ? In Powershell code I put username and password of Farm Admin account and I know them because I m the farm administrator, but what about if I want to pass Powershell code some other user credentials ? Of course I cannot know his credential ..  Can I do it , in which way ?

    Any help is really appreciated !

    Gae 

    Sunday, December 08, 2013 1:01 PM

Answers

  • Hi Gae, if you are using web services, you shouldn't need to add a SharePoint DLL to your project. I would advise against using C# -> PS -> Web Service Call -> PS -> C# if you could go straight C# -> Web Service -> C#.

    Anyways, back to the matter at hand. Do you know what type of authentication your SharePoint server is running? Is it direct NTLM, NTLM over Kerberos, Claims, or something different?

    The following article provides the various types of impersonation available in SharePoint: http://extreme-sharepoint.com/2012/05/30/impersonation-elevation-of-privileges/


    Dimitri Ayrapetov (MCSE: SharePoint)

    Tuesday, December 10, 2013 1:51 AM

All replies

  • Hi Gae, what is your method of authentication for your C# web service?

    Dimitri Ayrapetov (MCSE: SharePoint)

    Monday, December 09, 2013 2:08 AM
  • Hi Dimitri,

    at the moment my Web Service has no authentication. I have left everything as it is per default, I think it should be "Anonymous access".

    I've talked with a collegue who suggests me to use "user impersonation" in my c# code, but I've not understood exactly what should I do. Do you have any suggestions ?

    Thank you for your contribute  :)

    Gae

    Monday, December 09, 2013 11:53 AM
  • Hi Gae, if your current web service is anonymous, how will you the username of the person accessing it?

    Dimitri Ayrapetov (MCSE: SharePoint)

    Monday, December 09, 2013 12:57 PM
  • So Dimitri, your suggestion is : "use some kind of authentication and than pass credentials from C# web service to PowerShell script" ?

    Have I understood correctly your suggestion ?     : )

    Gae

    Monday, December 09, 2013 1:04 PM
  • At the very minimum, your web service will need a way to know who the user is. For example, if you go to www.staples.com, until you login, they don't know who you are. Once you establish your authentication for your web service, you can use impersonation to call the SharePoint web service under those credentials.

    Another question is why you are using PowerShell instead of making a direct web service call to SharePoint from your web service?


    Dimitri Ayrapetov (MCSE: SharePoint)

    Monday, December 09, 2013 5:35 PM
  • Ok, now that I have enabled NTLM authentication for my web service I need to make Powershell code executed.

    I need I can follow what's exaplained here:

    http://blogs.technet.com/b/heyscriptingguy/archive/2011/12/01/use-sharepoint-web-services-and-powershell-to-work-with-search.aspx

    Yep, I know I can make a call to search webservice from C# code instead os PS, but the first time I tried it, it gave me some error when tried to add .dll reference to my project. In addition I'm very familiar with PS, and I have a very big collection of PS script.  :)

    Do you think it's a very big mistake to use it from C# code ? I was interested to reach the desired results as soon as I could, because of a deadline. Of course it can be improved.

    Thanks a lot for your big help !

    Gae

    Monday, December 09, 2013 7:55 PM
  • Hi Gae, if you are using web services, you shouldn't need to add a SharePoint DLL to your project. I would advise against using C# -> PS -> Web Service Call -> PS -> C# if you could go straight C# -> Web Service -> C#.

    Anyways, back to the matter at hand. Do you know what type of authentication your SharePoint server is running? Is it direct NTLM, NTLM over Kerberos, Claims, or something different?

    The following article provides the various types of impersonation available in SharePoint: http://extreme-sharepoint.com/2012/05/30/impersonation-elevation-of-privileges/


    Dimitri Ayrapetov (MCSE: SharePoint)

    Tuesday, December 10, 2013 1:51 AM
  • Thank you so much guys, and especially you Dimitri for have provided good way of thinking in relation to this matter.

    Have you skills to help me in another issue "Html5 worker in Sharepoint 2010 Content Editor" ? I'm thinking to open another thread over this topic and I would really appreciate your suggestions there.

    Thank you again  ; )

    Regards,

    Gae

    Monday, December 16, 2013 12:57 PM