The following tutorial gives a step-by-step guide to set up a crawl account for Aspire. These steps have to be followed on each site that needs to be crawled.

Option 1. Site Collection Administrator

User Account Requirements

In order to access SharePoint Rest API, an Active Directory Windows User account with sufficient privileges must be supplied. All urls crawled from the same connector will use the same credentials.

To crawl SharePoint you'll need the following permissions:

• Full Read on the WebApplication

This permission will allow the user to read last modification dates of documents and sites and will allow for incremental indexing of SharePoint content.

• Read on the SiteCollection

This permission is required to get all items from the site collection

It is recommended that the account be the site collection administrator. 

Set SharePoint Access Rights

A prerequisite for crawling SharePoint On Premise is to have a Windows Active Directory account. The domain, username and password for this account will be required below.

The recommended name for this account is "aspire_crawl_account". 

This account will need to have sufficient access rights to read all of the documents in SharePoint 2019 that you wish to process. See the previous section for details on what rights will be required for the account in SharePointThe first option is to add the crawl account as Site Administrator, which will grant sufficient permissions to access all items on the site.

To set the rights for your account at the Web Application level, do the following:

1. Open the Microsoft 365 administration site (https://admin.microsoft.com)SharePoint Central Administration.
2. Go to Admin Centers → SharePoint.Go to Sites → Active Sites"Manage web applications" under "Application Management".
3. Select the site collection that you want web application which has the site collections to crawl.
4. Click on Permissions ⇾ Manage additional admins"User Policy".
5. Add On the Aspire crawl account to the "Site Admins" list.
6. Click on "Save".

Option 2. Custom Site Permission Level

If setting up the crawl account as Site Admin is not possible, follow these steps to set a custom Site Permission Level for the account in each Site Collection.  

You will need to have an account created in Azure AD available to use this method.

Image Removed

Image Removed

Image Removed

Image Removed

Step 2. Name and Description

On the "Add a Permission Level" page, set a name and description for the new permission. 

Image Removed

Step 3. List Permissions

Set the following List of Permissions:

• View Items
• Open Items
• View Versions
• View Application Pages

Image Removed

Step 4. Site Permissions

Set the following Site Permissions:

• View Web Analytics Data
• Browse Directories
• View Pages
• Enumerate Permissions
• Browse User Information
• Use Remote Interfaces
• Open

Image Removed

Step 5. Create the Permission

Leave the Personal Permissions unchecked and click Create.

Image Removed

1. "Policy for Web Application" popup, click on "Add Users".
2. On "Choose Users" space type aspire_crawl_account with the corresponding domain.
3. Select "Full Read" permission on "Choose Permissions" section.
4. Click on "Finish".

To set the rights for your "aspire_crawl_axcount" on site collections, do the following:

• 1. Go to the desired site collection and log on with a site collection administrator (or any user authorized to edit site permissions).
  2. Click on the gear icon at the top left corner.
  3. Click on "Shared With...".
  4. Click on "ADVANCED"
  5. Click on Grant Permissions
  6. Enter the domain and account name on "Invite people to" field (i.e. aspire_crawl_account).
  7. Select Show Options.
  8. Select the Read permission.
  9. Click Share.

Step 6. Assign the Permission

Assign the new permission to the crawl account. For this, go to Site Settings / Site Permission / Advanced permissions settings / Grant Permissions

On the Invite people section, select the crawl account to assign the permissions to, and on Show Options select the Permission Level you created previously.

Image Removed

Image Removed