Wednesday, 16 July 2014

Configuring IRM for SharePoint Online Libraries and Lists

Information Rights Management(IRM) Polices protects sensitive content from unauthorized users. By Applying IRM to document you can prevent users from printing or copying a file. Office 365 SharePoint Online provides support for IRM through Active Directory Rights Management (Microsoft Azure AD RM) which is included in E3 and E4 plans.
 In Office 365 SharePoint online IRM is applied at the library or list level. An organization’s office 365 admin should first activate the Rights Management Service for the organization from the Office 365 admin center before IRM can be applied to SharePoint library or list. The process of activating the rights management service is detailed Activating rights management
After activating rights management service, IRM has to be turned on from SharePoint Admin Center by following the below steps
  1. Sign in to Office 365 as admin and to SharePoint Admin Center and then choose settings from options in the left.
  2. On the settings page scroll down to Information Rights Management section, and choose Use the IRM service specified in your configuration option, and click Refresh IRM Settings button.
Once IRM has been turned on site owners will be able to apply IRM policies to document libraries and lists in the site by following the below steps
  1. Go to the settings page of the library for which the IRM policy has to be applied and click Information Rights Management under Permissions and Management section.
  2. On the Information Rights Management Settings page, select the Restrict permission to documents in this library on download check box for applying permission to documents.
  3. Enter a  name for the policy in In the Create a permission policy title input box and provide a description in Add a permission policy description input box.
  4. Click Show Options to expand IRM Library settings and select the restrictions that has to be applied for documents in library and click OK button.

For example if you want to disallow users from uploading files that do not support IRM then select Do not allow users to upload documents that do not support IRM check box and click OK. When users try to upload a file that do not support IRM such as an image  to the library, they would be prevented from uploading the file and a message indicating unsupported file type will be shown.

Wednesday, 2 July 2014

Fix for Failed to retrieve blob from URI error in SharePoint 2013 search

I had a standalone SharePoint 2013 server in which I had search service configured. However when I try to crawl the contents the crawl took way too much time and majority of the documents didn’t get crawled. Examining the search crawl log showed strange error message Failed to retrieve blob from URI\\sp2013\gthrsvc_3819458f-2197-4849-a04a-e97e4ead9873-crawl-0\\3c\0x23c.aspx.

I tried methods like

·         Recreating the search service application with a different App Pool

·         Resetting the index and doing a crawl again

·         Giving admin rights to the search service account

But nothing solved the issue. After trying several options I turned to MS forum and got help from Raphel of RioLinx. The issue happens because of insufficient rights for the account to the physical crawl content folder and below are the steps to give permission

1.     Right-click on the C:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\Applications\3819458f-2197-4849-a04a-e97e4ead9873-crawl-0\gthrsvc folder

2.     Select Shared with --> Advance sharing

3.     In the Sharing tab, select "Advanced Sharing"

4.     Check "Share this folder"

5.     In the Share name text box, enter gthrsvc_3819458f-2197-4849-a04a-e97e4ead9873-crawl-0

6.     Select the Permissions button and add WSS_ADMIN_WPG with Full Control

Note: Replace 3819458f-2197-4849-a04a-e97e4ead9873 with the id that is available on your server

After performing the steps all the content were getting crawled and the crawl time also was reduced significantly.