Mapped Security

You can use Mapped Security to protect documents that you retrieve from SharePoint using the SharePoint OData Connector.

The connector can retrieve security permissions (Access Control Lists) that are attached to items in the repository. The connector adds an Access Control List to each document that is indexed into IDOL.

The connector might need to resolve SIDs in Access Control Lists into user and group names. The connector can do this by connecting to an LDAP Server. Alternatively, if you are using SharePoint Online with users and groups from Microsoft Azure Active Directory, the connector can do this through the Microsoft Graph API. To use the Microsoft Graph API you must create an OAuth application to represent the connector, and run the OAuth configuration tool to obtain the OAuth tokens that the connector needs to authenticate with the API.

The connector can also retrieve security group information from SharePoint and send it to OmniGroupServer. The connector retrieves SharePoint group information when OmniGroupServer initiates the connector's SynchronizeGroups fetch action.

For detailed information about how to configure Mapped Security for documents retrieved from SharePoint, see SharePoint Mapped Security.