I showed, in several slides and sessions, how you can use the search-admin role in the search application of HCL Connections for troubleshooting and reviewing some key configurations.
In several environments, my user or other administrative users have this role, just to access the link to /search/serverStatus
for example.
How it started
Some years ago, when IBM owned Connections, we had a case, that a user with the search application search-admin role didn’t see results in the profiles advanced search. The result was always empty.
As it already was after the birth of pink/component pack we decided to close the case, as a new search was already planned and announced.
So I forgot about this topic and started again to investigate an issue with profiles advanced search, end of 2023. My finding was that users with search-admin
role do not get results in advanced search (/search/web/jsp/advancedSearch.jsp) of Connections. Any search term gives an empty result.
The journey
Profiles advanced Search in Connections 8 is a bit hidden. Open People > Directory > Display Full search options
Now searching for a given name (example: https://cnx8cr6-db2.stoeps.home/profiles/html/advancedSearch.do?keyword=&displayName=&preferredFirstName=&preferredLastName=jones2&profileTags=&jobResp=&description=&experience=&organizationTitle=&workLocation%24city=&workLocation%24state=&countryDisplayValue=&email=&telephoneNumber= )
After recognizing the root cause, a search in my notes and local documentation, brought up the old case and I opened a new one at HCL support.
After three months of waiting, I got the answer:
This is to inform you that the development has gone through the issue. This is working as expected.
Ok, as this behavior seems to be intended, I asked for updated documentation or knowledge base article. I even created a pull request for the Connections 8 documentation.
So, two months ago, the page Roles was updated with the wording:
Note: Users with this role may experience certain limitations with UI-based search functionality.
I wasn’t pleased with this because when something is working as intended, I would clearly state what happens when you assign the role. So I asked for a change. Which was released with CR6 now:
Note: Granting the search-admin role exclusively for auditing tasks to a user may inadvertently expose restricted content. Consequently, the role is intended to have limitations.
To be honest, that’s even worse. Therefore, there is a role for auditing, but it is built to have limitations. I don’t understand! Either I have an audit role (which should get everything), or I have limitations.
Summary
To prevent further time wastage, I’m closing the case and jotting down a note to remember this shortcoming. But I don’t want to wait any longer for another change or for my proposal to be merged.
Be aware, when you assign the search-admin role in the search application to a user, the advanced search will not return any result.
Btw, there is another documentation page Analyzing results from the search serverStatus page , which tells you to set the role for troubleshooting, but also does not contain a warning about the circumstances. Just a recommendation to use a new user for the role.