Microsoft KB Archive/309821

= Deep Traversal ExOLEDB Search Requires Administrator Permissions =

Article ID: 309821

Article Last Modified on 2/28/2007

-

APPLIES TO


 * Microsoft SharePoint Portal Server 2001

-



This article was previously published under Q309821



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
When you attempt to perform a deep traversal search on the Web store, you may receive the following error message:

Error Type: Microsoft OLE DB Provider For Exchange (0x80550023) Submitted SQL statement was incomplete.



CAUSE
This problem can occur because a temporary search folder is created, which requires administrator access, when you perform a deep traversal search on SharePoint Portal Server.



RESOLUTION
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To resolve this problem, when you use ExOLEDB on SharePoint Portal Server to perform deep traversals directly, you must open write access to the root folder of the top-level hierarchy (TLH). This procedure provides administrative rights to those users that want to run the deep traversals.

To open access to the root folder of the TLH, perform the following steps:  Stop the Web store. Set the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\[MACHINE]\Public-[mdbGUID]\Database Security Descriptor

To override the defaults, create a self-relative security descriptor that contains the discretionary access control list (DACL) you want as the default. Transfer the entire buffer that holds the SECURITY_DESCRIPTOR structure to the REG_BINARY value for this registry key.

NOTE: This security descriptor should not be in Exchange Server transfer encoded format. The security descriptor should be a standard Microsoft Windows NT security descriptor. Restart the Web store.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

Additional query words: sps

Keywords: kbbug kberrmsg kbnofix KB309821

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.