SharePoint Server 2013 crawler has insufficient permissions to crawl file shares
Consider the following scenario:
- You create file shares on a Windows Server 2012 server.
- You set up a Microsoft SharePoint 2013 crawler on the file shares, and you assign Read permissions to the crawler.
- You crawl the file shares by using SharePoint Server 2013.
- You search for a file in the file shares by using SharePoint Server 2013.
In this scenario, no search result is returned. Additionally, the following error message is generated in the crawl log:
The crawl account did not have sufficient privileges to access the security attributes of this file or folder. Ensure the crawl account has the 'Manage auditing and security log' privilege.
To resolve this issue, assign the Manage Auditing And Security Log permission to the SharePoint 2013 crawler. To do this, follow these steps on the computer that hosts the file shares:
Click Start, click Run, type gpedit.msc, and then click OK.
Navigate to the following location in the Local Group Policy Editor:
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
In the right pane, locate and right-click Manage auditing and security log, and then click Properties.
Click the Add User or Group button in the Manage auditing and security log properties dialog box, and then add the crawl account that the SharePoint 2013 crawler uses.
Click OK in the Manage auditing and security log properties dialog box.
If you assign the Manage Auditing And Security Log permission by using a Group Policy Object (GPO), add the crawl account to the GPO.