| SharePoint Portal Server can crawl the workspaces on other SharePoint Portal Servers. When this occurs, file-level security is enforced at query time. Exchange 5.5 and 2000 Servers SharePoint Portal Server enforces message-level security at query time for information within these servers. Encrypted messages cannot be examined and are excluded from the crawl. The SharePoint Portal Server administrator must configure the server to crawl Exchange Server content sources before a Coordinator can create Exchange Server content sources for crawling. Lotus Notes Servers Record-level security is enforced at query time by mapping the Lotus Notes user ID to the Windows NT user ID. The SharePoint Portal Server administrator must configure the server to crawl Lotus Notes content sources before a Coordinator can create Lotus Notes content sources for crawling. NFS and NetWare Servers Content on Unix NFS and Novell NetWare can be accessed using the corresponding network client, which must be installed on the SharePoint Portal Server. The server does not understand the security descriptors used by NFS and NetWare ”both non-NTFS file systems. While this means that per-file security is lost, per-share security is maintained by the server. Without security mappings, SharePoint Portal Server logs on to the share as anonymous or guest and cannot access any content that is not accessible to these accounts. The server crawls the accessible documents and stamps them with read access for the Windows 2000 Everyone group . This means that documents crawled from these content sources are searchable by any user. Administrators must take special care to ensure that information regarding documents residing on these content sources that have been secured in way that is not compatible with Windows NT security is not revealed in search results. Also, the server can send specified security credentials while accessing these foreign file systems by specifying that the account and password requires Basic authentication in the site path rules for the remote file system. TIP A common source of complication is the synchronization of credentials between SharePoint Portal Server and outside content sources, since changes made are not automatically updated in the server's configuration settings. If you begin to experience sudden difficulties accessing an outside content source, first check to ensure that the user ID and password being used to access the content source have not changed.
Configuring Indexing Access Accounts There are two index access accounts that can be configured with the SharePoint Portal Server Administration tool ”both on the Accounts tab of the server properties dialog box. The first is the Default Content Access Account. This account, which must have read access, is the default account used by SharePoint Portal Server when it creates an index of content sources. The second is the Propagation Access Account (see Figure 11.4). This account must have administrative access on the targeted computer, and is used by the server when propagating workspace indexes to other SharePoint Portal Servers. Figure 11.4. The Propagation Access Account must be configured to facilitate the propagation of indexes to other SharePoint Portal Server computers.   | 
