When you install SharePoint and configure your Search Service Application, it usually does a pretty good job making sure that your default content access (aka crawl) account has the appropriate permissions to your SharePoint sites. However, many times, it is necessary to adjust permissions to get this to work. This could be caused by you simply wanting to change the account that is used or because it is not working for some reason. For today’s post, we’re specifically talking about setting permissions so that your content access account can properly crawl your SharePoint web applications. I will also remind you that you never want to use an account with administrator privileges for your crawl account. If you do, you will have issues with security trimming.
First, verify that the account you are using for crawling is the one you want. You can view this in the Search Service Application under Default content access account. You can change your account here if necessary. Otherwise, just make a note of it.
Once you know what account you are dealing with, we can go set the permissions on your web application. Go back to Central Administration and then click on Manage Web Applications. Next, you want to select the web application that needs permissions. Highlight the web application you want and then click the User Policy button.
In this popup, you want to verify that your default content access account is listed. If you see it there, make sure it has Full Read permissions and nothing else. If it is not there, click the Add Users button to add your content access account. On the first step, you will want to pick (All Zones) and then click Next. On the next screen, enter your account name, choose Full Read and use the default settings for all other options. Once you are done, your accounts should look something like this.
Once you are happy with your accounts, click OK. You then want to go back to the content sources page in your Search Service Application and perform a full crawl. Performing the full crawl will ensure that security trimming is properly applied when users search your SharePoint site.