This is my collection of information around
Hybrid Search gotten from session recordings from the SharePoint Conference 2014.
Emphasis is on volatile information snippets like quotes from session speakers you would probably never ever find again - and info that makes your head say "I should remember this".
SPC306 - "Best practices for Hybrid Search deployments"
Speakers: Brent Groom, Norm Lambert
Video
General Info
- Crawls are done on the respective system - one crawl on-prem and one crawl in Office 365
Best Practices
- Microsoft doesn't add Office 365 search results as Result Block to on-prem search results but separates on-prem and remote results
- Outbound or Inbound Hybrid Search? Look where you have the most content and decide accordingly.
- Don't pass all search requests to the remote SharePoint - use keywords or similar triggers instead
- Perform latency tests - since querying local and remote SharePoint is done synchronously the user always has to wait for both - latency can be critical here
- If latency is too high the recommendation is to write your own search results web part (at cost of OOB functionality) ...
- Use Microsoft WAP as reverse proxy
- Don't use Microsoft UAG as reverse proxy
- Fiddler can be used as reverse proxy during development
Restrictions
- Custom Display Templates are not possible for Hybrid Search Results
- Stress testing against Office 365 is not permitted
Crystal Ball
Currently remote search results are displayed like Federated Search results - improving this situation is on the roadmap (interleaving search results, "from query rules to remote index"), but there is no date yet.
SPC320 - "Hybrid Search: Configure Outbound Hybrid Search in SharePoint Online with Password Sync"
Speakers: Manas Biswas, Neil Hodgkinson
Slides
Video
General Info
- ADFS not needed for setting up hybrid search (only needed for SSO) - DirSync takes care of transferring claims from on-prem to O365
- Security Trimming is applied to search results
- There are two flavors of Hybrid: Hybrid between on-prem SharePoint and Office 365 is different from between on-premise and Dedicated SharePoint (Hosted)
- the latter doesn't need the ACS but only standard domain trust (?)
- Interesting: Configuring trust between on-premise farm and Office 365 makes use of high-trust app terminology and cmdlets (app principal, certificates, token issuer...)
- O365 is being treated like a high-trust app (?)
- Key claims used for validation users between on-prem and O365:
- User principal name (UPN)
- Name Identifier (e.g. SID)
- SMTP address
- SIP address
- Result Source Protocol for remote search results is "Remote SharePoint"
- Document Preview in Search Results on-prem and Office 365 should work "in both locations" if Office Web App components are installed in "both locations"
Best Practices
- DirSync schedule is mentioned as running every 3 hours
- Start setting up Outbound Hybrid Search - it is the easiest one and prepares you for Inbound and Two-Way Hybrid
- Use self-signed certificates for STS trust
Restrictions
- Refiners don't work for O365 search results in demoed Outbound scenario (doh!)
- Cannot use domain-issued certificates for establishing STS trust
Crystal Ball
Asked about
refiners in Outbound Hybrid Search scenario Neil says: "
There is no refinement yet" and "
The roadmap is to improve that service" - where Manas is quick to say "Not as of now", which makes Neil giggle. Feels like this is more on the longer-term roadmap...