Registersecuritytrimmer: Stsadm operation (Office SharePoint Server)

Applies To: Office SharePoint Server 2007

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.


Topic Last Modified: 2016-11-14

Operation name: Registersecuritytrimmer


Enterprise Search in Microsoft Office SharePoint Server 2007 performs security trimming of search results at query time. The results are trimmed based on the identity of the user submitting the query, by using the security information obtained from the crawler. However, there are certain scenarios in which the built-in security trimming results are not sufficient for your requirements and you need to implement custom security trimming. Enterprise Search provides support for custom security trimming through the ISecurityTrimmer interface. For example, say you have a Windows NT security model on your Human Resources database that only allows users access between the hours of 9:00 A.M. and 5:00 P.M. There is not a way to express that in an Access Control List (ACL), so instead, you would implement a custom security trimmer which implements this logic.

Also, if the ACL information changes in real time, the ACL read at crawl time is considered not current. Consequently, the security picture is invalid. A dynamic security check through a custom security trimmer at query processing time will return documents based on the current ACL picture.

Once a security trimmer is registered a full crawl of all the content that is specified by the rulepath parameter is required.


stsadm -o registersecuritytrimmer

**   -ssp <ssp name>**

**   -id <ID number>**

**   -typename <assembly qualified TypeName of ISecurityTrimmer implementation>**

**   -rulepath <crawl rule URL>**

**\[-configprops\] \<name value pairs delimited by '~'\>**


Parameter name Value Required? Description


A valid SSP name, such as "SharedServices1"


The name of the SSP.


A unique ID from 0 to 2147483647


The security trimmer ID.

This value is unique. If a security trimmer is registered with an ID that is already registered for another security trimmer, the registration for the first trimmer is overwritten with the registration for the second trimmer.


A valid type name, for example:

"Microsoft.Office.Server.ApplicationRegistry.Search.QueryProcessorSecurityTrimmer, Microsoft.SharePoint.Portal, Version=, Culture=neutral, PublicKeyToken



The strong name of the custom security trimmer assembly.


A valid rule path, such as "file://file1"


The crawl rule for the security trimmer.


A valid name-value pair in the form "name1~value1~name2~value2"


The name-value pairs that specify the configuration properties. It must be in the following format: Name1~Value1~Name2~Value2~…

See Also

Other Resources

ISecurity Trimmer (