This content is part of the Essential Guide: Navigating the Office 365 and SharePoint hybrid roadmap

Configuring hybrid search for SharePoint 2013

Configuring hybrid search for SharePoint Online and SharePoint 2013 isn't quick or easy, but an eight-step process can get the job done.

The majority of SharePoint deployments remain on-premises, but users are increasingly looking to the cloud for new features and cost savings through SharePoint Online.

Concerns about data safety and regulations have prompted some organizations to pursue a hybrid approach, which offers benefits of both platforms, but also complicates search configuration. Nonetheless, if your organization uses hybrid SharePoint configuration, at some point you will need to search for items that may reside in the cloud or on-premises, so you need search functionality that can span both.

Fortunately, it's possible to configure a hybrid search from SharePoint Online to the most recent on-premises version, SharePoint 2013. Configuring this search, however, is anything but intuitive. Microsoft has acknowledged this issue, promising better and easier hybrid setup in the upcoming version of SharePoint, SharePoint 2016. But in the meantime, hybrid users have to cope with two distinct search sets that don't have affinity with each other.

Configuring hybrid SharePoint search

Configuring hybrid search for SharePoint 2013 involves eight steps and multiple tasks. Ready to get started? Let's outline the various steps here.

1. If you are already using SharePoint 2013 and SharePoint Online, there's a good chance you've already taken the first step, which is establishing synchronization between the two environments. If not, register your domain with Office 365, assign a UPN domain suffix for your on-premises Active Directory and then synchronize your local Active Directory with the Office 365 directory. Once the environments are synchronized, assign licenses to users.

2. Time to set up SharePoint Services for hybrid environments, which requires running the Managed metadata Service Application, My Sites, and the User Profile Service Application in your SharePoint farm. Turn on the metadata application in the System Settings menu for central administration.

Then create a Web application for the My Sites site, in the Application Management menu of Central Administration. Then turn on the User Profile Service (under System Settings) for at least one of the SharePoint servers in your farm and create a User Profile Service application. After that, turn on the User Profile Synchronization Service and then synchronize the connection to the Active Directory Domain Services. The SharePoint library offers full instructions on this step here.

3. Configure server-to-server authentication from the on-premises SharePoint deployment to SharePoint Online. This involves three main tasks. First, make sure all of the on-premises search center sites you're using are set up for Integrated Windows Authentication with Windows Challenge/Response (or NTLM). If not, your best option is to reconfigure those sites. Second, make sure that any user likely to perform a hybrid search is designated as a federated user. Third, configure the server-to-server authentication. This means establishing a trust relationship between the two environments.

4. Run SharePoint user profile synchronization. To do so, open the SharePoint Central Administration site and click on the Manage Service Applications link found in the Application Management section. When the resulting page is displayed, click in the Name column of the User Profile Service application row to open the Manage Profile Service page and then click Start Profile Synchronization.

5. Make sure that your on-premises SharePoint deployment is up-to-date. It's OK if you don't want to install all the latest patches, but you will need at least the May 2014 Cumulative Update.

6. Configure connectivity and authentication from Office 365 to SharePoint Server 2013. What the previous two steps lacked in difficulty, this step makes up for. There are four main tasks you will have to perform, but each requires planning and some include numerous subtasks. The four tasks are:

  • prepare your public domain,
  • configure SharePoint Server,
  • create and configure a target application within SharePoint Online, and
  • perform a validation test.

Full instructions for this step are available at the SharePoint library.

7. Configure a reverse-proxy device, which will combine the search results. Various vendors complete this process in different ways. Microsoft supports four different reverse-proxy devices: Windows Server 2012 R2 with Web Application Proxy, Forefront TMG 2010, F5 BIG-IP, and Citrix Systems' NetScaler.

8. The final step is configuring the search service application to display search results from your on-premises SharePoint 2013 deployment. Once again, this is a multi-task process. The four tasks are the following: Define a result source in Office 365 -- this designates your on-premises deployment as a provider of search results. Then create a query rule for SharePoint Online so it can receive search results from the local deployment.

Finally, test the configurations by searching the on-premises SharePoint deployment and then attempt a search from the SharePoint Online Search Center. If both pass that test, you should be in good shape for searching your hybrid SharePoint deployment.

Next Steps

Tips for improving SharePoint 2013 search

Experiences differ when migrating to SharePoint Online

Tradeoffs linger for SharePoint and SharePoint Online

Dig Deeper on Enterprise SharePoint strategy