I have installed Microsoft Search Server 2008 Express on a Windows 2003 server and created a search content source (our corporate website) for testing. I can search this source just fine from the Search Centre.
From an ASP.NET web application I am trying to query the provided web service as described here
I am using impersonation settings in the web.config to specify the user account the request runs under but I cannot find out how to set up that user in the Search Server to allow it to make the query.
<authentication mode="Windows"/>
<identity impersonate="true" userName="MyDomain\MyUser" password="myPassword" />
If I use my own network credentials I get the results back, as I am set up with Full Control permissions in the Search Server instance, but when I use an alternate domain account for this (MyDomain\QueryUser) I get this error:
System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Attempted to perform an unauthorized operation.
I have added the user to the server in Search Server > Site Settings > Permissions > Add Users and have given the account Full Control but it still cannot use the webservice. Is there a setting somewhere I am missing?
**EDIT
Ok, I have tried Gordon's suggestion and using the credentials the Sharepoint application is using makes the error go away. Also, adding the second domain user to the local Administrators group on the server makes the error go away.
What permissions are these changes granting the webservice? Do I have to resort to using these work arounds or can I give my domain user appropriate permissions in Sharepoint somewhere?