Sep 08 2022 12:12 AM
As of August 26th critical software in our company started to fail.
All functionality involving getting results from Microsoft SharePoint Search failed to get any results.
This software is PowerShell, .NET Console applications, Runbooks (PowerShell), .NET Web API in an Azure App Service, ...
All this software - that was failing - was using an Application Registration with either a certificate or password.
To fully troubleshoot, I created a .NET Console application with no frameworks (like PnpCore SDK, Pnp.Framework, ...) but a simple HttpClient to get results from https://tenant.sharepoint.com/_api/search/query?...
This httpclient would have Bearer authorization, with an access token from either a PublicClientApplication (delegated permissions), or a ConfidentialClientApplication (application permissions)
The results were that delegated permissions always give the right results.
Application permissions however gave results when searching on "Title:", but gave no results (PrimaryResults were empty) when searching on any other: in our case: "{searchtext} Path:https://tenant.sharepoint.com/sites/X/Lists/Y/*"
At first we thought this was caused by searching on RefinableString00 and RefinableString01, but searching without specifying a managed property, fails as well.
Before August 26th, all was working just fine.
Appearantly, Microsoft deployed a patch to SharePoint Search somewhere around that date, to improve performance.
This caused incident #MO420476 to rise, but was fixed later on. However, our problems still exist, so this might not be related (although I would like to believe it does)
This issue caused me to have all applications to be reverted to delegated permissions (which in some cases is not preferrable at all, especially for f.i. runbooks).
Is there anyone, either having this issue as well, or either be able to help me solve this issue?
Best regards
Sep 15 2022 12:55 AM
Sep 15 2022 12:59 AM
Sep 15 2022 03:53 PM - edited Sep 15 2022 03:59 PM
I've been experiencing this issue across the board, here in Australia too. Search results through application permissions is returning 4 results for a request with row limit of 10 for some, 0 for others. Running the same query as a user returning dozens of pages, 200+ results with a few refiners selected. Running queries only returning back titles are working fine. I think this is in-line with the symptoms everyone else is experiencing.
I don't think there is much more to contribute except for getting Microsoft to notice the issue. SP Search has been an extremely useful way to surface large data sets across many sites and lists. It will be a shame if we are forced to offload to a different medium to achieve the same results in a more reliable fashion for business-critical operations, without exposing a service account with no MFA in conflict with Microsoft's best-practice security recommendations.
Sep 15 2022 09:50 PM
Sep 16 2022 01:34 AM
Sep 19 2022 03:24 PM
Sep 19 2022 09:59 PM
Sep 19 2022 11:29 PM
Sep 20 2022 11:13 PM - edited Sep 21 2022 12:22 AM
Maybe good to know: I have a list, on which I try to find listitems. The list returns 0 results, searching using multiple options (no ManagedProperty, on RefinableString, ...) when using Application Permissions. Except for 1 listitem: this one I do find, with both permissions (application, delegated). I accidentally found out.
I tried to figure out what is different on this listitem, but couldn't find anything.
Edit: the only difference I see, is that the Author of that one listitem is an actual user:
| upn | display_name | some_large_guid i:0#.f|membership|upn
The other listitem's Author's are an app:
| App name | some_large_guid i:0i.t|some guid|UPN_of_app
Edit 2: I created a new listitem myself (not by the app above), and that one I can find as well, by any authentication.
Sep 27 2022 06:28 AM
Oct 01 2022 09:22 PM
Dec 20 2022 12:10 AM