Gravatar for

Question by erkany, Jan 2, 2015 11:40 AM

Basic authentication on top of Sitecore causes :"Coveo Security Service 401" error


Is there any way to have Coveo Security Service work with the additional security layer we have on top of Sitecore?

I think I was able to make this work for November version. I changed the app pool user to a local admin account and I was able to get pass this issue.

Now with Sitecore 7.5 and Coveo December version it does not seem to work.

Thanks, Erkan

1 Reply
Gravatar for

Answer by Jean-François L'Heureux, Jan 2, 2015 1:35 PM

The Coveo Security Provider connects to your Sitecore instance with the credentials specified in the Coveo.SearchProvider.config file's SitecoreUsername and SitecorePassword elements. These credentials are set in a User Identity in CES. By default, this user identity supports the basic authentication security.

If the SitecoreUsername and SitecorePassword elements are not defined or auto-closed, the default values sitecore\admin and b are used.

Is it possible that you changed the Sitecore administrator username or password in your Sitecore 7.5 instance and forgot to update them in your Coveo.SearchProvider.config file?

Gravatar for

Comment by erkany, Jan 2, 2015 2:20 PM


We put the sitecore\admin account with the custom password we provided for SitecoreUsername and password fields. After reading your message I switched that setting to a domain admin account to see if it will make a difference. I made sure domain admin account has write access to the root Sitecore instance folder.

Still getting the 401. Any ideas?

Gravatar for

Comment by Jean-François L'Heureux, Jan 2, 2015 2:47 PM

I just tested it successfully in my environment. My AppPool runs as NETWORK SERVICE and my CESService7.exe process runs as my domain account. The Coveo Search Provider may use the CESService7.exe identity when identifying to IIS before using the Sitecore identity to connect to Sitecore.

You may try to set the Coveo Enterprise Search 7 x64 service identity to an identity that can pass your basic authentication.

Ask a question