Microsoft recommends multiple SSPs in situations where deployments that have a proven need for securely isolated content. This leaves me confused. In what scenario(s) could a single SSP expose content to a user that does not have access to it?

The search result will be visible for an user even if this user does not have access to this content. For example if you need completely isolate Internet users from Intranet content make sense to create additional SSP. Oleg

I tried to reproduce this scenario, but what I observed was the results were filtered based on the user's permissions. If the user didn't have access to the site where the content was stored, it didn't appear in the search results. However, if I logged in using an account that did have access to the site, it appeared in the results. What is the reasoning behind that?

Mybe this is an answer on your question http://technet.microsoft.com/en-us/library/cc263276(office.12).aspx Oleg

This also refers to the IIS Web Application ID Account used to access the content in the background (And also SQL Content DB Accounts). Regards, Aaron www.aaron-rendell.co.uk

I think now that I was misunderstanding the scenario. The tests I ran were within the same Web application. In that context, search results are automatically filtered based on user permissions. Since each Web application can only be assigned to a single SSP, my environment was irrelevant in regard to MS recommendation for multiple SSP deployments. It's now my understanding that, if an application is Extended for security reasons, then a separate SSP should be assigned to, and configured for, the Extended application in order to preserve that isolation in search results and user profiles. Is that correct?

Hi, Thats not technically possible. When extending a web application, the original or 'default' web application can only be associated with an SSP. Extending a web application is normally because a requirement exist to use a different method of authentication. See: http://www.gilham.org/Blog/Lists/Posts/Post.aspx?List=aab85845-88d2-4091-8088-a6bbce0a4304&ID=389 for more info about IIS/SharePoint isolation.Regards, Aaron www.aaron-rendell.co.uk

Security trimming for search results works well. I don't know scenario where SSP expose content to a user that does not have access. However, human make mistakes, sometimes document owners grant document access to the wrong person. If you have seperate SSPs, which means seperate user profile stores, people picker in web applications assoicated with different web applications will show different set of users. This will lower the chance that the permission is configured by mistake.