Saving and Re-Using a SharePoint Object Selection
If you frequently perform ControlPoint operations on the same set of SharePoint objects, you can save your selection to a local drive or network file share as an XML file. You can then upload the file on an as-needed basis, and eliminate the need to select the same set of objects whenever you perform a ControlPoint operation.
Only objects that are valid for the current operation will be included in the scope. For example:
·If your selection includes list items and you initiate an operation that is not valid for list items, those items will be excluded from scope.
·If you initiate an operation that can only be performed on a single object, the option to upload a selection from XML will not be available.
Generally, a selection saved on one farm cannot be uploaded to a different farm.
EXCEPTION: In a multi-farm environment, if a saved selection include items from more than one farm and you have initiated a ControlPoint operation that can act on multiple farms, it can be uploaded to any farm involved in the operation.
Once you have initiated an operation then upload a selection from XML, you have the option of replacing the current selection with the selection in the XML file or adding to it. It is important to note, however, that if you chose to add to the current selection and one group of objects is within the scope of the other (for example, the saved selection includes objects within the scope of the existing selection), the larger scope will be applied.
To save a selection to an XML file:
1Initiate a ControlPoint operation for the selection you want to save.
2In the Selection pane, click the Save selection link.
The Download File dialog displays.
3Click [Download] to display the File Download dialog.
4Click [Save] then save the file to the local or network location of your choice.
NOTE: It is recommended that you change the default file name, Selection.XML, to a name that is unique and descriptive.
5When the file has finished saving, click [Close] to dismiss the open dialogs.
To upload a selection from an XML file:
1Initiate the ControlPoint operation you want to perform.
2In the Selection section, click the Upload Selection link.
3Click [Browse] and navigate to the file you want to upload.
4The path to the file displays in the field to the left of the [Browse] button.
5Click [Upload] to move the file path to the field below.
6If you want the uploaded selection to Replace Existing Selection, check this box.
NOTE: If you leave this box unchecked, the uploaded selection will be appended to the current selection.
7Click [Apply].
Selecting Users on Which to Perform a ControlPoint Action or Analysis
When you initiate a ControlPoint action or analysis that involves SharePoint users, the Parameters section of the workspace includes the standard SharePoint "People Picker" for selecting the user(s) you want to include.
If you initiate an operation by selecting one or more users from the SharePoint Hierarchy, the People Picker will be pre-populated with the selected user(s).
You can:
·perform the operation on all SharePoint users (by leaving the People Picker blank)
OR
·select one or more individual users.
Many ControlPoint operations also give you the option of selecting multiple users based on:
·a wildcard (*)
AND/OR
·a SharePoint user profile.
NOTE: There is a maximum number of users that can be included in a ControlPoint action. This limit is a "safety net" to prevent the operation from being carried out on more users than intended, which is especially useful when a wildcard is used. The ControlPoint Application Administrator can adjust this limit by changing the Value for the ControlPoint Configuration Setting Maximum Number of Users to Act on (MAXUSERSFORACTION), as described in the ControlPoint Administration Guide.
Selecting Individual Users
Enter the name of one or more users on which you want to perform the action or analysis. Separate each user name with a semicolon (;). You can either:
§enter a full user account name (for example, domain\username or service provider:username), then click the Check Names icon (
OR
§click the Browse icon (
If your environment includes alternate authentication providers (that is, in addition to Active Directory), when you initiate an action or analysis for a single Web application you can validate or browse for individual users managed by any authentication provider supported by that Web application. Similarly, if you use claims-based authentication and want to perform an operation on a claim, you can validate the claim if it is being performed on or within a single Web application. Because of limitations inherent in SharePoint, however, if you have selected the entire farm or multiple Web applications, you can type in alternate authentication-user account names or claims, but you can neither validate nor browse for them.
Depending on the action or analysis you are performing, ControlPoint may or may not allow invalidated users to be included in the operation. For example, you cannot add a user to a site unless the user's existence in the provider database can be validated. However, you can delete or report on an unvalidated user's permissions from a site, because it is reasonable to assume that a user who has been granted permissions to a SharePoint site may no longer exist in the provider database(s), as in the case of a former employee.
Selecting Users Based on a Wildcard
You can use a wildcard (*) to select users that you want to include in a ControlPoint operation. Only one wildcard can be used per entry and generally can be placed anywhere within the account name. ControlPoint will return all users (including Active Directory groups) whose account name matches the specified pattern. Built-in Active Directory Groups are always excluded.
For most actions and all analyses, users that match the patternalong with their permissionsare collected from the ControlPoint data cache, which is current as of the date and time of the last run of ControlPoint Discovery. For actions that add users (such as Set User Direct Permissions and Add User to SharePoint Group) ControlPoint queries Active Directory for users that match the specified pattern. Therefore, non-Active Directory users cannot be added using a wildcard.
EXAMPLES:
|
If you want to select ... |
Enter ... |
|---|---|
|
all users and groups within thebellum domain |
bellum\*. |
|
all instances with the user name jamesjoyce, across all Active Directory domains |
*\jamesjoyce. NOTE: This option cannot be used for actions that add users and require a query against Active Directory rather than the ControlPoint data cache. For these actions, the full domain name must be used. If you want to use a wildcard to select users in different Active Directory domains, a two-way trust relationship must exist. |
|
all users with the last name Smith within the bellum domain |
bellum\*smith. |
NOTE: Currently, wildcards cannot be used within the name of a claim.