Quest® Content Matrix can access the customers Microsoft Entra ID and Microsoft 365 tenancies. The customer grants that access using the Microsoft Admin Consent process, which will create a Service Principal in the customer's Entra ID with minimum consents required by Quest® Content Matrix migration. The Service Principal is created using Microsoft's OAuth certificate based client credentials grant flow https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-client-creds-grant-flow.
Customers can revoke Admin Consent at any time. See https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/delete-application-portal?pivots=portal and https://docs.microsoft.com/en-us/skype-sdk/trusted-application-api/docs/tenantadminconsent for details.
Following is the base consent required by Quest® Content Matrix.
·All computation is performed on server(s) provided by the customer.
·All data and application logs are stored in a SQL server or file provided by the customer.
·In case of migration using "Import API" option, binary contents of files are uploaded to Azure blob storage. Quest® Content Matrix can use either SPO provided Azure container blob storage or customer provided private Azure container blob storage.
Encryption of secrets uses MS DPAPI (PBKDF2, AES).
Security-sensitive information like the password and OAuth tokens used in SharePoint and Public Folder connections are encrypted using Microsoft DPAPI (ProtectedData Class (System.Security.Cryptography) | Microsoft Docs).
Source |
Target |
Port/Protocols | |
---|---|---|---|
Content Matrix Console
|
Job DB, Agent DB |
MSSQL (default 1433 TCP) or SQLCE | |
SharePoint Server (remote machine) |
Native Web Service |
User selected port (TCP) | |
Nintex Web Service |
443 (TCP) or 80 (TCP) | ||
MEWS |
Native Web Service port (TCP) | ||
SharePoint DB |
MSSQL (default 1433 TCP) | ||
Quest Web Services |
Metalogix License Service |
443 (TCP) | |
Nintex Conversion Service |
443 (TCP) | ||
Azure Cloud |
Azure Blob Storage |
443 (TCP) | |
Azure Queue |
443 (TCP) | ||
Microsoft 365 (SPO CSOM) |
443 (TCP) | ||
Nintex Online |
443 (TCP) | ||
PowerShell |
Content Matrix Agents |
135 (TCP) and dynamic ports (TCP) | |
Content Matrix Agents |
Agent DB |
MSSQL (default 1433 TCP) or SQLCE |
Figure 2: List of protocols used and associated ports
.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center