Chatta subito con l'assistenza
Chat con il supporto

GPOADmin 5.19 - User Guide

Introducing Quest GPOADmin Configuring GPOADmin Using GPOADmin
Connecting to the Version Control system Navigating the GPOADmin console Search folders Accessing the GPMC extension Configuring user preferences Working with the live environment Working with controlled objects (version control root)
Creating a custom container hierarchy Selecting security, levels of approval, and notification options Viewing the differences between objects Copying/pasting objects Proposing the creation of controlled objects Merging GPOs Restoring an object to a previous version Restoring links to a previous version Managing your links with search and replace Linking GPOs to multiple Scopes of Management Managing compliance issues automatically with remediation rules Validating GPOs Managing GPO revisions with lineage Setting the change window for specific actions Working with registered objects Working with available objects Working with checked out objects Working with objects pending approval and deployment
Checking compliance Editing objects Synchronizing GPOs Exporting and importing
Creating Reports Appendix: Windows PowerShell Commands Appendix: GPOADmin Event Log Appendix: GPOADmin Backup and Recovery Procedures Appendix: Customizing your workflow Appendix: GPOADmin Silent Installation Commands Appendix: Configuring Gmail for Notifications Appendix: Registering GPOADmin for Office 365 Exchange Online Appendix: GPOADmin with SQL Replication About Us

Using Gmail for Workflow Approvals

To enable the ability to approve or reject changes through Gmail, you need to:

Creating a Gmail Credentials File

The API credentials file allows GPOADmin to connect to Gmail, verify the authorization, get access and refresh tokens to retrieve and send messages.

For best practice information on securely using API keys see the Google Support documentation (https://support.google.com/googleapi/answer/6310037?hl=en&ref_topic=7013279).

2
Open https://console.cloud.google.com/apis/credentials. Review the Terms of Service and click Agree and Continue.
5
Click Create Credentials | OAuth client ID.
6
Click CONFIGURE CONSENT SCREEN.
8
Enter the application name on the OAuth consent screen and click SAVE AND CONTINUE. Although some fields are optional, the following information is required:
9
To add the GMAIL API from the library, select ADD OR REMOVE SCOPES, click Google API Library link, enter GMAIL API in the Filter field, choose Gmail API, and click Enable.
11
Check the Read, compose, send, and permanently delete all your email from Gmail checkbox, then click UPDATE.
12
Click SAVE AND CONTINUE to select your test users.
13
Click ADD USERS.
14
Enter the required account’s email and click ADD. (At a minimum, the account used to connect must be assigned as the test user.)
15
Click SAVE AND CONTINUE to review your settings.
16
Click BACK TO DASHBOARD.
17
Select Credentials under APIs & Services.
18
Click CREATE CREDENTIALS.
19
Select Desktop app for the Application type and optionally give it a name and click Create.
20
Click OK to close the OAuth client created dialog.
21
Click Download to download the credential information in JSON format.

Appendix: Registering GPOADmin for Office 365 Exchange Online

Appendix: Registering GPOADmin for Office 365 Exchange Online

To use email notifications using Office 365 Exchange Online, you need to register GPOADmin with Azure Active Directory. During the registration process, the following variables are generated. These variables are used when you configure OAuth authentication.

1
2
In the Microsoft Azure dashboard, go to Azure Active Directory | App registrations, and click New Registration.
4
Under Supported account types, select Accounts in this organizational directory only (Single tenant) for the accounts that can access the application API.
5
Leave the Redirect URI (optional) field empty.
6
Click Register.
7
On the Overview tab, go to View API Permissions. Click Add a permission, click Microsoft Graph | Application Permissions and add the Mail.ReadWrite and Mail.Send permissions. See Microsoft documentation for details on limiting permissions to specific Exchange Online mailboxes. (Note: The Enforce approver account validation option found when configuring email notifications will not function if you select to follow the Microsoft article to restrict access to a single mailbox.)
8
Click Add Permission.
9
On the API Permissions tab, under Grant consent, click Grant admin consent for tenant name.
10
Click Yes to confirm.
11
On the preview screen, click Overview, and note the application ID and the directory ID. (You will need these values when setting up OAuth authentication.)
12
Go to Manage | Certificates & secrets, select Upload certificate and upload the required .cer file.

Appendix: GPOADmin with SQL Replication

The following information details how to setup SQL replication to allow multiple GPOADmin servers in the same domain to run concurrently sharing a configuration store and a backup store.

Before setting up SQL replication, ensure the following is in place:

1
Right-click the required server and select Configure Database Replication (or Remove Replication if it is no longer required.)

During an upgrade, GPOADmin checks to see if the current database is configured for replication. If the database setup for replication, you have two options:

NOTE: These instructions are derived from Microsoft documentation.
f
Choose Full Mesh topology.
a
Right-click the Replication node and Configure Distribution -> This machine should be its own Distributor.
b
c
Subscriber Types page: Choose SQL Server 2008 or later.
i
Wizard actions: Select Create the publication.
7
Refresh the Local Publications node, then expand and select the new publication.
8
Right-click the publication and choose View Snapshot Agent Status.
9
Right-click the publication and choose New Subscriptions. (All subscriptions can be created from here.)
b
Merge Agent Location page: Choose Run all agents at the Distributor to create a similar replication path as the peer-to-peer setup.
c
Subscribers page: Click Add SQL Server Subscriber once for each SQL server in the replication. Choose the database on the target server for replication.
e
Synchronization Schedule page: Set the Agent Schedule to Run continuously for each subscription.
f
Initialize Subscriptions page: Select Initialize and set Initialize When to Immediately.
g
Subscription Type page: The Subscription Type should be Server. Set the Priority for Conflict Resolution to a different number for each subscription.

 

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione