Cross-Farm SSP Configuration
The following settings allow ControlPoint to access activity data when a cross-farm Service Application is created on a farm other than the one on which ControlPoint is installed.
NOTE: These are Advanced Settings.
Global Logging Database Connection Settings
·Connection String for Global Logging Database on Different Farm (GLOBALSP)
·Web Apps Connected to Global Logging Database on Different Farm (GLOBALLSPWAPS)
Global Web Analytics Database Connection Settings
·Connection String for Web Analytics Reporting Database on Different Farm (GLOBALWASP)
·Web Apps Connected to Web Analytics Reporting Database on different Farm (GLOBALWASPWAPS)
Look for Site Collection Admin Users in Active Directory Groups (SiteAdminAD)
By default, if an Active Directory Group is a Site Collection Administrator, ControlPoint does not look inside the group to determine if a logged in user is a member of that group in order to calculate permissions.
ControlPoint Application Administrators can, however, have ControlPoint look for Site Collection Administrators within Active Directory groups by changing the ControlPoint Setting Look for Site Collection Admin Users in Active Directory Groups (SiteAdminAD) from false to true.
NOTE: Be aware that if ControlPoint is required to look for users within Active Directory groups, processing time may increase.
Created (Hidden) Settings
"Created" settings are special-purpose settings that you can add to the ControlPoint Settings list if needed. Generally, these settings should only be configured under special circumstances and with guidance from Quest Support.
NOTE: When a setting is created, it is added to the category Special Purpose.
To create a ControlPoint Setting:
1From the ControlPoint Configuration Settings Manager, click [Create].
2Check the box to the left of each setting you want to create.
3Click [Insert].
To delete a Created setting:
NOTE: You can only delete settings that are classified as "Created." (That is, Basic and Advanced settings cannot be deleted.)
1In the ControlPoint Settings list, check the box to the left of each created setting you want to delete.
2Click [Delete].
When you delete a Created setting, it is removed from the current ControlPoint Settings list and once again becomes available from the Add Created Settings list.
Created Settings to Override ControlPoint Default Security
By default, ControlPoint is security trimmed to enforce SharePoint permissions. ControlPoint Application Administrators can, however, override these permissions to allow user groups that have been defined in the ControlPoint Configuration site to perform ControlPoint analyses and/or actions on site collections and sites for which they do not have management permissions.
You can use security overrides in conjunction with Customizing ControlPoint Menus to tailor your ControlPoint environment to best suit the needs of your organization.
NOTE: These settings do not override a user's permissions for the SharePoint sites themselves. (For example, it will not give a user permission to open a SharePoint site or make changes via SharePoint site settings pages if they have not been granted permissions to do so in SharePoint. Nor will a user who does not have permissions for Central Administration be able to use ControlPoint menu items that directly invoke Central Administration pages.)
To add security override to ControlPoint
NOTE: Because the use of security overrides should involve careful consideration and planning, they are createable (hidden) settings.
1From the ControlPoint Configuration Settings Manager, click [Create] .
2Use the information in the following to determine the appropriate action to take
|
If you want to ... |
Choose ... |
|---|---|
|
allow members of one or more ControlPoint user groups to perform data analyses for any site collection or site in the farm |
Override Security Trimming for Running Reports. |
|
allow members of one or more ControlPoint user groups to perform ControlPoint actions and analyses on any site collection/site in the farm |
Override Security Trimming for All ControlPoint Operations. CAUTION: Because implications of taking actions are much more significant than viewing data, it is recommended that ControlPoint Application Administrators use extreme care when configuring this setting. (Remember that you can also customize ControlPoint menus to give groups of users access to a subset of actions. See Guidelines for Creating Customized Menus for Different Groups of Users.) |
3Navigate to the new setting and open it for editing.
4For New Value, enter the name of each ControlPoint group whose security trimming you want to override.
NOTE: If you want to extend this privilege to more than one group, enter the group names in a comma-separated list (with no spaces between group names). If you want to extend it to all ControlPoint groups, enter ALL.
