サポートと今すぐチャット

オンラインヘルプの参照
登録の完了

サインイン

価格設定をリクエスト

営業担当に連絡

Enterprise Reporter 3.5.1 - Installation and Deployment Guide

コンテンツのナビゲーション

Product Overview

Introducing Quest® Enterprise Reporter Key Features of Enterprise Reporter Enterprise Reporter Components

Enterprise Reporter Architecture

Installation Considerations for Enterprise Reporter

Before You Install Enterprise Reporter Enterprise Reporter server and database considerations

Failover recovery using SQL clusters

System Requirements Overview of Enterprise Reporter communications and required credentials

Node credential and alternate credential details for on-premises discoveries Detailed permissions for Enterprise Reporter discoveries Permissions for Enterprise Reporter discoveries on NAS devices Permissions for Enterprise Reporter tenant applications Minimum permissions for installing Enterprise Reporter Minimum permissions for installing Enterprise Reporter Port Requirements

Database Requirements

Configuring the Database and Security Groups

Installing and Configuring Enterprise Reporter

Installing Enterprise Reporter

Installing the Components

Installing and Configuring Individual Components

Installing and Configuring the Configuration Manager Installing and Configuring the Report Manager Installing and Configuring the Database Wizard Installing and Configuring the Log Viewer Installing and Configuring the Encryption Key Manager Creating a Database Prior to Enterprise Reporter Server Installation Installing and Configuring SSRS Installing and Configuring IT Security Search

Upgrading Enterprise Reporter

Preparing to Upgrade Enterprise Reporter Upgrading Enterprise Reporter Components Upgrading Enterprise Reporter Nodes Upgrading Manually-Configured Enterprise Reporter Nodes After Upgrading Enterprise Reporter

Licensing Enterprise Reporter

Activating or Updating Your License

Security Groups in Enterprise Reporter Role-Based Security in Enterprise Reporter Managing Your Database Using the Database Wizard

Using the Database Wizard to Create or Connect a Database Upgrading a Database Deleting a Database Changing the Security Mode Changing the Connection to the Enterprise Reporter Database Performing Database Maintenance

Managing Your Enterprise Reporter Deployment

Optimizing Enterprise Reporter Enterprise Reporter server and database considerations

Failover recovery using SQL clusters

Cluster Deployment Considerations

Consider the Data to Collect Before Deploying Nodes Fine Tune Each Cluster and Node Optimize Node Setup Plan Credential Use

Logged-In User Details Understanding Credentials Using Scenarios

Effectively Deploy Remote Nodes

Deploying a Node to a Trusted Domain

Optimize Data Transfer

Discovery Considerations

Divide Discovery Targets According to Cluster Structure Collect Only the Data Needed Plan Discovery and Reporting Schedules Optimize Nested Group Membership Collection Optimize Nested Group Membership Collection for Azure and Microsoft 365 Discoveries

Discovery Permission Requirements

Detailed permissions for Enterprise Reporter discoveries Permissions for Enterprise Reporter discoveries on NAS devices Permissions for Enterprise Reporter tenant applications IDG Managing Your Deployment.4.25.html

Troubleshooting Issues with Enterprise Reporter

Troubleshooting Installation Issues

Connecting to a SQL Server Issues with Multi-Domain Controller Environments

Problems Opening the Consoles Database Configuration Issues Troubleshooting connectivity issues

Restoring a connection to the Enterprise Reporter Server Restoring a connection to the Enterprise Reporter database Troubleshooting Connection Timeouts

Troubleshooting credential change failures Resolving Issues in the Configuration Manager

Node Deployment Issues Dealing with unassociated nodes Problems deleting a node Creating a Node Debug Log File

Data Collection Issues

Troubleshooting features in Enterprise Reporter

Exporting logs from the Configuration Manager Viewing information about your Enterprise Reporter configuration Viewing errors and statistics for tasks

Moving the Enterprise Reporter database Disaster Recovery

Backing up Enterprise Reporter Deploying Enterprise Reporter to another computer after a disaster Checking the Enterprise Reporter configuration after recovery

Appendix: Database Content Wizard

Software Requirements Starting and Configuring the Enterprise Reporter Database Content Wizard Transferring an Enterprise Reporter Database Backing Up an Enterprise Reporter Database Restoring an Enterprise Reporter Database Cleaning an Enterprise Reporter Database Merging Two Enterprise Reporter Databases Running Custom Enterprise Reporter Scripts PowerShell cmdlets

Requirements Database Content Wizard cmdlets Loading the Database Content Wizard cmdlet Backing Up An Enterprise Reporter Database Cleaning an Enterprise Reporter Database Merging Two Enterprise Reporter Databases Restoring an Enterprise Reporter Database Transferring an Enterprise Reporter Database

Appendix: Encryption Key Manager

Starting the Encryption Key Manager Generating a key file Importing a key file Exporting a key file Resetting credentials

Appendix: Log Viewer

Starting the Enterprise Reporter Log Viewer Finding and opening log files Viewing and searching log file entries Filtering log file entries

Optimize Nested Group Membership Collection for Azure and Microsoft 365 Discoveries

Depending on the reports that will be run, you may need to collect data to show nested group memberships. It is more efficient to collect group members through the Azure Active Directory discoveries than using the nested group membership option on the Azure Resource, Exchange Online, or OneDrive discovery.This also helps to avoid collecting the same accounts in multiple discoveries.

Discovery Permission Requirements

The following sections outline the permission requirements for discoveries.

•

Detailed permissions for Enterprise Reporter discoveries

•

Permissions for Enterprise Reporter discoveries on NAS devices

•

Permissions for Enterprise Reporter tenant applications

Detailed permissions for Enterprise Reporter discoveries

The following table outlines the permissions required for Enterprise Reporter discoveries.

Table 35. Detailed permissions required for Enterprise Reporter discoveries

Permissions Required for Discovery Credential

Active Directory

An account with Active Directory read permissions is required to collect domain information, trusts, sites, domain controllers, and Active Directory computers, users, groups, and organizational units.

The account being a member of the Built-in Domain Users group is sufficient to assign read permissions.

To collect Fine Grained Password Policy and AD object level permissions, Domain Admin is required.

Azure Active Directory

An identity with read permission for the discovery target tenant. Read permissions are required for collection of tenant information, Azure Active Directory users, groups, group members, roles, and service principals.

If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as stated above.

Also refer to credentials required to create and consent to the Enterprise Reporter Azure application required for this discovery.

An identity with read permissions for the discovery target tenant. Read permissions are required for collection of subscription, Resource groups, and resources.

If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as stated above.

Also refer to credentials required to create and consent to the Enterprise Reporter Azure Resource application required for this discovery.

An account with local administrator access on the scope computers to collect computer information, local groups and users, printers, services, policies, and event logs.

To collect from Exchange targets, the credential account must have a mailbox on the target organization with access to read the permissions on the targets through EWS.

To collect from Exchange 2013, 2016, or Mixed Modes, the credentials must be a member of the Organization Management Group.

To collect from Exchange 2016 or Exchange 2019, the credentials must have an administrator role with an assigned “ApplicationImpersonation” role.

Exchange Online

An account with access to the discovery target tenant.

Read permission is required for collection of all Exchange Online information including mailboxes, mailbox delegates, public folders, mail-enabled users, mail contacts, distribution groups, group members, and permissions.

If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as previously stated.

File Storage Analysis

An account with local administrator access on the scoped computer is required to collect file, folder, share, and home drive analysis data.

For permissions required when collecting NAS devices, see Permissions for Enterprise Reporter discoveries on NAS devices .

An account with local administrator access on the SQL Server is required.

Additionally, the account must have read access to the scoped database to collect database information.

At a minimum, if not using fixed roles, the following SQL permissions are required on the securable object being used for collection.

•

Grant View Any Definition

•

Grant View Server State

•

Grant View Connect Any Database

•

Grant View Select All Securables

Microsoft Teams

The user credentials used to collect Microsoft Teams information must have either the Teams Administrator or Global Administrator permissions.

The user must also be a member of each Microsoft Teams group to prevent access denied errors during disk discovery.

If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as stated above.

Also refer to credentials required to create and consent to the Enterprise Reporter Microsoft Teams application required for this discovery.

If collecting through the administrator share, an account with local administrator access to the scoped computer is required.

If collecting through a network share, an account with read permissions to the scoped shares is required.

For permissions required when collecting NAS devices, see Permissions for Enterprise Reporter discoveries on NAS devices .

An account with access to the discovery target tenant. Administrator permissions are required for collection of all drives including drive information, configuration settings, files, folders, and permissions. A SharePoint administrator role is recommended.

Additionally, the discovery credentials must have site collection administrator rights to each drive that is being collected.

If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as stated above.

Also refer to credentials required to create and consent to the Enterprise Reporter OneDrive application required for this discovery.

An account with local administrator access to the scoped computer is required to collect registry information.

SharePoint Online

An account with access to the discovery target tenant. Administrator permissions are required for collection of all SharePoint Online site collections, including tenant settings and policies, site information, and permissions. A SharePoint administrator role is recommended.

Additionally, the discovery credentials must have site collection administrator rights to each site collection that is being collected. If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as stated above.

Also refer to credentials required to create and consent to the Enterprise Reporter SharePoint Online application required for this discovery.

Permissions for Enterprise Reporter discoveries on NAS devices

The following table outlines the permissions required for Enterprise Reporter discoveries.

Table 36. Permissions required for Enterprise Reporter discoveries on NAS Devices
Discovery Type	Permissions Required for Discovery Credential
NetApp Cluster Mode	Multiple virtual machines belong to a single cluster. All of these virtual machines can be specified as discovery targets. These virtual machines must be part of a domain. The NAS configuration must point to the cluster (name or IP address) with credentials that have read access to the cluster. These would typically be administrator credentials.
NetApp 7 Mode	In NetApp 7 mode, data can be collected on the storage controller or vFilers that are derived from the storage controller. Credentials with read access to the controller and vFiler are required.
NetApp Storage Controller	In NetApp 7 mode, data can be collected on the storage controller or vFilers that are derived from the storage controller. Credentials with read access to the controller and vFiler are required.
NetApp Filer	The vFiler can be a discovery target. In this case, the NAS configuration must point to the storage controller from which the vFilers are derived and the credentials must have read access to the storage controller.
Dell Fluid FS	The discovery target can be any Fluid FS VM. The NAS configuration must be the machine name or IP where Dell Enterprise Manager is installed and credentials must have access to Dell Enterprise Manager.
EMC Isilon	The discovery target can be any Isilon virtual machine. The NAS configuration must be the machine or IP that hosts the OneFS administration site and the credentials must have read access to it. By default, the connection is established using https and, if the connection is not deemed to be secure, the discovery will fail.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択

© 2024 Quest Software Inc. ALL RIGHTS RESERVED. 利用規約プライバシー Cookie Preference Center