Preface
Configuring the Environment in Which ControlPoint Will Run
Configuring ControlPoint for Additional Web Front-End Servers
Additional Configuring Considerations for Multi-Farm Installations
Configuring ControlPoint Services
The ControlPoint Configuration Site
Managing Your Farm List
Managing Your ControlPoint License
Granting ControlPoint Access to Web Applications and Content Databases
Configuring ControlPoint Services
Using Discovery to Collect Information for the ControlPoint Database Cache
Nightly Full Discovery
Using the Discovery Service
Using Sensitive Content Manager Services
Launching the Discovery Setup Application
IMPORTANT: Before Running the Discovery Service
Changing Discovery Service Configuration and Settings
Starting or Stopping the Metalogix ControlPoint Discovery Service and Changing Discovery Service Properties
Monitoring the Discovery Service Queue
ControlPoint Settings Used by the Discovery Service
Running a Full or Partial Discovery Manually
Launching the SCM Services Setup Application
Changing SCM Services Configuration and Settings
Monitoring the Status of ControlPoint Interactions with SCM
Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences
Managing ControlPoint Configuration and Permissions
Managing ControlPoint Users and Permissions
Modifying ControlPoint Configuration Settings
Setting Up ControlPoint Users and Groups
Auto-Adding Users to ControlPoint Groups
Making ControlPoint Accessible from within SharePoint
Configuring ControlPoint Menus
Defining Custom Properties to Apply to SharePoint Sites
Accessing Members of Active Directory Groups in Different Domains or Forests
Purging Historical Activity and Storage Data from the ControlPoint Services (xcAdmin) Database
Enabling Server Details to Display in the SharePoint Summary Report
Customizing ControlPoint Menus
Guidelines for Creating Customized Menus for Different Groups of Users
Accessing the ControlPoint Menu Maintenance Page
Creating a Custom Menu
Adding and Editing Custom Items in a Menu
Managing Access to ControlPoint Menus
Editing and Deleting Custom Menus
Adding Advanced ControlPoint Menu Items
Customizing Your Favorites
Changing Default Settings for Actions and Analyses
Changing Trace Switch Logging Levels
Archiving SharePoint Audit Log Data
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg)
Maximum Line Items in Real-time (REPCAP)
"Use Cached Data" Default Value (CACHEDREP)
Abort Report Processing on Error (ABORTREPORTONERROR)
Display "Include users with AD group membership" Parameter (SHOWADGROUPS)
Copy/Move Default Temporary Location (TEMPLOCATION)
Time to Retain Page Data in Cache (CACHEREPORT4)
Time to Retain Temporary UI Objects in Cache (UICACHEDURATION)
Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT)
Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE)
Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS)
Use Activity Min. Date as Start Date (UseActivityDbDate)
"Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY)
Duplicate Files Report Limit (DuplicateFilesReportLimit)
Users to Exclude from Reports (EXCLUDEDUSERS)
Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports)
Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize)
CSV Delimiter Character (CSVDELIMETER)
Largest Active Directory Group to Expand in Reports (MAXMEMBERS)
Maximum Number of Users to Act On (MAXUSERSFORACTION)
Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS)
Prevent Set Site Collection Quotas (PreventSetSCQuota)
Show Nested Active Directory Groups (PROCESSADHIERARCHY)
Hide Interactive Analysis Link (RESTRICTSL)
Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance
Time to Run an Operation Before Timing Out (OPERATIONTIMEOUT)
Maximum Number of Objects to Processed in Parallel (MaxParallelProcs)
Operations Using Parallel Processing (ParallelProcs)
Objects Subject to Parallel Processing (ParallelProcSites)
SQL Command Timeout Value (COMMANDTIMEOUT)
Maximum Number of Objects to Pass to the Selection Builder (MaxObjectsForSelection)
Maximum Alert Processing Interval (MaxAlertProcessingPeriod)
Number of Seconds After Which Browser Reports Server Timeout (SERVERTIMEOUT)
Idle Time Before Session is Ended (STIMEOUT)
Maximum Size of Library in Which to Search for Web Part Pages (WEBPAGESLIMIT)
Audit Log Configuration Settings
ArchiveAuditLog Configuration Settings
Number of Days to Keep Audit Records (AUDITMAXDAYS)
Excluding Users from Audit Log Analyses (ExcludeUsersAudit)
Specifying Whether to Display Site Names in Audit Log Analyses (PROCESSAUDITNAMES)
Changing Settings for Anomalous Activity Detection
Restricting Functionality for Members of the Business Administrators Group
Prevent Business Admins from Deleting Orphaned users (BAPreventDelete)
Prevent Business Admins from Running Cacheable Reports in Real Time (BAPreventRealTime)
Preventing Members of the Business Administrators Group from Emailing Scheduled Analyses (BAPreventScheduledEmail)
Show Full Hierarchy of Business Admin Sites
Changing Default Settings for ControlPoint User Groups
Show All Site Collections to Farm Admins (SUPERADMIN)
Remote Service Account Administrators for Cross-Farm Operations (RSAADMIN)
Auto Add Users To ControlPoint Group Maximum Group Size (CPGroupMemberLimit)
Permissions Needed to See List Items in Reports (ItemSecurityLevel)
Business Administrators Group Name (BADMIN)
Changing Settings to Improve Discovery Performance
Show Menu Items That Require Discovery (DiscoveryEnabled)
Abort Discovery on Error (ABORTDISCOVERY)
Depth at Which to Stop Discovey When Time Restriction is Reached (DISCOVERYRESUMELEVEL)
Discovery Pause Time to Allow Other Operations (DISCOVERYSLEEP)
SQL Command Timeout for Discovery Process (DISCOVERYTIMEOUT)
Maximum Discovery Run Time (DISCOVERYTIMERESTRICTION)
Exclude Web Parts from the Discovery (EXCLUDEWEBPARTS)
Tuning Options to Improve Discovery Performance (SPEEDDISCOVERY)
Site Collections to Exclude from Full Discovery (URLEXCLUDE)
Web Applications to Exclude from Full Discovery (WAPEXCLUDE)
Changing Settings to Accommodate Special Environmental Factors
Alternate Access Mapping Zone for Navigation and Report Links (URLZONE)
Enable SharePoint Server Functionality (MOSS)
Changing Default Settings for Navigation
Postpone Security Trimming of SharePoint Hierarchy Until Site Collection is Expanded (PostponeSecurityTrim)
Search Using Cached Data (CACHEDSEARCH)
How to Display Multiple Farms in SharePoint Hierarchy (FARMNAVIGATION)
Maximum Number of Objects to Display Before Foldering (NAVCAP)
Preload All Site Collections in Server-side Cache (PRELOADSITECACHE)
Show SharePoint Groups with No Permissions in Hierarchy (ShowNoPermSPGroup)
Display url or Site Name in SharePoint Hierarchy (SHOWURLASTITLE)
Maximum Number of Users to Display in SharePoint Hierarchy (SPUSERCAP)
Maximum Number of SharePoint Groups to Display in SharePoint Hierarchy (SPGROUPCAP)
Managing Site Provisioning Settings
Maximum Number of Provisioning Requests in Completed an Rejected Folders
Changing the Subject and/or Body of Provisioning Request Emails
Configuring the Site Provisioning Workflow Settings (SharePoint Server)
Specifying Global Settings for ControlPoint Policies
Users to Exclude from All ControlPoint Policies (CPPOLICYSUPERUSERS)
Content Creation Policy url (POLICYSERVICEURL)
Setting Preferences for the ControlPoint Scheduler
Maximum Number of Scheduled Jobs to Submit at One Time (MAXSUBMIT)
Number of Minutes Scheduler Will Wait Before Next Group of Jobs (OVERIDESCHEDULETIMERMINUTES)
Maximum Line Items in Scheduled Report Results (SCHEDULEDREPCAP)
Defining "Admins" for Scheduled Analysis Results Distribution (SiteAdminCriteria)
Permissions Level for Site Admin Definition for Scheduled Report Distribution (SiteAdminPermissionLevel)
Miscellaneous and Custom Configuration Settings
SQL Server Connection String for xcAdmin Database (xcAdminConnectionString)
Initial Screen (INITSCREEN)
No Dashboard (NODASHBOARD)
Special-Purpose Configuration Settings
How the Audit Log Archiving Process Works
Setting Up the Audit Log Data Archive
Troubleshooting
Creating the Audit_Log_Transfer Database Table
Archive Audit Log Table Connection String (ArchiveAuditLogConnectionString)
Running the Archive Audit Log Process
Running the Archive Process from the ControlPoint Application Interface
Running the Archive Process from the ControlPoint xcUtilities Interface
Running the Archive Process from a Command Line
Scheduling the Archive Process via Windows Task Scheduler
Managing Archive Audit Log Configuration Settings
ControlPoint Log Files
ControlPoint Web Config File (web.config)
ControlPoint Administration Log (xcAdmin.log)
Logged Errors Report
Troubleshooting Configuration Errors
Blank Page/Unexpected Error
Could Not Load File or Assembly
If You Cannot Resolve a Configuration Error
Troubleshooting the ControlPoint Application Interface
Recent Change Does Not Show Up in the SharePoint Hierarchy
Remote Farms Do Not Display in SharePoint Hierarchy
Site Collections Display as "Inaccessible"
Site Collections Grayed-Out and "Locked"
When Launched from a Server That Has IE Enhanced Security Configuration Enabled, ControlPoint Fails to Launch Properly
Number of Child Objects Specified for an Object in the SharePoint Hierarchy Doesn't Match Number Displayed
The Loading of Site Collections in the SharePoint Hierarchy is Extremely Slow
Error Occurs When Attempting to Launch ControlPoint from a SharePoint Site
A Business Administrator's SharePoint Sites Do Not Display in the SharePoint Hierarchy
"A Script on the Page is Causing Internet Explorer to Run Slowly..."
Troubleshooting Discovery
Troubleshooting SharePoint Users and Permissions
Cannot Locate SharePoint Users Authenticated by Alternate (non-Active Directory) Methods
System Exception: "Cannot get the members of the group..."
Active Directory Group Membership: "Cannot connect to the domain controller for domain"
Properties Dialog: Total Users with Permissions Displays as "Incomplete"
Users with Permissions Granted Through a Claim are not Showing Up in Permissions Analysis Results
Troubleshooting Site Provisioning
Site Provision Request Workflow Failed on Start
Provisioning Requests Manager: Workflow Status Column is Blank
Troubleshooting ControlPoint Operations
Not All ControlPoint Actions and Analyses Are Available to Me
Your Page has Expired
Timeout Exception: The server has timed out.
Hyperlinks in Activity Analysis Results are broken
Number of Users Has Exceeded the Allowable Threshold
ASP.NET Session Has Expired
Too Many Rows to Display
Download as .csv: No Cached Data for Download
Export Results to Excel: "The file you are trying to open is in a different format..."
Action or Analysis Taking Longer Than Expected
Cannot Perform Operations on Central Administration
Copy/Move Insufficient Permissions Message
Newly-Created Site Does Not Show Up in Manage SharePoint Groups Picker/Cannot be Scheduled
Cannot Run Activity Analysis Using Real-time Data
Activity Data in Analysis Results is Out of Date
Cumulative Hits Only Available Option When Running Activity Analyses
Activity Analysis Requests Column Only Shows 0's for Users and Requests
Number of Lists in Storage Analysis Results Does not Match Number Displayed in SharePoint Hierarchy
Storage Information Reported by ControlPoint is Different than What's Reported by SharePoint
Most/Least and ControlPoint Policies Analysis Never Progress Beyond "Loading" Using IE 11 with SharePoint 2010
HRESULT:0x80040E09
No User Profile Application available to service the request
If you Cannot Resolve an Issue with a ControlPoint Operation
Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS)
By default, the Permissions Management for Site Admins option includes the option to Grant user(s) permissions directly.
However,ControlPoint Application Administrators can hide this option (if, for example, your organization adheres to the SharePoint best practice of allowing permissions to be granted only via SharePoint groups) by changing the Value of the ControlPoint Configuration Setting Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTDIRECTPERMS) from false to true.
NOTE: This is an Advanced Setting.
Prevent Set Site Collection Quotas (PreventSetSCQuota)
By default, a ControlPoint user can set a site collection quota via the Set Site Collection Properties action only if the user is a Farm Administrator or has been given elevated privileges via the security override ACTSECOVRW.
ControlPoint Application Administrators can, however, allow all ControlPoint users to set quotas for site collections that they manage by changing the Value of the ControlPoint Configuration Setting Prevent Set Site Collection Quotas from True to False.
NOTE: This is an Advanced Setting.
When Prevent Site Collection Quotas is set to Truee (the default value), the Site Collection Quota will not be visible to unauthorized ControlPoint users.
Show Nested Active Directory Groups (PROCESSADHIERARCHY)
By default, when you generate a Permissions analysis and choose to Include users with AD group membership, only the top-most group that a user is a member of displays in analysis results (that is, if the user is a member of a subgroup within that group, the path to that subgroup is not shown).
ControlPoint Application Administrators can, however, choose to have the entire group hierarchy (that is, the path to any subgroup of which the user is a member) display in analysis results by changing the Show Nested Active Directory Groups Value from False to True.
NOTE: This is an Advanced Setting.
NOTE: When the entire AD hierarchy must be processed, performance may be impacted. Remember that you can also view the full Active Directory hierarchy by opening the AD Group Membership dialog.
Hide Interactive Analysis Link (RESTRICTSL)
By default, when ControlPoint is used to manage a SharePoint 2010 farm, all ControlPoint users can initiate an interactive analyses via a link that displays in the analysis results header.
NOTE: The Interactive Analysis feature is not available for SharePoint 2013 or later.
ControlPoint users can run Interactive analyses only if Microsoft Silverlight is installed on the local machine. (If it is not already installed, when the Interactive Analysis link is clicked they will be prompted to download it from the Microsoft Silverlight website.) If you want to restrict this functionalityfor example, if your company policy prohibits local installation of Silverlightyou can hide the Interactive Analysis link by changing the Value of the ControlPoint Configuration Setting Hide Interactive Analysis from false to true.
NOTE: This is an Advanced Setting.
