Chat now with support
Chat with Support

ControlPoint 8.9 - for Microsoft 365 Administration Guide

Preface The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License ControlPoint Online Configuration Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Preparing Your Environment for Using ControlPoint Sentinel Running ControlPoint Online Operations Using PowerShell Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses Changing Default Settings to Improve Application Performance Changing Settings to Improve Discovery Performance Changing Default Settings for Navigation Changing Trace Switch Logging Levels Changing Default Settings for Compliance Managing Site Provisioning Settings Setting Preferences for the ControlPoint Scheduler Changing Settings for Anomalous Activity Detection Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings ControlPoint Online-Specific Settings
Troubleshooting

Setting Sensitive Content Manager End Points and Managing Scanning Preferences

ControlPoint Application Administrators use the ControlPoint Sensitive Content Manager Configuration dialog to set EndPoints to point to the server(s) on which Sensitive Content Manager is configured.  Members of the Compliance Administrators group can also test the availability of each EndPoint and change default preferences for scanning content.

NOTE:  ControlPoint Application Administrators can also configure EndPoints individually and update other configuration settings via ControlPoint Configuration Settings - Compliance settings.

To launch the ControlPoint Sensitive Content Manager Configuration dialog:

From the left navigation Manage tab, choose Compliance > Sensitive Content Configuration Maintenance.

Setting EndPoints

The Value of each Sensitive Content Manager EndPoint must be set to point to the server(s) on which Sensitive Content Manager is configured your environment.  Use the information in the following table for guidance. SCM Configuration Settings O365

 

Endpoint

Description

Value

Sensitive Content Manager Upload EndPoint

The URL for the Sensitive Content Manager for sending files.

This corresponds to the File Upload URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

Sensitive Content Manager Results EndPoint

The URL for the Sensitive Content Manager service for retrieving files job results.

This corresponds to the Results Service URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

Sensitive Content Manager Profile EndPoint

The URL for the Sensitive Manager service for retrieving profiles.

This corresponds to the Profile Service URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

Sensitive Content Manager Search Terms

The URL for the Sensitive Content Manager service for retrieving rules used to identify a specific kind of sensitive content.

This corresponds to the Subquestion Service URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

When you have finished setting EndPoints, click [Update].

Testing Availability of EndPoints, File Upload, and Results

From the EndPoint Testing tab, you can test the availability of each endpoint that you set, as well as whether files can be uploaded to/received from Sensitive Content Manager.

If you click a [Test EndPoint] button and the status returns as Unavailable, make sure that the URL is correct and that the service is available on the Sensitive Content Manager server side.

If you click [Test File Upload], ControlPoint will send a sample file to Sensitive Content Manager, and will display a log of the action.  If you then click [Test File Results], ControlPoint will log the progress of the file's return.

Managing Scanning Preferences SCM Configuration Settings PREFERENCES O365

ControlPoint can create columns called Scan Results and/or Terms Detected. Each time a scan is performed, the Severity Level is populated for the scanned item.

PII Scan Results

ControlPoint Application Administrators can allow this column to be created/populated by changing the value(s) of Automatically add Scan File Results column and update with severity level in SharePoint Lists and/or Automatically Add Terms Detected column and update with severity level in SharePoint Lists from false to true.

Preparing Your Environment for Using ControlPoint Sentinel

If you want to use ControlPoint Sentinel for anomalous activity detention, you must prepare your environment so that data collection can begin.

A.SharePoint auditing must be enabled on all site collections for which Anomalous Activity detection will be performed.

B.Anomalous Activity Detection must be enabled to run:  

§via the  Windows AnomaloousActivityJob scheduled task

OR

§as part of the ControlPoint Scheduled Job Review.

Enabling SharePoint Auditing

ControlPoint Sentinel analyzes the following SharePoint audit log events for Anomalous Activity Detection:

·Editing items

·Deleting or restoring items

·Opening or downloading documents, viewing items in lists, or viewing item properties.

You can enable these settings for individual site collections from within SharePoint or, for a larger scope, using the ControlPoint Manage Audit Settings action.

Enabling the Anomalous Activity Detection Job

1Log into the server where ControlPoint Online is installed and open the Windows Task Scheduler.

2Navigate to Task Scheduler Library > Metalogix > ControlPoint Online.  

3Right-click on AnomalousActivityJob and choose Enable.

By default, the job is scheduled to run daily, at 4:00 am (local server time).  You may however, change the schedule to run more frequently.  Note that, the more frequently the job is run, the sooner an alert may be generated when an Anomalous Activity Limit is reached.

Enabling Anomalous Activity Detection via the ControlPoint Scheduled Job Review

As an alternative to using the Anomalous Activity Detection Job, you can choose to have anomalous activity detection performed as part of the ControlPoint Scheduler Job. (which, by default, runs every 10 minutes).  ControlPoint Application Administrators can enable this option by changing the ControlPoint Configuration Setting Enable Options That Require Anomalous Activity Detection from False to True.

Config Setting ANOMALOUSACTIVITYENABLED

 

Running ControlPoint Online Operations Using PowerShell

For any ControlPoint Online operation that includes the Save As option, which generates an xml file with instructions, you can run that operation using PowerShell.

NOTE:  Currently, you can only run instructions for analyses using real-time (not cached) data.

Account Login Requirements

You can run ControlPoint Online actions in PowerShell from the server on which ControlPoint Online is installed. The account you use to log into the server machine must be a Site Collection Administrator for the site collections for the scope of the operation being performed.

Before You Begin: Update the App.config File

1Open the file App.config (by default, located in the folder \\Program Files\Metalogix\ControlPoint Online\Powershell).

2Locate the <endpoint address = line, and change http://SMALLTEMPLATE:2828 to the path to the ControlPoint Online application in your environment.

CP Online PowerShell App Config

Loading the ControlPoint Online cmdlets

The ControlPoint snap-in contains the cmdlets needed to run a ControlPoint action.

You can either:

·load the snap-in every time you open PowerShell, or

·add the snap-in to your PowerShell profile so it will automatically load the cmdlets whenever PowerShell opens.

Refer to the msdn article on Windows PowerShell Profiles for details on creating a PowerShell profile.

Loading the ControlPoint Online snap-in

NOTE:  These are the Windows default directories.  The location of files may be different in your environment.

Line

Command

Description

1

Set-Alias install util C:Windows\Microsoft.NET\Framework64\
v4.0.30319\InstallUtil.exe

Maps an alias to an install utility that ships with the .NET Framework.

2

Change to the following directory:

C:\Program Files\Metalogix\ControlPoint Online\Powershell\

 

then add the snap-in by adding Add-PSSnapin xcsnapin;

Navigates to the directory containing the xcPowerShell.dll file that contains the ControlPoint Online cmdlets.

3

installutil xcPowerShell.dll

Uses the install utility to load xcPowerShell.dll into Powershell

4

Add-PSSnapin xcSnapin

Adds the snap-in containing all of the ControlPoint Online cmdlets.

Below is an example of the lines of text above in the PowerShell profile.

ControlPoint Online PS Profile

Below is an example of a PowerShell session with the ControlPoint Cmdlets successfully loaded.

PowerShell Loaded Cmdlets

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating