Chat now with support
Chat with Support

ControlPoint 8.6 - Administration Guide

Preface Configuring the Environment in Which ControlPoint Will Run The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License Granting ControlPoint Access to Web Applications and Content Databases Configuring ControlPoint Services Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences Managing ControlPoint Configuration and Permissions Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg) Maximum Line Items in Real-time (REPCAP) "Use Cached Data" Default Value (CACHEDREP) Abort Report Processing on Error (ABORTREPORTONERROR) Display "Include users with AD group membership" Parameter (SHOWADGROUPS) Copy/Move Default Temporary Location (TEMPLOCATION) Time to Retain Page Data in Cache (CACHEREPORT4) Time to Retain Temporary UI Objects in Cache (UICACHEDURATION) Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT) Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE) Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS) Use Activity Min. Date as Start Date (UseActivityDbDate) "Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY) Duplicate Files Report Limit (DuplicateFilesReportLimit) Users to Exclude from Reports (EXCLUDEDUSERS) Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports) Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize) CSV Delimiter Character (CSVDELIMETER) Largest Active Directory Group to Expand in Reports (MAXMEMBERS) Maximum Number of Users to Act On (MAXUSERSFORACTION) Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS) Prevent Set Site Collection Quotas (PreventSetSCQuota) Show Nested Active Directory Groups (PROCESSADHIERARCHY) Hide Interactive Analysis Link (RESTRICTSL) Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance Audit Log Configuration Settings Changing Settings for Anomalous Activity Detection Restricting Functionality for Members of the Business Administrators Group Changing Default Settings for ControlPoint User Groups Changing Settings to Improve Discovery Performance Changing Settings to Accommodate Special Environmental Factors Changing Default Settings for Navigation Managing Site Provisioning Settings Specifying Global Settings for ControlPoint Policies Setting Preferences for the ControlPoint Scheduler Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings
Changing Trace Switch Logging Levels Archiving SharePoint Audit Log Data Troubleshooting
ControlPoint Log Files Troubleshooting Configuration Errors Troubleshooting the ControlPoint Application Interface Troubleshooting Discovery Troubleshooting SharePoint Users and Permissions Troubleshooting Site Provisioning Troubleshooting ControlPoint Operations

Cross-Farm SSP Configuration

The following settings allow ControlPoint to access activity data when a cross-farm Service Application  is created on a farm other than the one on which ControlPoint is installed.

NOTE:  These are Advanced Settings.  

Global Logging Database Connection Settings

·Connection String for  Global Logging Database on Different Farm (GLOBALSP)

Config Setting GLOBALLSP

·Web Apps Connected to Global Logging Database on Different Farm (GLOBALLSPWAPS)

Config Setting GLOBALLSPWAPS

Global Web Analytics Database Connection Settings

·Connection String for Web Analytics Reporting Database on Different Farm (GLOBALWASP)

·Web Apps Connected to Web Analytics Reporting Database on different Farm (GLOBALWASPWAPS)

Config Setting GLOBALLSPWAPS

Look for Site Collection Admin Users in Active Directory Groups (SiteAdminAD)

By default, if an Active Directory Group is a Site Collection Administrator, ControlPoint does not look inside the group to determine if a logged in user is a member of that group in order to calculate permissions.

ControlPoint Application Administrators can, however, have ControlPoint look for Site Collection Administrators within Active Directory groups by changing the ControlPoint Setting Look for Site Collection Admin Users in Active Directory Groups (SiteAdminAD) from false to true.

Config Setting SiteAdminAD

NOTE:  Be aware that if ControlPoint is required to look for users within Active Directory groups, processing time may increase.

Created (Hidden) Settings

"Created" settings are special-purpose settings that you can add to the ControlPoint Settings list if needed.  Generally, these settings should only be configured under special circumstances and with guidance from Quest Support.

NOTE:  When a setting is created, it is added to the category Special Purpose.

To create a ControlPoint Setting:

1From the ControlPoint Configuration Settings Manager, click [Create].

2Check the box to the left of each setting you want to create.

Config Settings CREATE SETTING

3Click [Insert].

To delete a Created setting:

NOTE:  You can only delete settings that are classified as "Created."  (That is, Basic and Advanced settings cannot be deleted.)

1In the ControlPoint Settings list, check the box to the left of each created setting you want to delete.

2Click [Delete].

When you delete a Created setting, it is removed from the current ControlPoint Settings list and once again becomes available from the Add Created Settings list.

Created Settings to Override ControlPoint Default Security

By default, ControlPoint is security trimmed to enforce SharePoint permissions.  ControlPoint Application Administrators can, however, override these permissions to allow user groups that have been defined in the ControlPoint Configuration site to perform ControlPoint analyses and/or actions on site collections and sites for which they do not have management permissions.

You can use security overrides in conjunction with Customizing ControlPoint Menus to tailor your ControlPoint environment to best suit the needs of your organization.

NOTE:  These settings do not override a user's permissions for the SharePoint sites themselves.  (For example, it will not give a user permission to open a SharePoint site or make changes via SharePoint site settings pages if they have not been granted permissions to do so in SharePoint.  Nor will a user who does not have permissions for Central Administration be able to use ControlPoint menu items that directly invoke Central Administration pages.)

To add security override  to ControlPoint

NOTE:  Because the use of security overrides should involve careful consideration and planning, they are createable (hidden) settings.

1From the ControlPoint Configuration Settings Manager, click [Create] .

2Use the information in the following to determine the appropriate action to take

If you want to ...

Choose ...

allow members of one or more ControlPoint user groups to perform data analyses for any site collection or site in the farm

Override Security Trimming for Running Reports.

Security Overrrides REPORTS

allow members of one or more ControlPoint user groups to perform ControlPoint actions and analyses on any site collection/site in the farm

Override Security Trimming for All ControlPoint Operations.

Security Overrides ALL

CAUTION:  Because  implications of taking actions are much more significant than viewing data, it is recommended that ControlPoint Application Administrators use extreme care when configuring this setting.  (Remember that you can also customize ControlPoint menus to give groups of users access to a subset of actions.  See Guidelines for Creating Customized Menus for Different Groups of Users.)

3Navigate to the new setting and open it for editing.

4For New Value, enter the name of each ControlPoint group whose security trimming you want to override.

NOTE:  If you want to extend this privilege to more than one group, enter the group names in a comma-separated list (with no spaces between group names). If you want to extend it to all ControlPoint groups, enter ALL.

Security Overrides Value

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating