Chat now with support
Chat with Support

Please note, you may experience access issues between 6am - 7am Eastern time on Saturday, May 28 2022 due to planned maintenance

Enterprise Reporter 3.2.2 - Configuration Manager User Guide

Product Overview Understanding Discoveries Creating Discoveries
Step 1. Create the Discovery Step 2. Choose what to include in your discovery (Scopes) Step 2a. Choose scopes for your discoveries
Choosing your Active Directory Scopes Choosing your Computer Scopes Choosing Your Exchange Scopes Choosing Your File Storage Analysis Scopes Choosing Your Microsoft SQL Scopes Choosing Your NTFS Scopes Choosing Your Registry Scopes
Step 2b: Choose scopes for your Office 365 discoveries Step 3. Schedule your Discovery Step 4: Review the summary
Managing Discoveries Configuring the Configuration Manager
Starting the Configuration Manager Finding Answers and Getting Help An Overview of Enterprise Reporter Communications and Credentials Required Logged In User Details Setting Up Your First Collection Computers Modifying your Deployment Improving the Performance of Your Discoveries What does the status of a node or cluster indicate? Using the Credential Manager Changing the Credentials used by the Enterprise Reporter Server Configuring Global Settings Global Discovery Settings
Troubleshooting Issues with Enterprise Reporter Appendix: PowerShell cmdlets Appendix: Encryption Key Manager Appendix: Log Viewer

Permissions for Enterprise Reporter Discoveries on NAS Devices

The following table outlines the permissions required for Enterprise Reporter discoveries.

NetApp Cluster Mode

Multiple virtual machines belong to a single cluster. All of these virtual machines can be specified as discovery targets. These virtual machines must be part of a domain.

The NAS configuration must point to the cluster (name or IP address) with credentials that have read access to the cluster. These would typically be administrator credentials.

NetApp 7 Mode

In NetApp 7 mode, data can be collected on the storage controller or vFilers that are derived from the storage controller. Credentials with read access to the controller and vFiler are required.

NetApp Storage Controller

In NetApp 7 mode, data can be collected on the storage controller or vFilers that are derived from the storage controller. Credentials with read access to the controller and vFiler are required.

NetApp Filer

The vFiler can be a discovery target. In this case, the NAS configuration must point to the storage controller from which the vFilers are derived and the credentials must have read access to the storage controller.

Dell Fluid FS

The discovery target can be any Fluid FS VM. The NAS configuration must be the machine name or IP where Dell Enterprise Manager is installed and credentials must have access to Dell Enterprise Manager.

EMC Isilon

The discovery target can be any Isilon virtual machine. The NAS configuration must be the machine or IP that hosts the OneFS administration site and the credentials must have read access to it. By default, the connection is established using https and, if the connection is not deemed to be secure, the discovery will fail.

Permissions for Enterprise Reporter Tenant Applications

Enterprise Reporter requires Azure applications for the collection of Azure and Office 365 objects and attributes. These applications must be registered in the Azure portal and consent must be granted for delegated permissions. To manage tenant applications used by Enterprise Reporter please refer to in the System | Configuration | Application Tenant Management section in the Enterprise Reporter Configuration Manager User Guide.

For the OneDrive discovery, an application with a name that begins with “Quest Enterprise Reporter One Drive Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.

Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter One Drive Discovery application, the following delegated permissions are required:

For the Azure Active Directory discovery, the Exchange Online discovery, and the collection of group members for the OneDrive discovery, an application with a name that begins with “Quest Enterprise Reporter Azure Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.

Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter Azure Discovery application, the following delegated permissions are required:

For the Azure Resource discovery, an application with a name that begins with “Quest Enterprise Reporter Azure Resource Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.

Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter Azure Resource Discovery application, the following delegated permissions are required:

For the Microsoft Teams discovery, an application with a name that begins with “Quest Enterprise Reporter Microsoft Teams Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.

Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter Microsoft Teams Discovery application, the following delegated permissions are required:

Logged In User Details

Logged In User Details

The following table outlines the use of the logged in user credentials, and how to properly configure your environment to ensure successful data collection:

 

Configuration Manager

Enterprise Reporter Server

Must be a member of the Reporter_Discovery_Admins group in order to log in to the console.

Configuration Manager will send configuration and set up requests to the server.

Configuration is dependent on your deployment’s security group setup. See the System | Information page to determine the type of security in place.
For more information, see Configuring the Database and Security Groups in the Quest Enterprise Reporter Installation and Deployment Guide in the Technical Documentation.

For more information, see Configuring the Database and Security Groups.

Configuration Manager

Targets

Must be able to enumerate the targets during scope selection, unless alternate credentials are provided for the discovery.

All domains with which the credentials have a forest or domain level trust will be enumerated.

On each target, grant the user read access.

See also:

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating