Chat now with support
Chat with Support

Enterprise Reporter 3.5.2 - Configuration Manager User Guide

Product Overview Configuring the Configuration Manager
Starting the Configuration Manager Finding answers and getting help Overview of Enterprise Reporter Communications and Credentials Required Using the Credential Manager Setting Up Your First Collection Computers (Nodes) Modifying Your Deployment Configuring Global Settings Customizing the Configuration Manager View
Understanding Discoveries Creating Discoveries
Step 1. Create the Discovery (Name) Step 2. Choose what to include in your discovery (Scopes) Step 2a. Choose scopes for your on-premises discoveries
Choosing your Active Directory Scopes Choosing your Computer Scopes Choosing Your Exchange Scopes Choosing Your File Storage Analysis Scopes Choosing Your Microsoft SQL Scopes Choosing Your NTFS Scopes Choosing Your Registry Scopes
Step 2b: Choose scopes for your cloud discoveries Step 3. Schedule your Discovery Step 4: Review the summary
Managing Discoveries Troubleshooting Issues with Enterprise Reporter Appendix: PowerShell cmdlets Appendix: Encryption Key Manager Appendix: Log Viewer

Managing Tenant Applications

Microsoft Entra applications are used by cloud discoveries. The cloud applications used by Enterprise Reporter must be registered in your Microsoft Entra environment and consent must be provided for the application’s permissions. The owner of each Microsoft Entra application is the person who first configures the application.

The Tenant Application Manager in Enterprise Reporter tracks which tenants are configured and available for discoveries. Basic configuration is available for the Enterprise Reporter applications. Any outside changes to Microsoft Entra applications must be managed separately and can adversely affect the results of your collections.

On the Configuration page, click Manage tenant applications.
1
Click Add.
3
2
Click Delete.
3
Click Yes to confirm that discoveries for any tenant that you delete will be unable to collect data
2
Click Configure or Reconfigure beside the application.
2
Click Configure beside the application.
2
Click Reconfigure beside the application.

Managing Certificates for Tenant Applications

Enterprise Reporter applications are used for Microsoft Teams and Exchange Online cloud discoveries. In addition to the application being registered in your Microsoft Entra environment and consent provided for application permissions, a certificate must be registered with Enterprise Reporter and associated with the related tenant application.

The Exchange Online discovery uses certificate authentication for the entire collection and a certificate is required. The Microsoft Teams discovery uses certificate authentication for only the collection of MS Teams settings and policies. If a certificate is not registered, these attributes will not be collected.

2
Click Register under the Certificate column beside the application.
3
Select Create Certificate.
NOTE:  
7
Click Accept.
8
Click OK to close the dialog.
2
Click Register under the Certificate column beside the application.
3
Select Import Certificate.
5
Click Verify to ensure the information is correct and the review the certificate properties.
6
Click OK.
NOTE:  
8
Click Accept.
9
Click OK to close the dialog.
2
Click Register under the Certificate column beside the application.
3
Choose Select Certificate.
5
Click Verify to ensure the information is correct and the review the certificate properties.
6
Click OK.
NOTE:  
8
Click Accept.
9
Click OK to close the dialog.

Creating Your Own Certificate for Discovery Authentication

Due to enhanced security measures, basic authentication is no longer supported for the Exchange Online discovery. The Exchange Online collection uses the Exchange Online PowerShell module and requires a self-signed certificate for app-only authentication. This certificate is used to securely authenticate scripts and automate tasks without storing user credentials locally.

For the Microsoft Teams discovery, credential authentication is still in use for the main collection of mailboxes and public folders. Certificate authentication is used for the collection of MS Teams settings and policies.

The following is an example of using a PowerShell command to generate a self-signed certificate with required parameters for Exchange Online and export the .PFX file. For a certificate to be valid, it must contain a private key that is marked as exportable and must support client and server authentication.

$cert = New-SelfSignedCertificate -DnsName "yourdomain.com" -CertStoreLocation "Cert:\LocalMachine\My" -KeyAlgorithm "RSA" -KeyLength 2048 -NotAfter (Get-Date).AddYears(1)

$thumbprint = $cert.Thumbprint

Export-PfxCertificate -cert "cert:\LocalMachine\My\$($thumbprint)" -FilePath ".\mycert.pfx" -password $password

Using Enterprise Reporter and selecting Import Certificate allows you to provide the path to your X509 certificate (pfx) and Enterprise Reporter to export the public key (.cer) and associate the certificate with the related tenant application. Enterprise Reporter ensures to securely store the certificate thumbprint and securely transports the thumbprint to nodes for authentication during the collection. See To register a certificate for details.

Managing the Logon Configuration

Enterprise Reporter can be configured to bypass the login screen. This eliminates the need to enter the server and port information.

1
Click Configuration.
2
Click Manage bypass of the login screen.
3
Optionally, enable Show the login dialog at startup.
4
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating