Chat now with support
Chat with Support

Enterprise Reporter 3.5 - Configuration Manager User Guide

Product Overview Configuring the Configuration Manager
Starting the Configuration Manager Finding answers and getting help Overview of Enterprise Reporter Communications and Credentials Required Using the Credential Manager Setting Up Your First Collection Computers (Nodes) Modifying Your Deployment Configuring Global Settings Customizing the Configuration Manager View
Understanding Discoveries Creating Discoveries
Step 1. Create the Discovery (Name) Step 2. Choose what to include in your discovery (Scopes) Step 2a. Choose scopes for your on-premises discoveries
Choosing your Active Directory Scopes Choosing your Computer Scopes Choosing Your Exchange Scopes Choosing Your File Storage Analysis Scopes Choosing Your Microsoft SQL Scopes Choosing Your NTFS Scopes Choosing Your Registry Scopes
Step 2b: Choose scopes for your cloud discoveries Step 3. Schedule your Discovery Step 4: Review the summary
Managing Discoveries Troubleshooting Issues with Enterprise Reporter Appendix: PowerShell cmdlets Appendix: Encryption Key Manager Appendix: Log Viewer

Server Service Credentials

Server service credentials are provided during the installation of the server. The following table outlines the use of the service account credentials, and how to properly configure your environment to ensure successful data collection:

Enterprise Reporter Server

Enterprise Reporter Database

Must be in the local administrators group for the service to start properly.

Must be able to read and write to the database.

If the server is configured to use SQL authentication, the SQL credentials will be used to access the database, not the service account.

Configured automatically during installation.

If you change the service credentials for the Quest Enterprise Reporter Server service, you need to ensure that a SQL login exists for that account, and create one if none exists. The login must be added to the database roles.

For more information, see Configuring the Database and Security Groups in the Installation and Deployment Guide in the Technical Documentation.

For more information, see Configuring the Database and Security Groups.

 

Enterprise Reporter Server

Discovery Node

Must be in the local administrators group for the server service to fully function.

Must be in the group Reporter_Discovery_Nodes for the service to fully function.

Must be able to write to the Admin$ share to deploy the node.

Controls the actions of the node.

On the node host, grant the service account local administrator rights.

Changing the credentials used by the Enterprise Reporter Server

The credentials used to run the Quest Enterprise Reporter server service on the host computer are not stored in the Credential Manager. To change these credentials—either to a different account or to update the password—perform the following steps:

Using the Credential Manager

Credentials are used in different places in Enterprise Reporter. For example, nodes and report schedules both use credentials. The Credential Manager is a central store for accounts and passwords used throughout the system. This makes it easy to keep passwords current, and allows you to enter the credential details once and access them repeatedly.

Accounts are not verified when you add them and they must already exist to be used by Enterprise Reporter. For each account, you can add a description. This is useful for differentiating between similar accounts, such as similarly named service credentials, or your SQL Server default "sa" accounts. The combination of the account name and the description must be unique.

Accounts with multi-factor authentication enabled must be authenticated by Microsoft through the Credential Manager.

Credential passwords are encrypted with FIPS 140-2 compliant algorithms and an encryption key that has a user-supplied password. The encryption key is secured in the Windows Credential Manager (not to be confused with the Enterprise Reporter Credential Manager). The encryption key is used to encrypt all passwords that are used in Enterprise Reporter for collections and reporting. Additionally, Enterprise Reporter security groups and roles are used to validate who has access to the encryption key and the key cannot be retrieved without proper authorizations.

The Credential Manager will display a red key icon beside each account that requires a password.

See also:

2
2
Click Add.
6
2
Click Add.
5
Click Authenticate.
7
Click Next.
9
Click Sign In.
11
Click Verify.
3
Click Edit.
6
3
Click Edit.
5
Click Authenticate.
7
Click Next.
9
Click Sign In.
11
Click Verify.
3
Click Authenticate.
5
Click Next.
7
Click Sign In.
9
Click Verify.
3
Click Delete.
4

Changing Passwords Using the Credential Manager

When passwords are changed in Active Directory and Azure Active Directory, they must be updated everywhere they are in use in Enterprise Reporter. It is possible that the account could be locked if you do not make this change. The Credential Manager makes this easy by providing a central store for accounts. You can change the password and it is updated in all nodes, schedules, discoveries, and so on.

If you modify credentials that are used by a discovery node, the node service must be restarted before the changes take effect. Enterprise Reporter will attempt to restart the node. However, if the restart fails, you may need to manually start the service on the computer that hosts the node. If there are jobs currently running on the node, they will be cancelled. To prevent this, either change the credentials during a down time, or cancel the discoveries yourself and restart them once the change takes effect.

Credential passwords are encrypted with FIPS 140-2 compliant algorithms and an encryption key that has a user-supplied password. For further information on creation and management of the Enterprise Reporter encryption key, see Appendix: Encryption Key Manager .

The Credential Manager will display a red key icon beside each account that requires a password.

1
3
Select Edit Password.
1
3
Select Edit Password.
5
Click Authenticate.
7
Click Next.
9
Click Sign In.
11
Click Verify.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating