Chat now with support
Chat with Support

Metalogix ControlPoint 8.2 - Administration Guide

Preface Configuring the Environment in Which ControlPoint Will Run The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License Configuring Web Applications and Content Databases for ControlPoint Configuring ControlPoint Services Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Managing ControlPoint Configuration and Permissions Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg) Maximum Line Items in Real-time (REPCAP) "Use Cached Data" Default Value (CACHEDREP) Abort Report Processing on Error (ABORTREPORTONERROR) Display "Include users with AD group membership" Parameter (SHOWADGROUPS) Copy/Move Default Temporary Location (TEMPLOCATION) Time to Retain Page Data in Cache (CACHEREPORT4) Time to Retain Temporary UI Objects in Cache (UICACHEDURATION) Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT) Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE) Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS) Use Activity Min. Date as Start Date (UseActivityDbDate) Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY) Duplicate Files Report Limit (DuplicateFilesReportLimit) Users to Exclude from Reports (EXCLUDEDUSERS) Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports) Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize) CSV Delimiter Character (CSVDELIMETER) Largest Active Directory Group to Expand in Reports (MAXMEMBERS) Maximum Number of Users to Act On (MAXUSERSFORACTION) Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS) Prevent Set Site Collection Quotas (PreventSetSCQuota) Show Nested Active Directory Groups (PROCESSADHIERARCHY) Hide Interactive Analysis Link (RESTRICTSL) Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance Audit Log Configuration Settings Changing Settings for Anomalous Activity Detection Restricting Functionality for Members of the Business Administrators Group Changing Default Settings for ControlPoint User Groups Changing Settings to Improve Discovery Performance Changing Settings to Accommodate Special Environmental Factors Changing Default Settings for Navigation Changing Trace Switch Logging Levels Changing Default Settings for Compliance Managing Site Provisioning Settings Specifying Global Settings for ControlPoint Policies Setting Preferences for the ControlPoint Scheduler Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings
Archiving SharePoint Audit Log Data Troubleshooting
ControlPoint Log Files Troubleshooting Configuration Errors Troubleshooting the ControlPoint Application Interface Troubleshooting Discovery Troubleshooting SharePoint Users and Permissions Troubleshooting Site Provisioning Troubleshooting ControlPoint Operations

Managing ControlPoint Users and Permissions

Process Overview

The following table describes the process ControlPoint Application Administrators use to manage users and permissions for the ControlPoint application.

Stage

Description

1

Set up ControlPoint users and groups.

See Setting Up ControlPoint Users and Groups.

2

Configure ControlPoint menus for different users and groups.

See Configuring ControlPoint Menus.

3

Manage access to ControlPoint menus.

See Managing Access to ControlPoint Menus.

 

Setting Up ControlPoint Users and Groups

As part of the initial ControlPoint installation, four default user groups are created.  

After the initial configuration, the site collection administrator—or any user who has been given direct rights to manage groups—can manage ControlPoint users and groups via the ControlPoint Configuration site.  You can, for example, create additional groups with different sets of permissions, including access to different sets of ControlPoint menu items.

CP Configuration Site People and Groups

In addition to managing permissions to the ControlPoint application itself, this site is also used to manage access to individual ControlPoint menus.

 

Auto-Adding Users to ControlPoint Groups

The Auto Add Users to ControlPoint Groups action allows ControlPoint Application Administrators to configure ControlPoint to automatically add SharePoint users to a group within the ControlPoint Configuration site if the users:

·are Site Collection Administrators, and/or

·are members of a site's Owners group, and/or

·have a specified permissions level.

When a ControlPoint group reaches its maximum number of users (which is 1000 by default, although ControlPoint Application Administrators can change this limit), ControlPoint automatically creates a new group with the same permissions as the "base" group.  

EXAMPLE:

If you want all users who are members of site Owners groups to be added to the ControlPoint Business Administrators group, and more than 1000 users meet that criterion:

·when Business Administrators group membership reaches 1000, a new group named Business Administrators_1 will be created and the next 1000 users will be added to that group.  

·when Business Administrators_1 group membership reaches 1000, a group named Business Administrators_2 will be created, and so on.

NOTE:  Within a SharePoint 2010 or 2013 farm you can add a Claims-authenticated user to a ControlPoint group; however, you cannot add an actual Claim.

To configure ControlPoint to automatically add SharePoint users to ControlPoint groups:

1From the Manage panel, choose ControlPoint Configuration > Auto Add Users to ControlPoint Groups.

Auto Add Users

2In the Selection panel, click Change Selection and select the objects you want to include in the scope of the action.

NOTE:  The initial default scope is always blank.

3For Add users to the chosen group based on:, select the criteria that you want membership in the ControlPoint group to be based on.  Use the information in the following table for guidance.

If you want membership in a ControlPoint group to be based on ...

Then ...

membership in a Site Collection Administrator's group

check Members of Site Collection Administrators.

membership in a site's owner's group

check Members of Owners Group.

NOTE  ControlPoint considers owners groups to be those that have been designated "Owners of this Site" in SharePoint; not necessarily only those that have "Owners" in the group name.

a user's permission level

(both direct and via SharePoint groups)

§check Members with the following permission level, and

§select a permission level from the drop-down.

 

Note that the drop-down lists all permissions levels that are valid for the selected scope.

Now you can either:

·run the operation immediately (by clicking the [Run Now] button)

OR

·schedule the operation to run at a later time or on a recurring basis.

OR

·save the operation as XML Instructions that can be executed at a later time.

If you chose the Run Now, option, after the operation has been processed:

·a confirmation message displays at the top of the page, and

·a ControlPoint Task Audit is generated for the operation and displays in the Results section.

If you schedule the operation, a link to the Task Audit is included in the scheduled action notification email.

See also Auditing ControlPoint Administrator Tasks.

Making ControlPoint Accessible from within SharePoint

ControlPoint installs three site-level features that enable ControlPoint users to access the ControlPoint application from within a SharePoint site:

·ControlPoint for Site Admins

·ControlPoint Menus for Site Settings, and

·ControlPoint Permissions Management for Site Admins.  

NOTE:  Normally, these ControlPoint features will only be visible to users who have Full Control permissions (or any permission level that includes the fine-grained permission ManageWeb) for the site on which they have been activated.

These are hidden features which can be activated using the ControlPoint Manage Site Features action.

ControlPoint for Site Admins

When the ControlPoint for Site Admins feature is activated, SharePoint users who are also ControlPoint users can choose Launch ControlPoint for Site Admins from the SharePoint Site Actions menu or Site Settings Page.

Launch CP for Site Admins

ControlPoint is launched in a separate browser window, with a simplified left navigation pane and the site from which ControlPoint was launched used as the default scope.  (Users can, however, modify the scope to include other sites for which they have management privileges using the procedure for Changing Your Selection.)

Launch CP for Site Admins 2

ControlPoint Application Administrators can customize the menu options that display in the left navigation pane using the procedure for Customizing ControlPoint Menus.

ControlPoint Menus for Site Settings

When the ControlPoint Menus for Site Settings feature is activated, the SharePoint Site Settings page includes links to individual ControlPoint actions and analyses.  Users can:

·select one of the ControlPoint Actions or a ControlPoint Analysis to open ControlPoint in a separate browser window with the same simplified user interface employed by the ControlPoint for Site Admins feature.

·access the standard ControlPoint interface by choosing Launch ControlPoint from the SharePoint Site Actions menu or Site Settings page.

Site Features OPTIONS 2010

ControlPoint Permissions Management for Site Admins

When ControlPoint Permissions Management for Site Admins is activated, the SharePoint Site Settings page includes links to the a stand-alone, tabbed interface that enables users to perform a variety of ControlPoint permissions actions and analyses outside of the traditional ControlPoint application interface.

Site Admin Menus PERM MGT

Permissions Management MAIN PAGE

Refer to the ControlPoint Permissions Management for Site Admins User's Guide for complete details about this feature.

 

Related Documents