Chat now with support
Chat with Support

Metalogix ControlPoint 8.2 - for Office 365 Administration Guide

Getting Started with ControlPoint Using Discovery to Collect Information for the ControlPoint Database Cache Searching for SharePoint Sites Managing SharePoint Objects Managing Audit Settings Managing Metadata Managing SharePoint User Permissions Data Analysis and Reporting Scheduling a ControlPoint Operation Saving, Modifying and Executing Instructions for a ControlPoint Operation Provisioning SharePoint Site Collections and Sites Using Sensitive Content Manager to Analyze SharePoint Content for Compliance Using ControlPoint Sentinel to Detect Anomalous Activity About Us

Deleting Permissions Backups

From the Manage Permissions Backups interface you can delete one or more permissions backups.  You can also purge all backups created before a specified date.

NOTE:  If you want to narrow the list to backups to a specific date range, select a Show Backups from and Show Backups until date (Calendar icon) and time (), then click [Refresh Display].

Manage Permissions Backups

To delete selected backup(s):

1In the Select column, check the box beside each backup you want to delete.*

2Click [Delete selected backups].

You will be prompted to confirm the deletion before the operation is carried out.

To delete all backups:

1Click [Select All].*

2Click [Delete selected backups].

You will be prompted to confirm the deletion before the operation is carried out.

*NOTE:  If you want to de-select currently selected backups, click [Reset].

To purge all backups created before a specific date:

1Scroll to the bottom of the Manage Permissions Backups page.

2For Purge all Backups in the Farm before this date, select the earliest date for which you want to retain permissions backups.

3Click [Purge].

Manage Permissions Backups PURGE

 

Managing Permissions Inheritance

The ControlPoint Manage Permissions Inheritance action lets you break or restore permissions inheritance of sites, subsites, lists, folders, and items across your SharePoint farm.

SharePoint Objects Included in the Operation by Default

The following table identifies the SharePoint objects that are included in the Break/Restore Inheritance operation by default.

Operation

Scope

Objects Included by Default

Restore Inheritance

 

Site Collection

All sites, subsites, lists, folders and items within the selected scope.

NOTE:  You can use the Change Selection option if you want to exclude individual sites, lists, folders, and items.

Site

The site itself and all lists, folders and items within the site.

NOTE:  If you have checked the Include Children box in the Selection pane (that is, you want to include child sites of the selected site), you can also choose to exclude the selected site itself (so that child sites will inherit from it).

List

The list itself.

NOTE:  By default folders and items are not acted upon.  You can, however, use the Change Selection option to explicitly select any folders, and items you want to include.

Break Inheritance

 

Site Collection

All sites and subsites within the selected scope.

NOTE:  By default, lists, folders, and items are not acted upon.  You can, however, use the Change Selection option to explicitly select any lists, folders, and items you want to include.

Site

The site itself and all subsites.

NOTES:

· By default, lists, folders, and items are not acted upon.  You can, however, use the Change Selection option to explicitly select any lists, folders, and items you want to include.

· If you have checked the Include Children box in the Selection pane (that is, you want to include child sites of the selected site), you can also choose to exclude the selected site itself (so that child sites will no longer inherit from it).

List

The list itself.

NOTE:  By default, folders and items are not acted upon.  You can, however, use the Change Selection option to explicitly select any folders, and items you want to include.

To manage permissions inheritance:

1Select the object(s) for which you want to break or restore inheritance.

2Choose Users and Security > Manage Permissions Inheritance.

3Use the information in the following table to determine the appropriate action to take.

If you want to ...

Then ...

restore permissions inheritance

select the Restore Inheritance radio button.

Restore Inheritance

break permissions inheritance

a.Select the Break Inheritance radio button.

b.Select whether you want to:

·Copy Permissions from Parent

OR

·Leave Permissions Empty.

Break Inheritance

4If you initiated the action at the site level and want to act only on child site(s), check the Include Children only (exclude selected sites) box.

NOTE:  This option is valid only if one or more sites (other than root sites) were explicitly selected.

Now you can either:

·run the operation immediately (by clicking the [Run Now] button)

OR

·complete the Enforce Policy section and schedule the operation to run at a later time.

OR

·save the operation as XML Instructions that can be executed at a later time.

If you chose the Run Now, option, after the operation has been processed:

·a confirmation message displays at the top of the page, and

·a ControlPoint Task Audit is generated for the operation and displays in the Results section.

If you schedule the operation, a link to the Task Audit is included in the scheduled action notification email.

See also Auditing ControlPoint Administrator Tasks.

Data Analysis and Reporting

ControlPoint offers several advanced tools for analyzing data in the SharePoint environment, including:

·storage used by various SharePoint objects

·site content

·information about users

·trends over a specified time period

·the contents of SharePoint audit and change logs.

An additional tool, the ControlPoint Task Audit, enable you to review ControlPoint actions taken by administrators.

Analysis tools are accessible for various levels of the hierarchy. As with other ControlPoint features, the scope of the analysis is determined by the hierarchical context.

Most analyses can also be configured so that they can be invoked directly from a url, which can be bookmarked, emailed, or placed on a SharePoint site.

NOTE:  This chapter describes all of the ControlPoint analysis tools.  Depending on the configuration of your ControlPoint menus, however, the analysis tools to which you have access, and their location in the menus invoked from the left navigation pane, may vary.

Specifying Parameters for Your Analysis

When you select a ControlPoint analysis tool from the left navigation pane, you are prompted to specify the parameters you want to use.  The most common parameters used in various ControlPoint analysis tools are described below.

Note that, depending on the analysis, some parameters may be located in the Advanced Parameters section.

Advanced Parameters

Cached vs. Real-time Data

Some ControlPoint analyses give you the option of using either cached or real-time data for analyses performed on the farm, one or more Web applications, or site collections.

Cached option

If the Use cached data box is checked, your analysis will include data that has been collected by ControlPoint during the last run of Discovery .  The advantage of using cached data is that the analysis will be processed more quickly and will not compete for system resources.  Because Full Discovery is run on a nightly basis, the use of cached data is often sufficient, especially when the analysis contains data that is not likely to change significantly over the course of a day.

The advantage of using real-time data (when the Use cached data box is unchecked) is that your analysis will contain the most current information.  However, because the data is being captured in real time, the analysis will take longer to process and may tie up system resources.

IMPORTANT:  For analyses performed on a single site collection or site, real-time data is always used and the Use cached data option is disabled.  Because data collection within a single site collection or site is less time-consuming, the impact on system resources is minimal.  

Specific Date or Time Period

For analyses that cover a specific time period, you select the time period by specifying a Start Date and End Date.

Task Audit DATES

For analyses that involve activity, only cached data is used, since these analyses are based on accumulated summary data collected nightly by SharePoint usage analysis jobs.

For analyses involving other types of data (such as site collection storage) you are given the option of using real-time data.

IMPORTANT: Historical data that predates the ControlPoint cache will not be reflected in analysis results.  For example, if the ControlPoint cache was created two weeks ago, a maximum of two weeks-worth of data is available for analysis, regardless of the date range you specify.  Similarly, any historical data that postdates the last run of Discovery will not be reflected in results.  For example, if you request data for a time period that covers the last 30 days and the last time Discovery ran was 10 days ago, analysis results will reflect the time period up to the last Discovery run date.  

The format that ControlPoint uses to display dates is based on browser settings (rather than server settings).  If you want to change the format (from mm/dd/yy to dd/mm/yy for example), go to Internet Options and change the Language Preference.

It is worth noting that deleted sites will display in activity and storage analysis results if they were active during the specified time period.

Open drill-down Options

For analyses that allow you to drill down to a more detailed ControlPoint analysis, you can choose to display it in a separate window by checking the Open drill-downs in new window box.

Open drill-downs

If you leave this box unchecked, the analysis to which you are drilling down will display in the current workspace, and parameters from the original analysis will be carried over.  You can return to the original analysis by clicking the Back arrow in the report header.

Back Button

Note that, when you link to a SharePoint page from analysis results, it always displays in a separate window.

Expanded Results Option

For most analyses that contain nested data, you have the option of choosing whether or not you want to display results expanded.  

If you want to display results at the highest level of detail, uncheck the Display with results expanded box.  You can then expand items individually, and view, print, or export additional detail for selected items only.

If your analysis contains a lot of nested data and you want to view, search, print, or export all of the analysis detail without drilling down, you may choose to have results display fully expanded by checking the Display with results expanded box .

TIP:  If you choose to display expanded results and your analysis contains a large amount of data, you can use the Document Map to more easily navigate through results.  See Analysis Results Display.

Additional Parameters for Permissions Analyses

The following parameters are specific to SharePoint user permissions analyses:

·If you want to limit results to one or more specific users, the Select users field allows you to select the users you want to include in your analysis.  If you leave this field blank, all users will be included.

Include All Users NO

NOTE:  You must use real-time (not cached) data if you are selecting users based on a SharePoint User Profile Property.

·If the scope of your analysis includes sites with multiple child objects, you can choose to display all objects (including those whose permissions are inherited) by unchecking the Show Unique Permissions Only box.

Unique Permissions Only FALSE

NOTE:  If this option is checked, only sites with unique (non-inherited) permissions will be included in the results.  

·If you want results to include only users who have direct permissions (that is, do not have permissions via a SharePoint group), check the Include only users with Direct permissions box.

Direct Permissions Ony checkbox

TIP:  You can use this option to identify "rogue users" who should have permissions through membership in a SharePoint group, then initiate an Add User to Groups action directly from analysis results.  See Acting on Search or Data Analysis Results.

·If you want to limit results to one or more specific permissions levels, select them from the Limit to Users with permissions level(s) list box.  (All built-in and custom permissions levels that are currently assigned to at least one user on at least one site within the scope of your analysis display in the this box.)

Permissions Level List Box

If the analyses includes lists and/or items, permissions levels that are assigned to a list/item that are not assigned at the site level will not display in the list box.  (The list box is populated by data collected by the ControlPoint Discovery process, which does not go below the site level.)  A list- or item-level permissions level can, however, be entered in the Limit by Other Levels field.

Parameter LIMIT BY OTHER LEVELS  

·If you want results to include only sites for which external users have access, check the Show Anonymous Access Only box

External Users Checkbox

·If you want a cumulative total of unique users who have permissions for objects within the selected scope, check the Calculate Total Users with Permissions box.

Calculate Permissions Checkbox

 

Related Documents