Chat now with support
Chat with Support

Metalogix ControlPoint 8.5 - Administration Guide

Preface Configuring the Environment in Which ControlPoint Will Run The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License Granting ControlPoint Access to Web Applications and Content Databases Configuring ControlPoint Services Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences Managing ControlPoint Configuration and Permissions Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg) Maximum Line Items in Real-time (REPCAP) "Use Cached Data" Default Value (CACHEDREP) Abort Report Processing on Error (ABORTREPORTONERROR) Display "Include users with AD group membership" Parameter (SHOWADGROUPS) Copy/Move Default Temporary Location (TEMPLOCATION) Time to Retain Page Data in Cache (CACHEREPORT4) Time to Retain Temporary UI Objects in Cache (UICACHEDURATION) Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT) Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE) Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS) Use Activity Min. Date as Start Date (UseActivityDbDate) Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY) Duplicate Files Report Limit (DuplicateFilesReportLimit) Users to Exclude from Reports (EXCLUDEDUSERS) Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports) Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize) CSV Delimiter Character (CSVDELIMETER) Largest Active Directory Group to Expand in Reports (MAXMEMBERS) Maximum Number of Users to Act On (MAXUSERSFORACTION) Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS) Prevent Set Site Collection Quotas (PreventSetSCQuota) Show Nested Active Directory Groups (PROCESSADHIERARCHY) Hide Interactive Analysis Link (RESTRICTSL) Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance Audit Log Configuration Settings Changing Settings for Anomalous Activity Detection Restricting Functionality for Members of the Business Administrators Group Changing Default Settings for ControlPoint User Groups Changing Settings to Improve Discovery Performance Changing Settings to Accommodate Special Environmental Factors Changing Default Settings for Navigation Managing Site Provisioning Settings Specifying Global Settings for ControlPoint Policies Setting Preferences for the ControlPoint Scheduler Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings
Changing Trace Switch Logging Levels Archiving SharePoint Audit Log Data Troubleshooting
ControlPoint Log Files Troubleshooting Configuration Errors Troubleshooting the ControlPoint Application Interface Troubleshooting Discovery Troubleshooting SharePoint Users and Permissions Troubleshooting Site Provisioning Troubleshooting ControlPoint Operations

Created Settings to Override ControlPoint Default Security

By default, ControlPoint is security trimmed to enforce SharePoint permissions.  ControlPoint Application Administrators can, however, override these permissions to allow user groups that have been defined in the ControlPoint Configuration site to perform ControlPoint analyses and/or actions on site collections and sites for which they do not have management permissions.

You can use security overrides in conjunction with Customizing ControlPoint Menus to tailor your ControlPoint environment to best suit the needs of your organization.

NOTE:  These settings do not override a user's permissions for the SharePoint sites themselves.  (For example, it will not give a user permission to open a SharePoint site or make changes via SharePoint site settings pages if they have not been granted permissions to do so in SharePoint.  Nor will a user who does not have permissions for Central Administration be able to use ControlPoint menu items that directly invoke Central Administration pages.)

To add security override  to ControlPoint

NOTE:  Because the use of security overrides should involve careful consideration and planning, they are createable (hidden) settings.

1From the ControlPoint Configuration Settings Manager, click [Create] .

2Use the information in the following to determine the appropriate action to take

If you want to ...

Choose ...

allow members of one or more ControlPoint user groups to perform data analyses for any site collection or site in the farm

Override Security Trimming for Running Reports.

Security Overrrides REPORTS

allow members of one or more ControlPoint user groups to perform ControlPoint actions and analyses on any site collection/site in the farm

Override Security Trimming for All ControlPoint Operations.

Security Overrides ALL

CAUTION:  Because  implications of taking actions are much more significant than viewing data, it is recommended that ControlPoint Application Administrators use extreme care when configuring this setting.  (Remember that you can also customize ControlPoint menus to give groups of users access to a subset of actions.  See Guidelines for Creating Customized Menus for Different Groups of Users.)

3Navigate to the new setting and open it for editing.

4For New Value, enter the name of each ControlPoint group whose security trimming you want to override.

NOTE:  If you want to extend this privilege to more than one group, enter the group names in a comma-separated list (with no spaces between group names). If you want to extend it to all ControlPoint groups, enter ALL.

Security Overrides Value

Additional Created Settings

Because of potential environmental implications, the majority of "created" settings should be configured only under special circumstances and with guidance from Quest Support.

Hidden Settings List

Changing Trace Switch Logging Levels

ControlPoint contains a number of trace switches that control the type and level of detail that is captured in the ControlPoint Administration (xcAdmin) log. Quest Support may suggest that one or more of these be changed for diagnosis and troubleshooting purposes.

NOTE Trace switches are Advanced settings.

Valid values for all trace switches, listed from least to most detail, are:

·Disabled

·Error (the default)

·Warnings

·Info

·Verbose

Trace Log Valid Values

Note that as the logging level increases, the amount of detail is "additive." For example, if you select the logging level Info, then Errors and Warnings will also be included.

If you want to change the logging level  for...

Edit the following setting ...

the SharePoint hierarchy building for navigation and selection

SharePoint Hierarchy Access Logging

the amount of time it takes the SharePoint Hierarchy to load

SharePoint Hierarchy Load Time Logging

reports and actions general processing

Traverse Entry Logging

Additional Traverse Entry Logging

the interaction between ControlPoint and databases

Database Interaction Logging

the validation of SharePoint users by ControlPoint

SharePoint Access Logging

aspx page major events

aspx Page Major Event Logging

the interaction between ControlPoint and Active Directory

Active Directory Interactions Logging

operations performed by the ControlPoint Scheduler

ControlPoint Scheduler Logging

the management of linked SharePoint groups

Manage Linked SharePoint Group Logging

WCF Services calls

WCF Service Call Logging

ControlPoint Policies and Site Provisioning operations

ControlPoint Policies Logging

copy/move at set site properties operations

Copy/Move and Set Site Properties Logging

Interactive Analysis (SharePoint 2010)

Interactive Analysis Logging

non-specific events

Non-Specific Event Logging

Audit Log archiving

Audit Log Archive Logging

Workflow reporting for the Comprehensive User Analysis

Comprehensive User Workflow Report Logging

access to the Managed Metadata Service Application database

Managed Metadata Service Application Database Access Logging

ControlPoint operations performed via PowerShell

PowerShell Processing Logging

Set List properties operations

Set List Properties Logging

Social Activity Analysis processing

Social Activity Analysis Logging

ControlPoint Statistics Lists calculations

Statistics Lists Calculation Logging

the ControlPoint Database Recovery operation

ControlPoint Database Recovery Logging

Archiving SharePoint Audit Log Data

ControlPoint xcUtilities is a utility that includes functionality for moving SharePoint audit log data from content databases in your SharePoint farm to an external database, allowing you to free up space in content databases without losing this data.  For example, archiving would be valuable if your organization is subject to regulations that require certain types of audit data be retained.  The schema for the external database is provided, allowing you to report and analyze archived data using standard SQL-based tools.

If your organization is not subject to regulatory requirements and/or you simply want to purge SharePoint audit log data from content databases, use the ControlPoint Setting Number of Days to Keep Audit Records.  

By default, the process archives data from all Web applications.  You can, however, choose to include only Web applications that you specify (for example, only those that contain audit log data that is subject to regulatory requirements) using ControlPoint Configuration settings.  

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating