Chat now with support
Chat with Support

ControlPoint 8.6.1 - Administration Guide

Preface Configuring the Environment in Which ControlPoint Will Run The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License Granting ControlPoint Access to Web Applications and Content Databases Configuring ControlPoint Services Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences Managing ControlPoint Configuration and Permissions Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg) Maximum Line Items in Real-time (REPCAP) "Use Cached Data" Default Value (CACHEDREP) Abort Report Processing on Error (ABORTREPORTONERROR) Display "Include users with AD group membership" Parameter (SHOWADGROUPS) Copy/Move Default Temporary Location (TEMPLOCATION) Time to Retain Page Data in Cache (CACHEREPORT4) Time to Retain Temporary UI Objects in Cache (UICACHEDURATION) Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT) Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE) Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS) Use Activity Min. Date as Start Date (UseActivityDbDate) "Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY) Duplicate Files Report Limit (DuplicateFilesReportLimit) Users to Exclude from Reports (EXCLUDEDUSERS) Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports) Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize) CSV Delimiter Character (CSVDELIMETER) Largest Active Directory Group to Expand in Reports (MAXMEMBERS) Maximum Number of Users to Act On (MAXUSERSFORACTION) Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS) Prevent Set Site Collection Quotas (PreventSetSCQuota) Show Nested Active Directory Groups (PROCESSADHIERARCHY) Hide Interactive Analysis Link (RESTRICTSL) Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance Audit Log Configuration Settings Changing Settings for Anomalous Activity Detection Restricting Functionality for Members of the Business Administrators Group Changing Default Settings for ControlPoint User Groups Changing Settings to Improve Discovery Performance Changing Settings to Accommodate Special Environmental Factors Changing Default Settings for Navigation Managing Site Provisioning Settings Specifying Global Settings for ControlPoint Policies Setting Preferences for the ControlPoint Scheduler Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings
Changing Trace Switch Logging Levels Archiving SharePoint Audit Log Data Troubleshooting
ControlPoint Log Files Troubleshooting Configuration Errors Troubleshooting the ControlPoint Application Interface Troubleshooting Discovery Troubleshooting SharePoint Users and Permissions Troubleshooting Site Provisioning Troubleshooting ControlPoint Operations

Show All Site Collections to Farm Admins (SUPERADMIN)

By default, icons for site collections to which SharePoint farm administrators do not have access appear grayed out in the ControlPoint SharePoint Hierarchy.  When an icon is grayed out, farm administrators cannot access the site collection/site (or any child objects to which they do not have access) from within ControlPoint.  They can, however, use the ControlPoint Set Site Collection Properties feature to add themselves as site collection administrators.  

If the SharePoint farm includes site collections that contain highly sensitive or confidential data that should remain "locked down" or if corporate policy dictates that farm administrators should not see sites to which they do not have access, ControlPoint Application Administrators can change the Value of the ControlPoint Setting Show All Site Collections to Farm Admins from True to False so that site collections to which farm administrators do not have access are not displayed in the SharePoint Hierarchy.

Web Config SUPER ADMIN.GIF

 

Remote Service Account Administrators for Cross-Farm Operations (RSAADMIN)

One of the user groups that is created in the ControlPoint Configuration Site when ControlPoint is first installed allows farms with different service accounts to authorize with each other when a cross-farm copy or move is performed.

The default name that ControlPoint assigns to this group is Remote Service Account Administrators.  Because of special configuration requirements, if a different name is assigned to this group then the ControlPoint Application Administrator must update the Value of the ControlPoint Setting Remote Service Account Administrators for Cross Farm Operations with the new name so that ControlPoint will continue to recognize it.  

Web Config RSAADMIN

 

Auto Add Users To ControlPoint Group Maximum Group Size (CPGroupMemberLimit)

By default, when the Auto Add Users to ControlPoint Groups action is used, any individual ControlPoint user group can have up to 1000 members.  

When a ControlPoint group reaches its maximum number of users, ControlPoint automatically creates a new group with the same permissions as the "base" group.  

EXAMPLE:

If you want all users who are members of site Owners groups to be added to the ControlPoint Business Administrators group, and more than 1000 users meet that criterion:

·when Business Administrators group membership reaches 1000, a new group named Business Administrators_1 will be created and the next 1000 users will be added to that group.  

·when Business Administrators_1 group membership reaches 1000, a group named Business Administrators_2 will be created, and so on.

ControlPoint Application Administrators can change this limit by updating the Value of the ControlPoint Configuration Setting
Auto Add Users To ControlPoint Group Maximum Group Size.

Configuration Setting CPGROUPMEMBERLIMIT

NOTE:  This limit is enforced only when the Auto Add Users to ControlPoint Group action is used.

 

Permissions Needed to See List Items in Reports (ItemSecurityLevel)

By default, the following ControlPoint analyses show list items, even those to which a ControlPoint user does not have permissions:

·Activity by User and

·Activity by Document

·Site Lists and Libraries Storage

Config Setting ItemSecurityLevel

The ControlPoint Application Administrator can, however, tighten security trimming so that only ControlPoint users who are site collection administrators can see list items in these analyses by changing the Value of the ControlPoint Configuration Setting Permissions Needed to See List Items in Reports from SITE to COLLECTION.

 

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating