Chat now with support
Chat with Support

Metalogix ControlPoint 8.7 - for Office 365 Installation Guide

Using Microsoft Modern Authentication with ControlPoint Online

As of version 8.3.1, ControlPoint Online uses Microsoft Modern Authentication to connect to SharePoint Online.  This requires a one-time registration of an app, ControlPoint Online, in the Azure Active Directory, and involves the use of SSL certificates both in IIS (which Microsoft requires to secure the ControlPoint application) and and in Azure AD (to allow ControlPoint users to authenticate with Microsoft).

The registration is completed as part as the ControlPoint Online initial installation (or upon an upgrade from version 8.3.0 or earlier). The app can also be registered after the installation, as a separate action.  However, ControlPoint Online cannot be run until the app is registered.

NOTE:  Once the app is registered, the only time it should ever have to be re-registered is if certificate information needs to be changed.

First Time Installation and Configuration

Metalogix ControlPoint for Office 365 SharePoint Administration (ControlPoint Online) is installed and runs as a .NET application. During installation:

·a dedicated application pool is created in IIS for the primary ControlPoint Configuration site, which is installed under the root site of a hosted site collection

· the ControlPoint Service database (xcAdmin) is created for configuration information and analysis data

·the ControlPoint Online App is registered with Microsoft Azure to allow the use of Modern Authentication

Before You Begin

·The site collection that will host the ControlPoint Configuration Site must exist on the host and be in the English language.

·The machine on which you are installing ControlPoint must meet System Requirements.

·Make sure the machine on which you are installing ControlPoint has access to the Internet if you want to be able to activate your ControlPoint license online.

Have the following information ready (you may wish to record it in the spaces provided):

§The URL for the site collection that will host the primary ControlPoint Configuration Site* and the URL of the SharePoint Administration site hosting the site collection.

ControlPoint Configuration Site Collection URL: ______________________________________

SharePoint Administration Site URL:        _____________________________________________

*REMINDER: The ControlPoint Configuration Site must be created in an English-language site collection.

§The name and port number that you want IIS to use to manage the ControlPoint Configuration Site (The default port number is 2828, but you can set it to any available value.)

Web Site Name:______________________________

Port Number:         _____________________________

§The account under which you want the application pool for the ControlPoint Configuration Site to run (This is normally a domain account, but if you are running an evaluation version of the product—and the database is on the same machine as ControlPoint—you may use a local account.)

App Pool Service Account: ____________________________________

Password:                ____________________________________

§The email credentials that you want to use as the "from" account for correspondence sent on behalf of ControlPoint.

Local SMTP Server:                ___________________________________                

Email address:                        ___________________________________

§The name of the SQL server that will host the ControlPoint Service (xcAdmin) database, as well as the authentication method to be used:

(This is where the content database for the ControlPoint application will reside.)

Database Server Name:  __________________________

Windows Authentication


SQL Server ID ___________________________ Password _______________________

§The ControlPoint Online license activation code: ________________________________

§The Site Collection Administrator account that will be used to create the ControlPoint Configuration Site.

Site Collection Administrator Account:        _____________________________________

Password:                                _____________________________________

NOTE:  If you do not already have a license activation code, contact Quest to obtain one.

First Time Installation and Configuration Process

The ControlPoint Online first time installation and configuration process consists of the following stages:

A.Installing the ControlPoint Online Files.

B.Configuring the ControlPoint Online Application.

C.Optionally, configuring ControlPoint Services.

D.Registering the ControlPoint Online app.


Installing ControlPoint Online Files

It is recommended that you temporarily disable virus checkers on all Web front end servers in the farm as they can slow the solution deployment enough to trigger timeout errors.

To install ControlPoint Files:

REMINDER:  If UAC enabled on your server, you may have to "Run as Administrator."

1Unzip the downloaded zip file then launch the installer (Metalogix ControlPoint Installer.exe).

NOTE: Make sure you keep the entire downloaded folder intact as there are files that are required by the installer.

A splash screen displays, followed by the ControlPoint Installer Welcome screen.

2Click Install ControlPoint.


The License Agreement dialog displays.

3Read the license agreement. Click I accept the terms of the license agreement, then click [Next].

4Select Install ControlPoint Online.

Install CP Online

NOTE:  If SharePoint is not installed or configured on the server, this will be the only selectable option.  

5 When the Metalogix ControlPoint InstallShield Welcome dialog displays, click [Next].

The InstallShield Wizard specifies a default install directory (C:\Program Files\Metalogix\ControlPoint Online), but you can click [BROWSE] and select a different one.  

Installer O365 Destination Folder

NOTE:  This directory is where the installer will place the files needed to complete the installation.  

6Click [Install].

The Configuration Wizard installs the ControlPoint files to the specified Destination Folder.  When completed, a pop-up displays asking whether you want to configure ControlPoint.

Installer Launch Configuration

NOTE:  If you want to configure the ControlPoint Online application at a later time, click [No].  You can launch the ControlPoint Online Configuration Wizard from the Start menu or a Desktop shortcut.

7Click [Finish].

Continue with Configuring the ControlPoint Online Application.

Configuring the ControlPoint Online Application

metalogixsoftware622-aAfter ControlPoint is installed the application must be configured.  

Summary of ControlPoint Configuration Process

The ControlPoint Configuration Wizard out the following tasks:

A.Validates the Office 365 account: Validates the account that will be used to create the ControlPoint Online Configuration site and creates/registers the ControlPoint Online app.  This also allows for the use of Multi-Factor Authentication (MFA).

B.Checks for ControlPoint Installed Components.

C.Validates License:  Checks the validity of the license key you enter as well as the terms of the license.

D.Creates ControlPoint Service database:  Creates the ControlPoint Service database (xcAdmin) on the selected database server.  This database is where administrative information and cached data used for analysis and reporting is collected.  (Note that in a multi-farm installation, this database is shared among farms.)

E.Creates the ControlPoint Online application pool, website, and virtual directory in IIS.

F.Configures the ControlPoint Online website.

NOTE:  If you change the host name, the Configuration Wizard will also create the bindings in IIS, update the redirect URI in the registered ControlPoint Online Application, and updates the ControlPoint Setting 'Inbound ControlPoint Url' to use the host header.

G. License Activation:  Activates your ControlPoint license.

H.Windows Service Configuration (optional):  If you elect to use server-side Windows Services for Discovery and/or Sensitive Content Manager, installs and configures the service(s) you selected.

I.ControlPoint Online Application Registration:  To allow the use of Microsoft Modern Authentication, an app called ControlPoint Online is registered in the Azure Active Directory.

To configure the ControlPoint Online application:

1Use the information in the following table to determine the appropriate action to take.

If ...

Then ...

you are starting directly from the ControlPoint installer (that is, after performing the install you chose to Launch ControlPoint Online Configuration

go to the next step.

after installing ControlPoint you chose to configure at a later time (that is, after performing the install you chose not to Launch ControlPoint Online Configuration

double-click the ControlPoint Online Configuration desktop icon.

2On the SharePoint online account validation dialog:

a)Select the applicable M365 Service Endpoint: Global (Default), GCC, or GCC High.

b)Enter the following urls:

§For SharePoint Administration URL,the url of the primary page for configuring the hosted SharePoint environment.

§For Primary ControlPoint Configuration Site URL, the url of the hosted site collection in which the ControlPoint Configuration site will be created.

c)Click [Authenticate].

You will be prompted to sign into the Microsoft Azure portal.  Remember, the sign-in account must be both a Global Administrator and a Site Collection Administrator for the site collection that will host the ControlPoint Online Configuration site.

If the validation is successful, the Office 365 account will display as the Logged In Account for the remainder of the installation.


3Click [Next].

The installer checks your environment for the presence of installed components.

NOTE:  For a first time installation, once the components check is complete only the Fetching ControlPoint Configuration Data box should be checked (Installer Checkmark).  All other options will appear with a right-facing arrow.  (Installer Arrow)

Installer O365 Checking for Components

4Click [Continue].

5Click [Configure ControlPoint].


6Enter the license key provided by Quest.

Installer License Validation

7.Use the information in the following to determine the appropriate License Validation option to select.

NOTE:  Most systems can use the Online activation method as long as the system has internet access. If you are unable to use the online activation method due to security settings or lack of internet access, the Offline activation option can be used. This option will still require some internet access, but allows for the authentication to be done from another machine that is not as restricted by security or has a connection to the internet.

If you want to validate the license...

Then ...


accept the default option (Activate Online).


a)Select Activate Offline.

Installer License Validation OFFLINE

The Offline Activation window displays.  You can either Copy Activation Data To Clipboard or use the Save Activation Data To File option to save the key into a text file (in case it needs to be copied to another machine).

b)From a machine that has internet access, go to

c)Follow the instructions on the Offline Activation web page to activate your license, using the Upload activation data option.

NOTE:  Remember to save the Activation File to a location that is accessible by the machine on which you are installing ControlPoint.

d)Return to the ControlPoint Installer License Validation dialog.

e)Use the Step 3:  Browser Activation Response File option to select the file retured by Quest.

8Click [Validate].

If the license is validated successfully a License Validation pop-up displays the terms and current status of the license.

9Dismiss the pop-up and click [Next].

The System Prerequisite check begins. Any item that  fails the check is identified by a red X.

NOTE:  If you fix the problem immediately, you can then Rerun the System Check.  If you choose to Quit and fix the problem at a later time,  the next time you launch the ControlPoint Configuration Wizard, it will start from the beginning.

Installer O365 System Prerequisites Check

10.When all system prerequisites checks have completed successfully, click [Next] to display the IIS Configuration dialog.

11Complete the dialog as follows:

a)For Web Site Name, if different from the default (ControlPoint Online), enter the name that you want IIS to use to manage the site.

NOTE:  The name that is entered in this field is for IIS purposes only.  The name of the site will appear in SharePoint and ControlPoint under the name ControlPoint Configuration Site.

b)For Port number, either:

§accept the default value (2828)


§enter a different, unused Port number.  

c)For Host Name, if different from the default (the machine name), enter the host header (alias) that will be used.

NOTE:  If a host header is entered, the installer will also create the bindings in IIS.

d)Enter the name and password of the Service Account under which you want the application pool that will host the ControlPoint Configuration Site to run.

REMINDER:  If your databases reside on a different server, then the Service Account must be a domain account.

e)For SSL Certificate (which Microsoft requires to secure the ControlPoint application), use one of the options described in the following table.

NOTE: The certificate must be located in either the Personal or WebHost store.

If you want to ...

Then ...

use an existing certificate

·Select a Store Name; either My (for the Personal Store) or WebHosting, from the drop-down.

The Use Existing Certificate drop-down will be populated with available certificates in the selected store.

·Make sure Use Existing Certificate is selected, then select a certificate from the drop-down.

CP Online IIS Certificate Options

NOTE:  If the ControlPoint Installer cannot find a Certificate in the Store, this option will be disabled.

create a new self-signed certificate (default option)

Select Create new Self Signed Certificate, then enter a Certificate Name.

CP Online Create IIS Certificate

The ControlPoint installer will create a self-signed certificate file in the local machine Personal store.


12Click [Next] to display the Create the ControlPoint Service (xcAdmin) Database dialog.

13Specify the Database Server where you want to host the ControlPoint Service (xcAdmin) database:

§enter the server name


§click [Browse] to choose a different database server.


14If you want to view, update, and/or test the xcAdmin database connection string

a)Click the (Advanced) Edit Connection String Directly box.

NOTE:  If you are choosing to reuse an existing xcAdmin database, you will be unable to update the connection string and the field will be disabled.  If you need to update the connection string after completing the installation, you can do so by updating the parameter <connectionStrings>  in the CPConfiguration.exe.config file  Refer to the ControlPoint for Office 365 Administration Guide for details.

Installer xcAdmin CONNECTION STRING O365

IMPORTANT:  Update the connection string only if your SQL connection requires the addition of one or more custom keywords.  For example, if you are using authentication with encryption and a self-signed server certificate, you would need to add Encrypt=yes;TrustServerCertificate to the string.  Refer to the Microsoft article Using Connection String Keywords with SQL Server Native Client for more information.

b)Click [Test Connection.].

Note that if the connection is not successful, the parameter that caused it to fail will be identified.

15Click [Create] (or if you are using an existing xcAdmin database, [Update]).After the Configuration Wizard has successfully created the new database (or updated an existing database), click [Continue Installation] then click [Next].

16Enter the email information for the O365 Email Address  or Local Email Address (including local SMTP Server Address) that will be used as the "from" account for any correspondence sent on behalf of ControlPoint.

CP Online Installer EMAIL INFO

CP Online Installer ON PREM EMAIL INFO

17Click [Next] to display the Deploy ControlPoint dialog.

Installer O365 READY TO DEPLOY

18Click [Start Deployment].

Installer 0365 DEPLOYED

19When the deployment has successfully completed, click [Finish].

20If you want to configure Discovery and/or SCM services, click [Yes] and follow the instructions for Configuring ControlPoint Services.  

NOTE:  You can also configure services at a later time by launching the installation from the Start menu or desktop shortcut.

21When you ave finished configuring services, continue with Registering the ControlPoint Online App for Modern Authentication.

NOTE:  If the ControlPoint Online app is already registered, this step will be skipped.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating