Chat now with support
Chat with Support

Welcome, erwin customers to Quest Support Portal click here for for frequently asked questions regarding servicing your supported assets.

Quadrotech Nova Current - User Guide

Overviews Adoption Accelerator Delegation & Policy Control (DPC) Reporting TMS Settings About

User Detail in Nova

Finding statistics on workload usage in easy to analyze graphs and charts is simple with Nova. In one screen, you can find data relating to a user's:

·Email usage

·Teams usage

·OneDrive for Business usage

·SharePoint usage

·Exchange Online usage

·Audit activity

·Mobile Device usage

and more.

To find this, simply search for the user in Nova's search bar, and click on the user you want to see statistics of.

Let us take a look into these tabs and how its information can help administrators.

User Overiew

The user overview section gives you general information on that user, including:

·Name

·Job Title

·Department

·Manager

·Office

·Location

The screen also contains information on licenses that have been assigned to that user, including if that license has been successfully applied to that user or if it is pending.

UserPage1

Mail

The mail tab gives you detail on the user's email activity over the past 3 months. This includes:

·Messages received

·Messages sent

·Messages sent internally

·Messages sent externally

MailUser

Teams

The Teams tab gives you detail on the user's Teams activity over the past month. This includes:

·Teams Calls

·Daily Teams Meetings

·Private Chat

·Team Chat

TeamsUser

OneDrive

The OneDrive tab gives you comprehensive information on a user's OneDrive usage. See statistics within  7, 30 or 90 day parameters. Select 30 days, then show average to get a daily average total on activities such as:

·Files viewed or edited

·Files shared internally

·Files shared externally

·Files synced

Use the table to get exact data straight away, including average statistics on activity per day.

ODuser

SharePoint

The SharePoint tab gives you comprehensive information on a user's SharePoint usage. See statistics within  7, 30, 90 or 180 day parameters. Select 30 days, then show average to get a daily average total on activities such as:

·Files visited

·Files viewed or edited

·Files shared internally

·Files shared externally

·Files synced

Use the table to get exact data straight away, including average statistics on activity per day.

SPUser

Exchange Online

The Exchange Online tab gives you information on details such as:

·access to specific mailboxes

·last Exchange activity

·when the mailbox was created

·Exchange item count

·enablement of services such as

·OWA (Outlook Web Access)

·Active Sync

·POP (Post Office Protocol)

·IMAP

·MAPI (Messaging Application Programme Interface)

·EWS (Exchange Web Services)

EXOUser2

Mobile Devices

The Mobile Device tab gives you information on mobile devices affiliated with a user. Overview details include:

·Device OS

·Device Type

·User Agent

·Device Model

·Last date/sync time

 

Clicking More Info gives you much more information about a device, including:

·Device ID

·Device Manufacturer

·Device OS Version

·First date/time sync

and more.

MobUser

Audit Activity

The Audit Activity Tab gives you a detailed look at your users activity across all workloads, including:

·Operation

·Creation Time

·Record Type

·Target Object

·If the action was successful

AuditUser

Using the Audit Log

You will find an audit log under the Manage Administration service that shows who performed what actions against which object. Here is how it looks:

AuditLog

Filtering and Sorting the Audit Log

Apply filters to the log using fields in the top row.

You can also sort the data by clicking on a column name. If the audit log is currently being sorted by a certain column, a line displays above the column name (shown below). Click the column name again to reverse the filter.

AuditLog

A Hide/Show System Events button displays above the audit log. Click this button to filter for only user-generated events.

Audit Log Contents

Here is a description of the contents of each column:

Field

Description

Action

The action that was performed

Changes

Shows details of what was changed. For example, showing a phone number changed from 555-5555 to 444-4444.

Affected object

The resource the changes were performed against

Tenant

The tenant affected by the changes

Submitter

The user who initiated the event

Submitter IP

The IP address of the user who initiated the event

Event type

Shows whether the job is completed, errored, running, etc.

Submitted

Date and time the job was initiated

 

Click here to watch a video on the audit log.

Virtual Business Boundaries

Virtual Business Boundaries (VBBs) gives system administrators more control over the data that the users within their tenant can see, modify and create reports from. VBBs are not static or confined; they support environments with many different logical overlaps and complexities, such as covering several geographic locations and/or departments. VBBs are designed to fit the intricate needs of the administrator, no matter the size of the environment, over the data in which is most relevant to them and their users.

This includes three concepts, which can be used individually or in combination:

1.Data Anonymization - Administrators have the ability to filter certain data and and data sources from its' users within the boundary, including data that the administrator can anonymize. For example, you can anonymize names, departments and emails from the user.

2.Data Source Restriction - Allow users (who have the ability to create reports) to use specific data sources while restricting others.

3.Data Restriction - Individual fields within data sources can also be hidden from the user.

info

NOTE: For Virtual Business Boundaries to take effect in reports, an Azure AD field must be included in the report. This field does NOT have to be the same field that is assigned to the boundary.

info

NOTE: Virtual Business Boundaries can only be accessed by a System Administrator.

 

VBBs give system administrators the ability to isolate data for their users. For example:

·Giving Level One support in Germany the ability to only see German users.

·Allowing a Business Unit manager to only see data for its users from within their Business Unit.

·Allowing business users to only see data for specific workloads (SharePoint Online, Teams, Exchange etc).

·Personal Identifiable Information can only be visible for those within certain geographies and/or departments, whilst being restricted to those outside of them.

 

To access Virtual Business Boundaries:

1.Log in to Nova as a System Administrator.

2.Go to https://account.quadro.tech/.

3.Click on Virtual Business Boundaries.

What are the Roles Within Nova?

Users of the Nova application can be assigned one or more roles. Each role provides functionality in the Nova application itself. Roles can be combined. The following is a list of the roles, and what they give access to:

System Administrator

This roles gives access to the Tenant Management System, and does not give any direct access to the Nova application (unless it is combined with other roles).

Account Administrator

This gives access to be able to create and manage policies in Delegation and Policy Control. In addition audit logs can be viewed to see how the policies have been used by delegated administrators. There are several other administrative functions which are shown in this screenshot:

Roles-Account-Administrator

Autopilot Classic

This gives access to be able to perform allowed actions against users, mailboxes, groups, contacts and Microsoft Teams. It is the role most appropriate to a delegated administrator. What the user will be able to do is governed by the policies which are applied to them, and were configured by someone with at least the Account Administrator role. This is an example of the menu that a user will see, if they are given this role:

Roles-Autopilot-Classic

Radar Classic

This gives access to reporting data, and the Report Center.

Report Reader

Report Readers are assigned a view-only status for reports. They can read, print and download (.CSV or .PDF) reports, but unable to create, import, clone or edit reports. Nova administrators have the right to grant this access to protect and maintain accountability, data integrity and security. For more on this role, click here.

Auth Policy Admin

This gives users the ability just to manage policies within Nova. The option to get into Authorization Policies will be enabled in the Manage Administration menu.

 

Auth Policy administrators also have the ability to delegate certain subsets of custom PowerShell commands to selected users, which can be organized in an organization unit hierarchy. It is advised that Auth Policy Admins create dedicated organizational units exclusively for PowerShell scripts.

License Admin

This gives people the ability to create and maintain License Policies. The option will be available on the Manage Administration menu.

Organizational Unit Admin

This gives users the ability to maintain virtual organizational units. The Tenants option will be available on the Manage Administration menu.

IT Administrators

This gives a user the ability to use Nova, but restricts them from changing the configuration or security of Nova itself.

Why do we use the ‘Classic' names?

Two parts of Nova have existed in different systems and different formats before Nova. We have customers which are now using Nova that used to use those systems, so these roles are named as shown on this page so that those customers understand what functionality, broadly speaking, they'll be getting with those roles. These two are:

·Radar Classic: This gives users the same functionality as they would have had in our Radar product.

·Autopilot Classic: This gives users the same functionality as they would have had in our Autopilot product.

Examples of combining roles

If someone needs to be able to create authorization policies, and actually perform actions on customer tenants (such as password resets, maintaining groups, adding Microsoft Teams and so on) then they should be assigned these roles:

·Account Administrator

·Autopilot Classic

If someone needs to be able to access reporting data, and perform actions on customer tenants (such as password resets, maintaining groups, adding Microsoft Teams, and so on) then they should be assigned these roles:

·Autopilot Classic

·Radar Classic

Granting Account Administrator

The following should be considered when assigning roles

·The Account Administrator roles does not work on it is own. It needs to be combined with the Autopilot Classic role.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating