Preface
Configuring the Environment in Which ControlPoint Will Run
The ControlPoint Configuration Site
Managing Your Farm List
Managing Your ControlPoint License
Granting ControlPoint Access to Web Applications and Content Databases
Configuring ControlPoint Services
Using Discovery to Collect Information for the ControlPoint Database Cache
Using the Discovery Service
Using Sensitive Content Manager Services
Launching the Discovery Setup Application
Changing Discovery Service Configuration and Settings
Starting or Stopping the Metalogix ControlPoint Discovery Service and Changing Discovery Service Properties
Monitoring the Discovery Service Queue
Running Discovery Interactively from the ControlPoint Application
Launching the SCM Services Setup Application
Changing SCM Services Configuration and Settings
Monitoring the Status of ControlPoint Interactions with SCM
Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences
Managing ControlPoint Configuration and Permissions
Managing ControlPoint Users and Permissions
Preparing Your Environment for Using ControlPoint Sentinel
Modifying ControlPoint Configuration Settings
Setting Up ControlPoint Users and Groups
Auto-Adding Users to ControlPoint Groups
Making ControlPoint Accessible from within SharePoint
Configuring ControlPoint Menus
Customizing ControlPoint Menus
Defining Custom Properties to Apply to SharePoint Sites
Purging Historical Activity and Storage Data from the ControlPoint Services (xcAdmin) Database
Enabling Server Details to Display in the SharePoint Summary Report
Guidelines for Creating Customized Menus for Different Groups of Users
Accessing the ControlPoint Menu Maintenance Page
Creating a Custom Menu
Adding and Editing Custom Items in a Menu
Managing Access to ControlPoint Menus
Editing and Deleting Custom Menus
Customizing Your Favorites
Changing Default Settings for Actions and Analyses
Changing Trace Switch Logging Levels
Archiving SharePoint Audit Log Data
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg)
Maximum Line Items in Real-time (REPCAP)
"Use Cached Data" Default Value (CACHEDREP)
Abort Report Processing on Error (ABORTREPORTONERROR)
Display "Include users with AD group membership" Parameter (SHOWADGROUPS)
Copy/Move Default Temporary Location (TEMPLOCATION)
Time to Retain Page Data in Cache (CACHEREPORT4)
Time to Retain Temporary UI Objects in Cache (UICACHEDURATION)
Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT)
Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE)
Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS)
Use Activity Min. Date as Start Date (UseActivityDbDate)
"Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY)
Duplicate Files Report Limit (DuplicateFilesReportLimit)
Users to Exclude from Reports (EXCLUDEDUSERS)
Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports)
Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize)
CSV Delimiter Character (CSVDELIMETER)
Largest Active Directory Group to Expand in Reports (MAXMEMBERS)
Maximum Number of Users to Act On (MAXUSERSFORACTION)
Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS)
Prevent Set Site Collection Quotas (PreventSetSCQuota)
Show Nested Active Directory Groups (PROCESSADHIERARCHY)
Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance
Time to Run an Operation Before Timing Out (OPERATIONTIMEOUT)
Maximum Number of Objects to Processed in Parallel (MaxParallelProcs)
Operations Using Parallel Processing (ParallelProcs)
Objects Subject to Parallel Processing (ParallelProcSites)
SQL Command Timeout Value (COMMANDTIMEOUT)
Maximum Number of Objects to Pass to the Selection Builder (MaxObjectsForSelection)
Maximum Alert Processing Interval (MaxAlertProcessingPeriod)
Number of Seconds After Which Browser Reports Server Timeout (SERVERTIMEOUT)
Idle Time Before Session is Ended (STIMEOUT)
Maximum Size of Library in Which to Search for Web Part Pages (WEBPAGESLIMIT)
Audit Log Configuration Settings
ArchiveAuditLog Configuration Settings
Number of Days to Keep Audit Records (AUDITMAXDAYS)
Excluding Users from Audit Log Analyses (ExcludeUsersAudit)
Specifying Whether to Display Site Names in Audit Log Analyses (PROCESSAUDITNAMES)
Changing Settings for Anomalous Activity Detection
Enabling Anomalous Activity Detection via the ControlPoint Scheduled Job Review
Changing the Subject and/or Body of Anomalous Activity Detection Emails
Restricting Functionality for Members of the Business Administrators Group
Prevent Business Admins from Deleting Orphaned users (BAPreventDelete)
Prevent Business Admins from Running Cacheable Reports in Real Time (BAPreventRealTime)
Preventing Members of the Business Administrators Group from Emailing Scheduled Analyses (BAPreventScheduledEmail)
Show Full Hierarchy of Business Admin Sites
Changing Default Settings for ControlPoint User Groups
Show All Site Collections to Farm Admins (SUPERADMIN)
Remote Service Account Administrators for Cross-Farm Operations (RSAADMIN)
Auto Add Users To ControlPoint Group Maximum Group Size (CPGroupMemberLimit)
Permissions Needed to See List Items in Reports (ItemSecurityLevel)
Business Administrators Group Name (BADMIN)
Changing Settings to Improve Discovery Performance
Show Menu Items That Require Discovery (DiscoveryEnabled)
Exclude Web Parts from the Discovery (EXCLUDEWEBPARTS)
Site Collections to Exclude from Full Discovery (URLEXCLUDE)
Web Applications to Exclude from Full Discovery (WAPEXCLUDE)
Changing Settings to Accommodate Special Environmental Factors
Alternate Access Mapping Zone for Navigation and Report Links (URLZONE)
Enable SharePoint Server Functionality (MOSS)
Changing Default Settings for Navigation
Postpone Security Trimming of SharePoint Hierarchy Until Site Collection is Expanded (PostponeSecurityTrim)
Search Using Cached Data (CACHEDSEARCH)
How to Display Multiple Farms in SharePoint Hierarchy (FARMNAVIGATION)
Maximum Number of Objects to Display Before Foldering (NAVCAP)
Preload All Site Collections in Server-side Cache (PRELOADSITECACHE)
Show SharePoint Groups with No Permissions in Hierarchy (ShowNoPermSPGroup)
Display url or Site Name in SharePoint Hierarchy (SHOWURLASTITLE)
Maximum Number of Users to Display in SharePoint Hierarchy (SPUSERCAP)
Maximum Number of SharePoint Groups to Display in SharePoint Hierarchy (SPGROUPCAP)
Managing Site Provisioning Settings
Maximum Number of Provisioning Requests in Completed an Rejected Folders
Changing the Subject and/or Body of Provisioning Request Emails
Configuring the Site Provisioning Workflow Settings (SharePoint Server)
Specifying Global Settings for ControlPoint Policies
Users to Exclude from All ControlPoint Policies (CPPOLICYSUPERUSERS)
Content Creation Policy url (POLICYSERVICEURL)
Setting Preferences for the ControlPoint Scheduler
Maximum Number of Scheduled Jobs to Submit at One Time (MAXSUBMIT)
Number of Minutes Scheduler Will Wait Before Next Group of Jobs (OVERIDESCHEDULETIMERMINUTES)
Maximum Line Items in Scheduled Report Results (SCHEDULEDREPCAP)
Defining "Admins" for Scheduled Analysis Results Distribution (SiteAdminCriteria)
Permissions Level for Site Admin Definition for Scheduled Report Distribution (SiteAdminPermissionLevel)
Miscellaneous and Custom Configuration Settings
SQL Server Connection String for xcAdmin Database (xcAdminConnectionString)
Initial Screen (INITSCREEN)
Adding a Custom Banner to the ControlPoint Application
No Dashboard (NODASHBOARD)
Special-Purpose Configuration Settings
How the Audit Log Archiving Process Works
Setting Up the Audit Log Data Archive
Troubleshooting
Creating the Audit_Log_Transfer Database Table
Archive Audit Log Table Connection String (ArchiveAuditLogConnectionString)
Running the Archive Audit Log Process
Running the Archive Process from the ControlPoint Application Interface
Running the Archive Process from a Command Line
Scheduling the Archive Process via Windows Task Scheduler
Managing Archive Audit Log Configuration Settings
ControlPoint Log Files
ControlPoint Web Config File (web.config)
ControlPoint Administration Log (xcAdmin.log)
Logged Errors Report
Troubleshooting Configuration Errors
Blank Page/Unexpected Error
Could Not Load File or Assembly
If You Cannot Resolve a Configuration Error
Troubleshooting the ControlPoint Application Interface
Recent Change Does Not Show Up in the SharePoint Hierarchy
Remote Farms Do Not Display in SharePoint Hierarchy
Site Collections Display as "Inaccessible"
Site Collections Grayed-Out and "Locked"
When Launched from a Server That Has IE Enhanced Security Configuration Enabled, ControlPoint Fails to Launch Properly
Number of Child Objects Specified for an Object in the SharePoint Hierarchy Doesn't Match Number Displayed
The Loading of Site Collections in the SharePoint Hierarchy is Extremely Slow
Error Occurs When Attempting to Launch ControlPoint from a SharePoint Site
A Business Administrator's SharePoint Sites Do Not Display in the SharePoint Hierarchy
"A Script on the Page is Causing Internet Explorer to Run Slowly..."
Troubleshooting Discovery
Troubleshooting SharePoint Users and Permissions
Cannot Locate SharePoint Users Authenticated by Alternate (non-Active Directory) Methods
System Exception: "Cannot get the members of the group..."
Properties Dialog: Total Users with Permissions Displays as "Incomplete"
Users with Permissions Granted Through a Claim are not Showing Up in Permissions Analysis Results
Troubleshooting Site Provisioning
Site Provision Request Workflow Failed on Start
Provisioning Requests Manager: Workflow Status Column is Blank
Troubleshooting ControlPoint Operations
Not All ControlPoint Actions and Analyses Are Available to Me
Your Page has Expired
Timeout Exception: The server has timed out.
Hyperlinks in Activity Analysis Results are broken
Number of Users Has Exceeded the Allowable Threshold
ASP.NET Session Has Expired
Too Many Rows to Display
Download as .csv: No Cached Data for Download
Export Results to Excel: "The file you are trying to open is in a different format..."
Action or Analysis Taking Longer Than Expected
Cannot Perform Operations on Central Administration
Copy/Move Insufficient Permissions Message
Newly-Created Site Does Not Show Up in Manage SharePoint Groups Picker/Cannot be Scheduled
Cannot Run Activity Analysis Using Real-time Data
Activity Data in Analysis Results is Out of Date
Cumulative Hits Only Available Option When Running Activity Analyses
Activity Analysis Requests Column Only Shows 0's for Users and Requests
Number of Lists in Storage Analysis Results Does not Match Number Displayed in SharePoint Hierarchy
Storage Information Reported by ControlPoint is Different than What's Reported by SharePoint
No User Profile Application available to service the request
Subsites and Lists Added to the Scope of a Governance Policy are not Included in Operations
If you Cannot Resolve an Issue with a ControlPoint Operation
Changing the Subject and/or Body of Anomalous Activity Detection Emails
When a ControlPoint Sentinel Anomalous Activity Rule specifies that an email alert be sent when an Anomalous Activity Limit has been exceeded, ControlPoint automatically sends an email for the to the appropriate user(s).
ControlPoint Application Administrators can, however, modify the default subject and/or body text, as described in the following table.
|
If you want to change the text of the ... |
Then change the Parameter of the ControlPoint Setting .... |
From the default text... |
|---|---|---|
|
email Subject |
Subject Line for ControlPoint Anomalous activity Detection email |
ControlPoint Anomalous activity Detection. |
|
email body |
ControlPoint Anomalous activity Detection Email Message (AADActvityLevelEmailBody)
|
@@UserName@@ has exceeded the personal daily activity limit of @@limit@@ by @@overage@@.
Where the following variables are used: ·@@UserName@@ is the account name of the user who has exceeded his/her daily activity limit ·@@limit@@ is the daily activity limit characterized by ControlPoint Sentinel ·@@overage@@ is the amount by which the user has exceeded the activity limit for that day. |
No
Restricting Functionality for Members of the Business Administrators Group
These configuration settings display in the ControlPoint Settings list under the category Business Administrators Functionality.
Prevent Business Admins from Deleting Orphaned users (BAPreventDelete)
By default, Orphaned Domain User analysis results allow users to access the ControlPoint Delete Users action via hyperlinked user names and a Delete All orphans link in the results header.
ControlPoint Application Administrators can, however, hide the Delete All link and disable user hyperlinks for members of the Business Administrators group by changing the Value of the ControlPoint Configuration Setting Prevent Business Admins from Deleting Orphaned Users from false to true.
NOTE: This is an Advanced Setting.
Prevent Business Admins from Running Cacheable Reports in Real Time (BAPreventRealTime)
By default, all ControlPoint users have the choice of running the ControlPoint Site Collection Storage analysis and many ControlPoint permissions analyses using either real-time data or data from the ControlPoint cache.
To help free up server resources and improve performance, especially in environments that include a large number of Business Administrators, the ControlPoint Application Administrator can prevent members of the Business Administrators group from choosing real-time data by changing the Value of the ControlPoint Configuration Setting Prevent Business Admins from Running Cacheable Reports in Real Time from False to True.
Note that, when BaPreventRealTime=true:
·the Use Cached Data parameter in permissions analyses will be checked and disabled.
·the real-time option will be missing from the Site Collection Storage Analysis View Storage for: drop-down.
If the option to use real-time data is disabled, members of the Business Administrators group will also be unable to Expand Active Directory Groups or select users based on a SharePoint User Profile Property.