立即与支持人员聊天
与支持团队交流

MessageStats 7.8 - Reports User Guide

Viewing, Creating, and Editing MessageStats Reports My Reports and Corporate Reports Exchange Executive Summaries Reports Exchange Organizations Reports Exchange Server Reports Exchange Content Analysis Reports Exchange Mailboxes Reports Exchange Mail Contacts Reports Exchange Distribution Groups Reports Exchange Public Folders Reports Exchange Storage Reports Exchange Internet Reports Exchange Inventory Reports Migration Reports MessageStats Gathering Reports Appendix A: How to Read the Reports Report Filter Definitions

Role-based Security

Role-based security provides an initial layer of security for your reports. Three local security groups, each with specific permissions, are created when MessageStats Reports is installed:

TAll three security groups have access to the report site and to all reports. The roles (Administrator, Author, User) provide different permissions that can restrict the ways reports can be manipulated.

The default membership to these security groups puts administrators in the Web Report Administrator role, and all other users in both the Web Report Authors and Web Report Users roles.

To customize the memberships, you can add or remove users from the default groups. You can specify which users belong to which roles by modifying their membership in these local groups. The role-based security scheme is easier to manage than the file-system permissions security scheme, as the changes to these security groups immediately affect all reports.

The following table shows the actions associated with each role:

Accessing the site

Exporting reports

Saving report settings in My Reports folder

Saving report settings in any folder

 

 

Creating Custom Reports

 

Saving Custom Reports in My Reports folder

 

Saving Custom Reports in any folder

 

 

Creating new folders in My Reports folder

Creating new folders in any folder

 

 

Copy folders or report within My Reports folder

Copy folders or reports to and within My Reports folder

 

Copy folders or reports to and within any folder

 

 

Move folders or reports within My Reports folder

Move folders or reports from any folder to My Reports folder

 

 

Move folder to and within any folder

 

 

Rename folders or reports in My Reports folder

Rename folders or report in any folder

 

 

Delete folders or reports in My Reports folder

Delete folders or reports in any folder

 

 

Edit folder descriptions in My Reports folder

Edit folder descriptions in any folder

 

 

Enable subscriptions for reports in My Reports folder

Enable subscriptions for reports in any folder

Set Filter Defaults

File-System Based Security

In addition to the Web Report security roles, you can set an additional level of security using a file-based permissions scheme. At minimum, the role-based security scheme allows all roles to view all reports.

Alternately, a file-based permission scheme can restrict the available reports to some users. Explicit permissions are applied on a per-group or per-user basis, and assigned to individual files, folders, and reports. You can configure the settings so that different groups, such as executive management, the help desk, and Exchange administrators can see different report nodes and reports.

You can create more sophisticated security schemes by modifying the file permissions for reports and folders in the file system on the web server. Report files and folders are normally located in the following path: c:\inetpub\wwwroot\MessageStatsReports\Reports.

By restricting the reports that are available to all users, you can protect sensitive analytical data from users that do not require that information.

Users connecting through a web browser see only report files and folders for which they have read access permissions, and folders for which they have list permissions in the file system.

Security Scenarios

Though permission-based security provides more detailed control than role-based security, it requires action on an administrator’s part. MessageStats does not provide the functionality to manipulate the permissions on files and folders. You must use native Microsoft tools to create the Windows NTFS security changes.

Refer to Microsoft Windows native tools procedures for more detailed information about implementing NTFS security scenarios.

Restricting access to standard report folders

Using native Microsoft Windows tools, remove the Web Reports Administrators, Authors, and Users roles from the folder you want to restrict.

Create new security groups and add the members to those groups.

Add your newly-created security groups and their access rights to the report folder you want to restrict.

Restricting access to newly-created report folders

Create a new report folder in the treeview. For more information, see File Menu Commands .

Using native Microsoft Windows tools, remove the Web Reports Administrators, Authors, and Users roles from the folder you want to restrict.

Create new security groups and add the members to those groups.

Add your newly-created security groups and their access rights to the report folder you want to restrict.

Restricting access to individual standard reports

Using native Microsoft Windows tools, remove the Web Reports Administrators, Authors, and Users roles from the report you want to restrict.

Create new security groups and add the members to those groups.

Add your newly-created security groups and their access rights to the report you want to restrict.

Restricting access to individual Custom Reports

Create a Custom Report. For more information, see Creating Custom Reports .

Using native Microsoft Windows tools, remove the Web Reports Administrators, Authors, and Users roles from the report you want to restrict.

Create new security groups and add the members to those groups.

Add your newly-created security groups and their access rights to the report you want to restrict.

Configuring Report Subscriptions

The MessageStats Reports subscription service generates specific reports on a regular schedule. You can define subscriptions that embed a link to a report location in an email message, that embed the report in an email, or that send a message with an attachment that contains the report. You can also publish the reports to a file share, to an FTP site, or to a web site. Use the Subscription Wizard to set up and schedule the report subscriptions.

If the password for an account that was used to create a subscription is changed, the subscription will stop working. There are no error messages but the subscription will not be sent. You must select and modify the subscription and update the password for the subscription to begin to work again.

If you did not specify the SMTP relay mail server to be used for subscriptions during installation, you must do so before you create and run subscriptions. You can access the dialog in which you specify the server in one of two ways.

1
Select File | Administrative Options.
1
Select File | Subscriptions.
2
On the Subscriptions page, select Subscriptions | Configure Subscriptions.

Web-based Distributed Authoring and Versioning (WebDAV) must be enabled on the IIS server if you are publishing a subscription to a web site. Also, both read and write permissions must be set on the virtual directory for the subscription.

For a Windows server with IIS 6 installed, you may also have to install WebDAV since it is not installed by default. To install WebDAV on an IIS 6 server, select Add or Remove Programs in the Control Panel and run the Windows Components Wizard. You can find WebDAV under Application Server | Internet Information Services | World Wide Web Service | WebDAV Publishing.

Once WebDAV is installed, ensure that it is enabled. Check the WebDAV option under the Web Services Extensions node in IIS Manager.

Verify that the correct permissions are set on the target virtual directory. Select the Virtual Directory tab on the Properties sheet for the virtual directory. Ensure the following options are selected:

Configure the NTFS permissions for the content folder on your web server to ensure that the user account that is used to create the subscription has adequate permissions. Open Windows Explorer, open the Properties sheet for your content directory, and select the Security tab.

In addition to write permissions, the user account must also have the following permissions:

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级