暂时无法在支持网站上提交享有定期维护的产品表单。 如果您需要我们立即提供帮助,请与技术支持部门联系。 对于由此给您带来的不便,我们深表歉意。
获得即时帮助
完成注册
登录
请求定价
联系销售人员
您已选择一个产品捆绑包。 您能否选择单个产品以便我们更好地满足您的请求。 *
技术支持工程师目前正忙,无法回应您的消息。 如果需要即时服务,请通过我们的服务请求表提交请求。
以下文章可根据您的描述解决您的问题。
The following table outlines the permissions required for Enterprise Reporter discoveries.
Active Directory
An account with Active Directory read permissions is required to collect domain information, trusts, sites, domain controllers, and Active Directory computers, users, groups, and organizational units.
The account being a member of the Built-in Domain Users group is sufficient to assign read permissions.
Azure Active Directory
An identity with read permission for the discovery target tenant. Read permissions are required for collection of tenant information, Azure Active Directory users, groups, group members, roles, and service principals.
If additional credentials are being specified to minimize Azure throttling limitations, these credentials must have the same permissions as stated above.
Also refer to credentials required to create and consent to the Enterprise Reporter Azure application required for this discovery. For more information, see Using the Tenant Application Manager .
Azure Resource
An identity with read permissions for the discovery target tenant. Read permissions are required for collection of subscription, Resource groups, and resources.
Also refer to credentials required to create and consent to the Enterprise Reporter Azure Resource application required for this discovery. For more information, see Using the Tenant Application Manager .
Computer
An account with local administrator access on the scope computers to collect computer information, local groups and users, printers, services, policies, and event logs.
Exchange
To collect from Exchange targets, the credential account must have a mailbox on the target organization with access to read the permissions on the targets through EWS.
To collect from Exchange 2013, 2016, or Mixed Modes, the credentials must be a member of the Organization Management Group.
To collect from Exchange 2016 or Exchange 2019, the credentials must have an administrator role with an assigned “ApplicationImpersonation” role.
Exchange Online
An account with access to the discovery target tenant.
Read permission is required for collection of all Exchange Online information including mailboxes, mailbox delegates, public folders, mail-enabled users, mail contacts, distribution groups, group members, and permissions.
File Storage Analysis
An account with local administrator access on the scoped computer is required to collect file, folder, share, and home drive analysis data.
For permissions required when collecting NAS devices, see Permissions for Enterprise Reporter Discoveries on NAS Devices .
Microsoft SQL
An account with local administrator access on the SQL Server is required.
Additionally, the account must have read access to the scoped database to collect database information.
At a minimum, if not using fixed roles, the following SQL permissions are required on the securable object being used for collection.
Microsoft Teams
An identity with read permissions for the discovery target tenant. Read permissions are required for collection of Microsoft Teams information including teams, members, channels, applications, and drives.
Also refer to credentials required to create and consent to the Enterprise Reporter Microsoft Teams application required for this discovery. For more information, see Using the Tenant Application Manager .
NTFS
If collecting through the administrator share, an account with local administrator access to the scoped computer is required.
If collecting through a network share, an account with read permissions to the scoped shares is required.
OneDrive
An account with access to the discovery target tenant. Administrator permissions are required for collection of all drives including drive information, configuration settings, files, folders, and permissions. A SharePoint administrator role is recommended.
Additionally, the discovery credentials must have site collection administrator rights to each drive that is being collected.
Also refer to credentials required to create and consent to the Enterprise Reporter OneDrive application required for this discovery. For more information, see the Using the Tenant Application Manager section of the Configuration Manager User Guide in the Technical Documentation.
Registry
An account with local administrator access to the scoped computer is required to collect registry information.
NetApp Cluster Mode
Multiple virtual machines belong to a single cluster. All of these virtual machines can be specified as discovery targets. These virtual machines must be part of a domain.
The NAS configuration must point to the cluster (name or IP address) with credentials that have read access to the cluster. These would typically be administrator credentials.
NetApp 7 Mode
In NetApp 7 mode, data can be collected on the storage controller or vFilers that are derived from the storage controller. Credentials with read access to the controller and vFiler are required.
NetApp Storage Controller
NetApp Filer
The vFiler can be a discovery target. In this case, the NAS configuration must point to the storage controller from which the vFilers are derived and the credentials must have read access to the storage controller.
Dell Fluid FS
The discovery target can be any Fluid FS VM. The NAS configuration must be the machine name or IP where Dell Enterprise Manager is installed and credentials must have access to Dell Enterprise Manager.
EMC Isilon
The discovery target can be any Isilon virtual machine. The NAS configuration must be the machine or IP that hosts the OneFS administration site and the credentials must have read access to it. By default, the connection is established using https and, if the connection is not deemed to be secure, the discovery will fail.
Enterprise Reporter requires Azure applications for the collection of Azure and Office 365 objects and attributes. These applications must be registered in the Azure portal and consent must be granted for delegated permissions. To manage tenant applications used by Enterprise Reporter please refer to in the System | Configuration | Application Tenant Management section in the Enterprise Reporter Configuration Manager User Guide.
For the OneDrive discovery, an application with a name that begins with “Quest Enterprise Reporter One Drive Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.
Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter One Drive Discovery application, the following delegated permissions are required:
For the Azure Active Directory discovery, the Exchange Online discovery, and the collection of group members for the OneDrive discovery, an application with a name that begins with “Quest Enterprise Reporter Azure Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.
Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter Azure Discovery application, the following delegated permissions are required:
For the Azure Resource discovery, an application with a name that begins with “Quest Enterprise Reporter Azure Resource Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.
Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter Azure Resource Discovery application, the following delegated permissions are required:
For the Microsoft Teams discovery, an application with a name that begins with “Quest Enterprise Reporter Microsoft Teams Discovery” will be created. To create this application in your tenant, you must specify an account with administrative access to create applications. The account must have the Global Administrator role to be able to create and consent to the application.
Once created, the application must also be delegated permissions and an administrator must consent to the application’s permissions using the Microsoft consent wizard. For the Quest Enterprise Reporter Microsoft Teams Discovery application, the following delegated permissions are required:
During your first installation, when you install the Enterprise Reporter server, there are two sets of credentials that you need to supply, as well as optional SQL credentials. This table outlines what the credentials are used for, and what permissions they require.
Logged in user
Installing the components of Enterprise Reporter
Administrator access on the local computer.
Creating the Enterprise Reporter database, roles and logins on the SQL Server® (unless SQL credentials are provided)
Must have the right to create databases, logins and groups.
Creating the security groups
Depends on the type of groups that are chosen, but must have the right to create groups in the chosen environment.
Securing the Configuration Manager and the Report Manager. The logged in user is added to the Reporter_Discovery_Admins, Reporter_Reporting_Admins, Reporter_Reporting_Operators, and Reporter_Discovery_Nodes security groups as an administrator for both consoles when installing the server.
Service Account
Supplied during installation
Installing and running the Enterprise Reporter server
Login as service right is conferred on the service account by the logged in credentials during installation.
Connecting to the Enterprise Reporter database (unless SQL permissions are provided)
Read and write permissions are automatically granted during database creation.
Securing the Configuration Manager and Report Manager. The service account is automatically added to the Reporter_Discovery_Admins, Reporter_Reporting_Admins, Reporter_Reporting_Operators, and Reporter_Discovery_Nodes security groups when installing the server.
Optional SQL credentials
Can be used to create the Enterprise Reporter database
If supplied, are used to connect the database by the Enterprise Reporter server.
您可以在附属支持站点上查找适用于戴尔*产品*的在线支持帮助。单击“继续”,转至适用于*产品*的正确支持内容和帮助。
The document was helpful.
选择评级
I easily found the information I needed.
© ALL RIGHTS RESERVED. Feedback 使用条款 隐私 Cookie Preference Center
Quest Software门户不再支持IE 8、9和10,建议将您的浏览器升级到最新版本的Internet Explorer或Chrome。
要升级到IE 11,请单击此处
要升级到Chrome,请单击此处
如果继续使用IE 8、9和10,您将无法充分利用我们所有出色的自助服务功能。
