There are certain DeliverPoint configuration settings that affect the whole farm and are available from the DeliverPoint Configuration link under Settings on the SharePoint Central Administration web site.
Each of the configuration pages is described below.
Forest Settings
Use this option to manage Active Directory forests and domains that you wish to crawl, together with the credentials you wish to use. You can also add specific domain global catalogs to be crawled and also exclude FBA (Forms Based Authentication) Providers.
Forest list
Registered forest names
This list contains all those forests that are to be interrogated when the LightningTools.DeliverPoint.AuthStoreInterrogation SharePoint time job runs. By default, only one entry is listed: Current Forest. If you need to remove an AD forest you previously registered, select the forest and then click Remove. You cannot delete Current Forest.
Register new forest
To register a new AD forest to interrogate, complete the following:
- In the Forest name text box, type the forest name – you must enter a DNS name.
- In the Account name text box, type the AD username that should be used to perform the specified forest (all its subdomains) users/groups enumeration.
- In the Account Password text box, type the password.
- Click Add.
Domain Exclusions
Use this list box to type all domain names that should be excluded during authentication interrogation. Valid values are domain names and NetBIOS names. If you have more domains to exclude than include, you may prefer to use the Domain List to register specific domains to crawl rather than choosing a Forest and then excluding domains.
Domain List
Registered domain names
List of specific domains to be crawled during DeliverPoint authentication store interrogation. If you have specified a Forest to crawl in the previous section, then listing specific domains here is not necessary. However, if your organization has more domains to exclude than include, you may prefer to list the domains to include.
Register new domain
Register a new domain to be added to the list of domains that are crawled during the DeliverPoint authentication store interrogation.
Domain Catalogs
In the Domain Catalogs section, you can register specific domain global catalogs.
Excluded FBA providers
Enter excluded FBA provider names separated with semicolons. DeliverPoint automatically checks each web application for FBA providers, and will crawl the FBA stores by default. If there is an FBA provider that needs to be excluded, list the full name here.
Treeview Settings
Use this option to configure the DeliverPoint treeview that is displayed on the DeliverPoint dashboard.
Display Segments
In the Segments text box, type the maximum number of tree nodes to display at the Site Collection and Site level. When the number of objects exceeds this level, the treeview is segmented. The default value is 100.
View Restriction
You can select one of two options that allow you to restrict the treeview so that it is only displayed for Site Collection Administrators:
- Yes, restrict.
- No, not restricted (default).
Hide not accessible tree nodes
Use this to hide high-level tree nodes if the current user has no permissions over the specified node scope. If you display the high-level nodes, this can cause performance issues if there are a large number of sites/webs in the crawling scope. You can select one of the following two options:
- Show.
- Hide (recommended). (default)
Web Application Restriction
Use this option if you only want to view the current Web Application in the treeview. By default, no option is selected, but you can tick the box to Show Current Web Application Only.
Show lists/libraries in treeview and in report
Use this to manage the visibility of lists and libraries in the treeview. By default, no option is selected, but you can tick the box to Show Lists and Libraries In Report.
Threshold Settings
Use this option to update the DeliverPoint threshold settings, which are used when displaying the Properties usage report in the DeliverPoint dashboard results pane.
Web Application Thresholds. Segments Web Applications into New and Old thresholds. New and Old are specified in days. The defaults are 10 and 100 days, respectively.
Managed Path Thresholds. Segments Managed Paths into New and Old thresholds. New and Old are specified in days. The defaults are 10 and 100 days, respectively.
Site Collection Thresholds. Segments Site Collections into New and Old thresholds. New and Old are specified in days. The defaults are 10 and 100 days, respectively.
Site Thresholds. Segments Sites into New and Old thresholds. New and Old are specified in days. The defaults are 10 and 100 days, respectively.
List Thresholds. Segments Lists into New and Old thresholds. New and Old are specified in days. The defaults are 10 and 100 days, respectively.
Permissions
Use this option to update the settings for the permissions module.
Replacement User
Use the user account people picker to specify the account to be used to replace the last site collection administrator on a site collection when DeliverPoint is removing the last site collection administrator via a “Delete” or “Dead Account Removal” operation. If this field is left blank, the account of the user using the DeliverPoint operation will become the new last site collection administrator for the site collection(s) in question.
Permissions module operators (DeliverPoint Operator role)
Use the Operator accounts people picker to specify one or more users. Such users can manage permissions on any site regardless of their permission on a SharePoint object. The user(s) entered in this text box have unrestricted access when using DeliverPoint; however, these user(s) are not given SharePoint access to any content from this designation. Any Operator must have access to at least one SharePoint site to use DeliverPoint.
Permissions module auditors (DeliverPoint Auditor role)
Use the Auditor accounts people picker to specific one or more users. These users are allowed read-only permissions to run permission reports via DeliverPoint. regardless of their permissions on SharePoint objects.
TimerJob Settings
Use this option to configure the DeliverPoint timer jobs.
SharePoint crawl method
Use this to specify the SharePoint crawl (interrogation) method: Full or Incremental. Incremental crawl is recommended if you have a large SharePoint farm. The Incremental option is the default select option when you first install DeliverPoint. As you can only use incremental crawls once a full crawl has successfully completed, you must first select Full and run the SharePoint timer job before reselecting Incremental. Crawling SharePoint content can take a considerable time.
Crawl Resuming
Select which crawls (Authentication Store and/or SharePoint) can be resumable. No options are selected by default.
Logging level
Use this to control the logging level for all timer jobs. This refers to the log entries in the ProcessLog table in the DeliverPoint SQL database. You can select one of the following two logging levels:
- Deep: log info, warning, and error messages.
- Errors: log only error messages. (default)
Crawl error notifications
Select whether one or both of the Authentication Store or SharePoint crawls can display error notifications to regular users. Both options are selected by default. You can also specify an email address to receive error notifications.
Exclusions List/Library Types
Use this to select list types to be excluded from permission scans. By default, lists created from any list type will be crawled. You can select one or more of the following list types: NoListTemplate, GenericList, DocumentLibrary, Survey, Links, Announcements, Contacts, Events, Tasks, DiscussionBoard, PictureLibrary, DataSouces, WebTemplateCatalog, UserInformation, WebPartCatalog, ListTemplateCatalog, XMLForm, MasterPageCatalog, NoCodeWorkflows, WorkflowProcess, WebPageLibrary, CustomGrid, SolutionCatalog, NoCodePublic, ThemeCatalog, DataConnectionLibrary, WorkflowHistory, GanttTasks, Meetings, Agenda, MeetingUser, Decision, MeetingObjective, Textbox, ThingsToBring, HomePageLibrary, Posts, Comments, Categories, Facility, Whereabouts, CallTrack, Circulation, Timecard, Holidays, IMEDic, ExternalList, IssueTracking, AdminTasks, HealthRules, HealthReports, InvalidTypes.
Report Generation Settings
Use this section to specify the default folder and the file name pattern for the scheduled permission reports.
Jobs Viewing and Retention
Default Job Retrieving Period (Days). Use this setting to define the number of days that a job, such as copy/transfer/delete/grant, can be retrieved.
Job Retention Period (Days). Define the length of time that jobs will be retained for reversal.
Permission Change Log Viewing and Retention
Default Permission Changes Retrieving Period (Days). Define the length of time that permission changes (i.e.auditing logs) are retrievable.
Default Permission Changes Retention Period (Days). Define the length of time that permission changes are retained.
Jobs Rollback Settings
This setting is checked by default. Unchecking will not allow jobs to be rolled back.
Database Settings
When you install DeliverPoint, you are required to provide details so that a DeliverPoint database is created. On the DeliverPoint Database Settings page, the information that you provided when the DeliverPoint Configuration Wizard was run are used to pre-populated fields on this page. Note: These settings may be altered in the event of a DeliverPoint database migration.
DeliverPoint Database
Server: The server NETBIOS name of the SQL Server where the DeliverPoint database is hosted.
Database: The name of the DeliverPoint database. If you need to create a new DeliverPoint database at a later date, you will need to run the configuration wizard again, and then the database name on this page will change. If you already have a 2nd DeliverPoint database, you can switch to it by changing the database information on this page.
DeliverPoint DB Account
DB Account Name: The impersonation account, also known as the DeliverPoint Service Account, which is used to access the DeliverPoint database and interrogate the SharePoint databases via the SharePoint Object Model (OM).
DB Account Password: The password for the DeliverPoint Service Account.